From a254b306f295ed5083d23bc92275dbe3bf507f66 Mon Sep 17 00:00:00 2001 From: maze Date: Mon, 6 Oct 2025 22:25:23 +0200 Subject: [PATCH] Checkpoint --- .gitignore | 4 +- .regal.yaml | 14 + admin/admin.go | 146 +++++++++ admin/api_client.go | 183 ++++++++++++ admin/api_group.go | 72 +++++ admin/api_list.go | 98 ++++++ ca/authority.go | 119 ++++++++ cmd/styx/config.go | 45 +++ cmd/styx/main.go | 34 ++- dataset/base.go | 1 + dataset/error.go | 25 ++ dataset/parser/adblock.go | 53 ++++ dataset/parser/adblock_test.go | 41 +++ dataset/parser/dns.go | 139 +++++++++ dataset/parser/dns_test.go | 106 +++++++ dataset/parser/domains.go | 40 +++ dataset/parser/domains_test.go | 31 ++ dataset/parser/hosts.go | 41 +++ dataset/parser/hosts_test.go | 38 +++ dataset/parser/parser.go | 76 +++++ dataset/parser/parser_test.go | 31 ++ dataset/storage.go | 231 +++++++++++++++ dataset/storage_bstore.go | 412 ++++++++++++++++++++++++++ dataset/updater.go | 226 ++++++++++++++ go.mod | 2 + go.sum | 4 + internal/netutil/conn.go | 5 + internal/timeutil/time.go | 74 +++++ policy/func.go | 78 ++++- policy/handler.go | 65 +++- policy/input.go | 44 ++- policy/policy.go | 64 ++-- proxy/context.go | 36 +++ proxy/proxy.go | 121 +++++++- stats/handler.go | 213 +++++++++++++ stats/stats.go | 104 +++++++ stats/timeseries.go | 105 +++++++ styx.hcl | 19 +- template/blocked-256.jpeg | Bin 0 -> 25195 bytes template/blocked-512.jpeg | Bin 0 -> 90561 bytes template/blocked.html | 83 ++++++ template/blocked.jpeg | Bin 0 -> 193372 bytes testdata/policy/bogons.rego | 58 ---- testdata/policy/childsafe.rego | 56 ---- testdata/policy/custom/childsafe.rego | 102 +++++++ testdata/policy/intercept.rego | 21 -- testdata/policy/styx/bogons.rego | 54 ++++ testdata/policy/styx/intercept.rego | 25 ++ 48 files changed, 3327 insertions(+), 212 deletions(-) create mode 100644 .regal.yaml create mode 100644 admin/admin.go create mode 100644 admin/api_client.go create mode 100644 admin/api_group.go create mode 100644 admin/api_list.go create mode 100644 ca/authority.go create mode 100644 dataset/base.go create mode 100644 dataset/error.go create mode 100644 dataset/parser/adblock.go create mode 100644 dataset/parser/adblock_test.go create mode 100644 dataset/parser/dns.go create mode 100644 dataset/parser/dns_test.go create mode 100644 dataset/parser/domains.go create mode 100644 dataset/parser/domains_test.go create mode 100644 dataset/parser/hosts.go create mode 100644 dataset/parser/hosts_test.go create mode 100644 dataset/parser/parser.go create mode 100644 dataset/parser/parser_test.go create mode 100644 dataset/storage.go create mode 100644 dataset/storage_bstore.go create mode 100644 dataset/updater.go create mode 100644 internal/timeutil/time.go create mode 100644 stats/handler.go create mode 100644 stats/stats.go create mode 100644 stats/timeseries.go create mode 100644 template/blocked-256.jpeg create mode 100644 template/blocked-512.jpeg create mode 100644 template/blocked.html create mode 100644 template/blocked.jpeg delete mode 100644 testdata/policy/bogons.rego delete mode 100644 testdata/policy/childsafe.rego create mode 100644 testdata/policy/custom/childsafe.rego delete mode 100644 testdata/policy/intercept.rego create mode 100644 testdata/policy/styx/bogons.rego create mode 100644 testdata/policy/styx/intercept.rego diff --git a/.gitignore b/.gitignore index 0c3b16c..73ef4f4 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,6 @@ -# SQLite3 database file +# Database file +*.bolt +*.boltdb *.db # Log files diff --git a/.regal.yaml b/.regal.yaml new file mode 100644 index 0000000..3fef402 --- /dev/null +++ b/.regal.yaml @@ -0,0 +1,14 @@ +rules: + idiomatic: + directory-package-mismatch: + level: ignore + + style: + function-arg-return: + level: error + except-functions: + - sprintf + +project: + roots: + - testdata/policy \ No newline at end of file diff --git a/admin/admin.go b/admin/admin.go new file mode 100644 index 0000000..8dfab7b --- /dev/null +++ b/admin/admin.go @@ -0,0 +1,146 @@ +package admin + +import ( + "bytes" + "encoding/json" + "errors" + "io" + "net/http" + "os" + "strconv" + "sync" + + "git.maze.io/maze/styx/dataset" + "git.maze.io/maze/styx/logger" + "git.maze.io/maze/styx/proxy" +) + +type Admin struct { + Storage dataset.Storage + setupOnce sync.Once + mux *http.ServeMux + api *http.ServeMux +} + +type apiError struct { + Code int + Err error +} + +func (err apiError) Error() string { + return err.Err.Error() +} + +func (a *Admin) setup() { + a.mux = http.NewServeMux() + + a.api = http.NewServeMux() + a.api.HandleFunc("GET /groups", a.apiGroups) + a.api.HandleFunc("POST /group", a.apiGroupCreate) + a.api.HandleFunc("GET /group/{id}", a.apiGroup) + a.api.HandleFunc("PATCH /group/{id}", a.apiGroupUpdate) + a.api.HandleFunc("DELETE /group/{id}", a.apiGroupDelete) + a.api.HandleFunc("GET /clients", a.apiClients) + a.api.HandleFunc("GET /client/{id}", a.apiClient) + a.api.HandleFunc("POST /client", a.apiClientCreate) + a.api.HandleFunc("PATCH /client/{id}", a.apiClientUpdate) + a.api.HandleFunc("DELETE /client/{id}", a.apiClientDelete) + a.api.HandleFunc("GET /lists", a.apiLists) + a.api.HandleFunc("POST /list", a.apiListCreate) + a.api.HandleFunc("GET /list/{id}", a.apiList) + a.api.HandleFunc("DELETE /list/{id}", a.apiListDelete) +} + +type Handler interface { + Handle(pattern string, handler http.Handler) +} + +func (a *Admin) Install(handler Handler) { + a.setupOnce.Do(a.setup) + handler.Handle("/api/v1/", http.StripPrefix("/api/v1", a.api)) +} + +func (a *Admin) handleAPIError(w http.ResponseWriter, r *http.Request, err error) { + code := http.StatusBadRequest + switch { + case dataset.IsNotExist(err): + code = http.StatusNotFound + case os.IsPermission(err): + code = http.StatusForbidden + case errors.Is(err, apiError{}): + if c := err.(apiError).Code; c > 0 { + code = c + } + } + + logger.StandardLog.Err(err).Values(logger.Values{ + "code": code, + "client": r.RemoteAddr, + "method": r.Method, + "path": r.URL.Path, + }).Warn("Unexpected API error encountered") + + var data []byte + if err, ok := err.(apiError); ok { + data, _ = json.Marshal(struct { + Code int `json:"code"` + Error string `json:"error"` + }{code, err.Error()}) + } else { + data, _ = json.Marshal(struct { + Code int `json:"code"` + Error string `json:"error"` + }{code, http.StatusText(code)}) + } + + res := proxy.NewResponse(code, io.NopCloser(bytes.NewReader(data)), r) + res.Header.Set(proxy.HeaderContentType, "application/json") + + for k, vv := range res.Header { + if len(vv) >= 1 { + w.Header().Set(k, vv[0]) + for _, v := range vv[1:] { + w.Header().Add(k, v) + } + } + } + w.WriteHeader(code) + io.Copy(w, res.Body) +} + +func (a *Admin) jsonResponse(w http.ResponseWriter, r *http.Request, value any, codes ...int) { + var ( + code = http.StatusNoContent + body io.ReadCloser + size int64 + ) + if value != nil { + data, err := json.Marshal(value) + if err != nil { + a.handleAPIError(w, r, err) + return + } + code = http.StatusOK + body = io.NopCloser(bytes.NewReader(data)) + size = int64(len(data)) + } + if len(codes) > 0 { + code = codes[0] + } + + res := proxy.NewResponse(code, body, r) + res.Close = true + res.Header.Set(proxy.HeaderContentLength, strconv.FormatInt(size, 10)) + res.Header.Set(proxy.HeaderContentType, "application/json") + + for k, vv := range res.Header { + if len(vv) >= 1 { + w.Header().Set(k, vv[0]) + for _, v := range vv[1:] { + w.Header().Add(k, v) + } + } + } + w.WriteHeader(code) + io.Copy(w, res.Body) +} diff --git a/admin/api_client.go b/admin/api_client.go new file mode 100644 index 0000000..8605199 --- /dev/null +++ b/admin/api_client.go @@ -0,0 +1,183 @@ +package admin + +import ( + "encoding/json" + "errors" + "fmt" + "log" + "net" + "net/http" + "strconv" + "time" + + "git.maze.io/maze/styx/dataset" +) + +func (a *Admin) apiClients(w http.ResponseWriter, r *http.Request) { + clients, err := a.Storage.Clients() + if err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, clients) +} + +func (a *Admin) apiClient(w http.ResponseWriter, r *http.Request) { + id, err := strconv.ParseInt(r.PathValue("id"), 10, 64) + if err != nil { + a.handleAPIError(w, r, err) + return + } + client, err := a.Storage.ClientByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, client) +} + +func (a *Admin) apiClientCreate(w http.ResponseWriter, r *http.Request) { + var request struct { + dataset.Client + Groups []int64 `json:"groups"` + ID int64 `json:"id"` // mask, not used + CreatedAt time.Time `json:"created_at"` // mask, not used + UpdatedAt time.Time `json:"updated_at"` // mask, not used + } + if err := json.NewDecoder(r.Body).Decode(&request); err != nil { + a.handleAPIError(w, r, err) + return + } + + if err := a.verifyClient(&request.Client); err != nil { + a.handleAPIError(w, r, err) + return + } + + var groups []dataset.Group + for _, id := range request.Groups { + group, err := a.Storage.GroupByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + groups = append(groups, group) + } + + request.Client.Groups = groups + if err := a.Storage.SaveClient(&request.Client); err != nil { + a.handleAPIError(w, r, err) + return + } + + a.jsonResponse(w, r, request.Client) +} + +func (a *Admin) apiClientUpdate(w http.ResponseWriter, r *http.Request) { + id, err := strconv.ParseInt(r.PathValue("id"), 10, 64) + if err != nil { + a.handleAPIError(w, r, err) + return + } + + client, err := a.Storage.ClientByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + log.Printf("updating: %#+v", client) + + var request struct { + dataset.Client + Groups []int64 `json:"groups"` + } + if err := json.NewDecoder(r.Body).Decode(&request); err != nil { + a.handleAPIError(w, r, err) + return + } + + if err := a.verifyClient(&request.Client); err != nil { + a.handleAPIError(w, r, err) + return + } + + client.IP = request.Client.IP + client.Mask = request.Client.Mask + client.Description = request.Client.Description + client.Groups = client.Groups[:0] + for _, id := range request.Groups { + group, err := a.Storage.GroupByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + client.Groups = append(client.Groups, group) + } + if err := a.Storage.SaveClient(&client); err != nil { + a.handleAPIError(w, r, err) + return + } + + a.jsonResponse(w, r, client) +} + +func (a *Admin) apiClientDelete(w http.ResponseWriter, r *http.Request) { + id, err := strconv.ParseInt(r.PathValue("id"), 10, 64) + if err != nil { + a.handleAPIError(w, r, err) + return + } + client, err := a.Storage.ClientByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + if err = a.Storage.DeleteClient(client); err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, nil) +} + +func (a *Admin) verifyClient(c *dataset.Client) (err error) { + ip := net.ParseIP(c.IP) + switch c.Network { + case "ipv4": + if ip.To4() == nil { + return apiError{Err: errors.New("invalid IPv4 address")} + } + if c.Mask == 0 { + c.Mask = 32 // one IP + } + if c.Mask <= 0 || c.Mask > 32 { + return apiError{Err: errors.New("mask can't be zero")} + } + c.IP = ip.Mask(net.CIDRMask(int(c.Mask), 32)).String() + + case "ipv6": + if ip.To16() == nil { + return apiError{Err: errors.New("invalid IPv6 address")} + } + if c.Mask == 0 { + c.Mask = 128 // one IP + } + if c.Mask <= 0 || c.Mask > 128 { + return apiError{Err: errors.New("mask can't be zero")} + } + c.IP = ip.Mask(net.CIDRMask(int(c.Mask), 128)).String() + + case "": + if ip.To4() != nil { + c.Network = "ipv4" + } else if ip.To16() != nil { + c.Network = "ipv6" + } else { + return apiError{Err: errors.New("invalid IP address")} + } + return a.verifyClient(c) + + default: + return apiError{Err: fmt.Errorf("invalid network %q", c.Network)} + } + return +} diff --git a/admin/api_group.go b/admin/api_group.go new file mode 100644 index 0000000..e981e00 --- /dev/null +++ b/admin/api_group.go @@ -0,0 +1,72 @@ +package admin + +import ( + "encoding/json" + "net/http" + "strconv" + "time" + + "git.maze.io/maze/styx/dataset" +) + +func (a *Admin) apiGroups(w http.ResponseWriter, r *http.Request) { + groups, err := a.Storage.Groups() + if err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, groups) +} + +func (a *Admin) apiGroup(w http.ResponseWriter, r *http.Request) { + id, err := strconv.ParseInt(r.PathValue("id"), 10, 64) + if err != nil { + a.handleAPIError(w, r, err) + return + } + group, err := a.Storage.GroupByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, group) +} + +func (a *Admin) apiGroupCreate(w http.ResponseWriter, r *http.Request) { + var request struct { + dataset.Group + ID int64 `json:"id"` // mask, not used + CreatedAt time.Time `json:"created_at"` // mask, not used + UpdatedAt time.Time `json:"updated_at"` // mask, not used + } + if err := json.NewDecoder(r.Body).Decode(&request); err != nil { + a.handleAPIError(w, r, err) + return + } + if err := a.Storage.SaveGroup(&request.Group); err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, request.Group, http.StatusCreated) +} + +func (a *Admin) apiGroupUpdate(w http.ResponseWriter, r *http.Request) { +} + +func (a *Admin) apiGroupDelete(w http.ResponseWriter, r *http.Request) { + id, err := strconv.ParseInt(r.PathValue("id"), 10, 64) + if err != nil { + a.handleAPIError(w, r, err) + return + } + group, err := a.Storage.GroupByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + if err = a.Storage.DeleteGroup(group); err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, nil) +} diff --git a/admin/api_list.go b/admin/api_list.go new file mode 100644 index 0000000..b31e9e1 --- /dev/null +++ b/admin/api_list.go @@ -0,0 +1,98 @@ +package admin + +import ( + "encoding/json" + "fmt" + "net/http" + "strconv" + "time" + + "git.maze.io/maze/styx/dataset" +) + +func (a *Admin) apiLists(w http.ResponseWriter, r *http.Request) { + lists, err := a.Storage.Lists() + if err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, lists) +} + +func (a *Admin) apiList(w http.ResponseWriter, r *http.Request) { + id, err := strconv.ParseInt(r.PathValue("id"), 10, 64) + if err != nil { + a.handleAPIError(w, r, err) + return + } + list, err := a.Storage.ListByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, list) +} + +func (a *Admin) apiListCreate(w http.ResponseWriter, r *http.Request) { + var request struct { + dataset.List + Groups []int64 `json:"groups"` + ID int64 `json:"id"` // mask, not used + CreatedAt time.Time `json:"created_at"` // mask, not used + UpdatedAt time.Time `json:"updated_at"` // mask, not used + } + if err := json.NewDecoder(r.Body).Decode(&request); err != nil { + a.handleAPIError(w, r, err) + return + } + + if err := a.verifyList(&request.List); err != nil { + a.handleAPIError(w, r, err) + return + } + + request.List.Groups = request.List.Groups[:0] + for _, id := range request.Groups { + group, err := a.Storage.GroupByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + request.List.Groups = append(request.List.Groups, group) + } + + if err := a.Storage.SaveList(&request.List); err != nil { + a.handleAPIError(w, r, err) + return + } + + a.jsonResponse(w, r, request.List) +} + +func (a *Admin) apiListDelete(w http.ResponseWriter, r *http.Request) { + id, err := strconv.ParseInt(r.PathValue("id"), 10, 64) + if err != nil { + a.handleAPIError(w, r, err) + return + } + list, err := a.Storage.ListByID(id) + if err != nil { + a.handleAPIError(w, r, err) + return + } + if err = a.Storage.DeleteList(list); err != nil { + a.handleAPIError(w, r, err) + return + } + a.jsonResponse(w, r, nil) +} + +func (a *Admin) verifyList(list *dataset.List) error { + switch list.Type { + case dataset.ListTypeDomain, dataset.ListTypeNetwork: + default: + return apiError{Err: fmt.Errorf("unknown list type %q", list.Type)} + } + + return nil +} diff --git a/ca/authority.go b/ca/authority.go new file mode 100644 index 0000000..3763bcd --- /dev/null +++ b/ca/authority.go @@ -0,0 +1,119 @@ +package ca + +import ( + "crypto" + "crypto/rand" + "crypto/tls" + "crypto/x509" + "crypto/x509/pkix" + "fmt" + "math/big" + "net" + "strings" + "sync" + "time" + + "git.maze.io/maze/styx/internal/cryptutil" + "git.maze.io/maze/styx/logger" + "github.com/miekg/dns" +) + +type CertificateAuthority interface { + GetCertificate(commonName string, dnsNames []string, ips []net.IP) (*tls.Certificate, error) +} + +type ca struct { + cert *x509.Certificate + key crypto.PrivateKey + cache sync.Map +} + +func Open(certData, keyData string) (CertificateAuthority, error) { + cert, key, err := cryptutil.LoadKeyPair(certData, keyData) + if err != nil { + return nil, err + } else if !cert.IsCA { + return nil, fmt.Errorf("ca: certificate for %s is not a certificate authority", cert.Subject.String()) + } + + return &ca{ + cert: cert, + key: key, + }, nil +} + +func (ca *ca) GetCertificate(cn string, names []string, ips []net.IP) (*tls.Certificate, error) { + var ( + log = logger.StandardLog.Values(logger.Values{ + "cn": cn, + "names": names, + "ips": ips, + }) + now = time.Now().UTC() + parent = parentDomain(cn) + ) + if cn == parent { + names = append(names, "*."+cn) + } else { + names = append(names, "*."+parent, cn) + cn = parent + log = log.Value("cn", cn) + } + if v, ok := ca.cache.Load(parent); ok { + if cert, ok := v.(*tls.Certificate); ok && now.After(cert.Leaf.NotBefore) && now.Before(cert.Leaf.NotAfter.Add(-time.Hour)) { + log.Value("valid", cert.Leaf.NotAfter.Sub(now)).Debug("Using cached certificate") + return cert, nil + } + log.Debug("Cached certificate invalid") + ca.cache.Delete(parent) + } + + serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) + serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) + if err != nil { + return nil, fmt.Errorf("ca: failed to generate serial number: %w", err) + } + + notBefore := now.Round(24 * time.Hour) + notAfter := notBefore.Add(48 * time.Hour) + + log.Values(logger.Values{ + "serial": serialNumber.String(), + "subject": pkix.Name{CommonName: cn}.String(), + }).Debug("Generating certificate") + template := &x509.Certificate{ + SerialNumber: serialNumber, + KeyUsage: x509.KeyUsageDataEncipherment | x509.KeyUsageDigitalSignature, + ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, + Subject: pkix.Name{CommonName: cn}, + DNSNames: names, + IPAddresses: ips, + PublicKey: cryptutil.PublicKey(ca.key), + NotBefore: notBefore, + NotAfter: notAfter, + } + der, err := x509.CreateCertificate(rand.Reader, template, ca.cert, template.PublicKey, ca.key) + if err != nil { + return nil, err + } + cert, err := x509.ParseCertificate(der) + if err != nil { + return nil, err + } + + output := &tls.Certificate{ + Certificate: [][]byte{der}, + Leaf: cert, + PrivateKey: ca.key, + } + ca.cache.Store(parent, output) + return output, nil +} + +func parentDomain(name string) string { + part := dns.SplitDomainName(name) + if len(part) <= 2 { + return name + } + return strings.Join(part[1:], ".") +} diff --git a/cmd/styx/config.go b/cmd/styx/config.go index 25cd622..3bc970d 100644 --- a/cmd/styx/config.go +++ b/cmd/styx/config.go @@ -8,6 +8,7 @@ import ( "github.com/hashicorp/hcl/v2/gohcl" "github.com/hashicorp/hcl/v2/hclsimple" + "git.maze.io/maze/styx/ca" "git.maze.io/maze/styx/dataset" "git.maze.io/maze/styx/internal/cryptutil" "git.maze.io/maze/styx/logger" @@ -18,6 +19,7 @@ import ( type Config struct { Proxy ProxyConfig `hcl:"proxy,block"` Policy []PolicyConfig `hcl:"policy,block"` + CA *CAConfig `hcl:"ca,block"` Data DataConfig `hcl:"data,block"` } @@ -145,8 +147,18 @@ type PolicyConfig struct { Package string `hcl:"package,optional"` } +type CAConfig struct { + Cert string `hcl:"cert"` + Key string `hcl:"key,optional"` +} + +func (c CAConfig) CertificateAuthority() (ca.CertificateAuthority, error) { + return ca.Open(c.Cert, c.Key) +} + type DataConfig struct { Path string `hcl:"path,optional"` + Storage DataStorageConfig `hcl:"storage,block"` Domains []DomainDataConfig `hcl:"domain,block"` Networks []NetworkDataConfig `hcl:"network,block"` } @@ -165,6 +177,39 @@ func (c DataConfig) Configure() error { return nil } +func (c DataConfig) OpenStorage() (dataset.Storage, error) { + switch c.Storage.Type { + case "", "bolt", "boltdb": + var config struct { + Path string `hcl:"path"` + } + if diag := gohcl.DecodeBody(c.Storage.Body, nil, &config); diag.HasErrors() { + return nil, diag + } + //return dataset.OpenBolt(config.Path) + return dataset.OpenBStore(config.Path) + + /* + case "sqlite", "sqlite3": + var config struct { + Path string `hcl:"path"` + } + if diag := gohcl.DecodeBody(c.Storage.Body, nil, &config); diag.HasErrors() { + return nil, diag + } + return dataset.OpenSQLite(config.Path) + */ + + default: + return nil, fmt.Errorf("storage: no %q driver", c.Storage.Type) + } +} + +type DataStorageConfig struct { + Type string `hcl:"type"` + Body hcl.Body `hcl:",remain"` +} + type DomainDataConfig struct { Name string `hcl:"name,label"` Type string `hcl:"type"` diff --git a/cmd/styx/main.go b/cmd/styx/main.go index 18adf49..03d1d27 100644 --- a/cmd/styx/main.go +++ b/cmd/styx/main.go @@ -7,6 +7,9 @@ import ( "os/signal" "syscall" + "git.maze.io/maze/styx/admin" + "git.maze.io/maze/styx/ca" + "git.maze.io/maze/styx/dataset" "git.maze.io/maze/styx/logger" "git.maze.io/maze/styx/proxy" ) @@ -40,6 +43,22 @@ func main() { log.Err(err).Fatal("Invalid data configuration") } + var ca ca.CertificateAuthority + if config.CA != nil { + if ca, err = config.CA.CertificateAuthority(); err != nil { + log.Err(err).Fatal("Invalid ca configuration") + } + } + + var storage dataset.Storage + if storage, err = config.Data.OpenStorage(); err != nil { + log.Err(err).Fatal("Invalid data.storage configuration") + } + + admin := &admin.Admin{ + Storage: storage, + } + proxies, err := config.Proxies(log) if err != nil { log.Err(err).Fatal("Error configuring proxy ports") @@ -52,6 +71,9 @@ func main() { ) for i, p := range proxies { + p.CertificateAuthority = ca + p.Storage = storage + admin.Install(p) go run(config.Proxy.Port[i].Listen, p, errs) } @@ -64,12 +86,18 @@ func main() { case syscall.SIGHUP: log.Value("signal", sig.String()).Warn("Ignored reload signal ¯\\_(ツ)_/¯") default: - log.Value("signal", sig.String()).Info("Shutting down on signal") - return + log.Value("signal", sig.String()).Warn("Shutting down on signal") + close(done) } case <-done: - log.Info("Shutting down gracefully") + log.Warn("Shutting down gracefully") + for i, p := range proxies { + log.Value("port", config.Proxy.Port[i].Listen).Info("Proxy port closing") + if err := p.Close(); err != nil { + log.Err(err).Error("Error closing proxy") + } + } return case err = <-errs: diff --git a/dataset/base.go b/dataset/base.go new file mode 100644 index 0000000..8ff540f --- /dev/null +++ b/dataset/base.go @@ -0,0 +1 @@ +package dataset diff --git a/dataset/error.go b/dataset/error.go new file mode 100644 index 0000000..609ab80 --- /dev/null +++ b/dataset/error.go @@ -0,0 +1,25 @@ +package dataset + +import ( + "errors" + "fmt" + "os" + + "github.com/mjl-/bstore" +) + +type ErrNotExist struct { + Object string + ID int64 +} + +func (err ErrNotExist) Error() string { + return fmt.Sprintf("storage: %s not found", err.Object) +} + +func IsNotExist(err error) bool { + if err == nil { + return false + } + return os.IsNotExist(err) || errors.Is(err, ErrNotExist{}) || errors.Is(err, bstore.ErrAbsent) +} diff --git a/dataset/parser/adblock.go b/dataset/parser/adblock.go new file mode 100644 index 0000000..1b35df6 --- /dev/null +++ b/dataset/parser/adblock.go @@ -0,0 +1,53 @@ +package parser + +import ( + "bufio" + "io" + "strings" +) + +func init() { + RegisterDomainsParser(adblockDomainsParser{}) +} + +type adblockDomainsParser struct{} + +func (adblockDomainsParser) CanHandle(line string) bool { + return strings.HasPrefix(strings.ToLower(line), `[adblock`) || + strings.HasPrefix(line, "@@") || // exception + strings.HasPrefix(line, "||") || // blah + line[0] == '*' +} + +func (adblockDomainsParser) ParseDomains(r io.Reader) (domains []string, ignored int, err error) { + scanner := bufio.NewScanner(r) + for scanner.Scan() { + line := strings.TrimSpace(scanner.Text()) + if isComment(line) { + continue + } + + // Common AdBlock patterns: + // ||domain.com^ + // |http://domain.com| + // domain.com/path + // *domain.com* + switch { + case strings.HasPrefix(line, `||`): // domain anchor + if i := strings.IndexByte(line, '^'); i != -1 { + domains = append(domains, line[2:i]) + continue + } + case strings.HasPrefix(line, `|`) && strings.HasSuffix(line, `|`): + domains = append(domains, line[1:len(line)-2]) + continue + case strings.HasPrefix(line, `[`): + continue + } + ignored++ + } + if err = scanner.Err(); err != nil { + return + } + return unique(domains), ignored, nil +} diff --git a/dataset/parser/adblock_test.go b/dataset/parser/adblock_test.go new file mode 100644 index 0000000..9874bb5 --- /dev/null +++ b/dataset/parser/adblock_test.go @@ -0,0 +1,41 @@ +package parser + +import ( + "reflect" + "sort" + "strings" + "testing" +) + +func TestAdBlockParser(t *testing.T) { + test := `[Adblock Plus 2.0] +! Title: AdRules DNS List +! Homepage: https://github.com/Cats-Team/AdRules +! Powerd by Cats-Team +! Expires: 1 (update frequency) +! Description: The DNS Filters +! Total count: 145270 +! Update: 2025-10-07 02:05:08(GMT+8) +/^.+stat\.kugou\.com/ +/^admarvel\./ +||*-ad-sign.byteimg.com^ +||*-ad.a.yximgs.com^ +||*-applog.fqnovel.com^ +||*-datareceiver.aki-game.net^ +||*.exaapi.com^` + want := []string{"*-ad-sign.byteimg.com", "*-ad.a.yximgs.com", "*-applog.fqnovel.com", "*-datareceiver.aki-game.net", "*.exaapi.com"} + + parsed, ignored, err := ParseDomains(strings.NewReader(test)) + if err != nil { + t.Fatal(err) + return + } + + sort.Strings(parsed) + if !reflect.DeepEqual(parsed, want) { + t.Errorf("expected ParseDomains(domains) to return %v, got %v", want, parsed) + } + if ignored != 2 { + t.Errorf("expected 2 ignored, got %d", ignored) + } +} diff --git a/dataset/parser/dns.go b/dataset/parser/dns.go new file mode 100644 index 0000000..8b331f7 --- /dev/null +++ b/dataset/parser/dns.go @@ -0,0 +1,139 @@ +package parser + +import ( + "bufio" + "io" + "strings" + + "github.com/miekg/dns" +) + +func init() { + RegisterDomainsParser(dnsmasqDomainsParser{}) + RegisterDomainsParser(mosDNSDomainsParser{}) + RegisterDomainsParser(smartDNSDomainsParser{}) + RegisterDomainsParser(unboundDomainsParser{}) +} + +type dnsmasqDomainsParser struct{} + +func (dnsmasqDomainsParser) CanHandle(line string) bool { + return strings.HasPrefix(line, "address=/") +} + +func (dnsmasqDomainsParser) ParseDomains(r io.Reader) (domains []string, ignored int, err error) { + scanner := bufio.NewScanner(r) + for scanner.Scan() { + line := strings.TrimSpace(scanner.Text()) + if isComment(line) { + continue + } + switch { + case strings.HasPrefix(line, "address=/"): + part := strings.FieldsFunc(line, func(r rune) bool { return r == '/' }) + if len(part) >= 3 && isDomainName(part[1]) { + domains = append(domains, part[1]) + continue + } + } + ignored++ + } + if err = scanner.Err(); err != nil { + return + } + return unique(domains), ignored, nil +} + +type mosDNSDomainsParser struct{} + +func (mosDNSDomainsParser) CanHandle(line string) bool { + if strings.HasPrefix(line, "domain:") { + return isDomainName(line[7:]) + } + return false +} + +func (mosDNSDomainsParser) ParseDomains(r io.Reader) (domains []string, ignored int, err error) { + scanner := bufio.NewScanner(r) + for scanner.Scan() { + line := strings.TrimSpace(scanner.Text()) + if isComment(line) { + continue + } + if strings.HasPrefix(line, "domain:") { + domains = append(domains, line[7:]) + continue + } + ignored++ + } + if err = scanner.Err(); err != nil { + return + } + return unique(domains), ignored, nil +} + +type smartDNSDomainsParser struct{} + +func (smartDNSDomainsParser) CanHandle(line string) bool { + return strings.HasPrefix(line, "address /") +} + +func (smartDNSDomainsParser) ParseDomains(r io.Reader) (domains []string, ignored int, err error) { + scanner := bufio.NewScanner(r) + for scanner.Scan() { + line := strings.TrimSpace(scanner.Text()) + if isComment(line) { + continue + } + if strings.HasPrefix(line, "address /") { + if i := strings.IndexByte(line[9:], '/'); i > -1 { + domains = append(domains, line[9:i+9]) + continue + } + } + ignored++ + } + if err = scanner.Err(); err != nil { + return + } + return unique(domains), ignored, nil +} + +type unboundDomainsParser struct{} + +func (unboundDomainsParser) CanHandle(line string) bool { + return strings.HasPrefix(line, "local-data:") || + strings.HasPrefix(line, "local-zone:") +} + +func (unboundDomainsParser) ParseDomains(r io.Reader) (domains []string, ignored int, err error) { + scanner := bufio.NewScanner(r) + for scanner.Scan() { + line := strings.TrimSpace(scanner.Text()) + if isComment(line) { + continue + } + switch { + case strings.HasPrefix(line, "local-data:"): + record := strings.Trim(strings.TrimSpace(line[11:]), `"`) + if rr, err := dns.NewRR(record); err == nil { + switch rr.Header().Rrtype { + case dns.TypeA, dns.TypeAAAA, dns.TypeCNAME: + domains = append(domains, strings.Trim(rr.Header().Name, `.`)) + continue + } + } + case strings.HasPrefix(line, "local-zone:") && strings.HasSuffix(line, " reject"): + line = strings.Trim(strings.TrimSpace(line[11:]), `"`) + if i := strings.IndexByte(line, '"'); i > -1 { + domains = append(domains, line[:i]) + continue + } + } + ignored++ + } + if err = scanner.Err(); err != nil { + return + } + return unique(domains), ignored, nil +} diff --git a/dataset/parser/dns_test.go b/dataset/parser/dns_test.go new file mode 100644 index 0000000..7b06833 --- /dev/null +++ b/dataset/parser/dns_test.go @@ -0,0 +1,106 @@ +package parser + +import ( + "reflect" + "sort" + "strings" + "testing" +) + +func TestDNSMasqParser(t *testing.T) { + tests := []struct { + Name string + Test string + Want []string + WantIgnored int + }{ + { + "data", + ` +local-data: "junk1.doubleclick.net A 127.0.0.1" +local-data: "junk2.doubleclick.net A 127.0.0.1" +local-data: "junk2.doubleclick.net CNAME doubleclick.net." +local-data: "junk6.doubleclick.net AAAA ::1" +local-data: "doubleclick.net A 127.0.0.1" +local-data: "ad.junk1.doubleclick.net A 127.0.0.1" +local-data: "adjunk.google.com A 127.0.0.1"`, + []string{"ad.junk1.doubleclick.net", "adjunk.google.com", "doubleclick.net", "junk1.doubleclick.net", "junk2.doubleclick.net", "junk6.doubleclick.net"}, + 0, + }, + { + "zone", + ` +local-zone: "doubleclick.net" reject +local-zone: "adjunk.google.com" reject`, + []string{"adjunk.google.com", "doubleclick.net"}, + 0, + }, + { + "address", + ` +address=/ziyu.net/0.0.0.0 +address=/zlp6s.pw/0.0.0.0 +address=/zm232.com/0.0.0.0 + `, + []string{"ziyu.net", "zlp6s.pw", "zm232.com"}, + 0, + }, + } + for _, test := range tests { + t.Run(test.Name, func(it *testing.T) { + parsed, ignored, err := ParseDomains(strings.NewReader(test.Test)) + if err != nil { + t.Fatal(err) + return + } + + sort.Strings(parsed) + if !reflect.DeepEqual(parsed, test.Want) { + t.Errorf("expected ParseDomains(dnsmasq) to return\n\t%v, got\n\t%v", test.Want, parsed) + } + if ignored != test.WantIgnored { + t.Errorf("expected %d ignored, got %d", test.WantIgnored, ignored) + } + }) + } +} + +func TestMOSDNSParser(t *testing.T) { + test := `domain:0019x.com +domain:002777.xyz +domain:003store.com +domain:00404850.xyz` + want := []string{"0019x.com", "002777.xyz", "003store.com", "00404850.xyz"} + + parsed, _, err := ParseDomains(strings.NewReader(test)) + if err != nil { + t.Fatal(err) + return + } + + sort.Strings(parsed) + if !reflect.DeepEqual(parsed, want) { + t.Errorf("expected ParseDomains(domains) to return %v, got %v", want, parsed) + } +} + +func TestSmartDNSParser(t *testing.T) { + test := `# Title:AdRules SmartDNS List +# Update: 2025-10-07 02:05:08(GMT+8) +address /0.myikas.com/# +address /0.net.easyjet.com/# +address /0.nextyourcontent.com/# +address /0019x.com/#` + want := []string{"0.myikas.com", "0.net.easyjet.com", "0.nextyourcontent.com", "0019x.com"} + + parsed, _, err := ParseDomains(strings.NewReader(test)) + if err != nil { + t.Fatal(err) + return + } + + sort.Strings(parsed) + if !reflect.DeepEqual(parsed, want) { + t.Errorf("expected ParseDomains(domains) to return %v, got %v", want, parsed) + } +} diff --git a/dataset/parser/domains.go b/dataset/parser/domains.go new file mode 100644 index 0000000..31b38f9 --- /dev/null +++ b/dataset/parser/domains.go @@ -0,0 +1,40 @@ +package parser + +import ( + "bufio" + "io" + "net" + "strings" +) + +func init() { + domainsParsers = append(domainsParsers, domainsParser{}) +} + +type domainsParser struct{} + +func (domainsParser) CanHandle(line string) bool { + return isDomainName(line) && + !strings.ContainsRune(line, ' ') && + !strings.ContainsRune(line, ':') && + net.ParseIP(line) == nil +} + +func (domainsParser) ParseDomains(r io.Reader) (domains []string, ignored int, err error) { + scanner := bufio.NewScanner(r) + for scanner.Scan() { + line := strings.TrimSpace(scanner.Text()) + if isComment(line) { + continue + } + if isDomainName(line) { + domains = append(domains, line) + continue + } + ignored++ + } + if err = scanner.Err(); err != nil { + return + } + return unique(domains), ignored, nil +} diff --git a/dataset/parser/domains_test.go b/dataset/parser/domains_test.go new file mode 100644 index 0000000..38c6bd7 --- /dev/null +++ b/dataset/parser/domains_test.go @@ -0,0 +1,31 @@ +package parser + +import ( + "reflect" + "sort" + "strings" + "testing" +) + +func TestParseDomains(t *testing.T) { + test := `# This is a comment +facebook.com +tiktok.com +bogus ignored +youtube.com` + want := []string{"facebook.com", "tiktok.com", "youtube.com"} + + parsed, ignored, err := ParseDomains(strings.NewReader(test)) + if err != nil { + t.Fatal(err) + return + } + + sort.Strings(parsed) + if !reflect.DeepEqual(parsed, want) { + t.Errorf("expected ParseDomains(domains) to return %v, got %v", want, parsed) + } + if ignored != 1 { + t.Errorf("expected 1 ignored, got %d", ignored) + } +} diff --git a/dataset/parser/hosts.go b/dataset/parser/hosts.go new file mode 100644 index 0000000..2512424 --- /dev/null +++ b/dataset/parser/hosts.go @@ -0,0 +1,41 @@ +package parser + +import ( + "bufio" + "io" + "net" + "strings" +) + +func init() { + RegisterDomainsParser(hostsParser{}) +} + +type hostsParser struct{} + +func (hostsParser) CanHandle(line string) bool { + part := strings.Fields(line) + return len(part) >= 2 && net.ParseIP(part[0]) != nil +} + +func (hostsParser) ParseDomains(r io.Reader) (domains []string, ignored int, err error) { + scanner := bufio.NewScanner(r) + for scanner.Scan() { + line := strings.TrimSpace(scanner.Text()) + if isComment(line) { + continue + } + + part := strings.Fields(line) + if len(part) >= 2 && net.ParseIP(part[0]) != nil { + domains = append(domains, part[1:]...) + continue + } + + ignored++ + } + if err = scanner.Err(); err != nil { + return + } + return unique(domains), ignored, nil +} diff --git a/dataset/parser/hosts_test.go b/dataset/parser/hosts_test.go new file mode 100644 index 0000000..38a434d --- /dev/null +++ b/dataset/parser/hosts_test.go @@ -0,0 +1,38 @@ +package parser + +import ( + "reflect" + "sort" + "strings" + "testing" +) + +func TestParseHosts(t *testing.T) { + test := `## +# Host Database +# +# localhost is used to configure the loopback interface +# when the system is booting. Do not change this entry. +## +127.0.0.1 localhost dragon dragon.local dragon.maze.network +255.255.255.255 broadcasthost +::1 localhost +ff00::1 multicast +1.2.3.4 +` + want := []string{"broadcasthost", "dragon", "dragon.local", "dragon.maze.network", "localhost", "multicast"} + + parsed, ignored, err := ParseDomains(strings.NewReader(test)) + if err != nil { + t.Fatal(err) + return + } + + sort.Strings(parsed) + if !reflect.DeepEqual(parsed, want) { + t.Errorf("expected ParseDomains(hosts) to return %v, got %v", want, parsed) + } + if ignored != 1 { + t.Errorf("expected 1 ignored, got %d", ignored) + } +} diff --git a/dataset/parser/parser.go b/dataset/parser/parser.go new file mode 100644 index 0000000..e398f27 --- /dev/null +++ b/dataset/parser/parser.go @@ -0,0 +1,76 @@ +package parser + +import ( + "bufio" + "bytes" + "errors" + "io" + "log" + "strings" + + "github.com/miekg/dns" +) + +var ErrNoParser = errors.New("no suitable parser could be found") + +type Parser interface { + CanHandle(line string) bool +} + +type DomainsParser interface { + Parser + ParseDomains(io.Reader) (domains []string, ignored int, err error) +} + +var domainsParsers []DomainsParser + +func RegisterDomainsParser(parser DomainsParser) { + domainsParsers = append(domainsParsers, parser) +} + +func ParseDomains(r io.Reader) (domains []string, ignored int, err error) { + var ( + buffer = new(bytes.Buffer) + scanner = bufio.NewScanner(io.TeeReader(r, buffer)) + line string + parser DomainsParser + ) + for scanner.Scan() { + line = strings.TrimSpace(scanner.Text()) + if isComment(line) { + continue + } + for _, parser = range domainsParsers { + if parser.CanHandle(line) { + log.Printf("using parser %T", parser) + return parser.ParseDomains(io.MultiReader(buffer, r)) + } + } + break + } + return nil, 0, ErrNoParser +} + +func isComment(line string) bool { + return line == "" || line[0] == '#' || line[0] == '!' +} + +func isDomainName(name string) bool { + n, ok := dns.IsDomainName(name) + return n >= 2 && ok +} + +func unique(strings []string) []string { + if strings == nil { + return nil + } + v := make(map[string]struct{}) + for _, s := range strings { + v[s] = struct{}{} + } + o := make([]string, 0, len(v)) + for k := range v { + o = append(o, k) + } + return o +} diff --git a/dataset/parser/parser_test.go b/dataset/parser/parser_test.go new file mode 100644 index 0000000..fd469e2 --- /dev/null +++ b/dataset/parser/parser_test.go @@ -0,0 +1,31 @@ +package parser + +import ( + "reflect" + "sort" + "testing" +) + +func TestUnique(t *testing.T) { + tests := []struct { + Name string + Test []string + Want []string + }{ + {"nil", nil, nil}, + {"single", []string{"test"}, []string{"test"}}, + {"duplicate", []string{"test", "test"}, []string{"test"}}, + {"multiple", []string{"a", "a", "b", "b", "b", "c"}, []string{"a", "b", "c"}}, + } + for _, test := range tests { + t.Run(test.Name, func(it *testing.T) { + v := unique(test.Test) + if v != nil { + sort.Strings(v) + } + if !reflect.DeepEqual(v, test.Want) { + it.Errorf("expected unique(%v) to return %v, got %v", test.Test, test.Want, v) + } + }) + } +} diff --git a/dataset/storage.go b/dataset/storage.go new file mode 100644 index 0000000..a5366a8 --- /dev/null +++ b/dataset/storage.go @@ -0,0 +1,231 @@ +package dataset + +import ( + "bufio" + "bytes" + "fmt" + "io" + "io/fs" + "net" + "net/http" + "net/url" + "os" + "slices" + "strings" + "time" + + _ "github.com/mattn/go-sqlite3" // SQLite3 driver + "github.com/miekg/dns" +) + +type Storage interface { + Groups() ([]Group, error) + GroupByID(int64) (Group, error) + GroupByName(name string) (Group, error) + SaveGroup(*Group) error + DeleteGroup(Group) error + + Clients() (Clients, error) + ClientByID(int64) (Client, error) + ClientByIP(net.IP) (Client, error) + SaveClient(*Client) error + DeleteClient(Client) error + + Lists() ([]List, error) + ListByID(int64) (List, error) + SaveList(*List) error + DeleteList(List) error +} + +type Group struct { + ID int64 `json:"id"` + Name string `json:"name" bstore:"nonzero,unique"` + IsEnabled bool `json:"is_enabled" bstore:"nonzero"` + Description string `json:"description"` + CreatedAt time.Time `json:"created_at" bstore:"nonzero"` + UpdatedAt time.Time `json:"updated_at" bstore:"nonzero"` + Storage Storage `json:"-" bstore:"-"` +} + +type Client struct { + ID int64 `json:"id"` + Network string `json:"network" bstore:"nonzero,index"` + IP string `json:"ip" bstore:"nonzero,unique IP+Mask"` + Mask int `json:"mask"` + Description string `json:"description"` + Groups []Group `json:"groups,omitempty" bstore:"-"` + CreatedAt time.Time `json:"created_at" bstore:"nonzero"` + UpdatedAt time.Time `json:"updated_at" bstore:"nonzero"` + Storage Storage `json:"-" bstore:"-"` +} + +type WithClient interface { + Client() (Client, error) +} + +type ClientGroup struct { + ID int64 `json:"id"` + ClientID int64 `json:"client_id" bstore:"ref Client,index"` + GroupID int64 `json:"group_id" bstore:"ref Group,index"` +} + +func (c *Client) ContainsIP(ip net.IP) bool { + ipnet := &net.IPNet{ + IP: net.ParseIP(c.IP), + Mask: net.CIDRMask(int(c.Mask), 32), + } + if ipnet.IP == nil { + return false + } + return ipnet.Contains(ip) +} + +func (c *Client) String() string { + ipnet := &net.IPNet{ + IP: net.ParseIP(c.IP), + Mask: net.CIDRMask(int(c.Mask), 32), + } + return ipnet.String() +} + +type Clients []Client + +func (cs Clients) ByIP(ip net.IP) *Client { + var candidates []*Client + for _, c := range cs { + if c.ContainsIP(ip) { + candidates = append(candidates, &c) + } + } + switch len(candidates) { + case 0: + return nil + case 1: + return candidates[0] + default: + slices.SortStableFunc(candidates, func(a, b *Client) int { + return int(b.Mask) - int(a.Mask) + }) + return candidates[0] + } +} + +const ( + ListTypeDomain = "domain" + ListTypeNetwork = "network" +) + +const ( + MinListRefresh = 1 * time.Minute + DefaultListRefresh = 30 * time.Minute +) + +type List struct { + ID int64 `json:"id"` + Type string `json:"type"` + Source string `json:"source"` + IsEnabled bool `json:"is_enabled"` + Permit bool `json:"permit"` + Groups []Group `json:"groups,omitempty" bstore:"-"` + Status int `json:"status"` + Comment string `json:"comment"` + Cache []byte `json:"cache"` + Refresh time.Duration `json:"refresh"` + LastModified time.Time `json:"last_modified"` + CreatedAt time.Time `json:"created_at"` + UpdatedAt time.Time `json:"updated_at"` +} + +func (list *List) Domains() (*DomainTree, error) { + if list.Type != ListTypeDomain { + return nil, nil + } + + var ( + tree = NewDomainList() + scan = bufio.NewScanner(bytes.NewReader(list.Cache)) + ) + for scan.Scan() { + line := strings.TrimSpace(scan.Text()) + if line == "" || line[0] == '#' { + continue + } + if labels, ok := dns.IsDomainName(line); ok && labels >= 2 { + tree.Add(line) + } + } + if err := scan.Err(); err != nil { + return nil, err + } + return tree, nil +} + +func (list *List) Update() (updated bool, err error) { + u, err := url.Parse(list.Source) + if err != nil { + return false, err + } + + switch u.Scheme { + case "", "file": + return list.updateFile(u.Path) + case "http", "https": + return list.updateHTTP(u.String()) + default: + return false, fmt.Errorf("dataset: don't know how to update %s sources", u.Scheme) + } +} + +func (list *List) updateFile(name string) (updated bool, err error) { + var info fs.FileInfo + if info, err = os.Stat(name); err != nil { + return + } else if info.IsDir() { + return false, fmt.Errorf("dataset: list %d: %q is a directory", list.ID, name) + } + if updated = info.ModTime().After(list.UpdatedAt); !updated { + return + } + list.Cache, _ = os.ReadFile(name) + return +} + +func (list *List) updateHTTP(url string) (updated bool, err error) { + if updated, err = list.shouldUpdateHTTP(url); err != nil || !updated { + return + } + + var response *http.Response + if response, err = http.DefaultClient.Get(url); err != nil { + return + } + defer response.Body.Close() + if list.Cache, err = io.ReadAll(response.Body); err != nil { + return + } + return true, nil +} + +func (list *List) shouldUpdateHTTP(url string) (updated bool, err error) { + var response *http.Response + if response, err = http.DefaultClient.Head(url); err != nil { + return + } + defer response.Body.Close() + + if value := response.Header.Get("Last-Modified"); value != "" { + var lastModified time.Time + if lastModified, err = time.Parse(http.TimeFormat, value); err == nil { + return lastModified.After(list.LastModified), nil + } + } + + // There are no headers that would indicate last-modified time, so assume we have to update: + return true, nil +} + +type ListGroup struct { + ID int64 `json:"id"` + ListID int64 `json:"list_id" bstore:"ref List,index"` + GroupID int64 `json:"group_id" bstore:"ref Group,index"` +} diff --git a/dataset/storage_bstore.go b/dataset/storage_bstore.go new file mode 100644 index 0000000..89168a2 --- /dev/null +++ b/dataset/storage_bstore.go @@ -0,0 +1,412 @@ +package dataset + +import ( + "context" + "errors" + "fmt" + "net" + "path/filepath" + "slices" + "strings" + "time" + + "git.maze.io/maze/styx/logger" + "github.com/mjl-/bstore" +) + +type bstoreStorage struct { + db *bstore.DB + path string +} + +func OpenBStore(name string) (Storage, error) { + if !filepath.IsAbs(name) { + var err error + if name, err = filepath.Abs(name); err != nil { + return nil, err + } + } + + ctx := context.Background() + db, err := bstore.Open(ctx, name, nil, + Group{}, + Client{}, + ClientGroup{}, + List{}, + ListGroup{}, + ) + if err != nil { + return nil, err + } + + var ( + s = &bstoreStorage{db: db, path: name} + defaultGroup Group + defaultClient4 Client + defaultClient6 Client + ) + + if defaultGroup, err = s.GroupByName("Default"); errors.Is(err, bstore.ErrAbsent) { + defaultGroup = Group{ + Name: "Default", + IsEnabled: true, + Description: "Default group", + } + if err = s.SaveGroup(&defaultGroup); err != nil { + return nil, err + } + } else if err != nil { + return nil, err + } + if defaultClient4, err = bstore.QueryDB[Client](ctx, db). + FilterEqual("Network", "ipv4"). + FilterFn(func(client Client) bool { + return net.ParseIP(client.IP).Equal(net.ParseIP("0.0.0.0")) && client.Mask == 0 + }).Get(); errors.Is(err, bstore.ErrAbsent) { + defaultClient4 = Client{ + Network: "ipv4", + IP: "0.0.0.0", + Mask: 0, + Description: "All IPv4 clients", + } + if err = s.SaveClient(&defaultClient4); err != nil { + return nil, err + } + if err = s.db.Insert(ctx, &ClientGroup{ClientID: defaultClient4.ID, GroupID: defaultGroup.ID}); err != nil { + return nil, err + } + } else if err != nil { + return nil, err + } + if defaultClient6, err = bstore.QueryDB[Client](ctx, db). + FilterEqual("Network", "ipv6"). + FilterFn(func(client Client) bool { + return net.ParseIP(client.IP).Equal(net.ParseIP("::")) && client.Mask == 0 + }).Get(); errors.Is(err, bstore.ErrAbsent) { + defaultClient6 = Client{ + Network: "ipv6", + IP: "::", + Mask: 0, + Description: "All IPv6 clients", + } + if err = s.SaveClient(&defaultClient6); err != nil { + return nil, err + } + if err = s.db.Insert(ctx, &ClientGroup{ClientID: defaultClient6.ID, GroupID: defaultGroup.ID}); err != nil { + return nil, err + } + } else if err != nil { + return nil, err + } + + // Start updater + NewUpdater(s) + + return s, nil +} + +func (s *bstoreStorage) log() logger.Structured { + return logger.StandardLog.Values(logger.Values{ + "storage": "bstore", + "storage_path": s.path, + }) +} + +func (s *bstoreStorage) Groups() ([]Group, error) { + var ( + ctx = context.Background() + query = bstore.QueryDB[Group](ctx, s.db) + groups = make([]Group, 0) + ) + for group := range query.All() { + groups = append(groups, group) + } + if err := query.Err(); err != nil && !errors.Is(err, bstore.ErrFinished) { + return nil, err + } + return groups, nil +} + +func (s *bstoreStorage) GroupByID(id int64) (Group, error) { + ctx := context.Background() + return bstore.QueryDB[Group](ctx, s.db).FilterID(id).Get() +} + +func (s *bstoreStorage) GroupByName(name string) (Group, error) { + ctx := context.Background() + return bstore.QueryDB[Group](ctx, s.db).FilterFn(func(group Group) bool { + return strings.EqualFold(group.Name, name) + }).Get() +} + +func (s *bstoreStorage) SaveGroup(group *Group) (err error) { + ctx := context.Background() + group.UpdatedAt = time.Now().UTC() + if group.CreatedAt.Equal(time.Time{}) { + group.CreatedAt = group.UpdatedAt + err = s.db.Insert(ctx, group) + } else { + err = s.db.Update(ctx, group) + } + if err != nil { + return fmt.Errorf("dataset: save group %s failed: %w", group.Name, err) + } + return nil +} + +func (s *bstoreStorage) DeleteGroup(group Group) (err error) { + ctx := context.Background() + tx, err := s.db.Begin(ctx, true) + if err != nil { + return err + } + if _, err = bstore.QueryTx[ClientGroup](tx).FilterEqual("GroupID", group.ID).Delete(); err != nil { + return + } + if _, err = bstore.QueryTx[ListGroup](tx).FilterEqual("GroupID", group.ID).Delete(); err != nil { + return + } + if err = tx.Delete(group); err != nil { + return + } + return tx.Commit() +} + +func (s *bstoreStorage) Clients() (Clients, error) { + var ( + ctx = context.Background() + query = bstore.QueryDB[Client](ctx, s.db) + clients = make(Clients, 0) + ) + for client := range query.All() { + clients = append(clients, client) + } + if err := query.Err(); err != nil && !errors.Is(err, bstore.ErrFinished) { + return nil, err + } + return clients, nil +} + +func (s *bstoreStorage) ClientByID(id int64) (Client, error) { + ctx := context.Background() + client, err := bstore.QueryDB[Client](ctx, s.db).FilterID(id).Get() + if err != nil { + return client, err + } + return s.clientResolveGroups(ctx, client) +} + +func (s *bstoreStorage) ClientByIP(ip net.IP) (Client, error) { + if ip == nil { + return Client{}, ErrNotExist{Object: "client"} + } + var ( + ctx = context.Background() + clients Clients + network string + ) + if ip4 := ip.To4(); ip4 != nil { + network = "ipv4" + } else if ip6 := ip.To16(); ip6 != nil { + network = "ipv6" + } + if network == "" { + return Client{}, ErrNotExist{Object: "client"} + } + for client, err := range bstore.QueryDB[Client](ctx, s.db). + FilterEqual("Network", network). + FilterFn(func(client Client) bool { + return client.ContainsIP(ip) + }).All() { + if err != nil { + return Client{}, err + } + clients = append(clients, client) + } + + var client Client + switch len(clients) { + case 0: + return Client{}, ErrNotExist{Object: "client"} + case 1: + client = clients[0] + default: + slices.SortStableFunc(clients, func(a, b Client) int { + return int(b.Mask) - int(a.Mask) + }) + client = clients[0] + } + return s.clientResolveGroups(ctx, client) +} + +func (s *bstoreStorage) clientResolveGroups(ctx context.Context, client Client) (Client, error) { + for clientGroup, err := range bstore.QueryDB[ClientGroup](ctx, s.db).FilterEqual("ClientID", client.ID).All() { + if err != nil { + return Client{}, err + } + if group, err := s.GroupByID(clientGroup.GroupID); err == nil { + client.Groups = append(client.Groups, group) + } + } + return client, nil +} + +func (s *bstoreStorage) SaveClient(client *Client) (err error) { + log := s.log() + ctx := context.Background() + client.UpdatedAt = time.Now().UTC() + + tx, err := s.db.Begin(ctx, true) + if err != nil { + return err + } + + log = log.Values(logger.Values{"ip": client.IP, "mask": client.Mask, "description": client.Description}) + if client.CreatedAt.Equal(time.Time{}) { + log.Debug("Create client") + client.CreatedAt = client.UpdatedAt + if err = tx.Insert(client); err != nil { + return fmt.Errorf("dataset: client insert failed: %w", err) + } + } else { + log.Debug("Update client") + if err = tx.Update(client); err != nil { + return fmt.Errorf("dataset: client update failed: %w", err) + } + } + + var deleted int + if deleted, err = bstore.QueryTx[ClientGroup](tx).FilterEqual("ClientID", client.ID).Delete(); err != nil { + return fmt.Errorf("dataset: client groups delete failed: %w", err) + } + log.Debugf("Deleted %d groups", deleted) + log.Debugf("Linking %d groups", len(client.Groups)) + for _, group := range client.Groups { + if err = tx.Insert(&ClientGroup{ClientID: client.ID, GroupID: group.ID}); err != nil { + return fmt.Errorf("dataset: client groups insert failed: %w", err) + } + } + + return tx.Commit() +} + +func (s *bstoreStorage) DeleteClient(client Client) (err error) { + ctx := context.Background() + tx, err := s.db.Begin(ctx, true) + if err != nil { + return err + } + if _, err = bstore.QueryTx[ClientGroup](tx).FilterEqual("ClientID", client.ID).Delete(); err != nil { + return + } + if err = tx.Delete(client); err != nil { + return + } + return tx.Commit() +} + +func (s *bstoreStorage) Lists() ([]List, error) { + var ( + ctx = context.Background() + query = bstore.QueryDB[List](ctx, s.db) + lists = make([]List, 0) + ) + for list := range query.All() { + lists = append(lists, list) + } + if err := query.Err(); err != nil && !errors.Is(err, bstore.ErrFinished) { + return nil, err + } + return lists, nil +} + +func (s *bstoreStorage) ListByID(id int64) (List, error) { + ctx := context.Background() + list, err := bstore.QueryDB[List](ctx, s.db).FilterID(id).Get() + if err != nil { + return list, err + } + return s.listResolveGroups(ctx, list) +} + +func (s *bstoreStorage) listResolveGroups(ctx context.Context, list List) (List, error) { + for listGroup, err := range bstore.QueryDB[ListGroup](ctx, s.db).FilterEqual("ListID", list.ID).All() { + if err != nil { + return List{}, err + } + if group, err := s.GroupByID(listGroup.GroupID); err == nil { + list.Groups = append(list.Groups, group) + } + } + return list, nil +} + +func (s *bstoreStorage) SaveList(list *List) (err error) { + if list.Type != ListTypeDomain && list.Type != ListTypeNetwork { + return fmt.Errorf("storage: unknown list type %q", list.Type) + } + if list.Refresh == 0 { + list.Refresh = DefaultListRefresh + } else if list.Refresh < MinListRefresh { + list.Refresh = MinListRefresh + } + list.UpdatedAt = time.Now().UTC() + + ctx := context.Background() + tx, err := s.db.Begin(ctx, true) + if err != nil { + return err + } + + log := s.log() + log = log.Values(logger.Values{ + "type": list.Type, + "source": list.Source, + "is_enabled": list.IsEnabled, + "status": list.Status, + "cache": len(list.Cache), + "refresh": list.Refresh, + }) + + if list.CreatedAt.Equal(time.Time{}) { + log.Debug("Creating list") + list.CreatedAt = list.UpdatedAt + if err = tx.Insert(list); err != nil { + return fmt.Errorf("dataset: list insert failed: %w", err) + } + } else { + log.Debug("Updating list") + if err = tx.Update(list); err != nil { + return fmt.Errorf("dataset: list update failed: %w", err) + } + } + + var deleted int + if deleted, err = bstore.QueryTx[ListGroup](tx).FilterEqual("ListID", list.ID).Delete(); err != nil { + return fmt.Errorf("dataset: list groups delete failed: %w", err) + } + log.Debugf("Deleted %d groups", deleted) + log.Debugf("Linking %d groups", len(list.Groups)) + for _, group := range list.Groups { + if err = tx.Insert(&ListGroup{ListID: list.ID, GroupID: group.ID}); err != nil { + return fmt.Errorf("dataset: list groups insert failed: %w", err) + } + } + + return tx.Commit() +} + +func (s *bstoreStorage) DeleteList(list List) (err error) { + ctx := context.Background() + tx, err := s.db.Begin(ctx, true) + if err != nil { + return err + } + if _, err = bstore.QueryTx[ListGroup](tx).FilterEqual("ListID", list.ID).Delete(); err != nil { + return + } + if err = tx.Delete(list); err != nil { + return + } + return tx.Commit() +} diff --git a/dataset/updater.go b/dataset/updater.go new file mode 100644 index 0000000..ee6667c --- /dev/null +++ b/dataset/updater.go @@ -0,0 +1,226 @@ +package dataset + +import ( + "bytes" + "io" + "net/http" + "net/url" + "os" + "sync" + "time" + + "git.maze.io/maze/styx/logger" +) + +type Updater struct { + storage Storage + lists sync.Map // map[int64]List + updaters sync.Map // map[int64]*updaterJob + done chan struct{} +} + +func NewUpdater(storage Storage) *Updater { + u := &Updater{ + storage: storage, + done: make(chan struct{}, 1), + } + go u.refresh() + return u +} + +func (u *Updater) Close() error { + select { + case <-u.done: + return nil + default: + close(u.done) + return nil + } +} + +func (u *Updater) refresh() { + check := time.NewTicker(time.Second) + defer check.Stop() + + var ( + log = logger.StandardLog + ) + for { + select { + case <-u.done: + log.Debug("Updater closing, stopping updaters...") + u.updaters.Range(func(key, value any) bool { + if value != nil { + close(value.(*updaterJob).done) + } + return true + }) + return + + case now := <-check.C: + u.check(now, log) + } + } +} + +func (u *Updater) check(now time.Time, log logger.Structured) (wait time.Duration) { + log.Trace("Checking lists") + lists, err := u.storage.Lists() + if err != nil { + log.Err(err).Error("Updater can't retrieve lists") + return -1 + } + + var missing = make(map[int64]bool) + u.lists.Range(func(key, _ any) bool { + log.Tracef("List %d has updater running", key) + missing[key.(int64)] = true + return true + }) + for _, list := range lists { + log.Tracef("List %d is active: %t", list.ID, list.IsEnabled) + if !list.IsEnabled { + continue + } + delete(missing, list.ID) + if _, exists := u.lists.Load(list.ID); !exists { + u.lists.Store(list.ID, list) + updater := newUpdaterJob(u.storage, &list) + u.updaters.Store(list.ID, updater) + } + } + + for id := range missing { + log.Tracef("List %d has updater running, but is no longer active, reaping...", id) + if updater, ok := u.updaters.Load(id); ok { + close(updater.(*updaterJob).done) + u.updaters.Delete(id) + } + } + + return +} + +type updaterJob struct { + storage Storage + list *List + done chan struct{} +} + +func newUpdaterJob(storage Storage, list *List) *updaterJob { + job := &updaterJob{ + storage: storage, + list: list, + done: make(chan struct{}, 1), + } + go job.loop() + return job +} + +func (job *updaterJob) loop() { + var ( + ticker = time.NewTicker(job.list.Refresh) + first = time.After(0) + now time.Time + log = logger.StandardLog.Values(logger.Values{ + "list": job.list.ID, + "type": job.list.Type, + }) + ) + defer ticker.Stop() + for { + select { + case <-job.done: + log.Debug("List updater stopping") + return + + case now = <-ticker.C: + case now = <-first: + } + + log.Debug("List updater running") + if update, err := job.run(now); err != nil { + log.Err(err).Error("List updater failed") + } else if update { + if err = job.storage.SaveList(job.list); err != nil { + log.Err(err).Error("List updater save failed") + } + } + } +} + +// run this updater +func (job *updaterJob) run(now time.Time) (update bool, err error) { + u, err := url.Parse(job.list.Source) + if err != nil { + return false, err + } + + log := logger.StandardLog.Values(logger.Values{ + "list": job.list.ID, + "source": job.list.Source, + }) + if u.Scheme == "" || u.Scheme == "file" { + log.Debug("Updating list from file") + return job.updateFile(u.Path) + } + log.Debug("Updating list from URL") + return job.updateHTTP(u) +} + +func (job *updaterJob) updateFile(name string) (update bool, err error) { + var b []byte + if b, err = os.ReadFile(name); err != nil { + return + } + if update = !bytes.Equal(b, job.list.Cache); update { + job.list.Cache = b + } + return +} + +func (job *updaterJob) updateHTTP(location *url.URL) (update bool, err error) { + if update, err = job.shouldUpdateHTTP(location); err != nil || !update { + return + } + var ( + req *http.Request + res *http.Response + ) + if req, err = http.NewRequest(http.MethodGet, location.String(), nil); err != nil { + return + } + if res, err = http.DefaultClient.Do(req); err != nil { + return + } + defer res.Body.Close() + + if job.list.Cache, err = io.ReadAll(res.Body); err != nil { + return + } + return true, nil +} + +func (job *updaterJob) shouldUpdateHTTP(location *url.URL) (update bool, err error) { + if len(job.list.Cache) == 0 { + // Nothing cached, please update. + return true, nil + } + + var ( + req *http.Request + res *http.Response + ) + if req, err = http.NewRequest(http.MethodHead, location.String(), nil); err != nil { + return + } + if res, err = http.DefaultClient.Do(req); err != nil { + return + } + defer res.Body.Close() + + if lastModified, err := time.Parse(http.TimeFormat, res.Header.Get("Last-Modified")); err == nil { + return lastModified.After(job.list.UpdatedAt), nil + } + return true, nil // not sure, no Last-Modified, so let's update? +} diff --git a/go.mod b/go.mod index 9fbaccd..c941b30 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,7 @@ require ( github.com/hashicorp/hcl/v2 v2.24.0 github.com/mattn/go-sqlite3 v1.14.32 github.com/miekg/dns v1.1.68 + github.com/mjl-/bstore v0.0.10 github.com/open-policy-agent/opa v1.9.0 github.com/rs/zerolog v1.34.0 github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af @@ -54,6 +55,7 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/yashtewari/glob-intersection v0.2.0 // indirect github.com/zclconf/go-cty v1.16.3 // indirect + go.etcd.io/bbolt v1.4.3 // indirect go.opentelemetry.io/auto/sdk v1.2.1 // indirect go.opentelemetry.io/otel v1.38.0 // indirect go.opentelemetry.io/otel/metric v1.38.0 // indirect diff --git a/go.sum b/go.sum index 558c1d0..a43c774 100644 --- a/go.sum +++ b/go.sum @@ -98,6 +98,8 @@ github.com/miekg/dns v1.1.68 h1:jsSRkNozw7G/mnmXULynzMNIsgY2dHC8LO6U6Ij2JEA= github.com/miekg/dns v1.1.68/go.mod h1:fujopn7TB3Pu3JM69XaawiU0wqjpL9/8xGop5UrTPps= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= +github.com/mjl-/bstore v0.0.10 h1:fYLQy3EdgXvRHoa8Q3sXMAjZf+uQLRbsh9rYjGep/t4= +github.com/mjl-/bstore v0.0.10/go.mod h1:QzqlAZAVRKwyojCRd9v25viFsMxK5UmIbdxgEyHdK6c= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/open-policy-agent/opa v1.9.0 h1:QWFNwbcc29IRy0xwD3hRrMc/RtSersLY1Z6TaID3vgI= @@ -152,6 +154,8 @@ github.com/zclconf/go-cty v1.16.3 h1:osr++gw2T61A8KVYHoQiFbFd1Lh3JOCXc/jFLJXKTxk github.com/zclconf/go-cty v1.16.3/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= +go.etcd.io/bbolt v1.4.3 h1:dEadXpI6G79deX5prL3QRNP6JB8UxVkqo4UPnHaNXJo= +go.etcd.io/bbolt v1.4.3/go.mod h1:tKQlpPaYCVFctUIgFKFnAlvbmB3tpy1vkTnDWohtc0E= go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64= go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 h1:RbKq8BG0FI8OiXhBfcRtqqHcZcka+gU3cskNuf05R18= diff --git a/internal/netutil/conn.go b/internal/netutil/conn.go index 7f1379e..c9a40c9 100644 --- a/internal/netutil/conn.go +++ b/internal/netutil/conn.go @@ -8,6 +8,8 @@ import ( "sync/atomic" "syscall" "time" + + "git.maze.io/maze/styx/logger" ) // BufferedConn uses byte buffers for Read and Write operations on a [net.Conn]. @@ -123,10 +125,13 @@ type AcceptOnce struct { } func (listener *AcceptOnce) Accept() (net.Conn, error) { + log := logger.StandardLog.Value("client", listener.Conn.RemoteAddr().String()) if listener.once.Load() { + log.Trace("Accept already happened, responding EOF") return nil, io.EOF } listener.once.Store(true) + log.Trace("Accept client") return listener.Conn, nil } diff --git a/internal/timeutil/time.go b/internal/timeutil/time.go new file mode 100644 index 0000000..28c686b --- /dev/null +++ b/internal/timeutil/time.go @@ -0,0 +1,74 @@ +package timeutil + +import "time" + +var ( + validTimeLayouts = []string{ + "15:04:05.999999999", + "15:04:05", + "15:04", + "3:04:05PM", + "3:04PM", + "3PM", + } +) + +type Time struct { + Hour int + Minute int + Second int + Nanosecond int +} + +func ParseTime(value string) (Time, error) { + var t time.Time + for _, layout := range validTimeLayouts { + var err error + if t, err = time.Parse(layout, value); err == nil { + return Time{ + Hour: t.Hour(), + Minute: t.Minute(), + Second: t.Second(), + Nanosecond: t.Nanosecond(), + }, nil + } + } + return Time{}, &time.ParseError{ + Value: value, + Message: "invalid time", + } +} + +func Now() Time { + t := time.Now() + return Time{ + Hour: t.Hour(), + Minute: t.Minute(), + Second: t.Second(), + Nanosecond: t.Nanosecond(), + } +} + +func (t Time) After(other Time) bool { + return other.Before(t) +} + +func (t Time) Before(other Time) bool { + if t.Hour == other.Hour { + if t.Minute == other.Minute { + if t.Second == other.Second { + return t.Nanosecond < other.Nanosecond + } + return t.Second < other.Second + } + return t.Minute < other.Minute + } + return t.Hour < other.Hour +} + +func (t Time) Eq(other Time) bool { + return t.Hour == other.Hour && + t.Minute == other.Minute && + t.Second == other.Second && + t.Nanosecond == other.Nanosecond +} diff --git a/policy/func.go b/policy/func.go index c039a66..85024ac 100644 --- a/policy/func.go +++ b/policy/func.go @@ -15,17 +15,25 @@ import ( "github.com/open-policy-agent/opa/v1/types" "git.maze.io/maze/styx/dataset" + "git.maze.io/maze/styx/internal/timeutil" "git.maze.io/maze/styx/logger" ) -var netLookupIPAddrDecl = types.NewFunction( +var lookupIPAddrFunc = ®o.Function{ + Name: "styx.lookup_ip_addr", + Decl: lookupIPAddrDecl, + Memoize: true, + Nondeterministic: true, +} + +var lookupIPAddrDecl = types.NewFunction( types.Args( types.Named("name", types.S).Description("Host name to lookup"), ), types.Named("result", types.SetOfStr).Description("set(string) of IP address"), ) -func netLookupIPAddrImpl(bc rego.BuiltinContext, nameTerm *ast.Term) (*ast.Term, error) { +func lookupIPAddr(bc rego.BuiltinContext, nameTerm *ast.Term) (*ast.Term, error) { log := logger.StandardLog.Value("func", "styx.lookup_ip_addr") log.Trace("Call function") @@ -61,6 +69,57 @@ func netLookupIPAddrImpl(bc rego.BuiltinContext, nameTerm *ast.Term) (*ast.Term, return ast.SetTerm(terms...), nil } +var timebetweenFunc = ®o.Function{ + Name: "styx.time_between", + Decl: timeBetweenDecl, + Nondeterministic: false, +} + +var timeBetweenDecl = types.NewFunction( + types.Args( + types.Named("start", types.S).Description("Start time"), + types.Named("end", types.S).Description("End time"), + ), + types.Named("result", types.B).Description("`true` if the current local time is between `start` and `end`"), +) + +func timeBetween(bc rego.BuiltinContext, startTerm, endTerm *ast.Term) (*ast.Term, error) { + log := logger.StandardLog.Value("func", "styx.time_between") + log.Trace("Call function") + + start, err := parseTimeTerm(startTerm) + if err != nil { + log.Err(err).Debug("Invalid start time") + return nil, err + } + end, err := parseTimeTerm(endTerm) + if err != nil { + log.Err(err).Debug("Invalid end time") + return nil, err + } + + now := timeutil.Now() + if start.Before(end) { + return ast.BooleanTerm((now.Eq(start) || now.After(start)) && now.Before(end)), nil + } + return ast.BooleanTerm(now.Eq(end) || now.After(end) || now.Before(start)), nil +} + +func parseTimeTerm(term *ast.Term) (timeutil.Time, error) { + timeArg, ok := term.Value.(ast.String) + if !ok { + return timeutil.Time{}, errors.New("expected string argument") + } + return timeutil.ParseTime(strings.Trim(timeArg.String(), `"`)) +} + +var domainContainsFunc = ®o.Function{ + Name: "styx.domains_contain", + Decl: domainContainsDecl, + Memoize: true, + Nondeterministic: true, +} + var domainContainsDecl = types.NewFunction( types.Args( types.Named("list", types.S).Description("Domain list to check against"), @@ -69,8 +128,8 @@ var domainContainsDecl = types.NewFunction( types.Named("result", types.B).Description("`true` if `name` is contained within `list`"), ) -func domainContainsImpl(bc rego.BuiltinContext, listTerm, nameTerm *ast.Term) (*ast.Term, error) { - log := logger.StandardLog.Value("func", "styx.in_domains") +func domainContains(bc rego.BuiltinContext, listTerm, nameTerm *ast.Term) (*ast.Term, error) { + log := logger.StandardLog.Value("func", "styx.domains_contain") log.Trace("Call function") list, err := parseDomainListTerm(listTerm) @@ -91,6 +150,13 @@ func domainContainsImpl(bc rego.BuiltinContext, listTerm, nameTerm *ast.Term) (* return ast.BooleanTerm(list.Contains(name)), nil } +var networkContainsFunc = ®o.Function{ + Name: "styx.networks_contain", + Decl: networkContainsDecl, + Memoize: true, + Nondeterministic: true, +} + var networkContainsDecl = types.NewFunction( types.Args( types.Named("list", types.S).Description("Network list to check against"), @@ -99,8 +165,8 @@ var networkContainsDecl = types.NewFunction( types.Named("result", types.B).Description("`true` if `ip` is contained within `list`"), ) -func networkContainsImpl(bc rego.BuiltinContext, listTerm, ipTerm *ast.Term) (*ast.Term, error) { - log := logger.StandardLog.Value("func", "styx.in_networks") +func networkContains(bc rego.BuiltinContext, listTerm, ipTerm *ast.Term) (*ast.Term, error) { + log := logger.StandardLog.Value("func", "styx.networks_contain") list, err := parseNetworkListTerm(listTerm) if err != nil { diff --git a/policy/handler.go b/policy/handler.go index aaa3761..f32c729 100644 --- a/policy/handler.go +++ b/policy/handler.go @@ -1,9 +1,12 @@ package policy import ( + "bufio" + "crypto/tls" "net" "net/http" + "git.maze.io/maze/styx/ca" "git.maze.io/maze/styx/internal/netutil" "git.maze.io/maze/styx/logger" proxy "git.maze.io/maze/styx/proxy" @@ -24,6 +27,7 @@ func NewRequestHandler(p *Policy) proxy.RequestHandler { log.Err(err).Error("Error generating response") return nil, nil } + log.Debug("Replacing HTTP response from policy") return nil, r }) } @@ -47,21 +51,52 @@ func NewDialHandler(p *Policy) proxy.DialHandler { return nil, nil } - c := netutil.NewLoopback() + // Create a fake loopback connection + pipe := netutil.NewLoopback() go func(c net.Conn) { - s := &http.Server{ - Handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - r.Write(w) - }), + defer func() { _ = c.Close() }() + if req.URL.Scheme == "https" || req.URL.Scheme == "wss" || netutil.Port(req.URL.Host) == 443 { + c = maybeUpgradeToTLS(c, ctx, req, log) } - _ = s.Serve(&netutil.AcceptOnce{Conn: c}) - }(c.Server) - return c.Client, nil + br := bufio.NewReader(c) + if _, err := http.ReadRequest(br); err != nil { + log.Err(err).Warn("Malformed HTTP request in MITM connection") + } + _ = r.Write(c) + }(pipe.Server) + + return pipe.Client, nil }) } +func maybeUpgradeToTLS(c net.Conn, ctx proxy.Context, req *http.Request, log logger.Structured) net.Conn { + var ca ca.CertificateAuthority + if caCtx, ok := ctx.(proxy.WithCertificateAuthority); ok { + ca = caCtx.CertificateAuthority() + } + if ca == nil { + return c + } + + secure := tls.Server(c, &tls.Config{ + GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) { + log.Values(logger.Values{ + "cn": req.URL.Host, + "names": hello.ServerName, + }).Debug("Requesting certificate from CA") + return ca.GetCertificate(netutil.Host(req.URL.Host), []string{hello.ServerName}, nil) + }, + NextProtos: []string{"http/1.1"}, + }) + if err := secure.Handshake(); err != nil { + log.Err(err).Warn("Failed to pretend secure HTTP") + return c + } + return secure +} + func NewForwardHandler(p *Policy) proxy.ForwardHandler { log := logger.StandardLog.Value("policy", p.name) return proxy.ForwardHandlerFunc(func(ctx proxy.Context, req *http.Request) (*http.Response, error) { @@ -72,7 +107,15 @@ func NewForwardHandler(p *Policy) proxy.ForwardHandler { log.Err(err).Error("Error evaulating policy") return nil, nil } - return result.Response(ctx) + r, err := result.Response(ctx) + if err != nil { + log.Err(err).Error("Error generating response") + return nil, err + } + if r != nil { + log.Debug("Replacing HTTP response from policy") + } + return r, nil }) } @@ -80,6 +123,7 @@ func NewResponseHandler(p *Policy) proxy.ResponseHandler { log := logger.StandardLog.Value("policy", p.name) return proxy.ResponseHandlerFunc(func(ctx proxy.Context) *http.Response { input := NewInputFromResponse(ctx, ctx.Response()) + input.logValues(log).Trace("Running response handler") result, err := p.Query(input) if err != nil { log.Err(err).Error("Error evaulating policy") @@ -90,6 +134,9 @@ func NewResponseHandler(p *Policy) proxy.ResponseHandler { log.Err(err).Error("Error generating response") return nil } + if r != nil { + log.Debug("Replacing HTTP response from policy") + } return r }) } diff --git a/policy/input.go b/policy/input.go index 9cf04f6..84327c6 100644 --- a/policy/input.go +++ b/policy/input.go @@ -10,19 +10,26 @@ import ( "net/url" "strconv" + "git.maze.io/maze/styx/dataset" "git.maze.io/maze/styx/internal/netutil" "git.maze.io/maze/styx/logger" + proxy "git.maze.io/maze/styx/proxy" ) // Input represents the input to the policy query. type Input struct { - Client *Client `json:"client"` - TLS *TLS `json:"tls"` - Request *Request `json:"request"` - Response *Response `json:"response"` + Context map[string]any `json:"context"` + Client *Client `json:"client"` + Groups []*Group `json:"groups"` + TLS *TLS `json:"tls"` + Request *Request `json:"request"` + Response *Response `json:"response"` } func (i *Input) logValues(log logger.Structured) logger.Structured { + if i.Context != nil { + log = log.Values(i.Context) + } log = i.Client.logValues(log) log = i.TLS.logValues(log) log = i.Request.logValues(log) @@ -34,10 +41,29 @@ func NewInputFromConn(c net.Conn) *Input { if c == nil { return new(Input) } - return &Input{ - Client: NewClientFromConn(c), - TLS: NewTLSFromConn(c), + + input := &Input{ + Context: make(map[string]any), + Client: NewClientFromConn(c), + TLS: NewTLSFromConn(c), } + + if wcl, ok := c.(dataset.WithClient); ok { + client, err := wcl.Client() + if err == nil { + input.Context["client_id"] = client.ID + input.Context["client_description"] = client.Description + input.Context["groups"] = client.Groups + } + } + + if ctx, ok := c.(proxy.Context); ok { + input.Context["local"] = NewClientFromAddr(ctx.LocalAddr()) + input.Context["bytes_rx"] = ctx.BytesRead() + input.Context["bytes_tx"] = ctx.BytesSent() + } + + return input } func NewInputFromRequest(c net.Conn, r *http.Request) *Input { @@ -131,6 +157,10 @@ func NewClientFromAddr(addr net.Addr) *Client { } } +type Group struct { + Name string `json:"name"` +} + type TLS struct { Version string `json:"version"` CipherSuite string `json:"cipher_suite"` diff --git a/policy/policy.go b/policy/policy.go index 3015e36..6db76c5 100644 --- a/policy/policy.go +++ b/policy/policy.go @@ -67,24 +67,10 @@ func newRego(option func(*rego.Rego), pkg string) []func(*rego.Rego) { rego.Query("data." + pkg), rego.Strict(true), rego.Capabilities(capabilities), - rego.Function2(®o.Function{ - Name: "styx.in_domains", - Decl: domainContainsDecl, - Memoize: true, - Nondeterministic: true, - }, domainContainsImpl), - rego.Function2(®o.Function{ - Name: "styx.in_networks", - Decl: networkContainsDecl, - Memoize: true, - Nondeterministic: true, - }, networkContainsImpl), - rego.Function1(®o.Function{ - Name: "styx.lookup_ip_addr", // override builtin - Decl: netLookupIPAddrDecl, - Memoize: true, - Nondeterministic: true, - }, netLookupIPAddrImpl), + rego.Function2(domainContainsFunc, domainContains), + rego.Function2(networkContainsFunc, networkContains), + rego.Function1(lookupIPAddrFunc, lookupIPAddr), + rego.Function2(timebetweenFunc, timeBetween), rego.PrintHook(printHook{}), option, } @@ -128,16 +114,20 @@ func (r *Result) Response(ctx proxy.Context) (*http.Response, error) { switch { case r.Redirect != "": + log.Value("location", r.Redirect).Trace("Creating a HTTP redirect response") response := proxy.NewResponse(http.StatusFound, nil, ctx.Request()) response.Header.Set("Server", "styx") response.Header.Set(proxy.HeaderLocation, r.Redirect) return response, nil case r.Template != "": + log = log.Value("template", r.Template) + log.Trace("Creating a HTTP template response") + b := new(bytes.Buffer) t, err := template.New(filepath.Base(r.Template)).ParseFiles(r.Template) if err != nil { - log.Value("template", r.Template).Err(err).Warn("Error loading template in response") + log.Err(err).Warn("Error loading template in response") return nil, err } t = t.Funcs(template.FuncMap{ @@ -149,7 +139,7 @@ func (r *Result) Response(ctx proxy.Context) (*http.Response, error) { "Response": ctx.Response(), "Errors": r.Errors, }); err != nil { - log.Value("template", r.Template).Err(err).Warn("Error rendering template response") + log.Err(err).Warn("Error rendering template response") return nil, err } @@ -159,46 +149,34 @@ func (r *Result) Response(ctx proxy.Context) (*http.Response, error) { return response, nil case r.Reject > 0: + log.Value("code", r.Reject).Trace("Creating a HTTP reject response") body := io.NopCloser(bytes.NewBufferString(http.StatusText(r.Reject))) response := proxy.NewResponse(r.Reject, body, ctx.Request()) response.Header.Set(proxy.HeaderContentType, "text/plain") return response, nil case r.Permit != nil && !*r.Permit: + log.Trace("Creating a HTTP reject response due to explicit not permit") body := io.NopCloser(bytes.NewBufferString(http.StatusText(http.StatusForbidden))) response := proxy.NewResponse(http.StatusForbidden, body, ctx.Request()) response.Header.Set(proxy.HeaderContentType, "text/plain") return response, nil default: + log.Trace("Not creating a HTTP response") return nil, nil } } func (p *Policy) Query(input *Input) (*Result, error) { - /* - e := json.NewEncoder(os.Stdout) - e.SetIndent("", " ") - e.Encode(doc) - */ - log := logger.StandardLog.Value("policy", p.name) log.Trace("Evaluating policy") - r := rego.New(append(p.options, rego.Input(input))...) - - ctx := context.Background() - /* - query, err := p.rego.PrepareForEval(ctx) - if err != nil { - return nil, err - } - rs, err := query.Eval(ctx, rego.EvalInput(input)) - if err != nil { - return nil, err - } - */ - rs, err := r.Eval(ctx) + var ( + rego = rego.New(append(p.options, rego.Input(input))...) + ctx = context.Background() + rs, err = rego.Eval(ctx) + ) if err != nil { return nil, err } @@ -208,6 +186,12 @@ func (p *Policy) Query(input *Input) (*Result, error) { result := &Result{} for _, expr := range rs[0].Expressions { if m, ok := expr.Value.(map[string]any); ok { + // Remove private variables. + for k := range m { + if len(k) > 0 && k[0] == '_' { + delete(m, k) + } + } log.Values(m).Trace("Policy result expression") if err = mapstructure.Decode(m, result); err != nil { return nil, err diff --git a/proxy/context.go b/proxy/context.go index b743acf..a984be8 100644 --- a/proxy/context.go +++ b/proxy/context.go @@ -14,6 +14,8 @@ import ( "sync/atomic" "time" + "git.maze.io/maze/styx/ca" + "git.maze.io/maze/styx/dataset" "git.maze.io/maze/styx/logger" ) @@ -42,6 +44,13 @@ type Context interface { // Response is the response that will be sent back to the client. Response() *http.Response + + // Client group. + Client() (dataset.Client, error) +} + +type WithCertificateAuthority interface { + CertificateAuthority() ca.CertificateAuthority } type countingReader struct { @@ -80,6 +89,9 @@ type proxyContext struct { req *http.Request res *http.Response idleTimeout time.Duration + ca ca.CertificateAuthority + storage dataset.Storage + client dataset.Client } // NewContext returns an initialized context for the provided [net.Conn]. @@ -218,4 +230,28 @@ func (c *proxyContext) WriteHeader(code int) { //return c.res.Header.Write(c) } +func (c *proxyContext) CertificateAuthority() ca.CertificateAuthority { + return c.ca +} + +func (c *proxyContext) Client() (dataset.Client, error) { + if c.storage == nil { + return dataset.Client{}, dataset.ErrNotExist{Object: "client"} + } + if !c.client.CreatedAt.Equal(time.Time{}) { + return c.client, nil + } + + var err error + switch addr := c.Conn.RemoteAddr().(type) { + case *net.TCPAddr: + c.client, err = c.storage.ClientByIP(addr.IP) + case *net.UDPAddr: + c.client, err = c.storage.ClientByIP(addr.IP) + default: + err = dataset.ErrNotExist{Object: "client"} + } + return c.client, err +} + var _ Context = (*proxyContext)(nil) diff --git a/proxy/proxy.go b/proxy/proxy.go index 66e64c1..7c8e365 100644 --- a/proxy/proxy.go +++ b/proxy/proxy.go @@ -15,9 +15,12 @@ import ( "slices" "strconv" "strings" + "sync" "syscall" "time" + "git.maze.io/maze/styx/ca" + "git.maze.io/maze/styx/dataset" "git.maze.io/maze/styx/internal/netutil" "git.maze.io/maze/styx/logger" "git.maze.io/maze/styx/stats" @@ -26,6 +29,7 @@ import ( // Common HTTP headers. const ( HeaderConnection = "Connection" + HeaderContentLength = "Content-Length" HeaderContentType = "Content-Type" HeaderDate = "Date" HeaderForwarded = "Forwarded" @@ -146,7 +150,17 @@ type Proxy struct { // WebSocketIdleTimeout is the timeout for idle WebSocket connections. WebSocketIdleTimeout time.Duration - mux *http.ServeMux + // CertificateAuthority can issue certificates for man-in-the-middle connections. + CertificateAuthority ca.CertificateAuthority + + // Storage for resolving clients/groups + Storage dataset.Storage + + mux *http.ServeMux + closed chan struct{} + closeOnce sync.Once + mu sync.RWMutex + listeners []net.Listener } // New [Proxy] with somewhat sane defaults. @@ -157,6 +171,7 @@ func New() *Proxy { IdleTimeout: DefaultIdleTimeout, WebSocketIdleTimeout: DefaultWebSocketIdleTimeout, mux: http.NewServeMux(), + closed: make(chan struct{}, 1), } // Make sure the roundtripper uses our dialers. @@ -181,6 +196,55 @@ func New() *Proxy { return p } +func (p *Proxy) Close() error { + var closeListeners bool + p.closeOnce.Do(func() { + close(p.closed) + closeListeners = true + }) + if closeListeners { + p.mu.RLock() + for _, l := range p.listeners { + _ = l.Close() + } + p.mu.RUnlock() + } + return nil +} + +func (p *Proxy) isClosed() bool { + select { + case <-p.closed: + return true + default: + return false + } +} + +func (p *Proxy) addListener(l net.Listener) { + if l == nil { + return + } + p.mu.Lock() + p.listeners = append(p.listeners, l) + p.mu.Unlock() +} + +func (p *Proxy) removeListener(l net.Listener) { + if l == nil { + return + } + p.mu.Lock() + listeners := make([]net.Listener, 0, len(p.listeners)-1) + for _, o := range p.listeners { + if o != l { + listeners = append(listeners, o) + } + } + p.listeners = listeners + p.mu.Unlock() +} + // Handle installs a [http.Handler] into the internal mux. func (p *Proxy) Handle(pattern string, handler http.Handler) { p.mux.Handle(pattern, handler) @@ -214,11 +278,23 @@ func (p *Proxy) dial(ctx context.Context, req *http.Request) (net.Conn, error) { // Serve proxied connections on the specified listener. func (p *Proxy) Serve(l net.Listener) error { + p.addListener(l) + defer p.removeListener(l) for { + if p.isClosed() { + return nil + } + c, err := l.Accept() if err != nil { return err } + + if p.isClosed() { + _ = c.Close() + return nil + } + go p.handle(c) } } @@ -229,6 +305,7 @@ func (p *Proxy) handle(nc net.Conn) { ctx = NewContext(nc).(*proxyContext) err error ) + defer func() { if r := recover(); r != nil { if err, ok := r.(error); ok { @@ -266,6 +343,8 @@ func (p *Proxy) handle(nc net.Conn) { // Propagate timeouts ctx.SetIdleTimeout(p.IdleTimeout) + ctx.ca = p.CertificateAuthority + ctx.storage = p.Storage for _, f := range p.OnConnect { fc, err := f.HandleConn(ctx) @@ -282,6 +361,15 @@ func (p *Proxy) handle(nc net.Conn) { } log := ctx.LogEntry() + if p.Storage != nil { + if client, err := p.Storage.ClientByIP(nc.RemoteAddr().(*net.TCPAddr).IP); err == nil { + log = log.Values(logger.Values{ + "client_id": client.ID, + "client_network": client.String(), + "client_description": client.Description, + }) + } + } for { if ctx.transparentTLS { ctx.req = &http.Request{ @@ -344,7 +432,7 @@ func (p *Proxy) handle(nc net.Conn) { } if err = p.handleRequest(ctx); err != nil { - p.handleError(ctx, err, true) + p.handleError(ctx, err, !netutil.IsClosing(err)) return } @@ -511,7 +599,8 @@ func (p *Proxy) serveForward(ctx *proxyContext) (err error) { _ = ctx.Close() return fmt.Errorf("proxy: forward %s error: %w", ctx.req.URL, err) } - } else { + } + if res != nil { ctx.res = res } @@ -571,28 +660,44 @@ func (p *Proxy) serveWebSocket(ctx *proxyContext) (err error) { return p.multiplex(ctx, srv) } -func (p *Proxy) multiplex(ctx, srv Context) (err error) { +func (p *Proxy) multiplex(ctx, srv *proxyContext) (err error) { var ( + log = ctx.LogEntry().Value("server", srv.RemoteAddr().String()) errs = make(chan error, 1) done = make(chan struct{}, 1) ) go func(errs chan<- error) { - defer close(done) - if _, err := io.Copy(srv, ctx); err != nil { + if _, err := io.Copy(ctx, srv); err != nil && !netutil.IsClosing(err) { + log.Err(err).Trace("Multiplexing closed in client->server") errs <- err + } else { + log.Trace("Multiplexing closed in client->server") } }(errs) + go func(errs chan<- error) { - if _, err := io.Copy(ctx, srv); err != nil { + defer close(done) + if _, err := io.Copy(srv, ctx); err != nil && !netutil.IsClosing(err) { + log.Err(err).Trace("Multiplexing closed in server->client") errs <- err + } else { + log.Trace("Multiplexing closed in server->client") } }(errs) + defer func() { + log.Trace("Multiplexing done, force-closing client and server connections") + _ = ctx.Close() + _ = srv.Close() + }() + select { case err = <-errs: return case <-done: - return + return io.EOF // multiplexing never recycles connection + case <-p.closed: + return io.EOF // server closed } } diff --git a/stats/handler.go b/stats/handler.go new file mode 100644 index 0000000..fce13eb --- /dev/null +++ b/stats/handler.go @@ -0,0 +1,213 @@ +package stats + +import ( + "encoding/json" + "expvar" + "fmt" + "net/http" + "sort" + "strings" + + "html/template" +) + +var ( + page = template.Must(template.New(""). + Funcs(template.FuncMap{"path": path, "duration": duration}). + Parse(` + + +Metrics report + + + +
+

    __          __
+.--------..-----.|  |_ .----.|__|.----..-----.
+|        ||  -__||   _||   _||  ||  __||__ --|
+|__|__|__||_____||____||__|  |__||____||_____|
+
+
+

+{{ range . }} +
+

{{ .name }}

+
+ {{ if .type }} +
+ {{ template "table" . }} +
+
+ {{ else if .interval }} +
{{ template "timeseries" . }}
+ {{ else if .metrics}} + {{ range .metrics }} +
+ {{ template "timeseries" . }} +
+ {{ end }} + {{ end }} +
+
+{{ end }} +
+ + +{{ define "table" }} + + {{ if eq .type "c" }} + + {{ else if eq .type "g" }} + + + {{ else if eq .type "h" }} + + + {{ end }} +
count
{{ printf "%.2g" .count }}
meanminmax
{{printf "%.2g" .mean}}{{printf "%.2g" .min}}{{printf "%.2g" .max}}
P.50P.90P.99
{{printf "%.2g" .p50}}{{printf "%.2g" .p90}}{{printf "%.2g" .p99}}
+{{ end }} +{{ define "timeseries" }} + {{ template "table" .total }} +
+
+
{{ duration .samples .interval }}
+ + {{ if eq (index (index .samples 0) "type") "c" }} + {{ range (path .samples "count") }}{{end}} + {{ else if eq (index (index .samples 0) "type") "g" }} + {{ range (path .samples "min" "max" "mean" ) }}{{end}} + {{ else if eq (index (index .samples 0) "type") "h" }} + {{ range (path .samples "p50" "p90" "p99") }}{{end}} + {{ end }} + +
+
+{{ end }} +`)) +) + +func path(samples []any, keys ...string) []string { + var min, max float64 + paths := make([]string, len(keys)) + for i := range len(samples) { + s := samples[i].(map[string]any) + for _, k := range keys { + x := s[k].(float64) + if i == 0 || x < min { + min = x + } + if i == 0 || x > max { + max = x + } + } + } + for i := range len(samples) { + s := samples[i].(map[string]any) + for j, k := range keys { + v := s[k].(float64) + x := float64(i+1) / float64(len(samples)) + y := (v - min) / (max - min) + if max == min { + y = 0 + } + if i == 0 { + paths[j] = fmt.Sprintf("M%f %f", 0.0, (1-y)*18+1) + } + paths[j] += fmt.Sprintf(" L%f %f", x*100, (1-y)*18+1) + } + } + return paths +} + +func duration(samples []any, n float64) string { + n = n * float64(len(samples)) + if n < 60 { + return fmt.Sprintf("%d sec", int(n)) + } else if n < 60*60 { + return fmt.Sprintf("%d min", int(n/60)) + } else if n < 24*60*60 { + return fmt.Sprintf("%d hrs", int(n/60/60)) + } + return fmt.Sprintf("%d days", int(n/24/60/60)) +} + +// Handler returns an http.Handler that renders web UI for all provided metrics. +func Handler(snapshot func() map[string]Metric) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + type h map[string]any + metrics := []h{} + for name, metric := range snapshot() { + m := h{} + b, _ := json.Marshal(metric) + json.Unmarshal(b, &m) + m["name"] = name + metrics = append(metrics, m) + } + sort.Slice(metrics, func(i, j int) bool { + n1 := metrics[i]["name"].(string) + n2 := metrics[j]["name"].(string) + return strings.Compare(n1, n2) < 0 + }) + page.Execute(w, metrics) + }) +} + +// JSONHandler returns a [http.Handler] that renders the metrics as JSON. +func JSONHandler(snapshot func() map[string]Metric) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + type h map[string]any + metrics := map[string]h{} + for name, metric := range snapshot() { + m := h{} + b, _ := json.Marshal(metric) + json.Unmarshal(b, &m) + metrics[name] = m + } + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(metrics) + }) +} + +// Exposed returns a map of exposed metrics (see expvar package). +func Exposed() map[string]Metric { + m := map[string]Metric{} + expvar.Do(func(kv expvar.KeyValue) { + if metric, ok := kv.Value.(Metric); ok { + m[kv.Key] = metric + } + }) + return m +} diff --git a/stats/stats.go b/stats/stats.go new file mode 100644 index 0000000..ce594a6 --- /dev/null +++ b/stats/stats.go @@ -0,0 +1,104 @@ +package stats + +import ( + "encoding/json" + "math" + "sort" + "strconv" + "sync/atomic" +) + +// Metric is a single meter (counter, gauge or histogram, optionally - with history) +type Metric interface { + Add(n float64) + String() string +} + +// metric is an extended private interface with some additional internal +// methods used by timeseries. Counters, gauges and histograms implement it. +type metric interface { + Metric + Reset() + Aggregate(roll int, samples []metric) +} + +type multimetric []*timeseries + +func (mm multimetric) Add(n float64) { + for _, m := range mm { + m.Add(n) + } +} + +func (mm multimetric) MarshalJSON() ([]byte, error) { + b := []byte(`{"metrics":[`) + for i, m := range mm { + if i != 0 { + b = append(b, ',') + } + x, _ := json.Marshal(m) + b = append(b, x...) + } + b = append(b, ']', '}') + return b, nil +} + +func (mm multimetric) String() string { + return mm[len(mm)-1].String() +} + +func newMetric(builder func() metric, frames ...string) Metric { + if len(frames) == 0 { + return builder() + } + if len(frames) == 1 { + return newTimeseries(builder, frames[0]) + } + mm := multimetric{} + for _, frame := range frames { + mm = append(mm, newTimeseries(builder, frame)) + } + sort.Slice(mm, func(i, j int) bool { + a, b := mm[i], mm[j] + return a.interval.Seconds()*float64(len(a.samples)) < b.interval.Seconds()*float64(len(b.samples)) + }) + return mm +} + +// NewCounter returns a counter metric that increments the value with each +// incoming number. +func NewCounter(frames ...string) Metric { + return newMetric(func() metric { return &counter{} }, frames...) +} + +type counter struct { + count uint64 +} + +func (c *counter) String() string { return strconv.FormatFloat(c.value(), 'g', -1, 64) } +func (c *counter) Reset() { atomic.StoreUint64(&c.count, math.Float64bits(0)) } +func (c *counter) value() float64 { return math.Float64frombits(atomic.LoadUint64(&c.count)) } + +func (c *counter) Add(n float64) { + for { + old := math.Float64frombits(atomic.LoadUint64(&c.count)) + new := old + n + if atomic.CompareAndSwapUint64(&c.count, math.Float64bits(old), math.Float64bits(new)) { + return + } + } +} + +func (c *counter) MarshalJSON() ([]byte, error) { + return json.Marshal(struct { + Type string `json:"type"` + Count float64 `json:"count"` + }{"c", c.value()}) +} + +func (c *counter) Aggregate(roll int, samples []metric) { + c.Reset() + for _, s := range samples { + c.Add(s.(*counter).value()) + } +} diff --git a/stats/timeseries.go b/stats/timeseries.go new file mode 100644 index 0000000..8061c64 --- /dev/null +++ b/stats/timeseries.go @@ -0,0 +1,105 @@ +package stats + +import ( + "encoding/json" + "fmt" + "sync" + "time" +) + +type timeseries struct { + sync.Mutex + now time.Time + size int + interval time.Duration + total metric + samples []metric +} + +func (ts *timeseries) Reset() { + ts.total.Reset() + for _, s := range ts.samples { + s.Reset() + } +} + +func (ts *timeseries) roll() { + t := time.Now() + roll := int((t.Round(ts.interval).Sub(ts.now.Round(ts.interval))) / ts.interval) + ts.now = t + n := len(ts.samples) + if roll <= 0 { + return + } + if roll >= len(ts.samples) { + ts.Reset() + } else { + for i := 0; i < roll; i++ { + tmp := ts.samples[n-1] + for j := n - 1; j > 0; j-- { + ts.samples[j] = ts.samples[j-1] + } + ts.samples[0] = tmp + ts.samples[0].Reset() + } + ts.total.Aggregate(roll, ts.samples) + } +} + +func (ts *timeseries) Add(n float64) { + ts.Lock() + defer ts.Unlock() + ts.roll() + ts.total.Add(n) + ts.samples[0].Add(n) +} + +func (ts *timeseries) MarshalJSON() ([]byte, error) { + ts.Lock() + defer ts.Unlock() + ts.roll() + return json.Marshal(struct { + Interval float64 `json:"interval"` + Total Metric `json:"total"` + Samples []metric `json:"samples"` + }{float64(ts.interval) / float64(time.Second), ts.total, ts.samples}) +} + +func (ts *timeseries) String() string { + ts.Lock() + defer ts.Unlock() + ts.roll() + return ts.total.String() +} + +func newTimeseries(builder func() metric, frame string) *timeseries { + var ( + totalNum, intervalNum int + totalUnit, intervalUnit rune + ) + units := map[rune]time.Duration{ + 's': time.Second, + 'm': time.Minute, + 'h': time.Hour, + 'd': time.Hour * 24, + 'w': time.Hour * 24 * 7, + 'M': time.Hour * 24 * 30, + 'y': time.Hour * 24 * 365, + } + fmt.Sscanf(frame, "%d%c%d%c", &totalNum, &totalUnit, &intervalNum, &intervalUnit) + interval := units[intervalUnit] * time.Duration(intervalNum) + if interval == 0 { + interval = time.Minute + } + totalDuration := units[totalUnit] * time.Duration(totalNum) + if totalDuration == 0 { + totalDuration = interval * 15 + } + n := int(totalDuration / interval) + samples := make([]metric, n, n) + for i := 0; i < n; i++ { + samples[i] = builder() + } + totalMetric := builder() + return ×eries{interval: interval, total: totalMetric, samples: samples} +} diff --git a/styx.hcl b/styx.hcl index fabab53..89a9f29 100644 --- a/styx.hcl +++ b/styx.hcl @@ -37,22 +37,35 @@ proxy { } } +ca { + cert = "testdata/ca.crt" + key = "testdata/ca.key" +} + policy "intercept" { - path = "testdata/policy/intercept.rego" + path = "testdata/policy/styx/intercept.rego" package = "styx.intercept" } policy "bogons" { - path = "testdata/policy/bogons.rego" + path = "testdata/policy/styx/bogons.rego" } policy "childsafe" { - path = "testdata/policy/childsafe.rego" + path = "testdata/policy/custom/childsafe.rego" + package = "custom" } data { path = "testdata/match" + storage { + type = "bolt" + path = "testdata/styx.bolt" + #type = "sqlite" + #path = "testdata/styx.db" + } + network "reserved" { type = "list" list = [ diff --git a/template/blocked-256.jpeg b/template/blocked-256.jpeg new file mode 100644 index 0000000000000000000000000000000000000000..cd2607dd552d5fe33305713fa5e76cc251f0e009 GIT binary patch literal 25195 zcmb4qg;(6(6Yt_)oZ{|QpisQHEiQ{g(c-qaOA9Ryi$if=r0C*OTD-WkP`tpxZcB?4 ze|&%Myg%SgPHu9~olGVtxyj7uGkIKn+y;;URW(!rXlMWc+S3AfgaecS=xG1Re=Yid zf{F28i-n1afr*WUjs3qB2M-q;2M-4u8uC;YGTpOOE2C^{Af1{OXJ zHqQT4{=b^XK>#W4e?DQLu>#OZ(J)BS9=`z?pZvtcc=8PJ{{#(yg^h!biHm`U|1>U7 z^5i|nlb~Z@V`5>VVFA$4F)*=60oY_XEW)_t3at7RBDQ#xY(CNHREh@8&)Mxtzi_++ z&*3W>+Cz4pEYP9>(4S85|IGil{htZ!r?Ho$0JJB|n0S~^D*w}XQYOVhJnRHiGI%sR?}xtr_2WNYg$7mK|HX3QKR7^IP(P zW>&R!KH3y>z5HJeyqn3t3o14?@OjmQpW6R9wp@nScpNP1huJ6UWEzM22#wPY+DRUN~)+?No%J0F;I5f!0GIS0H zhg;{r$PH&7OyYx*&;T4|%!)G0Fe3CdR3t3kSaw=0bvmCaZ17jZ z5FM=llXxU8<5#_(V#b~}yXHgwxasv?JudUr91g+Z%`vINNDb+`EhU&=yySFFp(q4{ z3qzAyLQ0bP7@O@7sK`S3Me^6ZfBb2v^WWE^qO;lQ_oDK@_MKe_SOmyZlQ~D-ow3=z zEGYBO;n|dGl6h0AYRK8%AU4;Swk3q+jr1ku^E3b z6wmCFIWFuUbm}nM&kzl?U?}4r9x5%%iq3B=QTgDznGhbtOdm6tSlfD^FdSbetlhym z;ersa>SIB8DTtex1|0Xyzq#aFe;Js+o(8`nsmtSm^5~7<1^s-N`I6lom}w44FY8z1 z5S|Hh>q(9e#5uj%p!4M2_0f& zGL}%wnHLJZmWoxt(#5_zAInQ*DNkj%JEFfkb|o+v6C^HVr3jug2rGs~+o%=dnqK~! z!$jL~Qb+$G+Ic@S{hlLwl8LD*9l$uMUTeLl4pH+h#dBg}^oz;Z(onENdo6ZOeCZkj zy3e!%o)1TCS;IOQZ)-RG{}?H`)0y8=;;+809bRm;xS{hUt3tEzU^vX{d`!RrW{sfRVWD_vvFZ{BDBssmJwV`TuTGujUK5 z+U<;z8D&(Bj==6m**CsLH=?R_WWF0m+xAlO4tr8&Y)w)w%xGK~X0L*hQfWsuxqg-6 zxe$gO6T@0lUb2|Z5xf+_e?HDNI2$`)w=SLG%f4Xh{%5gLjwwQUm+H0I9^@O^C)d&T z5Uc*v6WR-$MKPPTOGW6pD9Av0g|AWH;f-B!4o7@?^wkCyn+!%v*5cm6!*KV)+RsP8 z`v5pa4|GX>$%Fyk?P`|-Z{H=lGtYE+hsGy|yXTl(l^$(M*_pk(ymu_8gX~kPu2{E7 zKrT-GdZR5i(sCROk#e)5t#_C*kpW|{ex;dA4PH8~ zc$`{iqK>7~m-4%b4sW|FY2#vcv{^cgrin#|MS8vX345v4BvVx1K-DuDISE#t^`dmD z6SQMh{O?|WZ#L>`HFseV`YQ7c6LKgMv3Hx55li@o%9FX?Wk?i67@8X4*)S9C8oIe? zdq6U>OFBZm_F)kkv0XcklE;w37>%(f(y#L4vO3#B)XVA1`fL^2bvy!+Lh?GHe5jlX zC80(on%oh2wG<9z)17z%HR?f~M}T4xdxA~bo$E4!Scji#GrjxRDRKxUTinGxRu*E$ zSO$fg0LXglKV^%>`QTYQ8bxr-l6}X97Aap*GtGb&{ra4Tn(Het{H{%pI+)m`l+%13 z)@iuL7b%ZjTwEf$NwSIInsVXf*))%Uk+}D)Q|U?0E~M|0Un~I0b5$(jmk+uh0U_-Q zvI5XwAWa6~Sxrh&X&O+*HcIw3{NZL^w#P|RTRBQ)j+q-R)P5uiS@ujv(>Z#kONv}c z_HSvK&!p1$-%>p1=q*eabl=sZcSQ$nEL&$rAgXg6<#Y~&;Ws-@= zG*G(X%#}Td+U!v{l2U-}t2th^vDtrTrMUY}%#qqetiBD2j#w(od%CV=@(W8w>_T<) z=%_DhkS|zBc9)n zfW(@RkGlzManzPQl9CvtpVB`eoI0d-H0Jok2n$J%+T*f+soI%OU3DE}O?U4Zq8!91 ze2L#?vyS1{1LsLf+CHRXpL+It(s^za{X&pKZ(YCi36iUjuX?tBbp1iW(U<3fgvM>r zfwA7FWJuTntf%UZo7BG>6B@IYyQFKk%J#am-`1#JZf4)-^^lj`vcy_0=O#Puwn&yH zd^E1m9)2f;L=F#AX|$Nc^S*DX%9Z-CctTWc_oG{Po;RD{E;#DR| zYq3RE=l!~DzqN~Q)9T~}kQcV34L$7U5vO$YFu<=fURXaft5McqNsCKocXHxa zTMi~qx>v@4zVJgGchEgBLRNG=Ix42vUm;$B6Gl5Yoj5AO0FuIId$cX(dmc;FmXiK| z;KA@;J5_61JF4E;MFJ+F4h9Aw=FP-)19r)4Ku%92GNuVk35a`(P0TaqAw_Jh}^CvJLcG?-kMX*2qNykFq zd20>Du_%!*tex@(QUkP&Ve+>JfpjoO*$t#AFhA^ni=m7Eh`L2b%5Da&Pa1Gh_4I*g zidUVxZVhF^I>r5PQi6*1BxFY#MAuy@XFORe`T5v#TVfTO4;`mez_qumhmU}UP|mSR z{k*z;*`6KwUk&iMgLe4-rL_{<9)~^6=--u0PTAQwX9S}}&hh0$AkN{yyGKB>Ont6q zn~33cN=JE&hhBb=9Y~X0I1u19P-fLIje4zn ze{NGnGR|J+exeI&OV87M%2ng3fIP*Z^ z4|XK0zk^BPNVxeQj}wa&0v)5USg_pR8d{T<`HfKUMNAyyYlYc`%@bFXib;S8B}?59^kucP@;|fl`(qEu9qsfg@r^<=aHT|CU`fXt>m? zs9r$ATzF1Z)9uS}?0l;rqv~zWy%pZ&D4m>>>cWElD>Yrz+!ic(%K3zq{j2^z(+cOA zo16{fFVv@MK4-}oMoGijt4F^~w4spuM*zOKLTO{Q#!=mK&n4>W_*JNS3foscA!Z>7 zJ8385i23uK{u>v&%8lCrXJhS<{*siXj$`*0(DH)((af*z=n*`+k9rLkC7wS;beOpo znM@t-PhNV36c1ZF5PNrXgX+VaSeyVdHZe+A%#<>^p6lnwu$vs`f?|WZ4)=vEfq070 zfGx|IX2+U>{65W!y9J6P+2Q?$JoDF^@#HRUz_M~T*)$tIi>j->>bc}SZ7xgCthPU! zZpSViM6y{s`EFvBbtR=@)pe5@s304J(48R>;{MM2Z{HszzUQK3;Wp*Dn0*48B* zi?^vYQv=Q(MyGHnTsIIJlY$k?QWLbqrIH}?p7GRk^N*=I9apyIr+|M~;^pzkc~fSK zIQWLqTfTQoIer=(dF&v9G|FLRmDK1{K{@fDgBefb%@B}nm(iQ5L(lGI^L=#VU`j$C zT>#O8`cR&cS~`R#)7JFJ?U7h@l|uO#J>m{eap4KLC}CzCBLr1%}jB+s1w? z{nzok`0`)?W8{R);r#_?32c6L$VPGcnIw%xy4)79z+--KiQkW^-9^pkD?ya0pa#2* zV`iikS~}S97V5=7?U5lMi@NgW#7^D|U{^eeCAtax3rAL)cHY^;dO{ zDh!U&ziTU????GxB%S%YQ_7CoZyC7YxK5dUGkrzXssDW-k{acwMt{gC8jo=(-}nse zZ!Q1LXC9V@;6yd^S|)ey_vH8E3;w&qW*~ylj^K(oAqVccI7z_2K_=QDhPb9e<)&Wd zq;AT;scf{$xW*!NtH-YC@IF@0!j2Wtv6l%!11#}v;buse2XKrJ&=P^VbJeE!{IO+Y z_kE6xff_H^1bgG+!;xB5-;1ODaMj~Bv4V&JFXhaFgsmQNObw0+AdtXdc}f$Tp|VIb zc|;G>fSQWdPF{6PPOne!CgL2l^bqS8xu~n+kxjJIcT?W%eoI^n%Wr7buria+Y^!9? zmk#-6m-Ov?E^lM|J5TNPL!j!;BLF_$*KIpjRJIr*bM*GNcpefFzlc{J%$PqaRGZ(> zAWHUprdd`CX<-22D-N~=`Ova!r0h4AyB*eL`)&7oiGM;XttC0`r|)m#l1!sF}cuK_=SP+5s>=hq8*eY zReO-4o`l{Q8YcWL@#5XxD<`5=#%mhdLXnqNPQ$X_E7=Sb3k*-!KLde<>OKB!p;r92 z5k*CFnl4SCuMDCqnbl^F9g8y(gYgcvX-^$DU7;Ndl`@n?-&MF1 z&}-DXUa}YK&2VAmwtNC_sBk4)Mae`llNMUjWp0AI!%lOXWrDjM$U&3f6nwY4>O8r8 z{@Rf+dzf4!3<(d3+hDJ05T4jb%wv~FPc4>>y7%v1p7hoI7gzSN-*>EJy1p2={E%rW zwdZEt>WQEe$S*3Ys*-}0Y%Xe7A%=zNg5Zv^#fWYJ&!IYvk6kw$Pw*_Gr=yNcyo{<6% zGr_Bg5W2XZbpk`1#9}VI01!uCCH-pPpS%&BRQ*%7Y7_HBf0b$8bxuZP)v@|@%7N-# zk{Ag@B)DXT41*8b7*I=ld4A9n&_8veB6||%_aiZM-KHvAV7SBcd8(~rIpozz9)Xl4TT4=bye$OT}IcxJ8US0@kkGk5za3Kq0#b=+pz9OM`TaX37?o zM4htF1TE)>4C7}cgDL4}S5$HrNyO=)MO}`4M*4}`SOogt?I@Nzt!xs=rjUSnJ4Ge_ z8qlH;-^Qny5HNgMPK~mM-1BsE>Q<`Z!b0(jZx_g;uJ7#;^bRzRIAKkT8Vm^M1)ArI4pogPm*?oqSzF?_*So@G2kL zx7G{`i}ZP5S8}aEo?AM@>fT7aWtxAh#@k+#`6XlcX;wSQ>}TF%m!ti39yQ-QGm3hp zW=T67`^)8)CP%_&3cpp`1Z^?d9|1Xr&!YXzuU1f1v*(BEyYs%~t+lyX zsUKAr(p5`8tNl&cI#)I#eFm#NMMdI(Z^iiK=*Z7l^>8q=#hm9$syX7N$(`Zft7i22 zj8}^akLtuDD>s)kn^0}Hw5cv@BP$Rf!IX-0(xU##0!^3FaK4gED}RGz%u51_H0n;^ zt$XiQWp>EPV7|s%7sqVNoUB!dS^Tud%yFIg=lh^dS&xl2KNIu3*jCS>#mjt=7Bvd2 zq3p|@%(k>7EG)Ct%U|yb^_+p_oIK8 z)9H0yuSaZ{K+Pv!sxN~16V?p&T8d}yE*J1P`o)w6pS7IK`fh1GPb|xwxpfvVe0F0k zM(JwKe1_b*n5E^2r+z}A&NH^mcw<5d@7ojhWH0hR{rmUymW2)`1+d*5Il;uzZ{mE; z>cbdBvz5|Mb<<1anP`=-#^jhhDD9pAD_l~z#O$(z6EdSj?~Z|e&H#PC=<9TM$XCYc zM7Q&iNtKr<-o7rka%iu4B-uHiCgBAcXqvXxLih|~&61WBXGsX@{^`oC+>ZW|G~<{n z3Uhz&zWtnU0XAQvdEliV&63E!_LmxRyMdT`ysj*qpxO-)J#Tni9h#78H3?uHeJl)rypsEsZxQa|E*9u__zlXa14UE0#kUTz2>oRbgWjwTF0isBe41 zxVe$&2mI*9U2#QN!F27ETQ_ozaq=ayCU6{+K}Qz2cEx$OPW3`BF!@3|B(S=&Syxv* z4fmL*Ttg1`_pNX>HvxZ**{G-sOHwu$=dO>>^K>C1aL;(PLY=DQ{vR|EW+z>GAF1^X)$#TusV9m&r`)bIppQ22djgiJq@@0jgHl+6gwW9*N zM9w!{iCM{dWK$(q)-;;88MItMlf|wl z-$2Iar)rDU*?6atObb@QJlC9*ND&du~>`50he#WL=nQd8FnU^6qxXBDq zRkX?&V8z=si7M85<)~2+V8+P8GX+U_%{@M1K>nuEYN5Xr*>x(H)JQ2BNW+<2Q|G*F zYy?e+h}cx5uTRg+4D>vGCbo1>e4z){pI}2t{Rz9p~nK-Ql#@a=mz<%#n#v=}` zNiB~mAo}VT80$50!L=JcxvcXKRj)XQ-DI(@Yz=-iT)C+XssEzGZvvjJu6_b0@fJFk zb5D@37KsBsFT9LZsENYLYO6CkX4%|gYW)X_l?gCMw)@s3%xUO?fo6;?F_l3A?&`E^ z6I4z$-gp@q_G_|PInhM!A(ZFG4u~I!oZ3y5Hr@7+NZ1d*jh(+Mug%;~?% zz;SH-b8BU@VJ@QlChjw2rnSc6RRPwY>}J@3$fAbKg$Zx&f61qOcG9d4Zg39P5o#E1DIVWeWo%ecsle<`MmC{|OTcj7V3HScwGD6+<)so|na0I97di zjG=?=$87rE@6h<$ISWjgjDPa~Kzz)5`-EVJ4a{P->zNcuOK7AB}& zISavqp0^B%Lp6_o`JcjE&v)9Lm%4i|S!*NgDR|)0tCT z^onR+DQd7bjxH;*5&?nwUK{#i??Ab*r0q!ApwV6rq^OV7w$KB6-i_hIn$)MLXw|yz zLEtpB3|hIKU-rEn?J2?2LA$+rbB7QE#~$+?#F&`X#E3oBuIC&i%JK z_7ezja)S`-gj(+yv_CAURw`1Y3r(nPZ9f8JL3-#^8+4zTNYTWTgwHBgF{mH9zd10j zvu7L{Id@By-W(O}F*`f#(XxE}?KdwUBfV$Fg5^`M!8M(*A9OwIr{$XC|CEZA_-E^m zQ{TGSq}HX)LR8eAvIF6yuw$|aoivFjsvsKjDfkjAMN>aN~3p38W z0J+*$`q!8NX4k26r=Ck)Jpt`Gk24*Ib~)IeS=s?tU@k#9XrWXs`J-K;jE&Iiea(!h zjq=x3g4JF(kPbNVk{udCKqT9bRAI0Ac{UuGI_7Zp767P5@aH`ddeNwc0qq6p{dSmi zQiDT}B4b}xI8Gvaww;_J8y3$T%?ik37@X_VUQA9ynXNQ=g?4SzcD zFZ!*a2Mz|UMI=c>rJa@-H#KpYGFmi4>o_>5P#l6&Xw~z2JnW*U`BmfBV=rAq_}W*%M2*b%5mon1xWOp29qF@d5k)$Z#3mWZKV34OuWFtV;RvM!aEj=nw&YS z(j#l(MWGa&H^3quAyo9kGL-nP;r*3-42Q1YK{QBKDdFd#g9IPm92#ped$mmYsZBd@9Q zJ`j6WA2YKM>gZ4~Vd*Z_-7aRIRrMo1DybF`MzXr*7V1VVy`To~^@H~jNEy(dP!FTT zK`dV`$D7EHIG!@AM6Mn)+S=hA_}vH_zLQmoSzbS))^J_6mf;q9+lHrjGG@A5`8*zr8`- z1qtf68KGv*#8Cy002QZAA1#(bfu5DB_9Zc3J&k@}H_h=Llpl&{5rN!Ua5S$Ep9pSV z6fdP@Z(a(#TS&gOTXkQM4M$iMt-?<07)U7Y3RcS$=$3TmUVMN!$(Ve+=?Nz|pX-6j zDy{}T0*r22kL>G13;fnP`cww0ZsWoyu_!$fu(A%yDr3w}>>v1*RgqJi3OmteI%ZPC zi_p40NO$q){=6%H!9T0UW6;I`b5z;f;`vQ}?S611&1U5lVak3xrD&CCS_}1WTwcdn z^vNq4b4ITj$1bw|mlv(omk+rM9MFu=_6OH^!yon4Rd_(^YEES?j)Z$=((~vv8H8+W zNU(lSV*z;5quLyLa^U{SWuh4mUm^)SD4W;iu-Am~t6EMkbm&*#O|+SnS)h4EwGHsw zkOYep*Kvw)Y;uH<^tNLP7~^uR)8Zy{V1UWefqeZ{xV9Jotq{_&=8F+KvCTg*U!2Mw z2Z(bJ?ei}%C>I*i>KxZ6C>-i9iYG!dsC~X@pd~cwRV-x#i9;F@jWqHA2Lkd&i<8xD z*8Q49L@!!_M_{w&n23L)o;SX@=(vx7SJ>F{3j%`TX7G4NIw4@nyalQ~lR#HZPdPGM zedBC!Cbj>Q%jIwxt(Rxj6G_Tsn9YTAJ}q`4b`zKHUul%B#)ZbF%e1)dhE?BfNzVgQ zW`6q!xVUy8mi{Ygw^iLX=lf);iES=vLkY)Vf>Oh4-pz@0?>W#(!j;#i?$I&G&ALHu1eM zFjlp{lk-4z#uu*n#J!ikt3QFZqNyd@c#GwP1$b}*xWCNCrn(16jbleno|T~e5lcHe ze4@h0^u`aaL&IEzkxvu^mHV?%QwaXm-zo^LnljI8?6}0L?Cf~V;MrM-cas$DmYvqF zbJ5FpSJW#yRxd0Tg5IFu?RBpZn~lV~$KaIaKOTov5cK_VNx0p=DJ)wQvOPIZ-~HPzMi(P-?gq2AlI z0O|r3g^>nZQY^b+L!TgTt$UB-yB@p0u4O$-Q@ZBo7jHN9Ih12s&+HnWL8Aea~zKkNq(Mtm0*zo=DlFD-Dfawste z#=HK^rm3*@`=u$u4n=R2sELqI{a)JdPh^3HNQ(DAPL31XNb4Eb_lVB2&m~d%l5N9r z_$>=GDdfe(dbSjtLO{;wYMX!PQGj}RWE?Jl@R%vNH>;^ixHWDAfirNoeaPh&P`r#A z(KpnjLn=7T=`>WoOuKzuF0gEiKNoUVi=ZUmXVH~?Rbwf>8dnUz%_6xQ@s~ZU0JL(8 zkskgVYm5EiQQdpw^0RYNU%hEDA+Vw*KEG^BJcUp(k3Cg3>TbJer?)Yj8_{=FNf)E3 z&&^p8bEBK2(3HXWZo-`{r<4&QFtqW+0paHy$wR zHi3nM7M8stb=r!4{(iOhCZvgjk^z=-FEIw8)25U_$M0OSw^uA(wm}^;XIXPq!LU-s zJ40}~kRX3C;U5iRe>HTK$QZ%zNI0yB!IaxvO%qMb=@}Ia`3f85It4CK*K=QU&p>`* z*EPu);w;0!L#}Q6!)v!jS+0$n4D5$C*yhQz4LB*vjXV17CM*D2mMv;czt8;FjExKK zr0@w-V$8nL5N=>twOf)MTxn$93D1%>|HASWT|#{jD(?AR0kFM|ID}eQF`%;NdL0t> z^fJZ#&n!+Z5nuI9C&_gZ8Pt=3kZn8$Q;qA+)VenA-0p=`C*bUii`B|8_LrUjFXO;0 zowfUhB|7&-QJ*DR?H=Gz@HgS-0j~LN2}J-L$}exT$FU05-nyP#R?jKPQIlf)HhvzchaaEj@QyQZ_s2YHQfvtOF;S{#g}*K<#ij3c2pOs7f~ct#j>$!(SCZ3 zge$Hf7nKBlDpzKAa7q-`mitcB!O2wTsjqqY_8~fAG#ij92SmHbCXe#$Xgg0;#)h5j z%r^^7yf+tDuB~^?cNecVZ+|&j@||2>Zg1vz92oLv&VFB!j>)-n*%KMp9IR9KVVPl8 z)sn9dk23$U#sJ!NbMN3ibbZ*r-if68(`h+rn||0BS3#u=o>02OqbsN@x>i=JWz zM^KGEQDz4IzOf|i6)Mq$yl zME;IqM0|@&n!^-f!Ca?uRtj~z$ySDoycC3B99G>6uJI+17Oq8;=wxB;5f$O<#zT41 z(fH{cw!fuN4uAcp3JLCc-q*MfH$d;OW8rZrlDJka`%w?u`b>JpN5G`MIKJXAHV#|I zNL-6d{GbOq?x{ZqS?Y^w>SftBHD(d)jH@p*Bkx(Mg}=~hkM2iqDd;@&)1`WfqEA%R zOu)5qn_h_4r^r_0IkRU=8w9SwsPyLdZMtL{ zqDchBPe3ksqIcpw3z&k)#Og(7@<7k-=7C@|8Le7&nJul>pI7pUIW6hXJsAhzVsF=xMBt3kl>95-nFQFq zf$_X2>VxTCucZs&ZO~9=i$3UOgL<5C$Fc}|R4f_0R^VkW%O4$SR#}k!>#cN zs82!UAcc=*8J9PtyWOhJ*3bWd%#Ki}Bn$H&9$p%ZW2p0Wy}%Z3OO)c*&(5#-mcmOE z7lmm(NxyZ&?|t`w!~dJo^h1FIOAOlbF7O*sYP4q#`)(DsrM6 z#LTB%yrHfyVN!NI#buC-*ZFh)kR?suOScykhz@+Ln%uXvZiV<+A*>s~QN8GLpRqH3 z|5fV(fqPek^~UNgCkIj68 z8HyeakTGm=G;daE~ki|yNe2-m5coc0@`Ru)Fh1! zeG+}Z?~`izZb!#XIejU^K7`{_vf`8K<8fQH1exP_N&WNZnF=!jz3YKSH9&$NNHtBR zInQJiim|XH`>O^{ykKMzft1CJtE%=varLQrS!)(={%(m&QIkmK$Pat5{9M8&VkE@k z$O(8ee$?u5@nUJzsKdn2HE^Ky-y~{m(?5HXbIXNJ7+xB)dOk_qI&Ng7Nk8QB{KWH4 z%*rG|n<_IGk@ERvX29@248(xUoXA*=j!g{O1We%`ESAnU3OG4>j^w>h2yA@kL01i( z0d9urG@a%iW`7P?xHYN^YGMO^aq_FQXK;KCAQp8^sSj?mrEa;q(I7K2WA%5m&2p5) z45Pn87$IJjq?H{*QbZHAI>gJ4lW&Tc|X=&Qbt|rT6qXT!-`^)>p z+UMAr1{H|7$$~)8bQKI#84{2nDrsaVGKz}WV$<5UIgzXiu5^K86~?<07uqR_`zF8j z$>8hIjw!%UB=k+jNPSm@bCw~+FSU@0AubB=iM$jyYjE1{si-a*xqVcf zDy1TnLAr+nYo3>!3Fp6asYn&U#{Mw!vJ5A(#)SlJP>Q@8Gdv}`g+2PLUe~vj&GE&N znzrK!mr1}CaK84qynkb_8d{$~&Sq#R=vbsze8@)#7H5KVUN5#T;TXDfS1#Y)d-TT? z#iZ0MHV6=kbPsFA_Kn%-RV1mV50jNlyr3tvXGL2;Fx}OS7*J70hkJ(S@Z@9E` z40RbGuGDoZqJPw+#(9BIALJ*eF8)fhIEu*3%Ng%UCrINsINh;=>|1kg9ScOzw#;_p zZ0xnrV2tqUzROUyVLK`?QPH@Z+RU+f4=-cOA+mypAxC&@YLfcK=WkVh*U!?%ld-cQ2^zr+8cQ;eK)Z` zTSV-zyn3UBQKPRv48m*mE&*S;Q3K%AO!jB%fr(z{H-8mbV3u5QZQ@iZkvq-fgDmPc z>aP_c#J=Zu8WrE$P4w#p1Zs#QmS)4{)~(nP9_7FNHg!wZt`1c%*Uv~_S?qt`QKnR| zpDMG@e*FkIbE)(~CxwufS_at%R42h=18Ap&MX zG`_5*NXnT&_n(*Lb+&}eWuJRrXGM&DoMAsm*}F~c8#rEAY}{P$A!{v@-mHYK=j5$h zR3^aEj0}2DV@PFu4uyei9O0`#t!M?cH|PorHZ}ejTF)bG*M1GWufIuN>MLHB4%Vqe znz{srbzlO+=QLCp*euH)0U#shkA!3Lj0mB;&Z~nYS4uO_jUK4?Uz7P zS4KyM%J>l~o98T`(QXVThLlEL&r~>H{ol=Q-^ex#Zc5e^DS{~kem<~LaB%cr7i;3$ zh`zoXu!&Gf3k3-Jdz$KH!~5tG>2Kf87jVC@?&vCcXps2Ab8hNW3wlKHbonSH ztxHbOg-O*=O7>)UNCJjl#sXA{Cd*9M(>)fVdKxP1xjM$sjy_B8G;XDpBT9wKr56~$ z7-swkFux-5PYu>PrA7Amw2eB|i&#?ivuTSi&1H~>n%!72b7azYEY1saW%qE+&mhAP z1C`cARxr>9AKZZHpK%gihVZ>hs0*b!;hYGVBnKu2=1xD`Suw!zGHU@)T-|S3fII{@oUiGLN>HW$YFIg{E0fhZA6R~& zSzuph#h+@6w8-M$r5N>Cq{V3DNy=14%r#4C6ALCy)3Ge4tu z`Ky+pP~~k^$HlYm7QX$^Fb-KU6}wPfqAxrk`0ptLb{}4~yO$!q^8LqFU_WVs&&D2g zO0J)Ke$?HB)zVp@E{%j2#;D{+xcmlVjUzpZ1-Kf=Y?PL zI&I1t4>ZtJUw)VNmUOLsU7s#tjGaq4O5wFDF0+H4y;!}l0@W$6Drq=(3j^4Eql|_1NRhyld61ESH{& zxlbPf)EN8~*ryG#_^9s`Zn{_69W@>L_AM{A1KMNFT@l;f=z;r&a)oO~J0JOjvL)n6 zOn=**Sc$Cm&*0wGs?`*$UW9YN|M*)}hO3rtG03?rG51$DtG&^pTL+2xu?EvJJLK6B z)2YWMT*!BEo_kvFG5um;jUd-Sz?8;Yjq^-3$rD+Nx zCm)uTIXnFL6WXv3dzp^qVgLOg0Gc$1Oc_;=dhM5swx^i?^lwOX`puEUv6CVx^{8)s zCO||iu2mmSGtZNJ;@SdN0?uU)Ea)VaG{>_~IBnPJ@0~9s3x2E3|8P}kbqOal<;U3# zA8};*NiQ;h(`@sVQ97yDG~n%7owG)}DJ98Sx&u(hfw=Rnwb^Lex2x$2Q7i7gH?Do_ zQ>`AANkAhp8NHX3qd)Pf<8Ey_o*+tR4<2#?A}vER_pf6$yzYs~-Wmdi701j5DF^na z5xShnt83(?Y+D@+3$e+kq%S7v=dPZv@x9vpj<}hj7va)%Bj#Lr>4FSMSK<|ybZq!c z{Obig+5l&3IzrCMT@6+PL(*Ef*p}86X`scF<7QVUtP;Y8~%+T8>TEl-@@R4rG+bJGr=TZl zbF=XeC=6}@l&T~_g@SjKoqwqgBzY1ffBPKv)Wmsf9PKP=ljj=a`%I-dy_@|vo+g!={3&_M5NBa_us z&!oCj?*F~gU4G7tai0CFWI=$ezBEyL zxBS0BB-}cOu3j`0j4vUep9z6V9=jH00bZ{{#1(~tF~&7!CX!MM#b<#lQowaQhqn-r zn9wML9RFAzyPzC5_ZtahEX}Ft=@nnN=Tup%i~t4Lq;Dlx%ZxO^k+Mlq! zb_F+Ybaw3p_pDd&c9}Sb$_hujxq6|NkE1v8C~78&X*J)iFBE}wvH35(vMI93CZ;q@ zuodnVBpl@4S~9rm8CW?M9&$MtPw`f+QSIeS=Ci%`b)U9h<6>^_pG+LIUKUze zDVkmx80OYqCs;g{(HOpXao^hQkB%V?z5j zmqQ)*Qq#>ZZmmf@JJ~@-d@nkq;S!}0P_SmGXKNZSk5xFTm0_e(HFZ=i{ zenon8JKeAO*BB)$yMMV3jqt|9>7vNHi)=8zTH8?MTz%$UtL8RxGEu+m;U`OOiH ztmc8eULTnM_Nv^{rLG7o@{6TCJqPA?i|`l6zt_RV4DnJn-M)FrAOsr=k?ET zOT&SsonM~eyIE;!psqP6&EbTl)q>-1%j z%;G@=ScEvuU;KEbR;TO~xuhFXy$POWH+cS1-#6unYkZ&o5;gKVA_I=BVhV*1q_ut$ z(|aj8sMEXKYt9+W%M3DHD+j;%$nKQt`A-sq_WjcQ?EH$h z_xkgHm9aK&Lh>ch4!EbE!`TS~N9Qs=#k>~t|6GHtUc#?ksA+HS0N%!89&3mu{FRkf z*X5~za6OxTrpr^9p7g0AHm1&HG|(OO4%O4uVUC(L4M6%!O){)+vv%v!{Z%%~xbhd7 zq{BivlBoB6#0o9cil={A(h9BZ#{Ipp@6FqEJZc?swSb5hZ=Be8ZV~pd%!_&@{l4wb zFbR_ZCA|Wh?1--YUE3p|P1bOBgICbU-=zBXDOjTX36Tm$2wFs7*2h%w7*%S4pk<~9 z!p~ESy9W81xh!br5r;Lk5RiP^lGt2rP(gPv zTeIgLTGVOikuU3haEVg=iad&-4rcxLJoV@bY});<(AHW2|7h{^GKj%j3Yi`P9O)lPqgcKn>szZLjlCf7?lbg~`;o&j_x+fuqa}Q4(PG}CK#@1Iu5Vb3AKZ#AuO=Ml6Q%B8B4`BV zBVXIK>S^ju4XCjGv?jxM%yj_ec^jEpAJt};VSM|N{oR3K_peHJS%^PEK3HQo?{THD3iMAWNPBRQVJOF6sTyrp*(P~^G$tLj&UKu z)Y#ZlTzNlbO&gNjU;#|~#9`%Fx5<*?9i5 z%e4f_*ssBgj)ouiDx!X`;@EhFVP2m(4vE@X_i zSdYpq-;|0(9DayeeyOHGJL}LCM4At;ls*)#7)NrJyKusZNy~LtB8)esXw(@}qGs4r zQ=&+G#)y~uZ0jd}HIrANEf#cBOe3}fgwFMC`0eQBPVuelY>!{Wp_6dqcEXCbp~#;= zGamboBmfzS12vyNU&mkjQw+E>%z%({=Euf3I!iP4eSqheCx3bVLRgo%)I0UDu9ZloP@G98^nb@O$`jTOwZ4UEi}+A+~3%)GK{^Z;)j#sqy4QRS@(UrLw%`tFP6XJ7bK zVsJ$Jte&yo-&!jl4S_{*YU{(dpP^Mka}(PX0mj?DDcdn?m_F_qHB-N;tkXIeCLmU& zE3&Qj{;6AHm+O3=i1lCalYvyRoD99jad~CRoE>zDjk{oLTE2*K#|HRFR@Ui6(DX(1HD_v zDzU}`6i`C2%O4)Ljg{8^q*W^J7rWm64Q64j4SeVnqeXKQHbsBlEsIE z<3~tN<#W0)B)Egl!qLSv?aqqWrQFrF3r|e!_i1V1Gg1El=~cCr9_Cb}lF0}Wv}^wW z?ck6cWRr|OCq=J2n(bH9imkzIqP5mgJFT+mY!tF1I0_?FN;P{cX0A+R`>QUS;WkPMq@Y+akUb{%lMM-oxR z5T>~^+_v?;iX>6)dnwMEb%J&b4n&OXy}0AdOUcntT+fGOy7AJ=?@!%hxNO=> zg*`%BY8B{eXy<1~iI*sHz%al()KnIimEJZ^*rDuspt$@-HZ zWAlAK8t$J|dkfQ7TsEB-Ono%i{{Vb$+Panh01jJrExwkmrr zoK*ofaNpUrYCAkI(%tDNm0S=DhwmJ#;|DqXpb_@&J~Tbbdw_-k8bLoIB&cZ)B?S3k zd=d8^et!D)ul8o0E=s<|J;51dYyz>&28l+XOFIja{_F!RoC?=BI2ReA5ucnY6zoE<2uW1g(fbdE`RmFFZ*s^=d$DnUOvK7M@Z$lQjt(X52wZQRW?(wm)F zbY%Jxuicj{a1ZengRjXMQrVYi=9P=(Q{oNYw%=S@}Y>5fY0a7#@6(F@c`l zwXH1IDjLyKafSWSg3DHfKbWfGu8kQ2wOD0M&0XwUC~{4dg}BD5~jSF8F(C_2Oxq7?SrW$0K<$;gxMu~RxbaZA*RmHb`cKVImn`W0{)AbtSY*ducQ`6g| z_GI=VfdWFY6Byyg1G&zAd+R#i+5zf`YUHci9ZkjlZe7b%wO8BST~jP82x+QbLL*$^0cIzTNj!6cNjS;QzK(iS z^xe{{M?tpyo5)`5yM`NFHFp|VXyv7Pr((|0^Qnc9Fv^0_xF1;T3GL0BFVMwS)7!RQ zzxDp2u8*gbHgS5sejUv{T~sK*M@LGtM-y|M%QDEN!o&6Dn}BPU)x36%_VY>A9+LGs zzRR~{xvW*Ro9A$TFZU9!2T25?ar@30GuSxygRqI0xhriT_FZv)sOng%Vx2Q!c5mIJ zaumOQbTg&btK4zzzLxIDDUIRwwC?%2hhu9hOUy|)LMG!5+G>om%B<@ zO0zHqM|eb$`Q*y4JY*aOSI2eGz2oWkaa{@Awu|leaZyIiZ>6wq8W*FQAPHEF6FofA z7|A3Le;k{!B|z4I_eAsRxUZu6ZLuH@cLXVV3vIM*k-TJDx6R(3?6Sbo z#a*{4B@#x(yPU~T9ydZT851MVp8B~uRn*R!^bYA2&!(H=`)<1XOhxLl*HKe+LcskA zP-pi7IL1O12LzQrJX=HR4|dHe)Z8}&l+vr^WQN?cllqov6~6j}xb8_9^8r?o(P*vo{8Q}rTb{+=cTTWxPOsQ#@AY1)dYw#S ze`;#Y(PEN@i6jk>sZ~)VamglFl3j!2z6b<}w^g>+teu%b4(HijP`}?(p9tg^xT7#d z#PKFdN$TS&WGV`@QHBJNz^{7WY;~`7t)VWqZSP^)HHIWvD`4C=8m6fLVeT7N|bjxUII!nZNo+>KX zD7N&G)2P8NB9-Tu#l-&ror!EB;DQJdYj><(k@Z7%Te?SKlG595<#2#kbt|bBn5rhF zw{ZvY28|&~bWm1UqxXw5%yPkp60MVvPf1-E{$fF~@y7?2k{rn0B9E*Lw7ublU5;y*v+9a)O6*Q_pL)gs1l2lA?D| zky5zf9IT8>sP>{EnL&nI*;vP6n$s;ZbQ>qO0QU;e>4hD3>9E#xv(fIr+>$Qr>KCz|{OQPFBPUvlR+557a28S?H(U_P zNbWul-~RyfPMdzsNxJFkC_i|-S7@U~ph=k)3W(H@=<+ch+kin(bBCO{w`SA-maD;nrPVp;3Y(nikSltqp;fjlf6Im zf4ch1bffiA)oQ)JbNmdn`(oJzC<1A?7L}!W!KIQifT4nHhw+1*P(heppko>KhPG2} zL|>m}&-+iJThn#JPg%69X(y`uNP>ELdECiOF%HV5)l6XUPDFc|P{SZ+Pa9vLokhOy z>RqRKw8|%S!4jUBK@{}~?uBVUEgL$=lC`~O?Wy$7(w(8SH>H!)gwWPe zQNblGB?NHO(oxJDiDCW<_K{nJ%!Qd*jEx%c`h|h8Zn-1sc)I@p`B5fxGy1amv3m6P z)Y>h#dEHj7lilO7?OKTFuN$84?nIGKD`piX(M>y*%KcoTATAq|4p3|Dq6%ti9M@1( zJ!QTsvHVqzNR|1IZQOPatfUoi8@ilegRiDtE9$SNf7%JPw}s2rmG;GBTcySefZY3b zwJ7VW598sZhS{-(ybwy-TA_v{_N9!uwJ_O?b?p_II* z0pVmJm5Ig&kiee=AMLLa^;B+Y*s|fW(J;!B`h(c(rT1s-?z42B?{ZGG`ncHpV$jvH zLvE+FNj37}SxzK=4<$7qRD&q0*_K66Te)7^(%xMS^lX=E+kV^Y{{T@c>0XsrZ`V(- zC}tDP2>RwQRsvw+TLLvQD-P!b4M!;=!E^>Y4(I^LJ7D}m=gJ$JK`cgfkO;#9(U9f4 zb{u5N06caBUTblNIWp8x`;LBwEJ4Wm131s$S5kUj=&hO=uiNw0ZKj^v1YY7Li)+`` zR8)OK35gaYhmh=KcOePz-!?x)y(Y>r2j^rD4)O8p^alTw>J-6VL zbrGa+(ngu(#y$+pnPw!OA#FjbUv)%@rqb@~d6-<3D`PGstA;n@{{Xl%!y_LhagV-r z?$s0zPG^e57Byh4GEFOhah^HOGDpXsw!XM@*RNl&uYc@|R`|AbX34SluE@0tyD7g? zEj=AgRDqqqM+*&8LRjD)IBd8aeY2`(c6!a|U-*Whwhq|a8+wW4q`J{fvK5WipZYZI}C1XlCmGE)Go>>yNoEEhxQqDr+aNpuPuYCdv@8m zs$oIBHs0ek5y@nde{Ja&AskI5KzQXq!BYt#E69QgWv~68H=jj&uE)DK?_9b`b>DCw z-c~J_U%4cLno|_b809@p6H-qgbZkKK#&f{@9X?xnmAE(N_Nv|co33|Fw@*`1Jw+?p z?sXG;oZ(2ytdY{x#L%>0VGc^Nf(Y-37Wwq!){XgIH`O0gEIX13DE|Nr4P6HGrCNz; zRG8zYYC4K|LH3Yw3B^VNs>q>1S(;-}&yvi{PASBS)c|hqX`A>dF6E!q7pzM9zNht{ zq#MI^(MNI>0c{)keVa{EoP~IJO9W*Af8n$$MlzJw?gt)@qS7N{g0xD~tj^q%IZ8 z1>UwuruvuZ4DjHTK2>rvm0}434Z6DRdcNCk)LTZ- zZWh@o{m;Q0kK$lKj?w$|Q!^r*a^gtzXZoE@GTxIVu z08d4C>0aaCG}P$}tx8n&3X#kFg3M!y(4YPw;CMOJ0o6{SzTvEEruW)XT<%ZBW30U2 z=dKKZp2Us-kG3*CbMvD!X^HjZuC5aWR;#k+J_h^@D#QgpeK}e816e2hMI{pk;G_6; z(?&}V^JN$lpSO>;n?WjhDDFIGQVpth{R&mxFLwK-QgB~jQ&Gk3$=~Y^@+uvi0>NCB&&t)!m!7c-GR`W&P(QHAS8}ic5sZViAr~D&|y7FOp7Ae%bM>cczi_ z<7`O-M-95U=j9?z6`^=T#M-s67bU*LbeSr4rq#WXIzu>aTNC z$UyEFF^&a6!NA8XckD>hzT@kkNbXlD2F>YhmK%JL1%}^qx4Ja~qr!%LX7Y z&y#_zYmcZuPY+*EYA!wt8htM+m#Y6cWR^t6{hC zk~Re#PcO9*ECS$`Jce1YK{}LKeJAfN%Tp%P+S`|A?aR$EKI(5B?MEBd00eIWNR05Z zCva=LHAC%H zf=X|7fHFLd?~E4CGZ-j;uAp?E@h-BChizB2+P0RK7K)CFqMzDSi@P#^6cF*`mf}aB zs1QKY4&3UV_1kcoT1&*T!0|M1Pf;tfG9M~%z~l7ssa1>AWcEvRbkOagPbf|^H3d|N zl8{dlRK5pe-_CsJ<4hVSu_DZMHpQLg&w_8M=~m^MsLi$PPf0ALeY8u5DAfMBj|2L* zZEnG{_a%~rD7V!F(NV^DJw+{4ZI(E}U=)cv{{W~H-}83J)4zIv+!v`S=Z?)yODrfv zrk<)*Nsl5!G-^O31INBW01`8jeIe_v@UEasO&-^^y-6w}u9hY)o=N`zGRNFw^A6m5 z5tF7JM|n{!#*hI5JMYCkzRI%iYkf@AlrvX73}q#_H3W*$p&3X^$CV6m^zu2t^V?4Q zKc{^~t%l#VHs;HtmTBcwpjr0`KI1U~U|}OFA<6B6pf_T50o{AUth@f(MYp$2`g)6f zwcY70LaHiwY0Dp})jpNWf2-;z&YLApqE^&Bg553Nph%wc(nWAJB#hv(F_Jv!=^74+ zeZ5lHFCN3w(M-2(@2eX^xZC=lL4C5+MEq*#UaqQ)Db7N^dO(Ckgbe7vk0@M3)O;24t5iU=6IAVN{7%DUTv`p%N!q&(Fdkwfq^;)~e zlKpR)ZxvfAs@qOjB(PK&eW?%mNi5}@=Qz({ooUB+*mcz`*R8j4NQ#obyXT2qH^C=> z31r;v>(c5+q-vU)>Oy- z6Y4GE*)R(wML)94*#7`uI2d>s2P@c|Wa?eCEw`O+M60!^ua5ZUI{YCDZPS%FW(|(InNkEx< zeHCSr7Kuv!XGfBt$XH{*a&!H)#oLpn8zzeX04*iUeM4!drI4)F%BwX(Pfvl}3l%3G z4<;whoGiUH+U6)}HrJ_362&Vkt+G$WFn0$aGDm{F{Nq+N?wf(dV5{`}H9#C3V{vPU z^5?a5pHux!_2YLMN><#PlBzgU{&wFDVU{J3XS#dx$;5+^J5laWyh5 zVSnl_Sp0JBhbzY2=*r3YARE;7_Z#(P!oau|mLjPq!slLTWNetsBZyvyAdw*;u+ zu=Jn~w{SkcG2Wk-ubWPqfWbFQE_BU~Epny2RQ?yomM<^18E8oYBL-#kT3-;cI zD^}R)^^zK3?U`;?h-Z#g`6{b~Km4(u_tZwJ^+C6w`~|CT?b^9usLdS2Eku$YXB>GT zck|ff9^Y&YcvNpa(YT_Lg6XjB(^AH~q)8%@kw?@%qU$1Z{ReU1IMoiS=-0__qk*E= zW-O7~eowlKU$3`K%XO0Xc#=1$kmZ^>XyQ@dAO($8R1b^|YRvOgO4H3NJGbU}7_%Sd zPM&v#!m6sILsPVE_Jtrka8gnQZawjr^27Q4w9Ej{ePnj4w8+XW3l?Mc7}vEeYr<7z zXOa+px^p`!xceR?f7@OxLlNA6JpeoYVg2-hQX^t?q`yUOuZrPov_nqOcVsfWs^>Wb z^C!XY+xq8T_kH<&yHl(+5(FyXq>#w!Mm{hbkI&moqz{Mx0KTypBRLvj$9jXQFpx;P z-Gc2?1FVt90U^0}fqS3V7|-?7y%yxNTuR5gDl3^no<Y?=-%9bkUt*%|Rz0L|IVl>cZ`D|z7|HLN{G50rOCufMQZ-J%0;}!k`?#MN^io@=R=1tX zBSA-7O=_fISMYW^2PvOd)X30DRMk^3;IvoB z>Z5fZQArk{2EhLSrNGbMPcZen)BfwKYA&$!{-R2u4+A4oLBU-2`j4evn0K8(muy|?t(54=9E{t#l=41F z3o^50gZIa80G(^^FG$o7t3OURl`UVpFpd~*)eNq^hH~*Ci$8At$ByGvb_0D!2l@BL zvRUShNRC!q`3l5obhOC3Qy4r;TnlR$+-|0O->0{|xmIjj*863lnv~^Mnu{LhdjcLf zz>$AkoM8O+)PLBH-%RwCJGN9}2oTX`Se<+isay{K0AeyebkqrB$(z62=srLhBTy~` z*ey(^@X#E10r^`uHihO9!*HIe6(7SjC%8E8+mQqMXhL4!0!hLGu5vx8M={&yiO3(O zwT21CMzZWzh+(MB)sbKn%WZY%sQXf?3aduts|E^V5{aHSDtu*Gkd^J*zEA6^$4|XW zZYoNGH$LdLT-~JSEp6u3J@BWoRFrlY`1*YJ)hYl7xgXy|kOyWT-&QiUMx9n#xEw7| zWuw7gkH7Xt=9lo6>%>sRS-C{@P%$bycxXEV{{YK4I^Va~?8{v|7WA$ZbPVI%k!r25 zHyV)5@twQ{{V|*Kyih8T>VA#<7WwJ zc7EKht*MSv?8ybuscDdSEW8m}jyrb;`RQ1C`?mK*HAPnTtDYqhu!@39+7n$ z;@_Z=8YBGx@$=hQKKyO30@tqB+BX(1LQ7j|k*bR01P4hyx4zci;~`ZiEuSOE{$5U) zZWq10VR-FUlPj71&w9R=9Fg|=F@f{McFvjG402ok`TsQZ%{Pm9v pl6iL2OUVksOb18^jw{($1N0g`el$4a{Krd<4tX6wkX3*}|JfswKgs|A literal 0 HcmV?d00001 diff --git a/template/blocked-512.jpeg b/template/blocked-512.jpeg new file mode 100644 index 0000000000000000000000000000000000000000..b88730bda4a490d742fb77b7d41927c1e9dd7257 GIT binary patch literal 90561 zcmb5VcR1VMA2uFht366=VuVuFP-2G~v11Eu6(xuop+)V{Qd`ifEkSH*E3MY98Zm2C zjapT$*;4w;=lfjO@4B8ppOY)^EAMsA$r-Qny6^jS{>}Yc0k9(U4D|pM6aWAP`2+a3 z0MG$YQv8?xJ5v6asDS?+si~-dR5a8yH2?e3($mq<($mt=&@s}{GyIpxzpgMcT>0g0hE+La%Ct0lt4Brav|Crq885N?28+Eeo`w;eB~7T1&_Xoz=e|iX;N&<=?LK?thwI({DOvjz{;jEgYc%l z*y)5pV;4jByh-r-#gS`D)C7DY1bOsM$b?rjpsXl!eaphe?;k*xlcO;|>SUZ{Zo6yk z+j!J6)`PvVz{+e^%XU0pm{&xl-}L6mtgesH*Q0BNaHWBo4k6+><$5M62)29frCX3S zgQ;i~^ozfnT^JxtoD!!NoEvD%%up1=er!y(RoxCQB$7P9ERrUCvFwJUNvYj$hQOOz zhnvO#c8S@tWN6)YsBq@QIDp>XbV!Vs#N|?2?AV=)rV7H27nW+yg6>%WhelI$ub|B# z(eMyka&8$n(=R&?wR^sApOIS?X?R$gJ{nMVz5fQDLHM3WkvWs(`o$%S+oxowLi2ST7dg})mvupIvY45`Qeb)$d7u^~)_;xjD>eMe8TJJSTb!T%d%dKl+! zn4u;>mEmuiNY~g!oBUt@TA5Oerd546J0;avc5xi&-}^IB=5KzswO)Em&fjt@OhDqs z+^+G^dH!`pilpsQ2Q$RsazsI7?O(4kNflB|?;lc87Vd9)QF@uw=5En}fB@_^?m}70 zCGm~dAho;Z;p8(gHgqa~nknO2G|j8hKU6R^hw!EpbwgEi{l zk7>%#n9v@_8B>_ zTj4p9T+DrNYCBgAU=nEUp3ywyjb$hape{g%AW$*`NWf%C2dD_dLeohi8N`|_MfID6 z9u#JQv1UdI6dsY*{kDFeZ`q$S-O}4aSea((CDZ98gA~CQ)*+s_Bmg!SS&hGfRx}hN zUuB1t)y;$)aydm zpjjqf%b4@SN&gK3y<~qD`rRmYF@0qlA1&`!bR~}o1QnrTo0up?;0{2nnOfi1w5j+7 zK&*L1)sJ_-L#giZZ&PNSPQIS8o{5zRf=!TT8ALcUSt3?Ui|RKB>ZvVm0ieQP+`vzi zS`k22NrfO25GxM&WtS<4hE+I&hzP`JSXNNOre;e*K$njOJN@$d~A>A+oqk2D8{ zZl7#8@239M*I!uZZk)PhllF$2@vGu9jsnKNZ=1hxOsI0qGt99$mm0j$tfKI{39*C_G1_37_i;D0WbYflDi$9$U z1D!|1G!u4BL9#ZhCVsICh>i&X#a4ncs{^k0ej%3lnBS2BnK+MeZ|z;vmueg=S7haJJamJxXR0N#NtqVRES9JRNRMOJi^S?N+nXu=19Tou z`&OO{VwZR%w@aylL46@$B-sL$WkAt`1Hr(vZ5oD7^0+ZIFc%2JmIEFU_P3z56O9kK zgkZ{PPuz`G)~igU$I|nWtVsQI@*pv!x7-}fW2c=op2#Fyyh;NhCkgtWP&{xsywFLS z>j=jBs?^l>(+awSHK*ELb5h&9pC*%*xBtKCC&deU#JR>p>M+fqs@kbhj?`n01Z;Vb z#N|0y+-pS0<5rM4+W*N8uDl@g5Y5q>=VCIXVVVVIAy1v7_lAc@ev2g78S*Eti(#Hm|o1^BM-PAFhy$;yHdna_Gdhnqp&QG z8?X)YNfx#g&3xZjFcwnZr96)%UajKGim)uHoowO1>G|bl%VvYQUp?oN3N;m%K`_Dq zuFcbftjA?m5Mmx6y5*ihsmxNT6K>kyH_<~C%jz-9Jab4rQhs+hQ$1v}5pb{*L8z$+ zaq|cthB4vWTth5VcdKmHMIb)#411jl%*=u|A|}pLT>H+B{`dp+j#pJd55Z8R zY^Tx}sOOWQqDf)7I%Y0dS{9c$MZA5WwBPN!@_x6C2Kn1#h+L^YnA$<7t4ulpQidHe z9=J8Dm0e;`27h4L^G|*TNXOuEh15qGugt}s?Tf}NbzTa54pD?XHAxylcuxMj_UxHA z7d0@8>hud|`LST;%+1=IHU;@NgZDRn(FQogybGdU)QG-N^nO&zWuxvFlGi?oy`$>I zX}y=AtV8+a@ADymH=Z(!cj z>2}~k$7yB7J7+UooE*#+f?#RnPl>k1U*)P9xfgR7> z6gxv3z8lM@Gs+8|v`XJR-`YF{-Ijr|rsd^rO_ci@9AHImHI$kH{QJ%BhCxK6$>;LX zYROVI8ZoBAGP`BC^kVwpi~ihDm5HKgX69J&|J*@?q5e!Wgck2blZf#NaPr5mGyGDe zT)(&YbGg+HIr@ZTlk(d1|NR8D}8IV{( z4}S~Ou%cYu#L|Yw*z%HrENVDA{gA^Oh1L(4!%apcJqbVkT~%<~K9)Q3%c&w+I88wv z1g1Y520>a;AfmQn=4M|C2L&n|3v?V`{QlB85K>Fr8>)1A#9v83SV9oy=RfK)7AZ8Z zkA(Yl?3?Fv>g|%yE%On>rU9Gq$N`sgbj)a;byo1Zak3X441!jvuc?qc;AGP=J8Qsa znqI1x3{5Z98kp51FTh(TP>&uBnlwmyiFt`xzFOpy?TUegF6A`Z5avO~5prK^QROkI zm2dRtA}yEmg9y*CabXQtMlA z6A+YWcD*)MQuqq`>Cmp}ivGRrt9d6-5wg1k^-N|Xtk$(;B22@};p`qH{0TckUzEnG z2rx9@dZhVsI`*yUDOdqS{1OBWge=paUiWz8w`^mhkd~C>t~n?mPyg9ydGK-#@usKW zuja?n-0@QH8{&*pyU+B_YiR}22i6MQp@h+M8(*9-)--(mihFl+#P|KL4Zco$sLrU) zg(Z*q^H7vgYVFq|8Kz%VsZmuz-1l zdS&t2n&G=DGF`9A=G%zh*hkT}vP+glh;z3305`6+S6M;6(b2+T`Uo#;fCYD3If-YoD zhF`fj{7{i7x3Uvly*FrKgpOYrGBj(8Q!f2TziK9;{8suT%b{eNp(n=ibv10q=D4ac zs2P1$`ZDkuY}agB0K;s|@L2qId1fE~@3>%zlBGiPpn81%i-E++4W?=^iRiuQ>lcCr!pG4`0^b~YGbTAUAuT^VoV8+!OBT43^pn< zVxwjuiLRTqZ?p5Ro`UYRcTitXxs~Q9mxen&WZA$E9?;~`iGBMAa8h*2qgdO+6D4rq zn0ajBm^PUlVa?Lrq++56U!lPNhX?5N=nkMB!ZFMLgGkV4O+9!tGH(k4{5#K)QN4}N zLsEu-?kTHG4o9AC7p=Ge^(vsaD;Z{I=s5-+vB61mjgBDL;2}QHSmJP4TWoMV%Nd6L z4}_p4qgi5#byLnr;#yeje@LpV**b^=3ov{~N}|Y@1{_u*)7Ud-a$cUJIsI#!a#@oB z=_^|khPLd*GItfjvyi!;U>pck zT^nnxNMoa+@;2oA+9++92MD**YN?)6U%Q)I^kAM5YZhi|xjm|lVQJ?*1)?qMS__N^ zWILKd*Zmm4%>9bv=~Z_MyXa6yJ6$y%@HdY{nhx*pv=>Y0@;r<#kdC76pBl8(roa1U z|CS1Sq?Wo(cK$igr^5fcr}+KW+eJ5xtah3MmVQ)6pIOF&S^3=h2>ibE3QT_8lD)R^Re0~C7<%gWbI3e{Z;DeOAOMuL zZUV_b-a!|*Z^BD`>@I86-Ih%kIiHJewwJ1^+$d>Bl&a;ry4Bnhr*Qwxc0fqNS5s}i z0rNk^L>T`((NMhe^O%3#po-9EnYN}yya5(Df}mv&4Q0=V9B$0EMP=N~V+-GxtoGEE zZGZ5k#6r}*2?X>iH@_wm_*seo4Ml#S_v^d*3{?vm;I2ii7pKW9-p0_3%-&j^C5EIN zUwx!$v@opO@A#6fzF71t-09;l;tH;QkPfrITB8lITctq8!%020gaBM9QXNU4B9OFkffYN)el*}HSQe-*_t|h>v$Ky9RR$|0RfvJ|I!n4w;2neRS^z7PQ z&GG3nsGoR$lcKI1*?PUueB-Dx9rN_P1;Pi&MI#PTvxA@!OyGzmc8loZICfRAClJ{o zEKQdH$`aUQ;A1xNV`PEFrWMUk+0HQxpy?$A3P$UFf~Gtv>!%_-)eR+#u{o6W3^-0^ zK+k$sU{q8}L$bzDcEzK7L8KG+12c4OckWaGKJy}tjJ z71NhWlZ1zkxY_(5DCN4W7}UXedQ( zF_o{6I;L!vjS?Q97-c)snld;k$$Umrm&w9SrPcFBud9na!nLXa?tQEiN>Ce%o0`m% zMqht1#gjDjx&Fef7$Q~pgnFe9lHYXZ=pXYv^iF<_wx~lGLWmAbuqnP2B7f1;gLApH zxyPy^EqRzGLJ>ZKC5=BZZ316E8agM?CN?@vpPmZS!jmadMPZH@!h71_8QaPo0SLWm zKr(gk851q`!TL{h26o*)67{1wrxUJRlP~J)Dbr zzCtnpz=$1Zq3k=LGcMa>0m8cM^02)w80ugWA zYlIIsL9AK!Vs}X-iL~D_?|3XB_@`!fY-S$k+L;F;a*GLK z4r0wE0FOwq$K$jnlNoizXT0ZVA~0PrB21Nccb^F3(iW}PGtD*C%b`t; zFu7$_uIn+*3?;jW_oDKFy!&RzNFE*->kHUqyx|4#9Nj@7)-xVk#iMe*h0y-KB@Mo} zO=i6e1+lqMPsbN}$y6?*sW@gMbKnnC8X}k|%%5+^2fQ8sD*x7}!J`*bo*|1##I&yx zIwdX*izj?=!#~!AuL@XLGyL*xYt?yy(rI%-oiXHfB9Jpbxl?ZG`8?)rQ?>&NDcI&| z-K2%&byMK9ivDKK*{oEctul(Zyqje|lP=%(1->ybGG_Q|;L>zCkFF)sOL$}`46FqFMso*`0Tcl765ABM}XQ?X~TodGnNIh^SgUn;*?swV6NC7_mJNe<#PuOvK5N?z(FK3nyo zK-+mmGhY>mj@sjr%rHtE8X9d{uI@5fM75*J_dYe9p*f}1xY6}noP}R4xA&At7C#$a zXs^yQGi2+J>?R^-2oT*D8e6C-l-^(oD#LZizl4w7MbtP@#NxBBzpv0MfUJ8CJH6Qz zcY9Az$m7~?124aW%~xQQb^Q$f`uP9=jE59;!b2kPe$NlcM;za-Ic^0hel+nPM>@Zj zs_rsQJ8(P&8(3hP`VDDgoSh21-s@?&VHI=kjXRc1rw2Kmz@>4I8^gJERTNlL{Weip z=;HvyOj;8M?(bVUdR|Zx7$*ghq+-<;a6wr)HLIMu@|En-)v2?68}jTR3}U{Ky6=z% zgiAhyH-u9qc}6Q>gZACG+=RWYmv#kXU^O17>G|XVflUzy?4bt)^$Bw|vR@6xta)XK)CfxcHB<)ap?FtdWj9rv~T{>dL@Vc4VT zq}@_x`qAd%#^TBGrsLX$saXhHM3uU!cB4-Amxj^tAYo~LdQ z+1j#5e~qt!vOx66Hl;E3I7_xs)N+d4iAjajzZrGF2t5ohLql3@0+uytqGu718!XL0|&aX)2a1q3ccVVf(;>!+k5|rN_Kacv`>1IBQA|yr(*O=yrbMtf&YqVdck<+0`gJq&jXn6=@%Dn;=$qb zS+4Bn@b30;cGLVpik0n`nql;0qMphH&PEupAI&6#XIkEI8dIppFS0{U6^32n)wo$| zP{#HjyiOL=q8$X?nDHkYRbP7ZUq$%v4`Ig|Py6;7u0ala-rKfi;SNL!|Fb{S0V)ZKeQpp=J> z`vwrcGhcQvGy={&ap18KC=rk+p!)3mF7RI?de*)GCYg#tFHBD2$) zU4cpN+jwnpwVtAk+Pg*tF=hKfUsQK!gKjxwIq!`yR6G~0QYjaFX>~Go{=qyK&G>=H zkK{hkd6KOvEaf@Ud|_}2x_tQq;h>~>FQWgT!kV72@HU{Pzfx}6AvDvu)j5Ys;iJbY z3gRZ`KP0^md{HM+Cp%WrWsir4SaZwlddAN1q08?3uSQSmB(hrJ2u4x{-x{sL@0&JX zyPWyDNl|>ubFak^tz-=E313Cg!nY4>Q}yNloJ?! z?t-e;^Ip7l1791ECYmJD=6Am}`fpq$9EF^J&)OU(NadNku=MnEsuA)NY9@z>$alJwDs-2s`m8V=o+H^Oj@B}BB3}hf-`J$t}RbsaU zb99!tSH2}5Ba}Tm{x=wRtdvw?;AgnH@J!$9TgjWvdcT^Ie*iX@2OWPg?Fn+A{HNb@ zy z3$xi>{HET!+c9B`mDe;xZE0z;XFfmEuxg!^;j@3;oYj82UBrp24a2j?5C-wqabD4v zv?-^Tt9Xn^^EDVctRywq5odQ&XS_IUMUCUK-W)y^*Zl|hv$kFRWV6WcWLI0@M6W$x z#Q*qyB>dVdbty@D01M1YsO(ksGtQx7%2K8RZOw{JfTvbtvm6t*ZTe^gM!n*2CR0>R zu|hcDo5lD*@cw9vIVL0_t?)ThkxMqWO3dGPu(Vcg)f*bro&xyjGSk)Za#PD2mkjtIt&nk~Vg^F%9nhw(c3Z*iY-y?8zxs4blebNgH`!tx_Vg-S`Qqs- zjFJ9uBWu%oxtL0ih6(ZqYsTwwV3(cJcpDywgJ$aKe{tBU8DJara8n0CXI#?Yn-iK;NAN6e+2 z4gGO)@J}n8LpOP@Z*E9j!^_#Wtx$vgSJm8k&fJl)BEo*Vz#70e2i1Ros$y;%CMC7s zgN$LVxFUI0qPQLsQvQ{b)zgP- zMg~f0u0v>r4n|u%O`o7C6;#!?SsBU(zj@mblwL`hYjPXVDx>JtH&s9bPR$m+zBkA7 zWN(8N`&9^!m&6p9(Jo6TNe8x=inD8vMnD8j5xTsELNa6Vqg*!ub`mXgLN z?hfw)h>IQGycL!Y2dMJ$PS=y%$MQXv8r+EQ?FwdD4h{^*&b%b`b|)U`JWpyVKzl%0 z!%I~_n_1M}p)hy4BD9bhM z(5(GWX8#X)M7sXz&l)f%sle*f{{h%jpibq6&|+{>vVEu5*6g(4kG-UtZwtvOwbL~o zdGD+I<_z49OQ}udIg5yLkwsx;(KFhErqKDfrKvVS>$zCfm`SdG05ktud(PgmrVRzx z&?+gfROl6db75*1$=gz+AFCK%+YV=xURq>U<&HNgUB=yO9D(V2_VtLbbP#;cpX=%^ znldTIo0@O`VVIUx-*BdX$GGA5ouw!-Wy#_D{(~dT^e>w>=PAw?+~T4`dBys{IU!k= zVHg?%F-EsC&eg=szgip<Y|V|5ZI#uHu#rnZhy3qpdhHjdVi9aztB(D4=euWmO>qBNG1=Cgy=@2B$))}M~P((`A0w&j1( zKYiA>SZH=$+?uo38EW|>*ZQ?-&i8SNMzFSrnH(?CU*;1{QbxIwXKAVb2w^9oQ=D3`nUv`HJR!y7R<+Y&SGP5MtKv{HD z(Xfqy=Z!?fd#H=Ev<}Vkt-fR;cuCXVy%lDDDN#^<${1Mp!Y2C{&y>t?^~>q9Eq3;G z&*!^|A07@N=g}nx(|ZNF;>yBBSOwJfpHHjdS+=DUauL6ls#LBG*I>N98{czEFCpHU zbJa&iWxVq<6RFiUS*dt3)Zeh)vu7P3Ppdq>J5_kEP80bhvah~lVQODXqhi&E`W@=o zLa4se^M8PS_6Idj1=HDX-WNNV<$TX);n3A9!jG`2Cn#n8{kxd|deJGrYljchaU$!m z&<0Up#hSKU9q+T8xJcnmZwnLFa^m`PbusIRohZ-{WA7J4vuXvxxw^BkJ0sRg|FG3|=PvWyTU@U_Sh3m_4lO5swsFZ=@*(L_; zPL2o-B;e_;3V>w?i`)i7?IG#++eOx!NZbStlDUG}!PICv(~AjnODg$pU@rZT(8#V1 zB}RHF&>-0P4{&%vK(Y={cs%o|v+{*Y=x7H@)8?tC&~{AC3*aM}vA&nC04REr)RJc! zvTuS!W^h`Nz2xU3oevDs!f>s7l#eOtz+v<~6BeBkM$eq(hfx?U>huhQvy`!9i!|yO z-vIWjhG#)UQJ;a1Tx-K;(=tJ;)`o-;=RSGP-t1*WR&S~wJ%ctfnEB1hquNlylyuYC zh*$h`r;wNCsTR7=jt%5ERoIT&IE64eO+j8%ux76i-7-Wc<~(t(YA7)`&@fIX zm~1PX&J!NZ8&zkekm8DEBTEa^tfQ8zP~V=LG+&?JD8B95%FJalQ>^5AK5V4*xAet@ zoq+q8(@sh?wVJBKh;b6Fb;Q~JovEc$Lg|}Vv~FWD7~8$4B_D|&pMIApm8RM@|D0`} z*Ah1v|A7UI$bY}6qLxyTj*L8`eDz{DBV^m9%S7g?*wu1;{2nTWXyJrhtbiUQ!g zq#I)Po@#x>^Z<;GzrK;AhA#@RB%WVrwlpbRc?3Y2a8_hkX~g`A*e~O%P)6N>NA(yU zDDDYDPb07OI!t`Lyb|qq*^yx=Q>MJY2$7Xjck@CWWiN}1F`|rmcrOkVB};8ML^Ydb zew#MdVaEJ)zKQLq?px&C6fo7bye*uR>c?ZQ{11?wyY=h?F`UWJ$RXU7&`&mNzo%Q? zk9zbD+|92vepOQNHaSF&|@8bk(6e3w_mdQBEED8Z-w75{vbnj zLD&Ce7h@dtCpxd}Ez)^In6)e~r3k+^$}+iE$t)hwO(!<>s5~NZC&9rmIwOx6Z2&G@ zk2u~(IXD?wD~1kX`bn_Wm4S#UuNfxw3X5*8CNNkq(n8a0ad)}}IY^JLPd@?L$od=n zepc3!F=&*i&%G$6asbdgB#&HSN`Jr4nod*@C&BJBU!E;=^+Vmfko~vcpcKiX35Yk_ zh{yx1xDkk8onSy9Nbu>S~-H~FGc*t~2Pc6@{V`=qAHBa3%&$mPW0iKb= z0cAt1V|YNxHd$vIV{CeeiZ|vo%2@~d8X@~9=UzIN85i*2FmuvmN-zeZUbr4Q^?3#r zOx=oNFg(ay*&XTAXF*5uN-KYxqlaATBfoufl3#r(^f%C4F|&Z*G`t;@hKVQngdZ;@ z+l3lBTl>I1jIrAS?7kK^ze%{aWv>)N#AM_V}$f;K0(KZW$nb=J08 zJFQ`$H9ZfC&7J3(=7$RdoBQsGH_3{t(Sq5VuS6S+zE&4-IPa=2h&g>a6W5A;>;0kA zxvTZaVM-=i*s96*)YBKNZOPodi)8=)Anow>TMXJldhPQ!CCa1T>HvCv=#j;F=+DYy z+Q(;Z3$mw;ZUa@0q3uE8MsAn@X#16!2e3ezhnJ- zHo2j`yI`sML)%G4!;Pog)MpQ0Q&i?<2t45Lg_UQpa+){YirWx3n578WZnyxMpOh@V zZBfPgEVTOhn2fv;>h_$4y7S6u8GqN7_6FmC;7ruzbC6uKm)R5muqNXqjvoF=-$?t9n6@lRFQRkQY=R?9n~7pFf$45uW$E1 zt)EoNyZ@i6o<!bzwMwOCK~ToKm#CF@zu6&u zj<7TjGBl_fSGqHogL3-^2$JIw9g5=>;R$H$!KZ36cy^QD2{ZAAQ&lvk1g&j%k(6Jp&1Gyc$h(4RU@QK+LK|6un>MHAu#LJ#8)}#ER{i@tZ+3=X(qYz7B>p~& z-%YDY^U>)zMRO(&-af&QH~09x4+$8Zxt_PLlw%tQgeXtR-OlZ|!m0vY930vicXo za!|oC(woQo4aq6aOJ7&_4PpqDQmcyLisVGbriC?SP^f@=PHDb5%wBSrPp-XBWdK$y4M7cL8qq{MI?u!i_mV3*O>Bo+^i!KXKF>@&xnZV zuI}z3zgvvWEd#yRCoawP~3o|A$l0dC9(Ee(L+xB7%)GR_j5RP`}q*e1~E#J_fVn!D=ba!CqEh$`Gl)>6Mn(ro7~CKfja@!YU^i9sM+fO6 zQKv?g_n}ggG=x5Qy2D7>+$IEw8rpmm{c9uZ`-=}ksZO;TZGd*la9M=mB8CLO`pQo%H5slE?aZ2QU@qp1L?iUL+*;b$^ zesBgmw^dfu-+t^(&)yZp3&>r;DeEDXi>H?zi)*`hhXo9EUmB&Jp`tz7M7|zu^7I?>&a_T0D(&S@#7Gz3`CXVmm&hh?XI|j65L3XYUZ5OMKtumEDKdaK zTjM4AoN}}NPUOcF{oAop@ny9TCvEJ@x_3q?R2eFSSbcKz4!xe5fMpaGBfyw@tK}Lt z74{7{bo&B2UAs^q>+Z2*nMXvWZNK&*D&bpQQ50l61k#=pxcH zsn{0l$(rs19yddEKYPjk=JPn8q1UGxd(D#bzqb6*Ie|9NO0d0b_mbk2F;-5R|G&W8 ziAz?bp&{MY4ro4@y9K)@;d{MVXB&!m-_>rpp+q5KLW%3}OQi?zV9 zaaVp_-hH@P2ltz}%r!3xtngrrI#mDB*v!yG)UA&EW_@PXex`pBQJXFBrkDELwH%96 z+mD6&$ryeSv6sp``}Qq;O~+r9Qn~YOl5_i}rkUE(UxhfXLk!_LBJy+af-tuFLA^O9r)zp3}`ISP=8JiRWqO zDFw76P_N-e8|P+4mBV{ay;l;_;*H8w*VDs1-oH2aRuq+gb#jxyxUKMQzB3E!fF0!i zo?vxanR?UTT872IVHT10ox$5xn%|c7!=7^X#pZ&!+W^X$Ibh1ahMyxy5V1U~u_c^7 zF>~m5GJNs*{OMnjcBsU5vwSq+!)-li#xhrLoV02Rm^D0hlShLNHeQsu=`aVYMbben zo6z*Y(abc-ArQL(JoWLom07-~$y%0s=>=9AM9@#VIO>49vPi=9u^xkiJY#!hSxJF- za7^CsU*y>G%Cppm;heLYtA@XoFp5JBe3GDn?rRL#$5kEsq+Bk!?;W!KSX!MsnGs+<^&=(z4nGs`b{ zw=6^f8Q}|#HjgRuvUVSmHRp)muQAYI_%>5L|H2$2|vI*xCcR*;B&aS z=e5O+Hq%V?8FiAsky@Nyn+(w$=p9d47id|OA0tRYWwf3@YgO|z znoU#H%OO)cen~E{XHksyXnNEWt05y#%S4Ch$g%5VVaROs!%*#Ik9Y4Acz+!WV)gjH zEp=pk!@22MGnnq!SFtTanmVCgJQHnVF?}I7!IZESxpV4`%+R5ae;V zoYzPW5TfVwC#%^MnUPp>6jdp`tvli^h&2t&mbYcf849A+I=;Y0uI(1nug9ju$MG}A zXF|lN9ju68KT?ggo$;VB+X)Gmc9S3_qJdp3?9R<4Z)}*1j+d{w^xR7Nr zJ)XQtBIR{?8Yeam@F<_o1SknQ5_mkRkUlqxtAY%|So6!W(l=o6h(iI1SaD?I6EyTO z%-^zLa6ERaG0QAtNm~tG+Logajn2a#d>4GS+p~)V?Y(NVK9BawLU}jbsCaMr{U@B> zH4;yR7`%VV1;%Q+EWZhw&pvkd^}tpf@};aNHep3|M#QI}B`fa}IT>sy_7kXts06Uo z4zG1iy^eOUb(o+vc3Tyhj|FG;u4;#Sv4vSwbtUrb;gMdCU%o6GUhTUd%nR^%jp%6I z={#<|lV^TEJIiCKlKtybdgRwi=rQ!J0S}#=+Gp=9SEAIrRhkaXiBG4yss8pgOM&N1 z*mJgzTHSkJ0ur+{l1(#m8ceJ8b!7Cvafl8EBAlg|Me6(>DzndX7b|48V5?fb&VSK^ z%BH_;vn5=ggg&OZHdG^;<2kdF@ugPX(lOr3iZ_nokt7nIC2qorlLB+-hDNfJz>KfAp9Kbs zdv09>L@HKra!87BXR zJxeMNpmA38j-lVta=p5PI?KyS6m{!Ur=yAHq9bhKy1tIddR9{U`0k*U5s&*|pqh*}?6X0@p*urvfOn`Ok(U*C`eb*vfNXwZE< znfH^1J3VY7OIgg2=5jEz0q?H;`5&JNXB*k%z80y`_c0NlInQ6Ni{`aWa9BR+STcN( zU@va0C|l0QFdSuWJ5tS2!N@{u{`95Yg`vaMq~9vEw5L7)00m{YK4~Y8F3&UE59`vv z!1!BtGo(H#6Du75AaLnw(Pay=Rhb6Bg*{SQRNf0=dJ2c8tMG3}QU&w}b;sirlDs5* zbmrftaZc5l=V{jv9kYEmE_u{)_yQKSGeD~aJf|ugm)4vW<$ve;8{MYmI$LftXWo}? zb1MATRhVK&qc?lz3%DMOBf5*Y*g>?P_o?}CnM8C~P=rsRs4wZ0e zrn1Z{9>V;Yd=UK}&*Lv}k~oj?@FwC~vd0(P?7voBef$r=IMx?R8X$bs@%=HTe~bvs zGKvzJzYrX)DQSiQt6W9q@xSj~lmF!`4Z&VT4lLC+AHVjv2(&r{4YbO#Xlc}Y4|lOW z6a_XuqUx_SZoNK6<8stcQ+~3R}OJDCpG6vdAZ-35CczBa6GT8iW;xZZ|2%3_&D|Ybz2O86Nio z`5bQ{-UO491pfhAa?Qk&m9K;;HXfQ6rza~4AM_WN0#(LeK$8_if^zFa#xt}i$p4IA z=UNsK%_}UKThEYcC^WT#)^`W(vAqBCz(duwIpq5nnV>6GA>eJBPjUK{3k<||jgG(U ztDdqSf+-TxS6c|zf{N~=6W zDkgOlpPPOomZ)Bzua>yE!OWBH@)okm&96_(;J=U%V0ZH$fK}7t@>!U)O_!Lr;OX6~ zri%-$#<||PyDh6|Vq(}-{EK9y$2H}rrie7Hz${)3oLf0$z#o@ zDf1JRIE34_m!T`^M~CYPcY+Cl-68PWR3ZFlBSA9Kf+;r1D?{Dw;V~_CXQp;yuW+N` znimc4?JoV6HDYdnkMf*RV*$L!GV5xz!|4~q)ckL-B)`FoNm6t3PKR!^K6}vC*Hz;4 z4}Q{*`ex0$>JV?9R&uyPd?a)?@#ijMR5kCd!q+c`rt}&_w*A94MbF(_AYz*G15ROz zHynewBc6?Gn)bi3)x%3s{iUS+Y`B%WTf^v$6zSFHtHs^$TXwb!CJ3j0MGOA})V`Ua z@mG|uop2e8)uD$33MsH$pNe?0Bg$@G5{K39q1~>&v-o@>`oYKoeXL7q5x;;+@K5ZL z77BN7lV_47ueSYCa%eIm_=<<2=#XRso>Vm&dKqFuXEb*J&9%%>An#9yija4wPBxk) zq2DTCU;Y=*hkx|tu5(fOjw)&0h3e7y7NZLJqVMilh1mo}*x00dOu_?GWaSS}-g?~SHz){Q0${iZbq0zqu4W!Mf~+`DGi5a+p% zv!QjH)?OAbUYa%ArJ_1;f2S0(AqlTQu-QXaM~(IP%pP8gjWn2~jrFWi+0-sylzZKx zUwqB*d2*RrmWW^1v&555bBh&zrnp;?oEiGE-VrRntvzje&*BzU9Zvnzt)D+I-$EmV z#eZ0A&Nw)HLHvIJ@<0v0%7H_TE(?4|6$J+soDdGRn;hC_ZY)@DzU0@d6q#<-D%Dm& zeQYIcrF@XIazRq~lB@&PGlQ+8Kh#%~iY_>=pg(J)t_ilL=z6A~M1!^z%6OEe%B@x- z*5;(mOF_tA48l+l6tE%%74lL*1a_{q&i<_J#og80=W`=Re8jZw7?j#l;-x8!mX=Z$ zocUf0gChySQ1h;^-aDeq9-y}))MnaQ&~2D?skJ#QraOyNDokb+^Mwg*K^bk=P+cbp z`JYhzwaNaM>2*(4u&-UDs9bJGs$Z4&-;X&hd#xbEVcBW+*;2vB@Brxkm4Z*o2Dfl6 zU=^zKpnIj9$ltV3@!eFZB;XUIRCbE_t(24Z;1B&Z<4Tw+6xj2?$G*ZG#(Z)}KlRp7 zR(u1Z!CGp^Qp2A`gHSn=mG%ZgTqzxX-ZaRT%_1tpiHXTcP$@2}kx3s>_SShI4)nPm zKKfJ@^3r9iDTO>vewx1h3Hn3bFHzMSlXUi~k7!(#4Y8L?oQ=P{{iH>@41*{51<4W^ zW90S{ziDga=}-wDDz!qC;PiU?Yofg&`lIw)VeH*oWc^BdQLryb6)Tm=QmZxikE*9G z8k&#n#)~F9Wypzb#@z);SW>;x03J+9ny4#;fJq|z7tk+6yW8uU9mTp*u0KjNA5vD8 z{axd@yI*b8Oe((GOUJ;?r~XS+bKeY*m82GkY?k>Uz?BVgkFLG4^kChGZ*Iq@O4~Cb zRaK1L z(NdBt*5%)9$Ee4v*ySpHF2z*0B_E7QLXz*i5>z-0tP*w2l%sL(_U>Fa{mXSfa7n2_ zl~y-JQ{G&4e zq^B5AI3piTT00R6t-Gn8>7~}=FwH^?>W#lxk#NGIL#9+YL|c#5Wjv5yfQF)}L8U20 zFDbueJk~;^d#AK@eTdy^_S4p8wINi`fq93c#&MRMW>gj?G`7;=D+w*gK^(g|&(~4M z8DWZy8q4vN>S^@`C9R}7w$$QUaV``kXdy@{N7LvD`itE7zX$OiDRH8W%oB^B;&M*Nww|zxZ zZ9U*z-&fl~6;Wx|JygiNEiZndHdVhh)Uu~%y!-5gh%zO}RCX4nl@}ROPDupN_ho)0 zQvE&|OS65yXaz?K_7b6$Eh-@4eIzAG!B5OSx@~@D-xUK4Mk6WNc-LiJ5vtGGjLKa; zJD$}#XiY?|hg0rzKy~Djm9~{Dmt6o4M+EDwzYiZtJ1^?u&b$3NU0bO_wyyhPwEXHV z#!&0rS@|1V?5(Assgy0WsbqqmY?b90IpiynbSecAjlZKRXRwF9GNhMeIE1+&O{5{U z$2dY3$mX6v6&_?0(A3{==&-HYJdN74cTF)(7CKQO%XKayLS9PJmi{4^kV!HDT3Z17 zWo?qa2~HItbBgVlW{3fyUrIj@pTcWtHp_Z<7C)-Xme{+~R@(ci+fqA~H7UvMMiGDC z&ms(B;dv@$!lbQ93sYrDJhfX`pMu`QUv>L_xo`T=(4Dwzbk}W1nV)LH6Bd-R z98|KPi7IMKOi1?Dl_i3;V<{(+mut!2%Zk6fcb#U{q=`ssoe1tt-ncTVl90dhkCcvQ8nWMzERa;u0t(tUK zBDGd}M0BKO((!W$S9~yaT3VB9RgJiZ@Kyvw(rxO)=&9W?SXp&%&q50kBrlOjNccxo z&;Sxv?n&@9m*(20&Zk0|4(O*)u@P#Bud7{#bYf&77VM*u3OA6$alwoJx z`^?R@Qsu{a$Z>pJ{{VA?M@wsM^!rJT@lpy>9c4iZ2~Q=dvY(YXQjVlN9am|HHav@V zkbL+!(&N16OD(_4-EutH5&5?AnktVix6q{zAq#CvOP|dIgY+j``;TY$lF^~6=ezc5 z@uSk);qFx`_LTUMlgQyYdFE1ql0X?fk^sp%*txwc#WB2aQT-Zf2tE(<)3nqi$s;(^ zLXVv}M+3&a==6H+$yJGNTGSbpN~JJP}h_cLm7uN@Ta5B`E?J8radmP-6!#0Mr#b=S?Kj0Ej!sT> z!)z$YdHSo7*=fnrT$JlknGLquoKaay5;{Uga1uHg>swvqyRPlRt5d1hl>&uDQsS8( zl-u!I0wi@M9@|il`TqfOII=$de*rKzzIn3G1jabNW>u;9bKvk$EDFAn` zIci%>DQ&P;K|dP7l~3-Fm&A-Qj$Byv0dpj z5=h336X0kap3a0LMuISOXhJljA5)DcfN}KDgygRS2Tdds(8iY_p2zmmA36|?DpD2a zNv9-$JJ5un{Qx>pqLauE8faI|(LdKt1P;&JNTxST98Z&>Ko18>q#vf6rjh_8^`$51 zoQ)=p08(VyGJfYy$>Znw={V&%14@yB^LWsbK%9<_jCXb*_`u>N#mxWd}CYw8Tqr-^;O2}O26(KLaxZdJ$^9-fd zlH$^G-@Ml^)-~B1S{X~ina}=1o%2l;n|gO?`-jr?+iyX%sx-fdhGe{&v%o&%u1IZb zN>R~6U@YMHRt^BvH}LwptxdbQXjjB|IQ=MnF`ST4 zwG3wi>8VesxshGi`;LKAsWdO^8abVrU z*=o0=XzG5S_loA(8oerfCvBRtqB9n((p#3?bs-MNOX*1 zAR9UUg#9&-E?X=mOfzpKzi~af$28;Zo+%&CSPao#qp z!K60ARJDQIiQTAQB2#Y!i{rPQbdu09Hq0@gq+xN+@& z5QFpT{{Z!OX;GNZVlo6bQHGO)jx3>dvHj>iy7jfQHSybCxMB3fYJ0nT**j zEljesI;g5ykcU!0<5_xz+$ub~7FBQ59^8CA(_r2-hi@x3u~%_#wJsHQ0CFR5XM~a=!k^xZjgPlt&7hP_ZaYU(Ju>SzVa;Xy|F-ns~qeG?6Vj|dWF23tP1+8wyOG*n- zQ+(WT=jS=--&)^=-S0`NT^^vlHQyGN=UA1=>8n#4pw!!LxdjqjQ?5k(um1RkIfSjm zq#&b-NFS$M;kI*WHl`^s0jqXG~?vwJmbmmZlK4#WhVjQ||}JOKUv-L@7uh z5C*7@h0_$RmN4LKfwI{(ZQ1ub4@*Ttsd3yF4K3x<>Ca0kkqT*?n9YT>$_RDEMo+q? z$UstYg=4bY@|#70K~);~tVXP6iqrOm%^451A;_#sd8Ng1vK7rs0ZBrhBr=u~kf09% z<4cu(T2*O~Q&?rc%;(FKam%2xmnBoQyLG5~}4+N4Ab{N~ua(8<4}iN)NI@=L~yg&(@UkB$O#pBs^=StrMGhX3n^) z)H?n9HEhw9IJa4iP>CubhY^P3()UFh9Q&Jz_1e%!%uAxlGUEh+vYmK4)5+5yAJy0W&x)KcW! zEtI=#BR0uWh3kE8b`&` z)sIvwmoR!rdApALqep={_1>zDE>noB?!Ca<5gSw(@|)(Bz>On}MMywPMl((=0c9ae zol+^AU9~lqzY>qdF6y+ZH#^jJ9NPV)g4>SJZCY;z{iH4sYw3- zE+MWa%E|IEwPvs8ii~^kF`4S3;hE|uV{KZ#(`}5Hkea61Nv1zjth1K688Ss$b4iSq z^KD9SyTG7@w$=zvxuX97{52|@S4NjBaeaDvU!~OPsX?mHj_N%kM0G7?4InBsH&E)< zQle7XSF{K53Ui%z{@QOQ^L{KXULLD`X52F9UX`rLlPhM!hYUj%rs6cDnG)Oy3y^|> z5Doyh}$*XUa2xpuqL7R}Ty{nnd7r$mJf%7w!HE|em* zHbxR1eKFEjwJArAds@6@M_)00A$}^ph4+%9cJ1|{wve`d<*$hp*JIh#7HaQQ+;FWN zl(iu)p$S0$0J%;AiBT9NjYM-zhy+%PdD{jTUMH_*Z}08ZVeK?}hSgQKEt}}VjV!~q zX)SyWDl^j1w8@t>*8c#DE=s+{IFu#MDL7xsq7|=-e~4G9#d@ptFelSnOSa{bL{tYG zN*I$RoHD0UoT$2n_y)?kD1?q@zdc*)i*vT;X|`Hb6Jz%hseE5oYpQ_633i-{bV_Vj zL#@9gt>t11{V+AX9O1L2uBkBG1%;0X9 zsS|^k2q{Phpayh-2k)kmNy*dDNgbUav^ta&gXHO|NCT}oS;t3BbVh_HAa|WO=La8c zF(iYhlgGcdks2lnLzN5-G@~9!&5rz7U$Dl6B@6qFFCaXFrT|I6)6X1Wod`w&?;1jo20pq_FfpSbo{p8Osz^!3 zIR5~qo3BiPL@+oUoyF5jP`JQ*DcvIqS9_C^(Q4g9!zJ@>=)W}At-q(1ana% z2p|xD^vs>_#O;gRar?x)mg565xKLh31IL|R2fl_@m({8TF~p|=W}LyRQlNgyi# zD^H?bmImkE70VaYcH7e>Zv6r&wYO7mD(ORvUbN;C8E&acp7W}1HD!bjZ91@|tRX5K zfWYBxuD=&L&xK~zYNC&N*wPjL4ysLgZI)1lxLu}~d1KpAQ7H;Y1Bps}>!_N(b{p|G z+naZ9_fF-eZ6~O!X{hx3UjG1f#l(ekM@R@}6vrC{e(*{{8kDyX+hnXS<-sY!+hBbB zq3m-eA=(a}j=sa<3X9(!n|FI{=#y`~h28ObZJP*CZsMab@8^^#zFjlvt|2b_jHDLa zcaTDl7ZOJ>2O-(*xA~)vDb{Wm40%eY!)&T=!(l2?o^hfIeqoY9Ic$${K#()qbWO{? z{Ul$_*`B1WclO(LC@!-qRl#?YQj1^U6zelf?iC^Tn*j{BA}gFY!CR!q0-ZEAfZK7~b|XP3bheeLMbtJ)aFt}JXuUVJ(F2|yTJfRd zwf=m2l{*6DlTczk75Ys&W32$yJ#`P$9mgL^)VDHl;87e^?&Tpl=mD*jTl0sZRO*6N zSyLoSXjYX@NL@Z;!7+T0R@!)kp&r+^20&5DPZ9>3Np>~WF;@I)MMc<+OmbZwBQ({| zlPU6BD`C{Kq?IJ0D$3K7#gG6=Qj{(aPQINh+nZIYSGIQew5iFCS`~+P5e`wJ+sRa% zw&GOja2ARRKmkRb+*!{Du-j@v_@lCbY zx71m3DR5>u;zN!*KcC3?j$Ob504+sjuu6oo@}hnpdrd``MD-`?Ub(upmB?F^icZ|f zW|eD7iI&p9nIxpt*>Oa^;+sl%;SG+?x+`I;yO!;=pHTj_t=8;apS48FHIuV+Y6rvA zWl2nRv+hAaN>xsZo_^ekPBWiEJXP9fJ6*OJarTuhD6$)UJB1 zCc8nkQ#vl_-n4gHOiTK-u!XZ~TM1iaid0wGN}qU?e_^cdf1S^<%YCy<=bS zAhS`utBzY9pR9-sBt2KEIHHH=xPWo(!j6{`!ql&kXlN^tAZnuB-N~SOh25y{R<3B4 zPR?6Wl)7tg!*z%*x$Y9Q#Dd6J_X=K0R~?+8q^z9wNswOtzvwLP44m9I&ONc3P=aNsdmr%=J5$$ms1*dQKI!>5saP0J4-99wP3o0AVO}U zx7|xBY$zonItX{KB&ZOjV1bNkq7h~1aZ`!I%pTCz?YX-7+^n74^_S`|)g$v}Z@uqZ zx9Ey#P1NVsWi3;lZAU5$vbB=hOJzy-K5!2}c*R9{dWhMJZkH0?^xw9y>GL8aV(FE^ zr7R@?w=>>YwPEIv>zx4s?5QM`XE;)c1IL|3w+{Tdw@&t(e%m@v~^9+B_TItXvR0#;Lqs|hB z*MO7zeA>oMt07+FuNPTu2_;Uwf&d?0k9tIsbPC%HWxAbIgsC9%&UC*nGsJ&wL)y4k z1}TeAWFcSXbc~f_>yH|B65;&4<-IsO`6IQNBH9^9(SbrW%r)k=Y z#zQEl23ZD1sn_fFX&sq8sldW6ri0`Ss3r`b* zm5dO7ePJf1*Q4=8my@9h%ETum$`Mc6`Q9T_dlw=;e(1hjq@%7ZI&1Fo}Q0fj# zuV=CV7&!C&H5BEZv8fF{T3WXL6{%=L>Iw}dLno0Z9cxH{2G>3>Gou5ob174l#r&{BatV)T~>71*I%c9OgoJRvo>_<-JyAzA^9AdZPqSEnf93j z32ma3pz*=Vl%t;d-Z!*{jw`~%#`XuE8m>>=`~HJA)!e9dJMGk=(rt)zxynM+$clwJ z!zF1-)AR9pt|ckQO3rXK&NUcv>9W2WTVB%3NpJw5u9T3ZkU=BCAM!oxq&-6Iov-O` zO~r1Pr`1@!sKxra9^lxH>MG4Cw1l=nLQ)EW!j+SQ(Cbv4devdNA|;pC8WI>TTkD>H zUYf>2mfDtrP!@u`f#-^Vz|_bKiu8V*=-C~&?I(WVtp5N?SAzDw%TrQ9%JGijwIho;V!=dh86JP;OIpA`aow?N+JLtM%=-l~#!KpU&%x ziqno;f#BvKFj<7-?X6%j??`h$I>9_SZdas5La38wgwvdKzFS^+w)kyHL%%4=Dapco z9QHNd9+Y?91nM;s@1^cL@osBIs}i9dbE)9SW_neKz{3gSD=Hx#&_ND@Q;zhkzB&sm zQ(uL|2|%!PJ)8>TcypMY8M$#>N|53Lfk^}mj~N>F2O~PPeNAls;lPT9frIJ!Jt!&y`W~~aSWr*TDv^gQw06;)ED#E(R1onQJ)_*gvIf?gTINFd@6om|Z z@(z&zjaHEyu3Z^hv=zFrD_c5>w5lX}g`6hFxvDXiBF1)}+toOVZ;m>Wvbe=+Rs)Z< z$2cI;JCC_FJI>HdnRObQFqw&(RWd_`Uk}M+_-o^VlA^QTM?h-Uro_K5?@n}SR)y~} zBj}<^jQk}*Non@lNl|So4XI!yC_Fr5{Yl2ThOu9MWGHZ0khCF)!49^D18FKB$evy^ zm4BF>5@u<$#dQ5Wjggs6b5H4HS#;UbE|w?~V4=@_B+9U{%_K5<{;VAH2vI_i=O=z%`bTGf5DkypuT5z5?{9ids@xHRRNC%JgdTJF zEkl!Kw?JtrD&%rfR07Bf@vc*^Y`)^$S5y0evh;UswL0*5ROP?KEyjw{+n&eFmdQ!L zDpG(dBx9B}WrUt!UVIV(Vog0f7Ur?K3$dyZWAA3lySMciKtykHw$?i6vL!dgN#eI6 zVV6+o96iLgl`9;Sqw{847L)i|->WnCx7QZ<)Ss$18Z??yGvXMD4U&curI5E zK}u;nd-K^bo084-kz?2@y>HE|lTfx;Q!Kf2)Tu8B$WqtAv@P2bEx!q04B8Oq$|HcKr#V`Q)v12^ z4E${8S18oVuHRK@Pt0E$e2OozNT)Qsg)BWKDQYu3eZ=;q_s9g55se#%_(<4(oHnN6 z+>Pz^cTBI|R2hj>OD}Eh<Js-9wpJff`J|QMN+Eu5k~oYE8`YYXI$@(+ zbm!4jX+d)yn)xpvsX6v|gTV*{P52?VNiw3c|9DvB9U%7xM&Zpzv4Wk$MS*?Nm|JB+DBe>CiH=`Cv^7~B|3c% z<7v`dTtf2RYAowWEox7X(qpUUPJ;O08yPRnWO%Dd3z0pmqNMzOm38abcuo zN>RWB`TqLOfo)XhrA~Z0)7}R^m;QhB(JqMXD}rUY9d0-XOMJT@xyZ-gSy3j+^aPPJ znBCW{GNAkhOm^Djmhz>jG!Fxw@<-Foij8JfOAy1TX}pr9mk0_UWB#8_d(ja3dBI$F z+erYWY@jJ1{{H|&t&(kOYma-bG~p!WcyNHNXaOyy%IRT_OwJmuWj4@qVtwbQHU}=k zK5oCC(?3mRO0wzfu%}vjO4O8-!8j#fY;~=?co1pnEy0L}g1b;cai8b+*P(H=5Eifr z@s(pbVT}W2%=}!=eS&F3;?O5YB}RDIK)wBv4+Dc)s0 za{KBeH^FpaAu*C|F=M>r>7>%Az}73Z8Z>x4=>A#|o$dY3lyotT0OVxoI5_Xl zgeKtl14a&TbSQU_bea&90!DP2P)Irn$?>5HQjkVYfRlnW+-JtU0KmWlNbH#1H<%q~ zI$xDTAAL6%86!){BlL|llS$9hPRQuv#(}_}u7w2S&y5y}N4S22NK{XqA;;53l6oLx zJ?X^b7z0fJpBh|@V2w1Am7I9*P15|QvQCphvaQcqdXgrsL% zdK@89mfK2rx5Y_PRN6;G9FIMD)}vAzU9aGKybehTNl%|AS~Fc17>8tKuFv%c3ZZyx zho<-LN@G&qU#HqYXPX)18>v)+TsasW0oWf+Z}!$*8*?_siL-ajCImW0-EBVTR4r=N zQH3-lRMj=9D0P76@Z52kDoPtIoTXs$9JW-;5nNOhv~C4TkWZNL~hYCy#Ykr0hn+RILO;mj)H}dD^v=JR5bS8k}fV79!)8 zK~hrU)U@EImNFHtf*Z-U_%9Ua639Ai_-eG?s4VvCev;eV3c}r0PAwKRSJNdqT9)&X z+)~t4^96;reuMR$P+p#DbSv%w*}KKJ-HfEUE}u20__+ntobhit=;V?xe0chcpVw@L zKf+Y&entGIehSl#EmXKw1p5^UtB}eR3Nn4b+CzmT9H$+eYnm*oJlnEDrO@WJ60=T2 zPQzg-Lrq9aSow$D(SoICJb>|`=A{(2z_T_0xSH1Qp)+u73WbGTa+5kqR$O!1akdnM zxPV6$ppk-=B!Vzc9N_n7Bb0kyw%V_*PNoYwgQ&d1MEhr3W#P}5U$b4B!#z?7Mx1kQRIWHUrk%7y}NZ>T{mXuy&9qJnWboP zLy7}swdJls4~{NmAz@iiP6wTKZ>RqN!~Tuxw`pG4i$40c(choL zQ`Xdy;X`evM;Bx=hZKVy#Jp04m$jH7tqvP;Q!7Y$W5~0&?QvQOKV0cm`zJc|sZ*+y z3bfmHxlMi?`gF%(&xt9rhZudOska+aNXk?ck_bO-c_n!0>riYiCj!?|NT3JPy)|Au ze|njDQIP_x9c;>u`r4Gszp1xUqLrmzxKJSe<5t(FwrI((F7<9CC+jxt zb}XtjA>;=O#WEUlLysgRx$Pkd3ilJohs}eYj2n9>>!I$&exCJi4MIVxzU;YF$Gynv zd2T6g2G{;%rAjHu!RxRHI?e8JXkNAuF_Ss16{Y;~3Nj8m8lG)t*)zM-DRy$}PsZk5 zS|mwVw!~D2FzG-e`05~_@ks}k0sHC(1_m`N+WC>(sJBfu(@va;9_=o3i7HD9DJfb& z2`AM3tJq0~7cO;mYi?ylO*|5& zSXc$M5T1cjze(fg&w3hbYa&z*^LYZ+6q@?jGKvq;p z&UMh=hnM05>*|$fC)3xZs~)9J6C=AClS-?w6HZDJ%7Kz(NkLFhPt1^12~Y#Goo^#a zJkq{mMm?nC18-0D zc18~lYk&tYa@G?UC(ftd)^r^^t@S+{>ACw4aPODl#p)gE(r+r78LjN*;Zh6D|Kp2TBYAbdZd=7%i6nAD z8(+=!)kNFXr$gegnc=4>tuz(*Tp8+rdZyH6)qmMcD6|?oH6=9dU9-VY1$%=Gp$W-6 z@(X~H3ciEAb0g2aG388>>fCX~6*#r4DpHSRll4Eotd0D;XjKy$90sFiI!iDi$891# zIw?;qB`GB(#g!ba5=S4Q?@$@Exb&HEBFm8bX?2#Kl3Zg2w6C&KKh5&?57$*8CClh= zEM!paM5%ien&m%Z+lti37>!=2OsPsss0wXy;31?V7$l)Z*RhfYLWWKTtlvzvN?zLf ze6H`j%CvDV)wxpjDvc&OU2d@J@YfheaXiwX-?+4`UUHWD2T%>nrMGF?s-`ZKBB)U5 zEHnaAJ;39#9aFAx{{X~sw%J)A_&7S-QgqfA-dGI)gY# z5?-c-fIei%SW1*n*o^V-QdNR}W2TP0Xbb~&oAHizfF?r#3XaSd7A+km^u`jHyK64MS^FBhIQjCMi4?ua_ytdK%79DR*E?%gyYtmHLj8PFNmJ zbeK=y{WXI0icK0^0y@r&b~1eELQr$j??GAc1~j?v^$dNq6oPZ44W~pTNIm3f2>Rn1 zen;O-UOa=Ql1%{M=NeIuu9PFb^dTyK{{Ve1kP+Y=De>N<+OQK=MgSU7f&m&rGC!t( zl>y`o>XauC57SIiv(XxG;*sY~Q3Um&2?)p6KqMTE8Z?O(r~^rGrFW#!qfJUQXwje` zqehJy5S}|7oa#+zx;_vU01}6P%jfT?!aD?Ob81OaL$Qj${{S#g-|4L*H095VZfKWK z?{4tgH=f9Bc-vRd4C1b|5^!u-GcFWT1 z+eseyl+Dd-@7onxD+#8tC34p7wzfeGxU~NO1L6>d%KP9J6mojjo^&{HJw5Ez=$b#W z<56zb+>M7lQbF_HG7fdr zb^V{DL80#pS3SM$yv-e%HjgPq4Z9o#HnnG;czu-N3mH<9NY7g5J9gzo!9-|R1CzcH zOtVmeTJaPiEur?*kQK;a1%jc;Tru_2dvg5iT4ARSYmI58j?gRirS{F_+mYYAkjg|E zYYf&SvUr$|6&xs%2`D)@B;@iV9Stqq7oRt)MyoHFaJq;ZtdNK)HSBLT#N`;@B$9Q(#KZubz??fT71kynI- zwec~hC^_3<3kg~=$)${^i1|uMPh(wQ>C1lSiw*j{GKn4MT%Oyts~(i_fg%M(q8)0v z0I&E=K3+phSV{m$P6kQWIq!5e&WxIgrx?bVLn)N$AMeRlFcPmnA@Gtjf}@_h)$Mlc z)-9`%my0kK?1vJW(9)IY;+Qpal%OjSp!*CM^&w#AM$Xa?HYyIKCm_p zU#c5sx9eMG>Q;qT;)f_m+>2hp%7?yiB>I{3vtUQ3*U?e-w?AfWI%~^R2b@#B-D;5;C?!7i3%eXfJiEvd}P^nC?sB5e($mwZInj$3+6(t}5u1W6zcl6SFb)Pj` zo@+E(%BhtYk;Cxi2Z|Pgh2=#nNgORc`hU9kessAVLZ9v`JoYt|#t;>ttvp!`c{?a1ZDBitDA zl#oYwJ$<$1r!dp99z=E;Q;TtFLv5iXscI(yAP&hV00HFdm3sSbt~ocP$Tmejnu!KQ z&qH!Fnm@4(YGStx0+pc)`};*efReQosP)m;MQn%SGwIFEtbUKUHZ@)aVKJRURZ21* zbt#e=KFVEfDNss1(gKD)Wak7Nol%<^ZB%Y;yiB@uXPBv5GTbS6wyeflPZER34hmRS z6qAmT*yw}N{)D%K(oIY$TkW?E*C=j79}`cE@>pDHC1FZR&s`E%^*QUV_1w(WV9{SQ zjASkZIhm;L4%h5=RKDhV?cQj+g>P;}nN6(1rBRxFq(iJj_R{-rl>5j+4pfvWCxFI4 zsR=vS&P->R-C7CcHQY*A%25J%%IX0{(!b3$V2d~kS=UsEP--;I9M6qI87k>2I zRz0sqj+W?FrG-n3*SyXYR~c@saA_GQ3M8w~-#R1`xN1S|T#c3nhW`LjY1kXBJ5@cq z)PKcK@eZ`D{m`vh_IB1;R4SBe^mNx5W+RgoPjRBc78z>}Dd&(9gaCg}%ut*iaaG%C zdWrQ*xfO`FZ4LIL*>Vd=g&hu_5>p_k9*Osrj!Hst!~hO6+3Y`E{{V~KrrnU%+U(WE zAW-5+Oomvlskf?TW6H`_%5D-MYVnuD*j&$Gn^DQ>wT0034g zbEHNR{u*dJIMp3F^-q2ID{ZtF*0mHgo+wFHP5}A= zo`>6AtGOPJy;%CRuSQiK$hpxTp!%wEuIu`U<+)0N%FtHh@}x;h8cK1JjsZ$^{H>)# zfvTI|`kk#1%H{Xl(YbO{_18`9@Nn za`$i#0w#xj$}73kT9vYpZW_33Nx5#8YA_h~@EnI455cKK43v&-;ErA75s#)G)Wl}u zviCNxRH!M}B3rb{EUCqkqVMN15S$epoFz&hQ;+YhuK3WxJuz(E%C#v9b_H4@TP@?7 z5ix7`GoHp(fHe)YQmS2@K2pL|-E=!mLQ>y166+BoEw=fC$C`(FYFtc|gufMND#=P7K+p5~jd+SI1iGgiV~A3+roz5Oe>C|20N+LQ zEgIGXPFahP!bdNC1Oc9vp1-G^D^3XvrPlHip^y}k5B5Gairpp)TtZ{uC-kS0!h6p{ z>8!EMU6mi^bXrcx2Q@U3e4PMf<3R)*X+jUzLX8rHkUxER%z4P@JR`X3v5=IfqJG)d zMv+4!`DjB(2UUSiey<_KwLXl1%DZt-1e|?_JJ0hvi&XgjWh06LN4~5jBLH`)EpEB_ zTdjL-`-Cg_sUJW`UHuM!Jz(LKBb(?2R}8u8x|XMCUqorQ51*$kHhHj=!#sLm3)pol;4_c6@iF zQh1#S1Ia!#DM4N|B$Gyz4E3D>A9JNaJ1I11BL@KJ(@7dM?j3p4NWsRHAsRGj(?Qia z1P-;4PnhHhX_VR$u0B$)1bwyQ00SB{!64cw9SZ6imn*06=(KkN*{;L<*Kg~W92xXk zF;sZRsm@{KOAAp5Q2rE#$`T5aT1t;f16bCxwmNN#=Jc$|qcL$?7Y(pl4nuKso`foK zLf=BTl%XgK3CdKJC@&mTJXF>d*}2rstFIw|#Op}3DRZgMz8h0ZkhMM@P7}!CNhFef zplfNcw0pw)i@4UcvfEX8H491k@~Sl|x3GxuDY9cvazfO!60%VoHk7M?%EnYRsBp?R zUSWubIFdB|E}?S9i(H>kp-|7lQ?3h1mz$CAmz`76BuaRPIjcFw4}cOfJmXwFN{vdj zZuhPGwQiviCn`Lta3qv1qT0$-ph!HC(IgR`hB2<|pKsTju&BG2ZB?o))T2;oOg{o5 z8e0JBKo!4Bj+cROsU-?h)EjZk;GVn!b;MPhh9qs$uD>#x7f+d7lqSS+l$HAmePo1{ z4545g^ipyFKV5G%0v8|Bi=D~=sME<>SDxD0S3O~hqbpNrsl`|Ec6*jXjKQQajA{d*&N(zIw$f=97+O8U2}|tA^tL05Oh;eAQ26029q=`BZ?sAb8`B z$-3pP^=Cj|s2{_t(j~)aTK1Kil-}0mYH%{^RXFNGrOctwi!-~HD0RDDA>#mHVdZyi-$G2nH^sT|ATlb_&lsWLO zc{6GdDpvc^9ryXgEQPkVo%vkmqyo<%kiOol$J4Lniry+j zTH}O5mG84HA%f^qRKuKkAOcnb!WGB=059#W@2D#V{I;OFyRoO_H%GaqQ_)p*=E`N4 zPrL3R0P+Y@(&CbF#D#QookXm8mmbsZ)FoHw5@6J*^;ESsn^9?OI?B(=q&SrTq#P?a zz{ntvAnN(`M_!S-n}1Z1XR|7?2AvX@RBlso_?VRBIW?uN#48I!XmP|KD5Ll0CsEpT*0Xx($Y5?x43k;yG;ej7Yi?$G{iKf(xk1Vm6d|w2?Zb% zli+|ydX8sXTPidPjcqU`R(=J?IQ%2whSo#jK%jD3(i;Sfa?kDHopZPDUGiThO19!& z@K~=_+r9RQrmHSYbMtV`=QfV0@A6Usc%ci9{ zJyz--df>a|-b_{L%sZ48Lru2B21APA@b>vZ7(I$KA#>*1tkS)ac3nUq>?#z7NOrUHwR*`s}k0=;@gqGGp5!iP%WbO zw(AW7!;hpo;?;zg5Ty=SPs@bkIO(>Nsa|hCCA3z;{{UXf+O=u^m+pA9n{REZLUnqs zTdGF3ZM~FL?>=B)`-(Fil`$`2AH??>44`lXeCY{RwYCK_(w)^Je%tPD-%8v2?%$VD zmmcf6-c z;Hupsj^#aY)PyKZdIOE7B%p@AWUM%arS#=1E(5KdBh)=6v$-`5?A)!ntnRc6s*_lt z+c5VQbc&TuoVTMUG-)j}8AxtygsBQx3v4AAOP?~pR1qJ)a{K5@>EFjX%cqU$cs>uDcKDNnR%Ju$&mPUr%+PkE)?)7DIr4x0`{qXDfeYg zpL1RNBf4?q+z4)XOI>y?I_l9p2c0KX*wq!$z$K_fiKIUQ;pU~Xhv9`a2SaQ#NT zVIr9_h{aZ~Xwu@jCOl{`;;p1I8Em?@Q2GZIpz#i6OBgHEp6lGLg}d%L_2IYowbinliDY@Kw$Dvz_)$y8c|Azo zwD`M8RjfLSi^M>WN~zq;w#7NGh*D6nlq|P~lgr#pf&4WgPT&EJXKxP9J9gf%cAjH4 zj0SDHCZzQRHjVU(%{_?GB1o9)>z5fTOqnmpY1JqK5)~mR!(lqs?kA~rh_>d`3iUdZ zO}5h+Dq_>0DR7HvXoWJh2c8c*$;S$u#yJ&$Fs(x=w-tMEsr92mrzWc9I-wX$peC3j zL~*ASe2vV~He{EA)V_M~Z(?&tFl6Z@KSS@gpT_;}Ya>tb1S#y&VBRH{APc>+GE^q=_(g zcJZdv7$|-PyxWS~ZYjVHR&t_NPxkw3(If-_ueO|f8qlvY z$XkOh@LX2FSSY-1I!y}#Ekb2)CPgYdWxj>-K>;dT zxJLz!NZ_U9f`h4Nqbjz?(086~I_Fe#Lb70pPfZSl23Y|Y^N=& zLh-b#TaiMjRVd8Oi!QrwrPW6=;QPt<8)?9_t4FghbQE;-146oZ!BNf=lE06` z_I?I>O4@a$f(v7o3KBshBZ*1uV2tY0qi$^5c`%%$T(tUi%Hv2x%De|q<5g5Amk)fq z^0e^^Q7$NwPY|T|)cWbB?N;#FsHEMz=vM)3B-H^+k2Isio@KGc*0PX53@xi!ur*^56%sso`D|($!i7k?ZQs>DM zAyku};(R0N1A$ROR8)c-Ngu1SG^jb*b|^B<3FR5iZ=ZMI`7Uv%)-BhrR+zf!OmbpN zDUlkmm4*^p7;-X$c~TiXLK2WNfu8fOrrR2`+gnbfU$(Pu(CGEqMl?EoDM}G-$;el@ zi7c-KsU>`S@K0(`83#$fUXrOWX;b$e#Ac;-S#sHD;^#?2YOh+ZbK-=#z@Lnaqm+Bd zLevnPx$UTo&=G4ljfx}E?yAL3p+a&4jnZVmsXUe&3mj7G7$XTv(g|bT$)Wniz2NOu=*6nWZrt9wO_t;In~poGbSaAbT6jod z{{V?`wF-^_33rN{DQqiM-uC)n^(*P>p;58-ziO2d4BIZM-6r^fQ*LD<I-0@NA=!6^K^e`h==XqKXacS+}b4TZm)O>sKrU8eLT(30k348&DxG zlw=htSxNbV`2cmX+y4Mmo6lg{bq%YzY_@k2&8Sn>?aj2egAOW`%$_c@4yg@Io=q0j zAt9%kSaTo+@<`Mc?BbRZ<+%8n0#Ad5fjRr+Un2o&Z670DtS#5-pGPQ&y zN+|;*@ku>&3D-$kHm${K?cF||KWXfzsj^}z%3alW(OnTLjr*>D84n?@O*FDNh0FHF zTL5+xHE`EG0@>F6-)i0-jBaJycU4N8OjFxwzA+kIZk0LWkeM`TO{?Lm>r;qZh(b6x z(`rCgRHX!T{{Z0)=r`71uDep?-N@gGb?diMY1Mb2)GX??pr<3hEIL%=dC?a0OupN# ztqN0U$SueKoSkANWNjtIc1}(rvQZxW%jX{N?H$#$^jOY0<>5nt5}#6Fu(79%BI%BMAk z!IHy^3TQ1QCAUh_K}vP@Bk?ly1L})wZ22{f+w`fidx2)tVVO={`$KI10EBBClGa^8 zqqg#qH7zMwPX`w9ZI!Rv>%Wpz=Iq-R>UPpx>h#DhEy?z!M%)NYxoCAHIRy?U1>&?2 zIN&5L4*a=RoK9?l!pKP@Nn?iGdQ>uq_4%|G5BQ$mwvzn<>0{XV`t_p1m@l{PC-@FN zm6a(NUL0(s0uFmf)2TPL&u7rt-HR65O)10$#)EUplI+>-KGO+Hg|`k8(HSa3oHEu^ z#X}iA{{XYwPh|SC{4On>wy`QPtJUqYzbT@)(-RqWG3n_{*-ojoDPSZNI2NX}`j8TG za-DKtr=7og`tU>Rlmqo!iO(-zZJ#1?S-eL#bwpGkV1Os^{vAJs#!A@ z*Oz7+I*(@y?etLXpW8dXb9WirO4_a3G#a%&6D^{JbvPxizaIyTgA zEyYi=H^TN+mcz8>quaNHXyHK(G@z7)q!jdkRC$#GqObhAw>?blpR4}>O~yZ_k5X3r zYo^hW7Bre2S~?KgmdomHS!#_j#<0U~6gIU6(xi}~-(@<_Er8&+bdKdrW`XcM$B$yC z?K!()Il8r(a!R+U)RmuZlUltjIg6{tV}S`%X{R0q(b44LAgk}IHlym(Y-yJb5`iYh z+C9qmno~7XS+w7za6lbB?#fb99$%0KFtn#9y?8ad9+xb36&r5tUs1Glu+mK zeHlSn4rFBG-8cye1XFgqrG%x~vt+P3!1Y|yy&Eq^foj+HM{BKWtqR0-l&ZZ7P00>p zj8wr{V}Mfq)y7hsKq>`96)1y%FuFu+gy|ES|*@E>ddvcyw=F`SnSqW>r60|Kr zSnmiOW=p7!$gd-WzrBbu>(r7|7sm^?VJtmIvp$S#l^Q6+8 z9>$YG5CJ|0f(Y_7;1W}e=?(zLpX;Fs2cEU)Go~dZoayA?WNJuM3Qj~H)1)gW>7^uN zAn5`@?Ee6!sZRvl=gyA4nsGoMT{l7!kT3{3P_c{=p$R^86ddGeLQ{@Cc+)iQNhv=~ zH$nv?PC@G$Zh&#v(1q!b+e}hVoDb=x<_PaU(@K&LK%eWO38_&XYSQ$dGMi^^9IfZA z(34P)WYQ#6;zE>^i1Q`3P!Ph(l155awT?eHEu}-os^$6qnwYmO%09r$r##ee`*P-C z))v2W-3`ZS#Hgpf1Lsmfz~(_2>lnDjn>-d%n~NypqLS=YuM*{~++L%%W}@J>tap)F zp2O>R{@kc3^eKvGzKp4bJV^dAN`MGC)E4v(zdme6?MV@p5^RZH@`B35CtM4T6jl;S zQkA47Whn(JPhINI*~_|pkFu+;Nu)U@j>Sep)b^@0zxO(Y!c@a3VNPJCLSx2IkXv*V zrAk+VpmhM;&A+;=swKU2SKeR?rVO`RZI!xQPr}SxWu@P9KQ|`997#_e7{LSz)C*Wg z{{Wbd;q%p6yFpoUtxvfwEyMUZh`%62sMI4k${K6m6>%K|BxM7URyVvk zvn*OuZaBhRwL_GuyGdZSM7Jf%P$Qrh$tdJh2VDc+r+%EN_Wj{bw%@zyjaF3>yHKRW zi8UvSZHim6;t&$BiBsG=5~)j*N~Sptbwb3KJ@q|3rsRXc zLy1Bb@|sT*&_~UcXF9lMU@ch0_D6{=e&@q_Rb48pI*T3xTgl&R**LXt{30s@EJeaF+SWXG29wbh8j3Fv}a;js$qk?6m7pwgU& zM7n6NGNti#qbX_RqH}_kAmcnxO1ysLYBxrq?!~`FT|!-fQF)lnKIA&Y7>-Irjw@4T zhg8{6N=n;ULeCyJB!wi5H*2@@>9r*y6zi4ftb0wg)W+f^($H-M2uq0QJlINz!nqWI zl=rE9-8Mb&^6qMNR*y!m$tiWj$Yo1|TxmE`TxHh^lEa@OL1{q;1n15*vvN7M-4_F$ zi;ejvqB?0{ZJzG4e?pOC&7w6ix6+lxqE2`K=_&{-j(I1Gt(9^ltstd1$DL^;(&p`? zmr%NNs*SNGN($+-S#6ogQ0XtXlA-P-seDwDwBzPj@u`KWyA*1M-?_C{Et~}j6*S1K z+buHMX3?f8U&Nb8dEli*Q=CvAXCV)k+6qq;XI4dT(Vh2uTNAEdP1g-WcPy#}x+_(q zNQmq@?VS)f_9IkSf7$qel%d1!Mds6qLY6Q(&|H7z+^3UkUUCf%r>6|vFy46WWzDigARmlI(uu`R`(qa^xG=ybDgCs8%uOKPka>0itu_;h{SvD1LRg zgFVP3lhceaRIo-m!6f574)vcV;@fVab+;E0A(D))>-p}dTPL`Y_it&W?cKc=6dB>4 zaxEfLDol8i(u^Vas|rWM4rK&@NY83UGn?<3kz0~^M{uNN z#H}Fv2Lp`FbbkGp-uHhR`>uY>xjhmgy>8X3u0h++Pza(s3YRo{i)h1fnWfc4 zs*Wo_Y4s&;@hc6b3qd~}J$mg;PhXj3QVbgo7>IDanEvtRzX=>*3!`1jk70@ zHrs5i2ujE*#zv-FIqI{1wvP0w?-tu{O)~MHbis=fpyh6d9#a)m1tGTMO{O@MM{+0$ z3o1imK~rJG#mB>Ytw z{{U>VS#ncJj)fNzIi9s55d%#(=UT^=Y?B9GpF9t0%lt66i)`o{i@Xx|0_lTpCaG%C z?mKdm?Z;-DHd3G_EU27gBsKG{W2!<^#Ug!bY zEb3yWsRpGAXTdavkO)ulR@-V$00{@KvMX(j^nJc|-t<#FIQp{K_pRnGTUu0m60;}V z_-B^4qfTWM$qgw{o#6Id!UB{Q;?a(NI=|9~r#g+9L3N$avg87`mgav9IG5Z7A+V5;c%O89`8u{oG%h?yjgk{~NE&d{kCNbjPn#VNe!Vo*D3%-W zVBgzhLb(i4@4fk)mp96 znyaaH-AVZf6)SQ63Q8S?Da?B;;VBPCT7niDLJ(4VFg?n+sh)zr7U#EG-m$6@?N9M& zxo9-|u88Dy)u=UA%gI`!uiIa?;$L(nD#k*1s1cB18|AVadtcuR*1_9JF`agoT7E+sOm&2cxB0(!UI?-=B6wtL(n= z(RT)f+FMLDT+>^n$%vnnf&4|NwzR1!96=x?00%e?fh5^poma)bHXyyY;_L{)K%kZ5@$p z+mlfezr4G#6kPL^w5chP@C{`Vr#KYbpTa>X2*QhisAl%xzrrikz2!+=w`u+=TU@%z zilDJ!J+M?-O)9@3r2DFaIWeDc^|$Sl$sj8YlgT6#tWUtY@$_wWdSj<-CdE-(p;n?o zn&PiED6KIrnzgmSzQJ&~8gXcCYg)qia#nnvBc?8m;`LFro6AqJw}LflsR8*6$)jBR zYi+JWGQGF5Q8|+5wuThji9_pAZDgY@kem_b$YkXRx?PxQFl=b3_|<{8Z|7zCw)L^H zo~O2lcPc~FC#IHcxwPoeS+CEvDctS#zT`%nj_Xgv3WUIQfR_VkUwn#)1mjg3D)$f+ z4t4siwS8~;PW1(5R(7KAxGekTi&v!~Gi}MXjH)b3g3Q4lQ)+&$q``mLP%2Yxx?M?sTXE2U8{`sCWEFOxFr2Fd z_0iHKG+9)}Iqm>1?evl8uAaY7Hnr2Z`!}}Nn)gzqm*~{`oeo2{0j9jkW8)~(Tbjd8 zE+8n7^krZr(h#x<*9EszjNK`@3wc~Ur2haB#PL%4@<-7}?f2Ju{{ZucTHITtZ@$Ie z^pRTl>QZbgSiydu64|MIOK!bPr$RyYV6!B%+MIXWQkh$hIInada1QiBzA2ltakIF= zKb^f=lPaR)N@TX{kGNhgHdy`)Cr(?; zHc;8e6!8Q4oPBkV$Y&YSati46{d9^4mOlE(n_iPZXrPs92cf2u`)R=`&I+^?r#Q|u zwpF@rjRauhN{|nepbABjlST>fG`LAPPITY`d(N3jA_qsUC(HHDoH*kHO(P%WBS1mW zq|t(W4H{Gs4|))kbU#L$p0TGK9{K6I5S0f{*O>F(y)D=&w(F}?yZaX>s>kMo5yP z;(Kc@oTWPB+ROC{#e+_pKI(p0r_>}wVg#4gvlX`hcan3^3s6}&KdZn)~ zwGX)HWROpcXH#2}rEtKrs}SJDr$f)=6I*TMSgMM}3wj8vsML5K!-uG#< z`Q!n~BjJee;NT$A#V*LcQpgQ*tRE{Eljf{wg9Q|@bB+iCOc)Y+REOT%)R9CCZ< zNGB;)03>!leRQ z*j_)1&sgQt>6U;q1)E=(-xLu1cBdrkP2RegNy$J-Vu0rY%wTi-3Eyxl`T$0JdIq2iD^u z9GXDN3e>cnSIpf8vo57%U-ob@Zn$7BDwH$F=4}ZP)SQH*9>G!Xt#xE?SvxiAR?)V$7x5C?6()T# zUfr>~mUHQkav_%_JmT9#-Y&IKXsLNqE~T@{AoCa}S~NT!VX(MfSmScEf;ff5745ve zEZC~9?RC#KO*s+-hNHuppkXW(612CTC#()%sAu=o=WP8_?vB{pUz*z+k8s8IQidvU zn1vw|qO?vG9Wr_IZ|3A!H~ZfsEGhezZVyW*(CMx4S^ zG6LIDQ7ec;sxj8`P?5-}0C5|y&b2PsY`=6&r#Sl4?ZCNdvI=89q=HHxLC3N|P#6Qr z?D^COg6?jMsnJ^oahM)8s_M5dzf9h|YVXi*t8vY|+}Q9?n75rGp4MflAs`C0BrDsT z*=?{DC@n4{nO6re6RvLF-Gr>{z0`_rLOex31t|C{uGaUJPm<~c@D3AccMh3TV_wKQNUKzP= z^wHRD)S^uWp%uqqJjeihYjNeRN>LdlPA9J*=Nhm>jXOfQ+Q}dm!(edvuazj8uM54{ zF>9NJZ&ge+ z$jDIuB;XZvPCL{_<+A8hN`sXRzP`*E>;hLxnJG<5MhOKiypQ3z;UFX^m0fH?1DN`M9w5-EYn|2(ARHKOz z_$ew1DPB&xBhuac$E!`pf7BI$>eTIhVX2a4qiioZbvm`XNuHI4qqx-QijH9*1%$GS zf?i8t@>8q*I{Dcva_$(H5}dr@KN_**Qc&|`k>qqc?44|Et?a(G z&a|8U!>`MyROr=)WVHv@n6-fg#CnPEeM;+Iv4G7UkfPCC;PV80o~2N+a!GD4OcQkBU`NJ$!@ zBVE_ELvd4bP~uD%2eO=q&|59I&};&r!W(QQC9>X0>mf@d=Od*(J#XI6Tb0*tD%Qzc zyMVi{VkX^`+o}sSfd*u8%)Zm_xTQ9^3sDX&A!>Cg2_+qIneKMR{u;N<(<2Fo5l&XyMJcYQwiDgTdPmB^1?zFVLTUp3ox8VjlJx`Kt#4v#tS~Xhi zRY^#-DGgIUIlSVSz#;JO3*K^vVX&B>-6(k*49;d92P?QRkt(A#MwrlizdWzjnrC8aC z#xD$8e{Szg?ng92|w=yIynOF2}(sXK%GpYR3b~KRH_l)E#hN|X)04o1pMuc zfS^I>91)Y*(=vyU2FpmW#f&8GSJ59#zN&4_rMc)=Wg)jH%TuT^Y10svqO$4~hXYQd z^sS;wKnlVXNd#wKQ}+|`dV###MQ&{0rv)`dxULW>^~$`3rVMEBq%f7LGpSe&wx<@P zmlOsQ+I8?U%H00|j*PgIB_?n1fPSAL2HME6vt6U&J$lgM)7rC?{g=jp8^WKVE&#nSPc4D55839H<6`+~nso|nBA?1lNT zt+jTTH?%3VV%=uYyvnN7G}ZmoKko%zYw(c9A<*lW=a+1mwH4Z_iw9=iZJB2M{;KQYn?l_jh6t@z2yYP7YLM*4sHtzh~ zsPJet*pb&6`h_$qJLiySFySfrIW|LKSqMlK(+~ufw}Lt1s@~Pv(qz>s>Z{0Au-j-Z zNL)qBdA1nhK4rL&fR6yEab5sgb+#5u1-us6h=|Hf7kc&5tZQO=VUW+dQ-jG&@f-#` zocS61cc*R6)YkU`txqo1l^UGvfVP8Xg}D@Qo3Jv(wG`efer zB<*!V8lkd?>#0VpQx`58otgXk^NC^i6D>(@RuOn7A!FrS2UrQG=Rf{TYkiw-kEeMeXmgL2j!p{j&R^W5t zq&DDKO8g%Ap+Mkb;2)^bbcp1LG=pxfdevz@1o|ybMHaCE_;X@7Ta^x53TfsPKgzb& z0+4@Y0Cnepdm~>|s{75dUy99Q)TDZ?xheHJ)JiJj!mlcx)jmx`xY=9M+Q_NErGt^oB(>6V}A(ycXOOxHhffOI23TxGm|4OsN$7pdrcd2`imS6#x`-qBJXbrEG&hs=gyUv!o|IC0bw9p0v}H{XeME7PcgCNux@5{WJY^ znrc#nt439x^tl7DG%SPTLK8_O_H+)9S~R3%>!AoaC;tFV1Y<}E`f0=hJpTZF2u%c! z2TDK#&w4;`bEk7X{{W_hApjpg+fLFYMEN>X`)VD!rmsAxj?Rq)VChCY9a@xwA6*@N zG-%L-X;LzJIyfupG^ikXItmhCk2+4YXDv;|*kODoBf?H4| zg*+Ak$R!{VgQ#Yu8*x;NPla^Tr6l61YDkD32`UWb<`z~$K_mc!C zJEfTLtFmB2tgd?vFZeQ@UnM${0pxIT%kTS*ZfMmAmXr!4wrwc0>My%7`6!;yd6(lY zA(S+vAwfVShgL$k=P5m;YeJeVkkfSsS|%FS@9|O&2yX>I_41SS&)jQiNNp2pRokkZ zw~-#10oRyrYr*F@totoCvytu(oCAT34;a+|NwlOb5sn~#l(e-NlBxA66zOOwdOPcB z)RGm2q?D17(d>UCsl7(B_npu2PGuZmmg)HRoMN5V#T6+lqx z69}A_xqF6DLy2$O$3-QT9z!_?ykKYsi3vHpvsmt*Ek7Y@s?RAbMx?(@5#54?w)%-Y z-BDRqSDyrD82z;RC3a;I=Mu&ok0AlMkraMO4d?W$`u0A=1N7EfW>Kn!p#qI;JoJf? zn)pR6MQdSgl&$9mNk1}Dza9bBkt!Jk9VZeEtytE%rKEg1t<@Tv2lE*97AX%^;Wo6p zP^Yk^p~N&5^CYPtkT7r@`{(8BQi}DrWZqQb=F?Z2X<=p4Y*pO}mXn1QdoLcO0rvS+ zqEZ4$)Dk?|F&y_|%Wvu-ly1l~tkf};v#>X5bQY1I+%?_S|TWMJLK_Hxi zkd%@}de*X`WL!|7J638cWW`}>OqXK1m8v-ef*nFhQ$%CFKmm{m?_0>M}Fd zH6XY5Au*^Dt(tL%OJ-^m+{hCeF4Ls)I3y$xsEPqc=SL%i<0I>=xUG0`5@$bCViT&t zG{wbvw?Hm&-3Na`s!`W zTM-P~4NABDDc_fl)9&RXb@s--{T8ciRz5PH`8=lBsnZ`{CjI6fbp;YfvZahGl0tq` zIV&fr_xioG9=L5f)!n(4Zr0nk-Ck2qN8f5hYNb7CahBU};cAqaXnZ*#sJ8G@+jUtE0;ISO0#AIkJGJOLA$!&;GUzp%hS0CgoSD^2Wty7f zFo|utT||$9B~3ntm)c4BPBIcRsrKj6Jv!gd3ZCuFV`?rM^pu(R>{?ukou_crRQs+e zQYpw!y+e6H)`LPj!ZJ}E)hz>-HErc#Wt~S?y5fA0VkOE!4&PfE^?tYLT*q14E2_$I z%9Vobnw1Q1E>zQW!}M ztSGMtK|iToX1~8I`+soYFlas+Y0VkoYBXn*y z&ja&CoWaBfN=WE%(ERgLJ;?OLk!oX=rWe%xTJHS)FLg4kx5ueRF(+j_|KAo#DHvn9Y5)sS z2L%iA6@W9|l(`+$R@hJF#4k0Dk@#2^mh}GsgD0Werq+#7s5Qurqjn zvva{;<~NltJ%TxfAfS=Rl@I_@@(3pfIIGuZS6HjL8kow_DWs*; zM{p^(j!%Rj{L9CKk2ub=%_ABI1<=T_@{&lS^SyUk_up_fuGn4KvDSpwt((0rQtmkM zp`|b@aNgjTB2J6$G-bw8a+Rq-0-=ziNIJ!=?DwH9&bL>1Z&#%H*3(pL_Yz!%UfP?* zEYo7b_>$D68eLT-rc%>L_gi5uhaFOY3K`cGH@Vk)wZ`XOl4aFoMT_vU+nX`gmlY{F z95@t^p@KWe`{x5zO*_b=Nmo9A>(6>` zbTYV-D6AWY#o?L*4U5-urTekzZiQrQ-4k{wKB%ZQx}{=Ed@P&R&32Voc?(mi_?U7_ zif(%i7C1QS97pPJTxQglC$<(8r8t6I$nC`^QILmo zO^)4G?3?bgAAuE!8g5s}`f?|OfG)up)Yx3rg) ziz4MsPDzDD+=}n`dg%C8iBc35Aq>N*szZE|l(0*wbwIdMNIH(!b~|uAG*mtk^06;n zwP;E$RcZG{74%c4DYJrEo_WVpib9(JHv5UdBr7V$t*;l7^jy+H(hQ-T&lGFy{Vl6V*bpXk*p;#+A8lO`B#FS(Km-NqGwpRYh*lbmW)$ceM`(MYyyky*LSUx>QvEwqOz z^cEa06g3AV0{WQt$_g^KIDD%?7}1b8Z)>nf_CCWX><3p$&`~W&yFDI7L*_+tox!T5 zUQ0o-ZMg3*Y^9}P!z<-Vz!@zCWaRWJ*z}sM?RF-OYsP+Ds)V&76E4UF$5y3%RI&#p z6Q0P)J?mk9-_oxao2F9Y7?hYmrWHOoB&!6Uam)<5;U!ASvaG0qt47wf>7Ji#xi^ho zQeU_u!fpA?@KTzCEzq$No5*qh0C@pPmf-}1r`tgU@*2$ZjSYg?q{7_p)y_~SFBzL_ zd`FE+_zBEYBBm_Lbm*b@kEo>k@#HoNM3kk)C>-=k208%i=})75f%I?cKhy0>?%$ea zrAwz&?l~5|>rA1?h|sazlNK8^Tbd)q3aF)(E;~&=(%eKsr=)V@m1pGmaZAFKvZWs? zC$fI}>aW4oGiu(irr5O^UgfiK?WNHc^QF#9%coUgH%gH6QKp8}kQw--M^aYdC`*Y> z0Z|&tL78mkmNPZ%s?S+ojCc3Ye)rATuTd5>x+PV%%&KCfxWdIko~K-GiD*=J9B&Q= z%8EkCK|D{5RZ0MlI{MxCpzXHRZDBdJvq0^wX7|C#^Lk0gUP3 z;A2x(Rcx4($v6OG@1#ijk2;b_xh#ovq(zZq`*PHxr=~@c5tE*{j1UG62*=Q4T60yT z#+Y4$Lv3gy0lDuNhm-#R4n-{{T%O03VqD0DVj?t9xzb z71m_kO-)k@9_WV|sxNJY7CPr!^zy+7!kYZzB(*qu#sjEP zPoJi9j`c!4ER~C~4Qr@0+ON`5uhO7@k=CzFv<#sKAgXC_SdU69S&TSxl+BYhC(6a`)EdU<5nF`!m}xInU0Ax`iqiKuW6bsN$Cns4hdHxoM8R>KW%GdSgUDkl}@+n z4y`IYT6UPFw5)goF9I|B=k7H5Cm>>?BTvGJ>5B7_sq$^gYF#WHwtw6x%8=s^BsY}| zV~m1Tg!1dGoOsu$v@P#<+csRXLF88DCQ;-M`9N+$hgiuu&w5;m0Uyd|%2nAI8UFxH z1xW-2s1N3KU@pqH(&1B9%+(bv@oZ71;AHd%@xGou`t_;OqD6{ixdufX2L~tFwO!)1 zE2NGtI#QnggR)2Osu2{wl*`a6^(P>nzoFCP%v@EiXkoWGG^X(CIb)E=A@)%6576py zR!yL)OLY2`y)oG-K_3_>&oK6KO0oP-11co^$vDnD4Qt}W+ZGU*-|y0M7N-C9fbfUrS7)4gO=D3o_xY}(3~E=em~xXEO+(?~%) z&_P!}3CZl>XT0l2A?BpGU1_8tB$9^PQ7J$qoD7nFzh3_OtICEnJI3|-(zjEqNUm+= zKAk2|GAMGLVmm2_bMUT`?=?G<;nJjp^agqvCrP*TdcE0OV$q^5S(_!oX^4#KPy^%y zlA=h$cyb3Fo`;O zDiZ(!Yb$J73LR$8ge zY>Lo{a4}4Vi)V78Nt;WX!7S96npTuZPi{EF`6PU*N#L@0lY)>ns;StsZW&IZij-HP zu3&Nbl;%)pMrkEYp`ILq4pNY=fzC2W&Y=)$GAZvR=91dNIS|Y32OI2Qo(JV8_r`OB zW^R5IFH#FtD<$oG5W0eE^w2X1`x4m{ALr*mp#2 zr}6q&6`N^P#mITNDN9XB4YM9m;U&!H2iwQc43qjt-0NPZooNYDn_5DKP@d=yrNf7R)f!EV%2iiI#Zg`ym# zEBFN}&n6ZQSW(FZN&ecM#PuUyj*(edg!>cmCQCIwV4pw$CJ$1fP|7Jb+S9N*M#92-KF*y<$@9ux6nJ4y|ZR z_v94&VIf42oPLyJ1HOmY0gVHbcH>_KgqUZ<;#hR(-E@BE>`Tk_M-$TS!(LX#_0{Ia zT#8+C(tXMk&M5`K@C!vrEVBH-klK=#g2TL$8|0(JLiZzQ_X39|PTKAU)Jun4j1rkN zYu1we2C~pAQZk0#ZM3}NRh$$n+dMlR>VLI+_qjfhQvJm>bVXCE5d#n^agyBRAw^-< zo17Amr%{dtJW4q6$`mn;Sa7%J(PraP8M^&ZdMd7N1yR_FL|c-Zymtf8p*5aKZYR3y zh8syFtTIXC$zL%90k8J6L$9jgyyJOma4N`fsl{rDYC`u9{ z9Hm^d$A|~y?>NH8ed|H_7HsV@BR8)P1IHd5xi6FMFf%BXl zbv^ZIdPLpIRHb@Z->Tl)%6g*_RJ${Nid?41OQ0oajc_tm@a>?L9y73|1b_+X4Ib?J zYxSkH_J8L4yRmmcwMJ6a!Aqf=mei8eF7bZPDl}U}n!? z2Lt2j^QBaDZNjlHR-@Wij^H%7uD+Bsi@uEG=!z7h`W=Q+w2bf>QBmj;dO5?n_EIEC zYp+?1$6QvTp{1fLOR2(;t~hmh3NN*U@>yDv5)?jF3<0N1*^R%tX{)KyU`jFAM>&-{ zO=4VD0uofDy3?yuh*20ENF;IbuUcg?`m?CBYu2q^9l=i^Mtq5qB2*Cg1f?oU))W>H zyq1y=B;zR~S44|7+Mv8N{{UGdsOjdbi=x?Nz*WUbjUqTeZBi8uLY|Ars|f*Pv?zJP z$^DK_HS15mBg%0` z_;oOk?HCl^xr9wOk~Y-ELFylvM8}D7c{7TS!tz5R7rvt#oa7piR`j$XQiEs=N3O5~8A8X(TBs`BQ+L z^^#7IWOvcnsIqAG)b+0Kr+RU=;8oSO{*EkL19_Seo>fK5Q`B=%)k{j9Xtxo?*C0Z5 z)BxIw5Q6UzPa+8b!fW1%#?{(!XxqQ|BKnD(>#|;&)xoy=yeiOUr6DaWspyocjUFW@ z!<}VczPUr-YfxfOx$iSsd6y-Jg-$iL(&D($N_aX9j4dTZp0GZI_H}FeX7yFNTMa>K zM$`J4s#ykXwq;F;NVp`y3wf0vW!1-FL9$1j5J3vT$m>^??-iJMEL`?MZw=J%M5_Xe zSNtxvvTO-EE|fat5qAr{f#=ja#*M z9-r&Ca;wbL9zbnX8Z=c?+b6@xM@vddkd!V0l%#>nE(645V@a^RqOZ)TlM+b|3@5(5z1JsfeU-I4)>7z4v;vdF^1%6r(p?^$;;pkjb`aK`dUf;Jb+6(NzkZvxqtUI; z=|j_0iL-3mhO)zyYSqB<{{S?(YKfWg6&kWzPq@TrWHk)|w55XY1Suc@L;cPo50-u?A9+m!Q7vnmv}tFXh)ha)#oeb$)v5JG^ChY`ervBbKJ1It=_P8F8A zBQDi$dJ_^>lg*ippK%8#0IP`}JN>h$V*`l+bhZBg$BUh*y=$dJf^af^qpc!Bd?GBMYkPbXYew-6k3X;HD`Aa$S+ zMsh!qI+9Rst2U7+nRX;;ZJ{MCyYH`>{EkF9k%Q63I{Is3=Hc3PcT)`(yh=oD@^R*2 zrS})sIDEV?Je>FR7|3;~#UcS821GirnWRI+h+uQ%;u86(k-c zgX0T>LcH{K?@`^yCZwV)DN)uhw71*^+sHaRy)URzKLXcYr9djW{IKle;bh5XJT5^xz!{nm58PbAr z(Ca$ePOMq8T`sX>xeyiSglejY3CE1BB%b@v?~P^Bt{uOGl_GB58EGlVFVvP66`#65 z7{}8dd(YELD?!~eBdWtsm*rwpDm!xA2HC3Gl~?2h;pdpGrL?I1!b?Yw^2yd+E~~Zg zOl~bg-K$4J*TlQ|(|k~z{-gXH^gQb_jbT{rzOz-nX_A^K0iS@cwA#66u&!+$vEu_$ ziWc73G?yH5kG}MjsqV~YX~=m^<0UC7TS^3s_EG>OYgRGD>H^}HcmOqb-|VzfY5QL_ zD{6;Ml<6P%#^YtMl6-XQY01_JwJ6D1NTAhb2Y^g;z^p`l#H^nxOKDLl#y*+ObvI7a z(`wbmYI8Rlk5y%$QHs0;t%lG+JvPEyAm{!csqZ?HP`1{OKzZ48D#eh?t~6V4{zX$M zaRiK@k8t#U;AgL>*ky|x`ie((AF|SvZS6PqvNyC`)Wr%(zIwwX0uDK(&r@(Awny(i2R&M zI6Ru-g*FFdl@a6j)Q+gtvZ`uYqT6*yPoxzht5m8;pA(Sc3JWc^9OR&SAdr*y)OEUh zb-Lh%Q52RG!+~aPI*~n@F94H(mAM^xY-b!u?;5Oux-7(wkmfoLBTZI2bn10M0djWI zf|NKgw<5;{z&@%@C4}edKAF}FTRHK~d{sJ?bVy^}C`^Pg4JlX$2aa9rgV*!a?k$tI zbcn82E@-yO)j8!nh1KX%%F&!9Nk}0batb{pc6u1^S@5mRxW8IkNWE-`j74n-jvr-k zTfxcVfTZWIsr~$&F%UbfPB)W0+oe?_Y2B42w9{x8LfiLLhu#T=l#$Q?2Y=!RIX*mV z(R(+z)Oxd38#a|t9@|6+q+HN(Ukxkds8&*2+ z+XRD={{XL@EzLu)N)swJ?^PgAN>iGBuSkAOWT>cuRHp*SARhY15tR4VpCZsVLHdN5 zwAl4uhzhn&+&vMHYdb8;-AV$TeaqRl{lateaa)765U&~5J5;JQDw?3}0+1U@RI%|$ zr@ZJHD&x#b1y~&pv(VJaRhvh+g4Zj5J*f;Q_-eUqX9`v``cR<3B!iL%@AT84(m;Tk zWR1&Vm?N4T6#cmY*D|7c2b^e>l^h=*DC-(VFg6~Fh9nWG?fblx5=#`sv+-?EEmfuV z{zoMu7{O9nihIE=^I2wH}GPfty@kll_kWG z6omqwv*X634b84x)*PC1bhl)RJmu7-%uC-ac3voG{{RR8l!EC_R6ELmz#Z!Ws`U*v zk8<5@l@6;>sX?ua#ycpeNktxGD2%tHG|R)kh|r-Ko1r_=t@BY-J@9raHFM8N>qO9STVpSSZ3t z2L(s1HU(xJI=i(Bq#*QpsCg4F)CJ1&A-TC93?X0J_Q=(PEYOHN@< zvaA#+j)J(Ji5ckm@%GZY7BxY{{#O(*qs1kX_aqVq6tJ}sfy?}-#(d*gh#>Yc{WX}1 zypokSAR)xKjtWU_Ad!x{13h{Eessp8RW22)5m&Y=)GC5$6Mw8^ZjD-sl7zX|3okOTLdv@t2?MO1 zdDJb~^-Gu{-K2aw?SvPo)yI&P46Bbt2M#B}$T=N(?^Id}#gn*w!oGPe9RlR6TQgBQ zks%3FVL>Q;ggV&do+SHg1q9%coMdZq{X*5c>k6yKQ+BlVEV!rJb>+rU$9Uir<7-ln zSor|!tz}#`U8^bAQ9-Msmr`LW___s2YAQ;TkfgHc92^<&0Vf_$T8hu6)G03r)hMfF zWD=CGtp4NfJm}}NR|Rc!QyUr;Fts;U?%PjwhUrwP&AhVfPd^zeD{!kSU%m%7Jn_L+ z22WYms#SW6axwWk(a}a)-Y%Dzd1;8_m_NjIkV;T{AbV-?jQw?^rcGiUL78(PB4aHq z6~%RGN*y2Yl9C7+`)g$;U6ocSLMU%i+*4=XlHA2U*USY*+}TU<+CuBpCkcA<{ z5)_3e1Q2jR2kH-6pIi4{=)j>0^H$q6s$^9KCZg;>>#^ApJAew+m_p z>BfNTwW(8CX`tdLQhkW?+**>O!H0?x7K{)``LcWS-m8;q$2WD5#7i5FdLygn;Z;Ry zIV7C@PIbJX-<8TVrWvD8G979) zQB0j3Oh`hG6qKbnDNx{~oRtE5>rwfTXH%W_DllG-u%eQO+ENZjk%a-+`j4iwA?#fN z(9YFs)A#;8zfx&%)fQwGW8aJL1r3}ul$HBr65EPbV~d+J>Ze9tXGMLX>a3&!#J>cuD zls<)Z`W`_GM~<+1$?IAPPR`VI>bYgWvaN%i(hV-o+)q*U&Fi|P4cCusUiXD+ml`yi ziuAA}MXMN1IJNstRHLLW1f~0gB0y}cjzwIGQ;4nowbW@lQ!c$(ziH6!nuTRZr)=%X zZ`7)?n_*?9gu!%i5rU7*zvFN%fDm($iVlsua${Oj=@mPouPQ2^WnbaBiY_%Z2r0r{ zl!BK6I#J=ogM{jNx89=nR^X>U3SGFA&{EsHWK$UrxeW+Pj{@6{A9=shl>(fUkCcrt z*j@JXdlxI&i;Q!rz;vB^kIvO=ZWo|E?%RdNm%2WSt{CQ>Z7Q)Mbty3}IITiMh(nU* z8cWaP1!+-Jfe8U&UOUwvckQLEce-P3Z61v(pv;#405Oq3pUt*fJb@n%lCF8i20n-R zixO?cvOBRtaW^L7QsUQ)CgV!DX)eDOqFODM(!-6FDQ+|yz%j=zn+eKNaj7QVdVsgA zS}m(;ZjYo3M|tUVs&S>aSBp=oTh%t>rR9>8IUYj|JoyUc@3`BFRuU9Q0BY&&ZnS$e zQ5nqZ8H0xdx6bv>)O#l2cI=63TJzz#K8m*G(j(nepMZ7uQnKM~JhPPKl^$wJe%*~v zhV0)|cO9*6O_-US5V)Bxho2yz?t+sDn z`!6O9G5VM0yY+l3dE8bUx@@}T<+Jo{ zvb!VOO~ht;_QP}Jrl&l*gp>%Z&O%?7wt}#--^z|E8R%*oCS59)*od0&Hg}hw;Zo2x za?rhL4qU0F)$L|vI^ttLT$+vrV4u|6i3-8Se^EYl9q!ojZ zz61cENg35Ef4Q`gEd!BgU*svZPTc zk+%wcCg5R->G*nWTw9T&Ky|>Zq-QZ)3zt|{aWt(%&?>5FA(?b%zA zYfSAgNpO9n3ESYkT{>(u4iqv?#ph%xHj^mA`;cbxe?rh9YhZZQdw}P2R=z2 zH4Ls=bQ^wp*{IPg(47eiDR1GONzp>jMRW1 z`G_a_dDhMSjlFCJO{*&1wWxB!L*B!!%P9#~33G~%VL<0O`)flGaogvD=5N$P296r^ zY3^4wMcR242q>tcgLDYbr!Bs?k@zb=T=UO=%UO}O!rY>TDy+02PAB*&uEvqUCpbCy zP3M)zhAmAMM8P=McYCxzZ*C^JsI>J!@05@Ar&nMYZNx=wE$WQXhk6rzB zA~w*fTK@nk=Tb%OqP;E$a>^?ph@CEKdC?r^g!aS@J=(~@t$Ml1g9PMja+mctg;bE_@<~eniS{GWg>%cwC)lKDM3@I z9K3>hI6gI#3u$BAe(k#5dg7-v(qK_~@S&ikwEqC~gV@!nHr|6eB-ZFVnN+PxQdFcx zTZw76R8^mts4ItgJ_mZyN7)#%mWamqPsg~|Ax~zG>#HtfC9qPznCBxPeKV}z6OMs) zL5PXA=Nj%SWBvj4D9a0w?H+k;3FP7U`1s@d;d;n{w_D_>AL44O5txFr?Ux>^wv4a5 zWVGN=Bfg2p*BY|wmZgCK4K!#sQ;egEgY8Hj(C_B`DfzLIc>dbjSo=x3w@r1JJ8iT3 ziqaOBRP&MT$JUopIF^VjKu#8%ljQgS>vqP_H6?kD#=kA)1H1OCdPd#T>afJR-r+FU zz5#YSZ%k5i%dC+k0y@v{ok%SkQuwjtyCT_+rk#1P+peOfr#U1La0AYsJ@?iR-&akM z>HB}GHyaNPk*_xy*=@HXM4Lr~ID{=hDsv8$l_da`92}ewJJsj6zK#78QI@B-gK^t_ zT0&H~tXmS|Mr9eojE4|ibgLN&Eu{R!XCqhrZP!!gyy>yz+jqViAHwAr(l<72Pjkns_Ee>gkCbIU(>eWyr!)`4bJY&&(caujF4#q8ne46kw-s&zV4>6}0Z$)_eU%h| zK;_36>|}SY=dx^HM4MLVxU3szbGFSfn+r|kt-o~Br>qcLQdcPs6@>s)-Wv*0P(64O z&Cv9d>O+6145}}x>V&&~tjb-5PTUo$B-se#pK!)yqNFp?!j1+2=w}+2O?6s!{+AfV zzBls)FPOW5=!)*x>sgAn=C@9##FV08SLt-u1Q`Q}Qj;D_4lS2|S877BoR1*uUAEg# zY+N+gA~4fQijsKDmtKGU<$Vq)D^iu`13Y*Pp7Wh{O&aiH((~1QgSS0L?fu;zrA(PR zkw+ISihNnqnNmWT3ivnDwtI0U4toHvB`eA516FHwcOq>{rD6Ip+M9x82u;eJ7SP=n zVpLyo*?$a(@#C+Wq(}q>tAHRja!4KOntaN5GziuD zG*?~Z^!8@Qej-)+L2=9|Cm;Ybg0Hr>a9p=8`%S2q#^T>im@N=i)jFLfo>Udu(Bu3Z zN>%!^j3o3kfON~Za%)=`ay4)IliOOZ*;gN@nQdG59A$((6s>Lh%#w~Sps5NR_=Avf zoM&3epNVy~wl!*h`!ST64z%M2LgJ;hLsJ>~i;H*{7NRmr6OPVLSsJq}HF=ftSm_Q{ z$9;djZDu{TKAm1|nUMD)wOV=g6Yvr35M`ANfxS3% z*TyT31u*oILCcD7B&2u%9$3` z2X+^{mt>k-(7U%GUbItCj>^=eW#~oDen2Pcl#osarF(^FT2W_4xTxE4c30{$h+8pf za}psi%9Zmt+TKHmNGavPDGMa`;Ob##?Uv&u*$!8hW8OU$Q?lWll2b0Z5dX?zn}u;E+O! zf=Woi&aIpJj~T0aGyBhM#)%zNp&ArIy&TYGP_0gm^sEX3LNe!VZ8hbi*qTp zFw>D;_ZX4^=}0+Bhh9kljF0E6yPiU3)m2t)fP~CST~SKhSX+f4xUNe8l@*dzj)5c& zhPdjIjTry%24nvMciy#EyYHN=qV0VxdpCi2aI@?gA3y#gG(^iLM&ZqlJqsREO zmfKRCRDj!A`N_gmtO7z(RB`7>0(9?PE^q`pxoX}_=@iCgIVqkiv;=WdT_02O#7T`yFIkbCibU&|H)ok5X+YaY|WA zLehCQrEy78fLHl^5anJN`9Rp zQU!4(XhLw>h&)mU(Lp2?4+EptkkuUKl6Wi!TYW7h^`kAgaFq`P{g2rG-)(HEH%#h! z8;voB=SOWIGa6!+Lj(T+>8KD|KTM|@WJe@W{kqCnhb}XV9GQ3rTLddS7N002B>h3+ zeD|zrkzI<0rYV#*)Uc-`gs2h6kr>8F01!Y2ybrIP8iS&qWP+WtmD@GxEwqL$+l;Bl z0}MMst+a=kn0YG+ZA5WxwDJe$DJMDaS(7R*#HosX&qfr-!+zVbtMQzZ6-6ZR2p|_n zO3$7nqxL$0`SNv=ioHcJ1u)4gU@wvybLI$EMoM$~Nx%e;AOL#R2?*Um!-8xn1y5-% zs7OU+PSVXS{5UGHXQfeELcXWU(vWbRsCma{I*m_-GMOO6pBZg9FnBC^81g>)-qY*Q zA-vr}fl_{xDYT@BYh*nQ$4SDLLezMSV4S4(I>%a*F6Xvt6!w_EXvk_Z5|oKF5+p%! zC4Xa=BCm=`2uV(RIQfpNBVDLj^0PO-PL4O4Ivf zcY-nq@IfH!dvV{U@TexSRf_C7gMQ-CKAkCHYjH#q$tqVAr}Y!SB;{S_UW`&LBOOs; zJx!eCrxxUC4^-S}vd_(g9Hb=CY5NWdXw2_EOlIF4R2Pn{;eT~PQ)Xv#f4dM{edu=FaD+pmVAG(mmplmrP( z1QJr5C6mP|D+B}4&(m0t?E8YTOjTxsPF(21N3slMC2o>Q!S<3$z&OrvkKa;?{c~pL z%4)B+DX7`5p%{K7fVrr6g%tyokJ&${tGr+gYezDPEw*G;y@b^pX)Qk@vqGA*7^T-U zhe#MhhqUoH2`9<%s&iTml?;|*-9;Y1p6f*PX)xq2B)IEo*44$vok2>Fe#9QZ*P6mq ztf?T8;~;gdteCW^(UU$bsm+xu4nI6XmyCDNz1kfu4hnLwe`x<LwPKP zl^m3|2*A(ZS{u*Suc|B3^sVlVSJkxYoo3*nvrexwT#F)lDvU=;ksXIb^g7!3hn(V0 z17xj0r_QL(3C>8*+d48+*MHDy7v|h4ZW14%6EEF-hBPpsG`75|ky> zCfF9mQe>8SsnXh{PKx4|;!4m0)KmxsIX_9Q#rTZL-O0$8OxP+Dl?qc~iA~bB8p?T) zu2~B_X~jH=NdS(B0DnFs!Nv}pi85p4N0jSe`3<_HgZ++}EW65w!1}Q5S7u%wv+T;f zf$(<**wU@{>63miGe)wl79XrhD^MRB8Mqu2lqq0_l$59C9ekkZllay8v_-2_u&hg- z*0-qdK@3He8*iz!+NL-p5QpgT~b0;NmoenWLitC6B)X;;=qKbt)N#^4&y&PtonVZpbaDMOt))v^TL&dd00H$U zp{dMv3#qX+rq@*Z1N6fudF@)2#X`BQq|`q(R7BBhbw{H}k-@a79}XIECB-RD@$hg! z^PFp?slJtcOUAmGpupHEFxYiqNvhMRk2@WtW3_yNOIAL~$;lejdMVoN?%EGe@U3}% zjIAq@Ot%$ZW}$HH6~j@fMR=tuNO9&Agrv3-IH4Xhk&~{JxvF(Lw%Bml`xU>ovfXJ4 zU{m%2a$<)P5~77IQUi);s~~~IsRswV=e9X=G;m)J^#cxzwO*@i+HH2FQ~Wt>__T_A^an2e?W&t*RL2}3f4L%{>q~G0+LDmIC0RJ+ zHAZG#lWQ2G#fDK72VHynu3-GWg;jCeem>C0qe|=u?$`40>pajs>>sv%{bO6oCdbfe zbf)eKuI_$T;*-nr$q~4`vYdj3%ZmYdBN+rGUvcMMKL&+avMwpr%lG|*#-*X8yGfI5 zPM=;wPAFu>3u%_XP$vaSQBHg)k2x`~O`P0XoQ5iuTUHFzp-(+fkF!%|IPp#q?Wy(2 z;FWkF9GoX0eKmR8zEv)seVTh{-**+smYCS-w*-?6TQu%<-cr>azcMeyw1$Er|R zCVV!w0;*B(VMPo%E4CvoMI1?U2}-*p4Qn@g2d}C=+qbq`%lKQ;D6rajx`UNF1{E$u z*zP2$C2uV}vea1()Gf&_23%3XSW=#22?UZ-lA)gR?F`KpfYwr^)^hD#7FDNQ)wTMI>H305)> z5|lf{WcldiX|!4<=)WjaBc_QJ4wRN@(Q9Y{O9YNd=C9lXgO0pv#j5RHze|QEQf`ZW zsL)9Fz6$8}+-&6eOR>;%^f=D6Qre|OLoU%NG|4j3vF)mD)PSTU`3WJOK>pucoa-#M zZvJ>LKu?*0t!VA9T~u=G^zFE>$3*JIp5GNODpUvBQj`etaBxTM_tvIX(b~~TOAv1L z%55DYGUGIWus>2%q7+l-ybrf}l)YWt`A>>VWmIns>AfiKLzi8WJ{{qhH6Y_G z5>5fjCkntA>~(?TUK?k$_9fAA)97{G!%QaLN|!9Z2ia}3r3Gq8bf}I*fCf{7e%k6i zyt(PyX-0`^TVAZKR$@}rmRO>GRTXVEq^E#VxVA%%6!}pq&O0RQYs;Vu#F}Et;(He< zTAO{mS0&*FCB<~n+=R@OxlxY+*V~YYr9ipuspG`E!2G#M1dx1ZSM@7#?oFPx=Grut z=(W32J#lqvWZlD{xmu{wpK+uxzlUXj8(Nl>H%FX3(Zz?-n1k=C;<-(B8|-loHgQ}nBCKD0jP#Z8q?sW7L)LG3Z{z6A15%n3o@ zaoN($18?1J7{)M`xuxAiDvF2eGuA(*^`aaL0`7pz65Eg@Lz5kb+7sfzSoPi0z z9d+ZqZSGH5NsPDU?+2ut7N0rSQmUHkyA4iuV%%8{Wn@K5ic-nRS^Ys-&w8|~KZu8< zx&$zbF2J{JNiqGW-K^1e!bNFmN>refC`e@nIOL#0!->fOJ^0i2e{l9XT{bk$@ZKB7 zn>J*a&Z=qK7KK7dksU5aL3C7>=eAl}77%a&DF=xhb)Ilew0sKb{^qn15pQ`OTB?$F zu3t=7OgS{Go6{E5rZnKBOAPEA5tg8=f)e9VxwX;#NFa=Y4nWoo*LVIJ6t-!W}edzQ{79?tPZMkg`TjCmt685>4Mn6g$0&mNM z*aPf5>ukN;^i_JUB_8D13$muD?fg7fDAhZe`OPOKMGUy~g%E(HDO`FPB%N7xPs8?P z`=&b%dLz1Rs+(#miq!*eYECrj(65!o-fnVv5}Ye30~o-;)_Z&RO?M3$L z*tjnG6Silje@eCal@}imM@H`4)fjZpQ;uWYnJF!W@a4ye1got|H&fE~^zJP_F4wvE zctS;43?gk>rBSNKtWqCrsJ59bsksd$wIOMBA+)%)5Ui^h2U?q6SgO}4*0oF2MQ*(& zs~|T|hkC;3pBRS)pSvn_UM_c;7HX4O$95H8fC z?kzSfX-ZaFlkCTSrc{CtA`*K>M|}gX1of-wuW-FOUhPuvt*wJ=CD)y13|dX+7Pl3s z$U{YzedzBzTXhIn3rf|VN3RE6ZCdrW=-R&lguvVSMCz<&kfgg?ysEVcZn?xIPBbcBfVJ;<72S*+1zmSi)_+jD?dN=ZrSK!cD^p0zCX53rl1>92I^TUonQd6B9S zUUWy8{3qB&NrXDKgti2PrNuI}AzW0T3C5z;k7`npS&tSo2$Byd(AipBVM)N^IcKr} zS494=r;T&CoZXA-80h3+BT!aV;Q}Hgw_T+?+Tv6KoJtuA{sMu*n^_luYpyELUp+tb8_UpZRd^6J=dPE2~N)TLIZIVN1&OWCkWPz_rog!^9 zG37~w<1yznUV^6xCC0fCo{!vP{)1i(xZ?{;?5w3|AxK(I3P|h_euq+Y(5*v*g|wxG zE%t7P5NvOt6I^*}y67MFaMM4VD4tWJ6!XjhsA<-+eLU--`QoLOf1MJ@MS9?+1;d4;v(-S?U#08URF zXByPiD3xj}{{RnEfa5ACO43xGl$9hYBp)55fERC6hXLZm#zUvu4+M_iSL61<+9B$cHlBn*;O+3!ukq-c{2 zq15d{){*qry*8;*qs(rjN}TL>+B}+drC~`p#z*ghMz(dxcFjhtw{2%$hY{2l8e*n6 z`#>WkdxVg_#sMC3HLj6KsYG+xlLgeP2{;MQN>3#C&y@F%wx)<$HSBn=Rqb1^IbA;+ zQD81|opExe57i@)2Pzo-L$Q(8FaR3&i)>cvZ=p0=WLeH330kATaZjy%=OsVrK>pg) z<32mn*m1^P4>IbTT24~p6jG$0xFfNm?HLGdHEf-UPm9Ve!AO?^N4R;EFj5nq!a`My zdGX&`Y-?Ur)_x)+=-d>(ESHp~{nOAPB&Qh!;{=Zx@!p8{MM<{T8fwhOl$8%^TDgR& zLj_}&aIAPbdvd66MqEg9=TqBS5)~P0F0$&1zGbfkJW>;mf>ci(P{>wa*anMTG7Q>m zha*jjq%EcKS;jy)$C1(fj(hrR#5t3WUtY(Nt^H1?A=p991-usyk8}O>R5Emd`J80772mJY=saBR+n;b*9a> z>lC)jwMdI)C7*Gn0q!NikUCO1BzezdV^}!C1DNSqDL;I5spkW#vB|lV-z7J5ajuw; zI^`31WCro>ved}RQpwLQ1p8$?^VUbp`|DRNisj=DWky`)DzfA8ar(Tfm}yP7ll(A; z3PS$*0FmQS%xMZzq7fVov*{9=N-1{#0KyQgt;0EPl@GVf02)A8PRLk_R!(wtkd;zZ(u}<0ztQJj zaFGde+x*E-rav#^E;<612kaC;&+|IiKOV;9pM0~AX!gsfOUfZ7LzfYf2iF7Yajf`tN-RkUaoc5?C_)G= zzbV`(kUnF@Lmh%}I_&E@g;=7_uCq$5w$&ckS+1EiLiT}0qgqWsl-j?R*LIy%%3SJdC%fDrw_9k2zQ%UO7dM$TC#O*iNx8^FE&r8 z#^)Gf)%QcAwPbps+aFZkm*>TWyVuPk_K8}Kw;H`{%9X`73@L$JRT4pD{H~-Fx!QX| zfk^BPXl$+I+Y1)wrPMcW{jjbEAUIuq1$u{FQp?IlT2pJ5N)m(|5)_=clY@Wtr<)hxgBk*IOC6TJU(oN0wLEAuN(N&XV2a{ zZpFM}OJm%VZl=+0qFijaQrI;yz&1*XP!>Ts!QVb_h{$@$4_1|DEVwLA{JP(3ZS8tZ zVvNd~SyOVo*NWYJD^JXoHkQarFr@`4I_9CeR@E*{dbPiK?fthnxZ32_AX8qa%4H3_ zmjWF~SwxhcCoPl2=k9VZ{j~K5>N@7NPcMkvPLr~00YF``-Qx@?c3ViVV1V%eQjF(3M;QTsPW-{gm9&CDqj~J zQ%)&rN_nWP9<$!7*7vTl9!jK9Att3VD~K<%2KlGDsH^BCD=y$3`W{E^ohIyh9{fP- zRjN0sdgj&HHzcRzC72g9HYQdl$yiF3hZPgrVb)nffl5{w1g{)U2v(w(w%dLnH*AKb zZa1kq?E;p@J}MOsky3(%a#DHcAO${x7&$p%#%>xs{1Z6 zNG>TCCey@X8zaDJGUm3Gw&7BM!%hbRvQRo2+0&O{?VYG8qQSWDi-suo8K~V`i(7{x zOaAvHDMBQq$7Q6Wt{%#YiUH&Th}5zV;v4FIHLE7W+&@mz6=q6(6D3DCBUPy3^rU?M z01Z(%Sin{XAO<=bXEU@aM<&7jTi-|qx`DD)J^nnCx0RT3=xKuOemao4RYoL=yRJnk zQc7JMWh^I(k`$8R&i$2%~tSP_<87k`^U0gRW zqL>s&Pt+jTcS8M+9?AvfO+uV;L|_7QfCu@!b*j4Wwyv54K}DNqsz6`>nLuX01tuj% zs|sRJ*aT#{!3RD%D$nhz*Md!w8OR4w+xt|-t9Who*D3fCH@5DI5TqtLWYiFsBjIWU*S?JLhxYTnKq;gIH8rx|xjME-Gy;u>*sFcxte9jU3n{HB9Pq)@668$y#Jw+1`tKe`G+6c!J8Dj4fidQSE3#WmKU(=XW7i2PI$ z0)bgEWhVz9rLy-G4*4ILV^Y>w)UKIvQZ(}#dch;{OI2p=cJe`-s)wjgP}hs_8gU|Q zM(Fct>`ab&DER4-fo0BLE&>(S2st|GEu8gVYkFjWt6$UYaoau>LP?Y()Tf%1sZJ?J z_^v$UR{kfCX+o5PziBiW`>I$u2qsU*);<&GfGSgukd*j9A2;kf*6vR8Lbhvg?Qc+(eYe^>jz_j?7X8DvwN*U<^^CS%Q!6bk zZUU8(g)9E^@2vj-shkIb$0WhpfO`%45>91{_xRK zfL>cC$wGhx=jA{CLQr23-J_H^B3BE*1&HB_JUFl zGC?G3plQ2xBDYRM*59uEre%jxB(#@ll}cKRyvQ62jIRnABLlIH{Og&wpYZ#aeBRYP z!LIGz@K>eWs#>cReVwmT>-6ahDNcRXTW{P*aPTBAIZ;u;#-Y+Oxu72JfpuX99qy?` zb=~=Be9EsN`1iFN?0n#*mcKTIMoi}WsmTb-%)O*O>#($RJS0rBrQidbKOTZdB6w2J#~#j zuPaA#Ef;_7E1Ke-2n%hP7jl zr5A7FIJ>KE{l8B)e)nCdLK{Ukb+fng8-N=@aVk`InhG*heovWU1wS@PDJj)?dHSpM zU3^;-?X9ueUEKV|h>j>%Zat})HB7zjj%h)DGTLQc@0T(Gz){9dIL;rged)E^fo0NO zqBx3Nc99*Bw83HyIbjNh>!B+06r`hyPcF$Mja`-(;$*|Mr>b|R&s%U{(wllr**4S9 zsVPE`q%`B)WB}tUZ~#-qWd&#D)?zk>>0SW`>E<^A#-6G@o9Sx!vaH?VyQeiq-<^PG zZz=H7w`!Y_e8YszQ{QYMVmx)BKJvcHL=yrVpYIdgBc#mz>$Xi^b6o9lT%mb7XtPaN??>DWR>(t7q`;EH7+NM(N`-Kr| zHu`Qi{{T0rw&F|3M+Ge|t(L%3Ui)iL0`bV~4O!oZ_oywP^rO1dH`jbDIW$UbP015> z<)@xzaAFNn#lu>~Pn&NPvfD1l%JLK)b!D_EB}$gKG}Bi@uoAVrq^>qN1Mk0r>(5U9 zgEkLuY-DyKdU4QRGOhN?I};=9XS*NNr&$`4$v~p<|Hm2X(&wx_4TG zV4^F#=SZisYuu`R`V}%uF&R}Q-V0&LOtQ*&w%U^3FxtC#eA(4^aBkP)&Axl-cTnx< z%vzL1(orheyyIFjr9y3{;<+L^AWoCXF(XSWLu-_;lqoE7=<5C2FG`kO65z4!+tTaX zlwP-N81OefJ;s?*CRCbmA=ScERXXG;Y9$PnWg)aWf>L_}RbVeVR#U;1*L*JPw*LUz zUpzk(?^o#cy|=c_Lc3xLbjnz2J-Vi5#*(+@Etc0Pg(ZIK7*ITw?*I~1*AOtgaI8p@ zCP!B}ZL-P&l-i`aP=%-@k`weQAY(o}0(JFg@dErieJ^cx>bFz$>v_?tmtD_z)LN|C zH8@FqJd1)rNPxpZEHZ(`l!nH5jF7HfLq8DD!sB>$H`ApD)IA18N(`8D>2XnOIY*9& z@D|dR;{~<4u5Dnv`pZEj2Z#zEC_2i4qP~X%kHbL5#M`6C=LPdYi4QWgzZLbiw49~J z)IlG(BVLsmNS!0%5eb$*hJ=(yNeLw>1D9m>qB$SjpBnbKDb+ePetjCageG)J&a*iv zaSI7~Dj*fl)VaCUy$2~W^?T{9uFmNOMP=6apeYEZKOAVFo`Le zYOOWzOsZ5U^3yt*F>E@VVQBM==LhfOQ@aj6+EL9$(^K_J;-_DJRUREK%AF!R=u2<1 zW6KP#I>h8Yc`c>^N|L6MT);d{p-c2*66n7w*6jmqw_=M=hea`EIWui0+!7$v!qR0I zP{JaZzY3D1m2r0}X+zS-k0T3Gmdhn7eQH*IW0U*$ z{{TIEvT5?_u0y^)I#iRE(Iym>IPWkz$@znzBx9q{{#ezYdwNB`>eU*B{{XSuO?Osy z{*y|lPODbffa~HS9!o*Qb8)u)*EuYyDG41b{sgIdo_bf>%8kK(R<7?(67NYgSt+U0 zS*^&h+dmggb!bKp!@8!TJX$I)1URlIIIVzRQr{ zKI3tzvME;OMxpG^sxve@>^lXsg)Ocvt;MJmgr|Wc<^ac$4&Fp|Di&Q~3Xtl(r=nDX z5Vo`5G%R5uKjkElPJCeM-QB-RTh(6N3T?Ae*|%-^Gb(IQqSxPx9+N?mV>Z)4O(6}0 zpUOU`o2n(l2_Us{+p0p`U$}{I)*B=qh`<~a zpE$q=uDaGNsw{VYlW#z^_qjEoN?43pNQEiGFhJFHe@NQ&}gM|Ewu zgOsfb!3XXRvK3cyTj_SR&&H>aE+xkbRImmB<_19e{^w1dPLl{Ey0%b4YoN@dD)o2hiz?W>zDIqx{ylul2|jDhqyBfVu%l~S10 ziIOa(S3z)dmRfw25Ik~hf#U}UT3vd_pEe*OEZ3UPpK0YMKiKHbbW-T9>*s>Waf(c( z^7!>dcM2}H>|z@PbP|pkIX_-Ncb$8;7LgRSJ|$8sszP}=8gna9QOArRc0aDQN>LrC zliy^V=qXk*K^gD88HYl$$5w@9d`&h~W{~YX#dsV%>n@ccY5xG|J`eu@c0X+_Dtvj) zsS2#cijX>TVOR?NzEr5|4LL{3e4oCBJlkU~xRj5&m4T&bs@Sc#wcumty{N8c=oIu;~ncl5J3L`uD;d!A=o{+{5v+n)1q#U*-~dt-J5DG z>$;&;xa3YlthmdswuQh;Au(G+ZXu<$#JcET6)Oj+7TtaopNA4JdU9>On5AwUo1#pG z(PU1#N@F5Q+;n?h+-KTlwwhX0-vXTA1do{~ROsAV90Ktq`t%V<=C~7ESDN^70+mv$ z%W9iRr^uBh<#A>_R#f8LI4228K_uW4*V|n`=v!$m{iWQBe(?I1+G;&=in?;8Ta@Y7 z1v${EO}qh9v6m%2IH(VE^erHed~4{9W6^ived!Z!FAc_{dT@66t(U0M`TGB}xY-E3+PpXjj!;b|3q5rbfGxw7D*u7R8-aW)wq@ zWsJj{b5B#&g}XK#y&;5zAgAYBZUcmd`4uN1 zgO43!W{1eRc}yk%hPA@_#{K^QwOn0agx{|}c2&Vn+4>3u`kI!CT?cTe&M_H>4>r<} zW|f4bkUnB?fC*7L>ur|&8NFiBw%P-?{{X4~08UYAk1$)CXrpv8u1W@pBDDL%jKCIdQZofq{X6sTAHc zhhm?JV4~jrJ?(T&<@h#l^#anF3S|#xw@n`h@f9{U%q_`gI#<(eLJbKIsVYxAppHO~ zpgN;y^?yu0n`)IxHQ8iYQWncghgqd=JqzN4BbY`I)Wof9EH3~l2Ot77jOrI<`pDe+ zmFUQ}LsZJuF$sp{CcS+-O_>&ARIH(<10iWbbAXi&K}6*JHFw-!iKhPmRIS)FpHQ1O zY3_oftt?2DI(ro=taK$@no3@f(sJ5W#|bV4B&!^I?^fon1a*bP_D&y81YWcq`BA;R z^||Pp(o9&i?@k_-rpZQA9!mD%3zAin&^}a2CmnV$2CYjw)d#0NsI0enKj|{7Z9u5D zh_sWomVEjfE-ybgZbOkDFLUr)@<_<&5va=dTE+DhOjWnO9+V?Qk5Q7_BH9j9AWwbf z-3m&=Be0i~^WgS-S7e=CdmHHIbLy2u!P?JD*B!cs+f2CfE^F4Z7-2|1E;&9^%=L~f zp8mk;v<8dNE=i_@=oe(rLu*bRlWlNC#y zP>RDLr6o8Gp+#5#amg8)wFB`cO{W_2t8P}?wFSt^kyfS9Etyv%bakX2ZM`xS=A*BQ zc$F+AIph`fIiCXyc=fq$xNrDrV~{At@*7}T0BbAGbmH2Kme6-Pa%wh zoDD>5FGtq>wLqCxpSJb{XhKkJa_SqqU7#@Bl>$`TB>R5zyh2F|?*r}P3m66F9m|cf zGDhXf0qdjgt*Dphs4H$Ho0oGpN+m88IntVlkLliHZ?vGkA=HPakmE=7`>E@PV^zN8 z(ft~49mi6v-W%s@&8*es;me85pq%nR2ni2+Yp9eU4mkrHTTOfV3S70B7VnXyEwe^VXr);jDlZr6)m5WPA#~uT+$x=z&h%ID*af> zK*xP+!bhq909N&@X^p$4?R{dMM|w}bic|_8QLy6`P6FRsP9!0 zq$#rYD{~z8l9l{z2Danr4s@UZVonJeSA4oT{#tn?zql>f`It{%VyZVA(na-PUXRmm zjp(IXl>iVPp}OTtJ8h#SKIgRJUtS4G`GSvWIKUc<-gb)=79v1@eCJi1ksLbu?ebY} zGW!L;#48BICrwljR(~w4w~=0)F~0lvGXFG94vkQbf_Qwy45dB zs#K`b(NU#Nc01@v2ziy^NdypZe~}~l>Ol{9_a+_#cQTfoV5RuYI2HW)Am_%oh9Sp_ z`d5825uk03-_o>c9-wG9G}mkO+xEFcT$Pl|k4V7}HlC8{SA14;-_UD&XKww68s$W4 zHs;=ym*%=ss8edGZHGwYQWjj|G5{U(NYB?*Bn`v6ZZihYAXljFgksMn`zof>+*} z_bzwfVAZeFs>iqmc8ww3zq)7?+VkG7sZ=ShpekLvSZuoV2eMM8l(6pw_{bMKS73!>>yfF8)$d5u@%UZeR&DNKQ+$3z1KwLWqu7z4wMcuMBONA!q^cS%ZQtWK}E#r7rXo~oiawShK zr`%{MK!qg;K^>mPuKxi3UT+QLWZeFm_5yn0vlKfPEr-0ZYY`(f*$lX*oOUR5HkSti z2qY-u{G{ugt-nzlBWv4K`F3)4u87o_<baz3jy7X7 zI&bn+x~b`F*Q^(nPqr=n(zpGxa+;fhTaG$~5VbZ@5CDPl=j+)y@vW7Q=%v~7(KFTV z#mT;!5?oW2Nc0PyHCS>bVLaft)Mp4;$2B&bfC(h`s>-qID|o6k=c-ZtP~S9YZ@i-! zhAf^3Z^eLb2}i*%t$VZ$LZ zU0M=_DJv-m%J_tm26YtrqM2;01cGkHYLfYflX-!i}=gT0HF@cfiMKy-OuI0o|B55eN_u2K^ z!Dw5b_+{3vdaQp^8?$6hevsOuu$m2ToR{56;+6A~yp$yLS_hHi(H-hK=HGr3o7lwd zzN6f3&yhZw)Ji>0*s~@|mYHdiT|!$Q67t&$9(}Z+t0Z&p8kb#LLF?0Q+mTeM@9xr~ z6c)pwmgv<&@>#$<0Fg@M2}uKzum?ory;oF+@BRF|>9DuMaOm_qIbrrHH%{Ev;=L*> z04?8Xp&Bwtc)A-xvQHjoBx6$V?A3QgQ47tt8{4}@9rX|RY3~i!RktYnDP~pMrBmri zq(OvsW}`!HJ4=1n55&Ifj;>R@lmeb{Wn^I~z)01j=vQK@K9cSWme{Ualj)mkS&dlS zi{i4>a{E(aHhvN-MF5u49&t-C+-+~S%?>Fj1uE3`@AYBmThqO;#?M;U_0@3BT^XoS zZVK+?OpLc&;u0467;q5hNmmrNl5#nG+;x?<7agOz`)e-d^&`90`URa;i1XA6Bg$Nw z?dZWzwDhz#q_)#ha1`IfIHZ-N5$+^5l<9$#DmaW@B0P>9-wyp%!Bh3;>5pi=JimHT z{Yb&2QfDp4XztY#x`ggeO5(O6K|<1%2Fil{phvdSij;nWYqv<-?@>yjt7~rCVl6`H zgBG6cb_7+a$6-7E^7F7%^2n#HO%%EBxH%q5LR8|qA1vtG^Xb;Wu&zCu^yBH~J=;o; zB_=IfaT;!Wb6+nR3297l1qGxsfELo(LyAULl>^C8otO1Dxch197L&X;_4NDo80>yv z{T0kDij=H4*A|Opwjwr=GC&0-98jN>ofX5SQ2J|++qmiCIB34r`c19ba_zL8vD!L4 zuV=OSrAm`kU*cMPT1`HN@}Hx| zw@{jkZprsjS$V`sQUJq^Da0d+R?vTm2N>5mV{-ymY5H94n1DeQ(^aoW6(jZC=_k{+ z;@K|xjr3<%s!U;-Z82PnP;sVV$8X`ot+N#fWGQOkw0z1}%7lQh7oBjkZlPc;3JOUX z3I`yMzP_XF*RMbDWJ(^>?iJ;>x8i3qYSk)SHl$m%IPQRlo{0Ez02yU1A=PCnSq>)dzU$jJDzkH4 zl-RA+WYlPl((cRo4kj#nf#}L(*`=hVX)mqMaZ2WajwFD!1C4XG`~EGvOF^>ZCvho| z>$f{dmb%n>?ars9H66t|3k<}Lw%dKaDOe~WYfre6I>;PDyPt^`=x@H=Q|!3ws8Ohv ztaZChs9I}7t=k;brlYYfw^;~|=e`l`y&RPUaS2c=P#WbRg7xyu!(#D`8W7RP*R_30 z*}a7Hze(GZFK0HMlTkMWiL)=Oey?-XAu$cvNNp=^4404>94WNqsDhq2KmlZGMX~lR zgR#4U^r^Qky&3yv2fp36xABtIHXv!GFyn4BjJWb!0bEhZN;y$dyBhfWvtF^c=1#)b zHlZ7Zc~)*2aA&GbWp=EJtQ(R?yxf+dNm|+~Nh~GqE9T#~!;*r43KZ7r`t0=!Sh;A< zUDYR}R48=jsr8FxG1n3Zb~JBLN zwluz$Z_f96MD_c=F{$<2LcXXKI;+xc$#$)E_%#W}o~{dUwEJ&23BZIU3rK0DE80#8 zAZnfUz4%*iPpKR6-R;;d!I>^)R;=16dwWze=QB-dhJZ@HF;mYa*IacU=Rn9(vaY!6 zkak}D+l|Jn+vdHx2FP+ESpNVOQKPvgDY{;5)u>5DK?T(&N|Jdzxjx!X06`-<`j0~V zShiNo_l&J-`lriLjat4-M(ep;B%-mPg zacvQjLA$YjeQSt4bN&!}hv`pdqHp)B8@B9+e_j;#s*)KnDdLPLd#dLQ%63X+Jo*|5 zb!kL=l&koB!bu$3*P#CZR5SL)d&6yQ^or%Anahm^vqeLa5kKd`9FEdk_g04hD?uqw zB&A2`ucLR@uic;AEuyMe*A=n;KHJ(w=kc*c_P|q$l%%DyM@xbfC~pz6WktYaLHfBm`Zt$j+~ze(SPtj*K7x7T@hVy7wE-Ci7KD6=kQ z#e^h0%2V&XIwNi=2qg+oQAZF^d7qn>pj98ld(#fcRMkZE%jm;vsnobs#_ibKgHu17 z)g-1dqkdmQA!+UAbrdodj7rF8!nLNw3lNjyc7vanrxJj{LT;hYtElbn^Lbr zwj!Y)9Z;CmXp!A@C@Xcvr3e{O00N}}lhE>Y*x&7Y(UoORSL(iy?6Fajvh6_?nzZIP zKa$0nFp}BR& zkorC%B|J9aKH{2JB)+aKVL?G&HQKU$Bz^~8v+EV@hS)1^nQGK6VCq<|*wqONs=w^4 zw9mXGy5v_wytt{=EG15RYR)j7e5<-Q!+P#jCh?np)avk(t`lQD5o(7WN=^iFT*^-* z0t$y@4QqCqyL!dknHTQUTyzUEqfcSUjj8&xaHAmrl$P2{`9q2v@|N&ODGE*q&Y{eU zfm1A4`NnrYEo=tY*TsFI+5Z6k9=}QVCfVH4Q$?9bn=0Cb**CR8$&={y7Z!(^Qqvj4 zCABRCg*MW_P*O+GjYGDp@JQNULD$Vkd$+-G?lylk_HBA~RnzcHLTEM4L-E`kc1 z*k}a=B%tRY>x{Ms@s#yhwi|bC?X8bWqtx1>NK^Gl_Z3QGwHt{kamk5!N_Bi0_ONoK ztC3O4Mo(R7xqpvur`^fhL^Ue>x~O&d>TOjf)k9PDG@v{G0Cyd04#Zj(*usmWl1T>y zg=sKTwK^{@X#T4h%Vge`4fu`=3wu2)>?YDuX}gu_)Ya?vRW6}UxNO@c7CaGBawbvy zR1^djUqgYn5$=VlNKQcST54tW>9>9NgnHAc?GQOO;OauS;Hw;oI^`SV)sE*^Efij8+&LE^H&ay#*6Bo3Ow|~T@a%?ZZNhWfQ)QPF zqPJT?LezhTpaQjle|oCeUHD9jhp5|9vo8F4G-f026iT$Vz8JQ&@p5H6IHu>MG6G9u z+ggTlypna%Y~L-Z7))W0A(7o=Yo|qi?O!|T>N9oeo2hTyv`dCvO4y@RSd~zXPpL<4 zbBCJKB_%T$b%{)=w6q7f5>mVn6fiXt+fBgyMkP{f@pk_JZK}7O2BlSQsX?kyYE<;i zi3lyzATrQeT=x`7;o5>i%QyDJ7%mD!n2aLq@q%m(#Anb(cd5s zcp4jI*wImnJUn7Hw>^LP>+KqaDZ7)(w6<=;lpU-ME)rb;iB5b8b^LRW{>p5>QgK zsH7!0#(Zn)UWa`-)9RGk=E?ek+|<_K&tb^b8|vGqJpwXQl2qeJacb*0PfAJ8U=1!! z?muen7`!YjAdn9ANA|hu#oqhkn*s&HZfa3XZpDw&5+zXlfJ~#~&%tMJNAE<&mKenyQXJWS+@uo3V!Xh9c)TEsqfbce zUUakI^(~6J^I7!wT#dZ9#_R4)!%ePkF7HrkiKHRq!)ENIGcneE+;a(a!R`WhAm=3I zAGy}Hi*W6&)dnrIby#p@#%+{*5BQ49ac`D^DUwHDk@aFADS9Z|}I4 zq|gd-OHJMH2QEG-$`oXvzl$V zu+){+D8kgMy!3LSppG(KeYTuAPDwylp1?Zj%Vvi}r&XuY_p^Sl7>}VYp$enV5R6rE zNGVWyT9jAB5soA%@yJd_slC*xdS$%t z<{4i!cquu~pp^aNw=AkLxvlNqp?fkJ3ixOoB)(e&kQB<* z=CuNOrKA@JT#pbk2><{()(+uXHCv9#dWCrJRgVdW{j|wuBpSk8lsTnd-|^t20Hc6X zr33rw%UIGce-A|41Dti!*THV$U%s*^5f?_Yx5CV(w#iCOIz{6to*Z&9`haha56gk$ zt!Kg8U&Mmvl3u9H+S!dbgt%%$cOkw?6^t+EkdjCk1QXYfrl^YT<5SuCjEIy?v9e^x zkjUd*q}ebE9ZHT098{NqDhl!l&)4gy<-@v{<<%XSaxB>KqsM#PZ{RKZOl)<>1hXI# zo<2w1XBv~f^t~AHfQv0@9b@piF5|F$dD!-(y2Zr@Zkm0Tlp1a>=)qdn?|pFeYRT-ZD1nbBzu!J}5VLnOqa-;g{m*vTe3hYy zXhb0MiqEL(a^jZBb(g7(C@DDX5SIrm_#?div^1L3 zljZKWj|~VUJ&gyk$MmIpn|b72qFF6u7{O1xGJ3+($t4HAyysfVorh_`57lTgXp^Hhui(x1 zRSTNB`GYD)Kq&MH!Nz=QGg+ThnJFo%)P5yRCyE?Pp+F4h0H^oYG_M=d_i&hOx<=|9 zKo82m2`8XFnhHoBG;&b->3I?}jdHJG3e{wqY+*|i%~mShK4ARb=bV4T$M^H8bsnQW z7YU8;bQUn)15Y(6!jb;~2v4?B4?t)AbqFIKPDkHJMn_rwy4H+-U6wLLWfV`Ry0##0 zgw~{rd~50i7;icRnX#OGPX@+&4Xr$Rc<7vVaCEgA_1jmhH6GC3(=kg4Bva{c`-wTg zTEl1|J(1pifa<=WQz|zze~?llQ=56D7fiV_n~t)a_MUDmB=&k9a60Q#&5@&CH405m z;Wxmg)1o$7l^R_$oM|W@G3KPHIY=oa@j1$T_pXLL@@Txt;D-zgv;=i@?ZBx`tFzZc ziqa%*9rXZ2TcFG>TZ}s?V4RYY^E^t4`l$Duom)0_hqu&3sp~TRx`c-_&AL50nGs1! zPv~%=k;sgL&>;Ojx`5hu2G6}sT>4Jm)hmxcT2nR3H3dp#r8pE4u%(lZK`I%~U4Gi$ z+Pi~3n-S_glA5KqCc2;Z`+_nQzw>;oo=4}&=qsWIHM>M(PAkX6zZW4pis3*Hb#(2< z^Ix_kS7`RXrYaTE;BiFUJCQAyWUQQEG}9{J8&7BEZz|=3k*NmV+&-Zyw{lYglVn&e z%yfK3R-adH8e+6gNeE?+acLMCLQYlIJJ&N^F!yGwP;O`c05J7gB>-i&seapd1Rwl2 z2WK6ec>3$Yp>q0`Oki!D#)yZB;?aQ#mdbE*+Sip}4zQe`8Pm!Ex+|1n%)2?d^yc~G zzLHrK?XaZN{{S`LUtU|DhgPq8RBKUkBgS902OwrT>cBW!f)raw`F@$ktGXAjUrljj zJ4&iId0bIll=7)_E)B`5$C^^2uWgdHqy_;;$^1fr%jP6?gY$~%o$6ZliXdM5wX3Ul=Ee%gu1-Wt=8BhVd$+_oBQA=adXksuGI5|Q%cWOPs5>mv4z z?RCZUg6QiwJ)gDRw{NP8jL1}5a`A;jVbW77sSc{Dtx;pZX{P>Et0&6OU=IgW4bZKw zvTN1L_i*ldmB%Wg(&a~`JyTs7n2xOct~~-0n{n3_@~I>*usJI^>XofrmrZH_r_naG znoqcnD{>t*Woklz1OlYxIsLV*gSB@pS%FZj)+w~YQ-q?iEU@Pk{GfnSlAeGE#sJcE zfSns_vkmmtVcX7=E%s~c>a8{UnAu7s=@V@Yq-G4s5=)NFfe8rZ$wf*~FDY)5oOZPm zaguZ1uxTEpuKJa=HlK6u9H{h%R^fh;NRs14#XPc9m8U896M@=N3Ogl0l1Yluy*1r; z10q!x@3-Z%$e_OxQ;wl3ALS(|J?ZW2Z4!ZART}%;IE=c6Lj8!0Ig&~6RHTk07&!p> z0~(+1(#0;5AJgpRB%VA<&{nU1gA!?W4OXoNpD}!eO4di&m{Nd|0qAa}uBumnkl?kj&f=rpv-Q(xN`RM`P}MY7=)_^|@0c$Ae}) z5yylsUUIA0n*MBYm@P|3c4yKmK3=#=`~4Vh6fTrCy)6vrs&#QrYWAu4eFtn zJ&krzZ8%j~_BxD;T%hc#lkc?SQ@Og5kW_=s!j*ywihxQ+6W&g|cPi?(uF4I+QHydo zX2)&V(;&=*q^X`nJf}0 z8p0Ad^FeWGCjkDOrzGm<*#7`Vo}9NHd4;-uq%JMIpDiyhi`L{yvLVLiP{>jnaZWAO z@yX&30nsB+VlEupR_tU@o0RRb8jp2BQ8uozSVbxw_i)Ci&^_d}4&wNEGZ7IEDN6w? zwgQVzEk#7*BauH`9ZcKGnQc}l(BRTyIKy{(Dj%KE(Ct2HX@xkCYATYhF`8IcxR6^? z+gL%)5>k2=xw6((n_rV|RJ~r-@0t{9foX^B=rifAMW?sOqDtF&3T0e~LPJSV;0Adg z0?DyGI(`&8!*4=2PU!D7GP_HU@Up)pwy18iESFqyF33<)7VD}i$u2y&%8C~1lp9JEfSi(WId_i!r#kNa=GpH`n{g&2J-@u> zDQ(eH@K*(1+!Sw^g@&4WQPi-v5K^9MPwE6-fzu%$F*t}9GYV@={0AY6%@Yv zs$Z}Qz1Gl$EU*iRQ9*G{sl04s)nlRv;ajTjcCSZpRcT#FJB1k6K(sAV9s6`$mz@{hKiMA`cF$m{h7ggAU% z0!vaUuSRV|4wMnZ1z>%=cc>Aa>2*GM14+8;-D+#QPh6(Dh1{&FrFz-A@%R} z?^VgXo^Fda;^C@$tao3ki&-_q4aDI82k zQlB24E*f%e8vQaeEusoy)1_45N=L8)erzRftvtW;0r$oM)Mnz_3Uxo-qfxF}8XvW`m^yhgh=+9LQ+3KQb-xfa*_seFiF$M*KDy9$qa*q@V-4N z2evk}`dhz~RkuQmOpfbe@0d3Fg8INpmCytn`2gdgok%4&7A)n!t5quwFw(-|Pm4)m z=4InJQ)LJwWA{H%uR3PL*>#Fn#8m3Dov6HyavX$`%x1~S0SH@QgpaYo9qLoHevs^q z(z+mR#Qn~v+p{JqOhT+yX-~+9?kkW5@+GA)QlFRjfhzB^omgwy-IPf@FL`sHT{?NF ztDEytmF~r(?$vElnIJTZr5*wsUKN50)SiwH)O|IM&C}{0^mU<9tkJ5_8GRx2I?PFo zHV0|s!07(~EPt5m((Uwlz8f-C4&d8LO~{lj#Qa4Lu4MNBV0-ts}WHLDn zuL%UN13h))&afcFopZRDwi;{BK7taq9A~c@h23`DR@kb16<$nNopm1JawN3Am1LhPPuKl*4zPAx zKx2?(4+Q!8DMfQ_ks0#3jg2xgL!l7fqBtB&z>;|sIJK=mYdmoC zH3*F!!yLWDHmDH%Pjco@g}Yk6(&h0AO()39q&-ID3WK*)m~&{7Y} z?G^SE0at44vDT-w?Zd0w%p%}-Z6B2h)`!ErF*L2TdLL}{tA3HZ^y;*Dim&c1 zqb-&3F4O1Bs5cTcA33?vsr4>-EaXA4VKbIlB(uc8Sf1I9JG0bslFwZ({g zF%J#NXQ+=uMO!xA-|4QCQevZXZSApBjFg^GQ+B&ba4*7EAA;f>3Q788q~zotwQf;| z;qkkBYE@aL?k$mCRF{33)=kG(twIfgpJ`w3Z>b7Wf=E(CTm(40lfSfo}hsYkY5qTI@1ryWmWDQ)&i?DxPNb%D^=F)KJ4EKo-)L zqXhz0f%2>E$PhJ0IqLTR0Ni=+Pp8m@T*gvR?MmyK^jR;Slw9J3;3YuzF_3i@s8p}J zaw4b@>z8wKqo|i=H$zGeNk1`dq!w^+eqatj&w7VeEX~TS&2p#y(AQN_ZA&lKDw5iG z9Ov3?n5jZSdI!MCKensv*e-}LxN-=6b$roCu3gIA8kCaV*>KllwLN~@a43^wNoi#A z>w~OiDdGtvoFBfGRQ6wvpL24qR#kvYEcpcnFrI5C#Y%16oRz7FEYeW=`VL?x9j;)uqMK=fhM_WS&V<5>ylw-VZ@N z3~Mtba9*QuK!KIu4yyDkq^K4R8m%2Grh1Hhw>b`ME|Cbl*!%pR6c6^m)_r>2+zLH0 z(+7I@1XQ11_o6DO{D4(nk}Mob|41_jf8&?I&$ts>zU)C`fX-E&`uY za1UG$A_sZT?VWi!bM8eI^EYuTu0})TGm2DXOL&o$1n_0l;UltD_r`T5X7ngOPn5q& z0qUWCLe=F*r0tcwvsqC@oLiREFw|k`$tnlsu)S2MQ#qJaf=F>smVA^?El= zMnpTKZ6VcVrQ%_^SMj6FL7;q z)%O{-_Ila2q6c|0DREX`1L_pwmDoOU#A+uQ)x~|eF;-h~rG>P#92BS=f(YCGr1K}$eT&tUjEZV4IdNPK7Op&N=`i&w=+A(ntrmxQ*^ z&woG%)at;sHm>NoBC}0nW@QIf>LV(lHe86v4y*K&$OMd$oPq9%&QjVvgI^I3E8j`MQBkRmy>rnWctu8lVand%N`aK|6 zT{XL#A?fd9L_20nvMN;S##Zfmr!rF09!NYs940D|+I~P?>qYbmL6R;<4z6$jZ4tLmbLh)PNS0LlRUwPsk(fGlIcVw%y)Jl|2@ zv=z}++h)B|ve=PnZk?TV&ygV^U{EE~np*&5zGSUQB}H9(Nk#}cD(f1HvrF|MVnmZR zk6xft5g|*(@;ydq=BqaRU9(vRg7sg$5W{nETw&A3xdrOydxE4681Qy?s zfDew+G7nyLD7H3(b*>mrGdk#`$B!x1HSEW6sY+5;g%H}(6~hN1Ddaeh9(6(QcFUR3 zMFVNh0A8Sv!hLhp)#m}>2Xk$@gAF`_rjaHwNPL6xtAn@-836e_ewvQU^)pPzRnmZwKDSMAXj5d4nIsfr zI6YwFCqF~6k-xLsg!|KE+w`^+&<-%gCE32{1m#QT?Ik^Q0z$j*KTTiuad(nI(1UD> z$8C8FP`#Y3ZB_e9l{W9HQln3f;Z(+?%W^;JQi=i;xA5iw!QuuwAAL<){{Urh61euQ z_ePB&!-OT-?Z{}1tT^Xb1PqQ} zQatKM8s)O?N^H7K4sE9u=R#77^#TKNB}7nPB2cFkPt1^0^7!O?)ii)8YOurt=aS$+ zJU0Wnlz#V3?@yTA+b?*isF)kdsS%^Cp!z|`J_-r*`nc!!)F$G+cRJ$b2H=fo&jB?Z z%Hnmxk;Y0QHtP8F2QZ|P1~KOyYTA!uQ{7|RbJS(n@EzdXEPTJ*9<%+mjd#=bhRTl( z&C%SdrA?<2q{EL`_9rRCrCCra3@Cw>52(^}Ty-Y9)kQQQftNAi%{S;29?WlI>hvhp z7ibi}ibF{f<3Wohz+S+}R|A4````s@V_VqB707Y!8+O=op3~_HLqC}qX>4Pq1g$Gx zRC@2nT>-4uJw;fs9bFG-t@Gsc09euO5J9G zPr9V7q_nE79S*d(+(_*}xq>pF2Neut=Q>~3MQ_-y@eGh1S`SITo-0XG+Ih4}dR(fi zu3);*T&j8;RJT3U^1%-!9Fm+Uo`6XtXE@d~Qti6>Tc=WzBla^cqXpG_?he$a9QP8~ zIQ~N)U3k;%OInLoMMfQB@c6iELfuKG`<~LXoP?BNNeW3HT!E3Tom$D=G*zC9P`xKy zXk`IvYKbX?zNayeg|Q=wlY#e1&PE2KEpS~ea5@)w>Hhbq1!i5IuYNl}of)H<3x_3? z##?}ql%R4UvDbwXf3BNi?sb00TAZgOht$4Gc@kFI&yJK++LADE4~*(W)w_Sxsp?fu zQ;m|oG9x=_zM|T~zwXM~WQ>dt7}mb)hj&}9HtoS+%XXgXPqOUmdH86O4~3;<1(Dxf z_x09f7U~Ty&{*-6z#HrIwTE=>)y;R$O#6)ps3|B2QYXCQsZs$XBLzc<1e|flokvYo z)J`+0@mYuSg&~-{l7`6ojHsOX@=u*@1;=WPDb2Hne|IVpz$gCz+t#9Vh9yjLL})F> zZEGbF+ftO4$NV6ul1KB_PI0Z*Oi{+&11NVX9iO`wrKDU$E1s&`P992XJwZtYUNU(F za_g;6;(Cpda$4)P?+c}rLR6zC;Hp;Ra}cQoJWIf(Xaz+igOuO{j`d6@CqGRnDLrK9 zY?3uhm`Ekyug$(j+}5cwUA3?J)iO+H1Ja(O@{ZC*Q~*RIpPL{I@W{`SGIb|b;7f5N zyK+L5(t!(1?Y5BWcoTvYOSl;a2k3LIUymW^t_LGJrq&NjLWm>!jbtj~xC(eGyEvy9 z!IO%zIK6 z5|pHJPZWhH;W);iY25UDO3i<9DDz{yoElU}4yqVWEO8@%SUFBW<>5oWrm9flM?imV zAtM%kH#xtr`uUxqAi=o=>LPDg}W=dP-YFGKn ziux)&0DKRi16u~HK+DSb^wuRXS_*DO7KHPoB=}HtH;%AD86D_q!l1t$5*NBODE{E( z>`7DM=F)s6VJ#^kc>O>VgOQV{CPyveiwOWZ2E8X$l`{6;3w}as)jOJ?mmNq)xa_1k z%{k@7fKOS;`fCcgx;NE*#Jeu#lHUS&H5t!o13yeB&-KokQ?sa)+IzDiZY2_Hh)5}q z6iDX2{0>b7{eGltCV{k9-OWlxW{XXZ`J)us1nYo*Oi{+OX_G7nLt2lufyb*+PNg(&0SJl&weNWeYTV|{#opIVCU z%x+Bq#@Ur@xhZb)!YPg>Sx!Ex43%*HxX!2&2Ti5y z-=NB^tR*jaZpc+6#0q(H8ur)@;BrU`jx&OBj(z?6)dwQ%y605Ic1?C`vrdnNw!Vp|Vl`rZ@iSLj3FP}V8i;9!)CoWLDQlQX7zG7HpT4uDZ-1v62o}Ya zZCgJK(iY@p%Aze%+$vBi&o4+U~V^(jPv z(~P-Yqambs9TeqCZAl%TAQnJAa0gfb4MA?myC=Fbzr^sb2=qFPw5Q%?LW5}JNy?Tu zpPcz59?re&PfELmcCf`xmuOF`L6Cw3_|im1TUaEK$>xbYV0H&*&JL$kze`)8Xvjmf zy||9}X=IZ&>WHvVbCeI@bbA?AI>%mftpS!z95n1)r}$W6c_-7mK=HLmT@-39i7~oM zGbnZN>OI9sXuMRPA1OIV9dU+njHIvYmsR287oRlg$4H82~Kg*aX@`>=Q_W4 z2KKMm^97f?8(>~T@f&pw#*m4Ot*&IG6(Im5g(p064nJe90{5?PDbc<)osOlk6uIr8 z>2xMad4ZCgkOwSxjb!MVn|ceX99-rxOtN@_D5}Z?d&bUMs#LjRI=$l4t;L#!DPx!gBU^JB+a?Wx<@<8tZ>f0L$ z0j~8?CMrX2d54h$MbKhCjwRT90E%)Wf+dDQ?7aqc8Nt(8UoO(e};1U(b zz{$YT4{@(seuj!wtGqU)i46}I1u+k%QXX)OnFo;M4}r(WS=AWGI+cLLvmh}T z3JF7L4sj|SgPh|&6y+ACFbpzuVvvx6y&prUytX;~@@0~sKJjcjGowoc2fGd1fz;ikCca;9B@ zRwtieC>(-tbNBCBJApf4K2y(Ibn4`IU2-(=hU2UN6XC>@=kMg_QTl~4-<>V0b(IdR z^o*>?M1Y4%l00z@BRzMM-;u0rH(7j z1PqBF9`p1c>8%}Jm$tX6BF~w;aGKOg4bD`xS z7S&9F^)Ma(0IGGKiwZLo=I2*#=+yTX!Ei!)pD9mdc}6|3lCK};>ph(!_d9~ykcKb| zUT??QNp4zR!Q1SjByWqV$V+X4{Wh|AI-!u_mK5Lc@<1s{N`?<)9<>InIZ1k;;^=Un zj}+tEW<-y5Y3OGv2~K;@&}(5*v8uGHXsW+crM%V>R3lXyb!p|}DM`X1nP0PQ1La0B)EKLuC1#72TjgVhI~aTy*45EOEMm(yD0lgm1BARKAh2)@<5 zU7JHoYEazTBJc?bLsIgu+qOq~$g(RGI8LTb!APMjMr~2V;aEuQ z_l#pvn)TOFYNlVMT+B%iM)uxZN@v0#f=|j@z#01FYCnOT>8c~Z@r_ZGkh5+YINf8} zY(++p>Wh;oWkiG8W+->}@#FT^R2tPCxrSv$GSmt{Lvb7paZtt-FnZ{HHKxeNM@L6M zkcF$GYnw$&n7XA&Y1vfxRhcX`@~LZ*@{-vgk;zFua6fH$u8!ql)Ur250@V6cTVoRy z%c6L8-aqpB#(uhw!m8D&fk~y+B*qKlefZW%(;=&joE@ z`1c!90>1gjU1|3ZsV%{%KysMI=QQMU);*NlA-{K`3JF@5(HQLc$<~3ejcs$8vE=0q z9lHJ#ZSPGr+M6MAtm~o9M-9B&abqRH^dS$BunvFBK7{IXQ1q>`TYX9wF5%y`HlwAb zW*e@u(xf^Q%iC>WXP5x>;Qhv_Dvsb+W<_l<>y?PljHTaVs-#B^_k=dm0z+vZY?1u4 ztu&dFCb(XkIp>y1DpSuXWd8tCbtYJvHnm3$jg{8vD0O_%TJpD3U@S!`ovzx2)|B== z**9nk2p#;bq?O=!@1v3S#-leT{oa+Rh@sJ;z@bu^neh=Rlz544EUb`83j>kLyFN45 z+fa^ReLK^cb#1yGLWojMQb*AJ^#*6128(uKAa18q*Q&Vo{`Bd8i#rKMj*p5RV&pOy*DWRcqJL%1P z%baxTT^{}QaMULXbY0Ec3X0T}wy3E=f+Q$+l{%0{Ng#a(Uwv=Uy?0fh+&X69ZM=$A zJ+^(gj<+x3;c!oe+f!jmPBV}Q82aN}!sKnc_M2&{okh1>QCg;$K|uG?LqUCG&n{n2 z8q1~EZu!r;B5x~@n?cG|QmV*fnJ4DLQ|@E?_nlb8IDGuBH~lIX4x!T0Jr_~Dn{#w2 z3vxA|anFYPoRv>*sRBGza!x(K+>AIC$2nLZ>!|$iL-sAlLNzFJC)?9pN}Nk_B((Y) zB#;okARr`l^CRef`l4oTZspo)ZKzwc-Ba8=%Hl~=;j%G+qU&S7uh+(4V()r+IaU4gFwu3ZI`^Kt&f%OQRa6eA}0CljddJWxp zbd}AwuKQZMH7+G6qtdEM5?ln}sXp>hoDbbuKTSnudQ0^k24}!IwG)=;WiF{K$&TO& zQ6OZc!U5>zK1W#{jZTs3LfE=xF-^EH`rLTVpKWDS2W~V1Z~mv*bIrlA zySHmeZY{}WNP_FA=Gr7a&?-)Gk@NV-#&w{pQd3F^ZBkEzEK_UN5< z+^X%DcD&U#;e|`NT5Ywdr&QoWjjxgZ77jC>$UM6z`sx*N>@LpV7b;z>ZGF#eJeEcy zHl|u_^knv&EkF_EsQ&=%q1a~EG^YpFBtQ9^RlR?!oZ;NtZouO!X;$_C$u~5C%kD@@ zN1xkK*=uFlE;$-8X|*^?8{}2NB=nq~&IegOajVaDwm!n!P%5+<0&3LsFcm4;)#R|_ z3JSp?BRtYZ2|f0D#-KF|vu+qI!iTqz*-8HZ^-5cx7tI6?n_5;2XBqjil>N1f;&9Q# z1?WMEWTP}qBp#FbP}p^vr7$E@>Q1qT0>`wzI95F8$Un5TWSqNm#S{HLq7ZBv`e`C6w`D52ywg(wm^x}^d@=qrv+KAG2q{ll)*BRLKD zbi|?56tCH&Foghq%1Uyd<~5$$TIjO#VV*yVTETE!004`EcnJUmiLPU>r|Q-!iBT$A zi6ms_>#fDXc-AhaTW+~kl^`;rri1PU;E|5H80%VozKY1yo%gl0VCA}^ofyXw5GAE$ zu3tJ(pp_B(5)MDMwhX!wwY^NKsv9AAX}2aTm>++Xeg3!_@u$L|NN6ghTYfr;`HpcF`Z&O8%wK0E|nlCgea$pBj`x_e=SfXDLmsvSu`Ew+^RjQUR@e3N(?fje0#Dm zt{{QO0D?fyGmM=5bvfIwRy9g(zTkmmk9Eh7y&>wmVW9Cy=_zr8y1Y;xJMlwE_?>;rl5jP5>1%{&2;Gw44N>Y?6 zLY6xJ0O}uIN+{d2Ye!2nst{);V`}Baz6wf6JrHn{{{ZGS(#ih-_A7@I^tO>~1a=j3 zO|`3WTu_N)+OtPzFR-AcD<`5jW5<4V7Ol`~b6j#P{gbt0rD*m{#lnxpXU8ViwIyj7 zISL>V=dD8<-g{~pHl7$5oWalq&1NH!8tYB+*ZSDnvi0hROs@yRn z1#Q%-t6RAQ^g@cb`6r{^bzGw)W3o6a6^S?s!0{EH;TK zb+@`dI^GZEASh$OJ$S~p{{WHQ6^D#!9^YEF#WGU?xs;epElvi>`H);n2P5Qi&)d9f zNfz&>PIbk`-rHu9!iWe!ZO7hMU6o{|BlgC6($cp|(6;KW)hm0~8nnVy@CHxntkv;P2N`cj%U(@dvS66LpR!)6 zX{&htm5G=RRDe4yuBNW;HSF@9Oiki;bkuaya^uNNMPTtI4kP7I7&s_W!N;9>IcZ(j zjXC?D{{WaMZoLVzlLCoNc)shQJcCINsD)(ZDLBSYXYI{4mC%|LH5K zya>hh&{FE1!Ft+|#Om(qT~s!S`AuHg4WORBLZFhIpVQI%<5?AL!KYkQ%&MVpSCXDe zV>Jc55a$!bVNuF*G6pg}z3QZmx^~yXwHmLszZg=09dUOw)Q1i*PZCH@MtUATn$MMf z?IUp-Zh=9$sd!LRjMMAxwx0(n%A8l%A2u`c`0qn!>-G0m>;vpub?U0})kz~(_8Lu1 zHtz0DpGa|{mz4wZ^pqU;@~S_0AmjpZk3H%~Oq1xMlkPJP?rkOJ_y?x7FZf?>I2lPN zqDRxML}OMdH5LUDO!^hY2%s%=`IXQ2#3?6`2$t(vdpT?0kWJ)vD%j|w~ zG4=iR8Ia4bRNtrDJ9TPT(3Bf2##pEBIUg;otJpP@HI&W63~X``R+jV$-NW*`l;Uui2=FRQbdE#4I#U$sfh{{a44@~PLW)ufYZ_Ju;{~$mKskX{{Y&6b*57D*gfY` zUDmCP15(frSNN194)nTjBlJnqTJL;2@Q)5@Em`17G9Dm^TJeF`Yf0*Ck0QjI8C0~%C><0ONmSx7&qe|-tjN|ocz zlq?gCGz5W_5#R5p0^iV&@1nveqrl111q1Xy+e`9(o7obDnCxN?4=t;B?rQXU%rY?i9lKUoar;4C;I5( zl6p}6`_dAD&{}`Kgi%U-_2>C%O8&X;8blQ5^$!04eK}kc` zLgQG)xM%eN{dBz02kRf-LWF?vCnHP9V>(0a{{X~4zM2Y2{X_fc zPN_LgeL&IA9!8Y#A8j>U0M8&lu7yq6DpsI*bL?qMhg5P^ogzvH`G$X~fu#Y#=LhfmY2UU%{<=b>fyk%;KYbQZzyH~V3+&DS literal 0 HcmV?d00001 diff --git a/template/blocked.html b/template/blocked.html new file mode 100644 index 0000000..a21cf6e --- /dev/null +++ b/template/blocked.html @@ -0,0 +1,83 @@ + + + + + +
+ Blocked +
+ +

Access to {{ .Request.URL }} is blocked

+
+{{ if .Errors }} + + The following reasons for were provided by your network adminsitrator: +
    +{{ range $err := .Errors }} +
  • {{ . }}
    • +{{ end }} +
+{{ else }} + No reasons for blocking were provided. +{{ end }} +
+
+ Styx connection id: {{ .Context.ID }} +
+ \ No newline at end of file diff --git a/template/blocked.jpeg b/template/blocked.jpeg new file mode 100644 index 0000000000000000000000000000000000000000..8c01a2ebb93bfed052217e31c0fcf0bcd8a55e72 GIT binary patch literal 193372 zcmbTcWmr^E`!~Aj?x9;+FhGzlk(L%vL=efLJCsIhq*IY*XaPaG8xg4i0S6>z5TqG$ z=y&@(|MxxT!})N|*>kOZ0khe2-?P`c*DvmyxtnExT1!n+4Zy(x037fI+{^%(XVaWx=JdbL7=nW_Lc^|y? z3@0IFU}R!u;o}z&6uK=g@laAqT1Mrus+zinrk2rDV-wS7&&{lDZ0+nFppIVNKE8hb z0dFGSMMg!(#KKZi)6z3CKYYw8EP@x8l$MoO)P1dQXl!b3Y3=Rn9~d0^HvAniHT`pD zcJ3E)1%+Pyv$pIC^TPf242b^ag@fw{4m=us z0&Y=4T4e(wD-XI`VqwIPN67`XJtRC24EO0@drp!v@QSbSVg9A|pUnQ>B^LhwE3^NT z*#DIm5+KLJ0UsV74WI~IY8eAIhT-Ze8l_=6cH@q_Ut8jTMpK8hhsZpF>1wPcWg{pl zWJy;e5|oR{yVnH{;pYa&1zgT*FPHj5WFR!thzIM%;yxwyH2g0vh7JpCq?fZ?S2T#n zpwB6{19-Dj92SD0lJ~0as+);0PMhbMJvq!aP*d0XBvu`|dU^$IX8&uq7TF`AdCRRV z&wJm2Ecbyjz#&8=P{r`5jn}+JMT;=UaD~5C6T~PsK#HYn9N!@x`BayV0|WC zm&(l5T}+2{R{Zm>>|eROMhdBG3O;XTcXL(LhO@1r(I^?Wu-ud+_FJUT*kFmY3{Vnn~7FF_67i z<^OYBsMQ?8CRbIK6rDKwpYJ_#RM2); z@Qb-`z?cJ^vUyAG7!1Do+aMIc%Oa-G;ZyE5pZXFVsyGbifkC;Bn2NZLOJ6nPDleZD z;|Zh$mEj2CFc;g%)-GF@I?Ar4a*;}s>QIQwda!TE{+n0}g5*@d!1JWL#Ei2M^U(g}8lg?lzcJi9l5jCqQuD)+|BrxYr}oTO^G?1SGyn#K4&oMRu% zS&WC2wfdS{)^DY;x1>sHU}AIZP^QC~C@Vy0TMJ<*tJ3nJc5R1{kmZ-11;eLDkTm-^!y0oV>I&>K zB83V!Id(`(=`9POa#Wa&P7op?!aDrVjnmb100C#ivf)+3r26IiqDsW-9g@sakaH#F zRl~L~+wXvKxKyd=keOAFoDuagK#rI^%FiaBZcF?8re<4ue|-7gpdxa%JA^{fku$ch zr;Dl~$m2D}J~pJj;Ohl_zPe}N*(CZspRr_JlH~d9q~iWF#ksB%0xXH!@=~1TzD`J7 z|vIxpT5dTcpmizRgz?%rje&}KO+W-AENgHPN>D9Z`J`1L+>Ja;Jh(j<@ z=Zu`qBHMm$rLdFdIA5CGs-_1o4R0G)UF@S;rDi;VTNUD)fjY7;&h6zLr&pw^ZE}t+ z)O&cO)?m)ADf#|$)av-&;+uNbK5t{5ky@=~FZ&EUj8Aff;Nq<6%WoLfXuZZA%7>p% zjV&z0po9Jp;EzBtdCMMHn7qyn8KsveaJLl-vy_Pl!!@^5f!mF;hCZ7Pg`v1_^<@rK znH181eXj|`l=0gLm50OwcZ(qFY(_!@SX5SkbOA9q2{`&Rz_Vt2eqkJ&J;Z1Rh3HX* z=rgoJr12nhshX;yr1CoWC&dhf$rZVrg8psT^U1zEWl8C`5HnnieJuloX=^XM50}P z3NI%26m!7&4y>{;dkQJDmy_UCseP_3P5|Kf;=8i?c+hSkJaJgJ52P(@FR=<>HI;{UTNjH{3*LQ83Yg%>;XUDD zhpzN&Ldoue-+BadPZ89@Ll?hEYJi+%Ly1B}&kSON;Gh7K5uuP2fAO>;_6=~=0T2UK z07BUTJ_1H^0%l;xNME@c4UfgftA z(Lr!!Z-7WM^*#!>KGSlH(-87Fvbf{#1wn3R*?fR|Mr_ve>v8vPjs79rKce%}NSuqW z%hj1T0KQxFi5uo_2U;=X}>r>8=>Oat1y{gb$PG=GP)2ONX^>bL!Lf!*=hemXv z+=4l6ddp&mxB}}{sp*M>Wqj7`r5NGY%B4$r{)NAiW;;bM7FsUk)Pg1-h{lop_+Ifm z#@O;>Yc6hw-^m)Lw5Kc9vfiQ`!?`Staq907asi83j2SFwmOYh6=@qDl?S|3+`z2 z(+vQ85W{es4RB!!ah<@yg-Og)1p)L$a~+C_h`^6S@4{T<#B%EaS$$k4EcvTPsqadxuFs+B{O!+iZ5H@>Q;bS=ia2@^|l}#N)%&5p$ zGKgsAZV0eoFd%F%C5}sEphPU1o#l?x6&0?$d{2B6P}RTfBC9=pJgPhYcv5`i)BOC% zyYR8^V}uz_u`k0vJHSZnUMm6QDN1FPfA!`}2bOSx$^VAXg*dpq@3Q(CsJe0kklX;a zf#Ul?*Qs)qA)g%;Y#w3FRe3|~A9_4Kpvrj}7g{7_knSxc{fJWYWp-kJ-Y*sO4X|B% zFFMc~lcyHl%a|z>*`CoFbhJNG{wsJ__QP6Mf6m{w=Ng&-Z#Z#{^8URj3B?$O1FY~+ z7jpyiQKf7P^LG6fvG>NO+q};c{)pf)*T&&Yc+;WfT3?m4dz1&-V|&n*9d-dW z^$~{C$7EMywa(OoWpTe`4S?_KthxbPn@jlKUBK@x$y~Ot2%olxE^50HnFj5@DG-Aj zU&?(JS&56-!uGNjVeJia?au4l_XH}oYtC|8&{VjN!P5I7uy*79!)uZzC(NzIrS8gn z3;%U>G12`6q)(iePL+92$@~z$X$pLVr+#4MjQ29yJ>=sJ;Ar`4eWj_JU2$cxcz^w* zWWTh(5ABBcVk>K>E2{f>;JqLo8vc*I1xvK~NY8nu%cV9_`lX${ceyNJ-4ZClW};_@ z#^X6;CObKi=Ivz5AyK*fPQoKt-bfMqlr?Fsd5t>ZIBJcnNuqMRpNg+T-sSDIks_joNFK>Wl&O|{^p%+r9*2IJmvb}4fKxa&1&r7|h;pbaD*SDv=W#7-+ z-ja>3Z%tYFo_|0e_cl~Mrutb6yKqi!H&Re8d-93$f2#tZr>sN(DSqYy38i%x1PZh1 z*d55CHU=1#SidyyX|@Suh2W-gvEe+LCQO%C%6Hk*`*vKiig)^E0?(n8f%7*62?!EF z43sDbcS(xpgz#{tuhZO^^YH~2)6&-5-sqNAflF*Z0uo8&2)KaPk>cD+S6|O^)%fc$ z3P_JTBgl_%Q($IX(^MUhSGnPt_-v>Tz-#}~yADJNs)G6WJn|c*RSHG&0q{mvQlXwS z@(?ZP))SRJTxmGB=CF8M>dXgST?d>MQ;z!P0ST#Lc_C%|eW+~wGp6MPXf$MvE1@3w z8Z2924H+JQ*oAU7#ks;sA0$B~In7>PPXqUXL!DAa!nll!c6}f}g#Io7U%=@p9(y~1 zdj$8vH=InO691?fqqOm)RFaDpT0czABBYF0B@hgLS1@p-IS+}0s6&hp`nh>S%bcoB zgJ~_4jtCLQspZcz6aHN$3wXs`3V0=Jw**1`^YMSfoM?5VYZIVp0I47v0b?S7fYrv) zP-sM{Fmn}N!TS%Y0^@IlKy1p&j0&X<_4rnpmOKRk=#s||^4YR!9wjg4G+QVBQ6kg$ zb(~N82Bs#rj9{@jSIaElLRM8r7tU$>y?yJRWcETSGWR)qc!eNaiY7pMd@rVT;0EZ8 zx1b7Tm3Xg1rruUN)38Umbz*{A@j+WdOywef|B2)?k>n*$jjNU5+;-ZZ@9m<#mYi$q zPo&yx3Z_GFWgPbVy|JB|kC(Y0Y1N$Jy#}HC5Vf7qjPJu9z5R8csynZKunWD%a_Nbo z>~IU=C~)(FoB0QvvYSA6`5C!wv!n@ck&<36L=9>(Rc$Db4ZGd|D({&sAl2*p15Ss& z>M8z1D3;CE^m+M)kqt>EZCRna@9d*SuGy&dv!9%Wl8g z9yNby_FGoQR;?~p$CkSAp)E=*}q+4*wuc#{Q;E9^qj>2NELQh~iDMo!zFj#aiM z#x$cf{WIQouHB|y)h;hJV^~UQkU!OsVtg(IrepNF0K;lA-L8uI_+xjLfhARiB7X6R za<$nfgJF*N@qE1?a5Ol^_UY^RNhR$WkKS*P*^C^wEMXIeI9VEAFt^iS^iYYB_3`qn z{=4<8Qbn;#6kQ`ePe~&!@p1d9f`xyBEBI3vfkfA@%z;j}8z3C+Z+QX>e@V77G~h;s zwa_MeA^aRQ&GplQ$w$Lv?Kz9EEo^23p;DV8DIA^`5Nvc6ueh9-*I;=Gp+oUt1(q2j zIna9b*&%M&nQLY`&57h9=;J0+))%jObNdgZhIo$YP;T$8Y5l!=x(F1PlPv4hdp~i; zHdZ-yN@3`4favxo;=|Pq&zx;lTlq~7ygcN%;>YOzJVmw**e%ruN2N;(DrjgrwQ7wV zPha+f@fK|6lFleD7u^7CK2*`S)!qvXusdyQY0M9-!v5SJJz%6XBHE>2_U53*kt00~ z!3r^aY3gdIiK*8fB~z*U>8&WNi{Z`X$d#^gZE%=i-AHj56QJ;%q7lH4v%#~V%}*V$ z;!UlSHxo-MFPCU`ansTYklN8;d-Jp^o(UQlwu}3Cx zcq!3(!-?cU-C!+=TGmj*<%E&qY7Y^IH+qMec|ernbu%gnWMKioaS3()fq&sC*)x^n z!t@vc*pvUFB&BnGT?de30x16t4G(0hz)ai(UUD0qvO+W@tacLWhZ}6AM64zx^rJgL zs2<3tn=qt_h|q$QlJFiXk!az_3mT;A?F?`i0Nn$3yt_!R$pUS#TQ%b=mf?ydfjVe* zt(o~9NfQo+30Db{{Akb84;#3mj~BkTB@jL%ZNqq-cwgmr0y-{4Ly2JuV*5rGBfP%q z1Hp`KQyG8IgU2xoYK4#5GG)Eu;*QHFYkwET7e>H@>cbuqA&YpjU&G-%ce0$6Mf2mV zIpeued7;wck;|7R!-2IS+W;l)LO8N&b~Gk1X! zD530R`+9;Pjvq&;{@JZGn*&vRTIiWIRsG1}V|ej5o-ExXz(AR)FccCbB$|rIen&~cL#+n^ zDvFqIC858Rx-zX!{clDg?*((hnH8^4V#|8;YYPNt5JNv9UWkF(gGY18%Hq^xk7|sj zke~matFEBFx)cipuuG)hsnW>V^2c+1T39ZeYlY5uC)86;Ox^M#}m-F7W<`&x% z^#^f2X~Q6wko~C(qb{8$p)v!LFde?-adxNykI-;zQ>Jp^Of z3rB7jUS_8h&2kKsm~DjA-2j8{JDgU!ry5Qpl(acnHZypBG-Yk=aBexJQG*XH0TwdzI`$E)%O^=w=X>&tN68R=!#JvX36T%Nmp0bo~2zSsWl_M zQQG?6ft)+J&_cuHPu3&&-IYP%AKSq~sw*}0P!96_)4nb|i-qT#jVleKvZ~KZ+JEyp z8?&f1DfUf}ubO&cwobA^_63#L&YX3fHB7a6VZgn^r#hcP?UIRel5%Ze7Ls|h2u>TiI+^hWi+3^_Ld0U;-OyR~FYAc0ktGCc6%&(C`ePO?Gg z{xk1P-3LW%7=Boh5)#^(nvmw-6`lsmWr`vzx(z#wF}fzTM9IF?xg$RMW>)3v#0^k? zr}|Ym@^t)z`faV)>tdJumy>7(``^;HIwh|_x@cvYa04{)mBbcZ;$scU9L`^sesn?I zV{>fut95uXS^8mA0yQLVFcRwCrnJ%Xt)}A!a2O}^ms~#Wwv6W7f710X8Oy&lcr7sP z{A$*qniTn0@{1WS-4@~Q)oQZjB8&M(j-yJCg5`Tz7Fh0^ z-2gF2j=Y*pPP|K2kAe*r`h?P=-)0Uhu8FkT6)y)$#2H!gkUUDZO5MF=DOaAJ6v1zH z0T1&ATHS9a`$p+zq%LO5zbVAhI-$2|>tu323l@JnDyngOO$!6n0dNqkvqQhDiDoI` z>}e6R>EovEsq%10iBITyWl>Wy??RcQ?o;ri7ymIwHL7CB>hR_peLOW;1SSEjyhm_e zyzqM9lmD0lX=#yBl;{BebpQmQ2aKR+_-JvlIDI_9V%s5UkV{2q74cN@frUn^!vV+o z+%(|gejudn3LfHc1K?bbXP6;3647pq&~xFK-z@nFPwL?>sV6nVIJT=zFh( z;aGX}`|+qQ`ao&)7VBA+EkdHwDcQr#)5`y+&C68{9H9dS=ALc=n2F1~>@?21>qmQ_ zK=7sMD&hvP)}wObth4V{M;z@D`|Ig3N-i@PAFB|52 z=h6R3ZDMqrv%#{T3M*hgv=r6UO0;8Cb193t7kT%NUE^d(gSTSSXz|&m%W9ixvUwjr z3ZhXF=`VZ6bZLjRzHoJDrHW{XSiWNI3+9sPujPx5u{(rk>S@^7DX7g57h@L&G`ZXf zo$jIic1k}l1`1(xZ-B;z-)kS%gzmce4bT-aYZDMF7)9dv%WtWtPi8Od&gPs>oYCj3 zdCz{;l=N%;wdCXw$a(QLcwB+tDy_>Yk@*r2Yl&gQcJ&2wwl}Z{#KH=}x%*<&-p!pC z8JVuO@lk1bMJ=F)b7@St5L=G2#rP#Q=mfZ>Z1A`Ao6_vf-x4H+2fS-ilF4ltqXxDN zz84km2HCJ>8@&w+Odu2l9RNY5J!O^Ya3K<-!M6y)?qz-AF&#jN48+u4Ao~WPe}J3D#R&@dGG# zD7K0Y1sMl*Hk}R+5n)aP*!I3h%7w{tfsp%w zcO~k$hkve*>#?OOSAojXYXAv`fmV-uDZfyC0S5VjwA-5SlioM0nGZo_AVwE@N%;c| z^EIiEvca@L+BPT#qi51yW#gzVdSv1D8tDESg5ab1!{UM5^x~BoibZVEQym`NtY7>N zzo%cCf7Y6Z)UtjErNkNZIIirXRA3C$#P*@)+KKj4yIE#qk6V^A{JrDxbW(Qzpkm3s zp`;>2jrE^pzXH50wXi%VhF2NakQaXyM6pd6x~G`2R`1jH=}x9OGj^WuNzc#b`P!4m zX}-Dl__nz$<0YF-72l3q?|%(lnQ3jRvz&>}ycE02yEMhP^)eWNkNYi}ipCLz^u<_| zLyOK@^`hm<6JD;x+DKhUE&do#q8QvoTG9q{T>ns{Y`?=9D#wf>OXR>#`t+4{#eSAk z`Qz}g8i9HU<7P^Jk4wzGU(J+#RJ9bB*HAN96Q@Ahynh~jnX$UL3JB8uxK5J2dt^&^rt%REWcvUz1|_mfI4eyT~u)14XO?`j-5|H-&#c z(kLZHXxXV6&mn}|ABK~8Wt~N%Is30TRV5#q#(N?o=Fesr4qtr1mp1x_STwQLp|A($N7~fTcu|)Q#MwP zHKe0rvFoA#UaXu|rGNG6@6D;ZezdjypLia97TaQ*PWmvuIT#*P zNwM`xNJOh^C5wMsf72pYQ(bcgTfRdTPtt?-I2$EaD_uPSD1GdO!raCp4yLmTZ5fu! z-T9KV_i=(=jH&4FlHw9MRleu1zkL1p_y*{t&WW?t#aV||qlcE*I(e~Oy)4l&4VLpJ z7nUy-H52t_ZKmrtyhld9ndnTK4dLgLkUO^sFfWXZo5dJ-I_l)4V?2u;47D*=4C~WN z4fie~c+2T|eZo|8sV8q|?LYOkQhstNbU0p z6&)zvcGqF^P-;1-_ajTpTShszn6{9#Bb21a!JqkAt9mYdeu6Uk? z-vIrmED)O)J+D8rydF@aZ?6>^H!mC1agwgF_db>qT=^-Y5|@s4u`H?L2*Pl#BsA@p zK8xrBB@gk7c*8xtsOt^yi$5(4i*G(M@F!CardspdH=GX~{p?p+arlAPU3AA(qOG>f zi7~ShC)U0#<#EjVspAg~iy)ke?$^z>HrqkukQVwu`XM7tJ*izmmwbB&xh*JL5C{V@ zhM;=tFN_RjR+WztPJWXAkW`U{Wc{BA@Skzp&~LhAR;e&-CgQ0EuDTY900@GCyC}j3 z8k+JB#lLryDD?r*P)w*NGWUUtQ2j>_(Tpd67-$>(g_OBN1=);gHOJpP%0GrL{T1@_ z`c_aG&u$;8@WB6cW$e{NLxz)y31RQD>$_V0f*5?ZgraQwY?cPJTVk*@rZHL|+HJM5 zsXkXMwa*F1fQy$d=ZCxh4h*G&hX}{nyq&IzoW1Yw{GfacRW0E;L~(}LF#yY;H(XkR zzn2{E8@$+Rln-G4ss*R)`W|^(1}2t&luy8?=LnTUWQ;qii~_R0{sWRkh&1}4TjASr)+ZN>YOAJl}N*ZJqy%7flrv4sQEF1Q~Q-&U6|Cwwpp2ui{E za~d?xpk0vwUX^bMNid@WC+&`eP=j8a1?T?iiI`H-^G){!oja2$I`7INSsnAwVy%ye zns}U?-R>6DKDSoOwTZWQj$4uOO6=J_QA>@>J}9pqW9HF&16%jrWxP?yD}`p=QYpL_ z<3ntM>>V5~PSIG;(g=e#iO0={`ku|!(tCubw2Ac_KSh`?bhwr38Ab#WVC7vx=-(|h z1V^%2vF?~=a?noyq=`V2#LPAG5H%q>oR;%0=@eJ|25*3Oedu?VP2&+qdXyt5&3dO7 z9eO>;6p8*?5$7>jk0)HCS%95*IU-SI|4-t!G+4KevhLA4oO5Jiyin|!b2d{xHB1`_ z`HY+j)l@Hvk~~Pb&@w@=_NVZL#A6kS!=@e03%g5wY(ve0zwdC#{$eWI0kfREyt$x9I$+CZb31GQ7 zA~BME$#t6{4B|Bmi}C6f{74PkXQ&ICSjW^%=R$HTclv;u#9)cwpBBQ{1Vxmp$K6a9 z-n~!E%TXqeZMh9>ZN)q~qO|Rk7wp>Wc9)mO#X}ifnLBjej(6+*s$0D1UPrCRO30Gg zz_>l!g5IFCoeZmPYqAbjKmT(B7%qPy%|ED0>O~vs%BB6xJf1e}Mf7$#S?GEm-T*wI z`*~rP&sSUo{oflp*?qwfN<#cT#DU@2DIX!{qrn`i$VTF=(pLDTBEIEW=bwASR|9gaDTXlP8jeZ3H}|15+l z@X@~HrI_A!>dFXbv?aNmY{jC=t3^n2#^kY+VIcg_I{uxN*4>cz+?Y1lN8X~6?h4Z? z1v98u)y17RN6tG653YY&ewn?bv+Nn&FS;gK-#?a9#rU!dTu=>mK`xbTHWhwBecZg< zDt`6OX8QiU4s?B@{M70e?=nOo0CR|1Yq&5dNxv`%UbLi^$b(sMHBN}Q?5t-IS8*e( zlP~+@U5>C-Xf8Q;%F26OF=E_K;g86mgKyi5 zrt{9Ux3*=Bf<)7Fp!|xkwoq5C%g!g;pF5Z8r_@?)eQ;}sb-YMUi9ifS5!D2{7R2Tp z@6lQYBpkL6;|kDZx(q1u)-vPmiSCX1EZ)H;qBvtYB=Y(h-&Bnr!)Z0|o$#7cdExd$ z)OKjUKO9Pbt&G$d^*p~WSblbgYwGer(Mz*=5}hBtE^4fwNC(JGjEjM7tSrMYSxNw@qmx`%IHZXbIx zW!i=*4HXGA4zhCLPOeY&KV;hZlM2Yi)2fOx5d<#7*dOX;?dxyZwG zHUCi|+oOCb_OfY_cLEK3LOmOr|6@7;Hp_jPykipkq_q(b}fG20Hj zlKkKfi~nj8v?UC|od>`fa{Om&gJh!ClvGG#mxAw~8Tr{0Ea0G2jx%&Cn=Kb8L6iw3 zIpCNk5EqNwcZZUZBWSyR=i`wFtR>{A3VOg^jwq4mXHUGrfWnty3fvoHCuwnpl=Yvz z7DGYWLPV4Wh0Dume^Nx+>Ww*NyK_~?1i^J#|?`4q~O&EsjIRa!ji&;Yg z(xtQ=8~Luw`nZPq!^Nzkqc~|CX~2rsCTo}m+@~OqZMyPVHQcE;Y(rIuX&FJOdpj1A z9V%p+I$V-VA^1vqfZTecWQ4*_<-r~w$OlC8rWzh1Q+mVXQoisv zHrl*#a(nx3brw|pBSFfV5$z>{emU$Nxu-wVFe+>MZpJ$NdL)>>0VBWLQM%dsnc;5`WAqEz`%M&(iMlE{NBS0_CwD`*rs?Z-5>ZAMmrh`p@6% zF+}el_R(!5n-gD;vd#GUWzq(0Hy(Tj~B3LaK&U40QUZ@8TbMEWi!+R0P2;Ru$ zQZ{P}#dzXdy3(PCVvG^d-$X9v_&xaUTJl!{6gPOiePOC0QQ{SY8u=V{gXrZZ~^ouCzQ8tJ4cw8RMabjE-jfhCQ zV0b`D+x6(A^&!KoEhGBAtE?nrns0vxum%F zQI|C9Z0VJS+U=8$%FeFp#Vt1%2>-#Z<`3%KUmR-!j=Li655iJ(fnj;akLwZUv+{H5 z=>aJlGb2Gk6sf;efed36@zHlrk|afeW%8dl0K|OhVfBewR4G0BSK`+@3;1bS;=DY< z)MR%TTzK)~OzhbQRb8<~7ux+S@?8nX6k5_HS(dfq99M|aWOA+QZkz_KbUe9~DlFM+ zOAO<}>sV%86^s0$UgsHxU6sx#Wowxk^fw}3=o!uSe4WOHA zKJMJ99dUrBDR*Wsh&_u^LUq2sN>H@hL#Cd9l4$trKoe}pe&vb`_EdlJ(q&~2tIU%( za9^|RnF_`5OEoew#w3l<#$v|v(-0^!` zr9&DpOLj}c+7O*m@nMisHdMxx^Md|*n$Z%t*I=}NVTvJ&2z=$O^LRty{=WHsNl}G) z$KXeak{sbt{1J*eO}m3keYUUGp5@M4hL`6jazDh4&2PE;)z|o~?wxXQ2SI&GEk;Wh zA5V_EJs6PFZMN~@d#-VePh${WJ#~_by@R=T;&GKPXS>ge7Rfm9|Js{-tK|!Zd?qu` zA>l&Awshcm0qbA z-&H@21h~0EC?007a-<;vV;;GQezw$zD!$XF$szRQ23^tMq z7A2Y$5U^QSLG%qdD2XJt6zlx@#v#~o3k*ZU$_^>vOM%|my6UffBAsAY3Ryp(aRbcA z64~l6-F6JeVS^BonQcjWFQ-FI>co#qu3u-bh~Ur+m& zNH2+VL?RbI!RIAoC91?sVY2VT{AA%3qv4y@Huy4kiJ8X4yh|A|@(Cigs&3YtFs&Pa zuT5aTrcaxG-(X+iYmh`gt+~kL5ErQn@6&EUPj}_vO?9(V=D;B93&r4Z$&jz>y?K-t z%K4784NI_m#HxJ@CTcC_v!8%F9sG%cs(v$huz3c*<*%ZZguIeX8O0&X_ZAE?iBZnS zQlWZN_q|)ag?4EzLLZv#!W`Ot5s&^?tPp9HI!g{gx-J~ zr@9YilXujwI|P$CE`>`UxZ{HlRvyLCdL%j?D8^okVFdc~XrE(My0ZeC%2DjPRCgDV zlPPQG*XqC6TL+m^lx>xY_Odye@k(ZW(y@L;U9e7J75i#z^_8KH?30eBI}EWbjI_M9 zHg4{|$p=lpnTEgBR4H2LQTV^OCXoPpkf<*$v4_@#m6)j^ODZ<3Ti+9$l$Pq3ZUf8(VWVwwJrY^~4u+7&BfLCJ~%HjYD%X z1qNets+|^DT0x+`qNCoIi;E%raxYMJW&YQn3}I84xLCWP#z5X%%{JafWs48=A1_oc zUELBm#59adJ6h_Rr>`eH$~KKOJ?<G)!>zbUS=JZDK9u| z@_m>u9R%U)5J0J?xO>d$7j0aR;O*?3=E|TY9p=rvO*+JDVC9jm$Nl@@c0CJu>-d0+ zTW=RdJI;Qps*5f`TYbz%__JM!MEMtMEl|GOTKtc8=EJhrs|*n@e>h5Oy?@`jJ6@n5 zEf9BUbfK_uZoBy2>+=go1s=psJ97~fQPB2AnNb;xHA`R*tDN^AM`sKeh97+hi1PcJ9!tU*`~+^wsNXZT1d@a>JfGC z;r|V0Llkh_+85{#;*ibZ)c%n9HS0I!H@Ju{lZ>+n2{U1*28Q6rsfGB@V+vh7@+O($ zA5Anaf7t)n*`D_Bnxvxxc%ntzHV-Y_&My)}z@7D@KNTulk#)NZY8ekghd{h4|F7uk zc%ps^%f3a@mNcD}njJx|wuG?*r15VDl=ReyNdWVtN{T00;HubL(@D_uNgwaegIHLC zTIy_fyqoTf%MmBhbNK|;QHT1$yN zv~6^J-yb)#YMeC%vzPaE5BW}21iRk=$D2Xf@d^zpXK@6UCk|W@8T2zM%cI=Z#vlLK z0j{?0IEqh3(*neaALp_W)ngQ=a-$^J4bg=f;& z##-94W%(CR8|!%Oi=+nhc+@bJBsD$@@AltJ_%=ZpOqMxkvWSg(Bp!-4)4;TRclyH4 z5rFc>lO)~*5_oAOQ5pPIz9HCp@=ISzd|`^(;6J_Q9!kvl*%(m#DGB)1i*aH$ zlt_)$&7R=;7mLVC!x!G_1C&(aG#gqPt^_!tH^7!YF8L9E9ObB%K8JG2ksJ$PndY;W zgqAbRxRomXj~t^yA@*O2jn}hOd8EWIBQ)D6guk#ECR%D~=_{=xQ%r^8_0`Rs(Bdd{ z^C>E`AdSBe!-$9!L8&pN5?lji>B3O*EYC(F{!gH0I$lr$3fB` z72bGF39e_GKo&`l=9nJJrU0J)vp(9o-?zUo6J`Ch+B~*QUe|uuH@GS4d8FR0SeqGf zsfb=ea;i;Aj09=x@zv`8y^&cVGVtYJ=_OlXiXDBzi2q0Nc_GeoV}F5JkW2${#>z)LJCA~yRKwv?azc2 zK3AvcNdIi4xxQR}7MDpSOY5oi+1ks6zKgI3Lx#>A98vsbdSbty-r0t##NM_4xifRZ z8dCdWrc^=lwRAgA=`3p&thn(*lv7xAFEU*JRU!LO+@NpQnIzs`YTs66+?%7-bL_e@13}@fG4w**nq<4$= z$Q_nm_Nq5+@MPBpT1%Hd-85sDnywLL`_V zkOb>ew3*cvR=>pNe|_+bV(6sy?O)dvPyPhKJLW@Q`l*LR5?-t&g_f4BDmskEBb#7` z_W=GPwqaXZzU>K@xovtSW0Ky`3P}9uRF!?;%c)B@bO`JLHucGr1cm(K#*|*mM~>gF zMA^pp($^2AnTSd~r7Kf{e=N#>(yB|f+!yI&At%o?n`tO3k1bfyPDeu*y@pp^k4nyV z(FC@K(~Fdm5-jP(dv2}1U3!_x+9&?|PMgTtld9@i;ifrzt8!)xeYvzDaW^Y0HLl4} z3RT-FhW)BMd%TJWlqixfPRJ-(ochrokoRicO5_J%vNVwkpPB7nip^3>Eg9KIucQpQ zlvL7pW-Kw~MCtF`4tALH^vYgulsFsp+`k!t0K;oNZxC1Ey>_MWk z_C?m0145Y=!r<}f-~o(^y-ZkXy-YD)yVP9MrA$T6NSpb&ni=EmZX3LCX(Hwg1N#J3 z60zQ`yOI#u+HAT6kG$Tj$pX!n&#nM0*-9SeW(d_$defKe`OVWo7cK3S$%WtACs5vn z-Ru-jUbfWHKt@!g7ph9f)pG56GFvk>wf`Mk?)qY9FZON4d?3$0M**f%%fo?K>G^-+#t>en0F*#<^Q;wl+-rHhHQmX7A>j>(R%W z_XCy>T+LJDRMZz{_T1!TITizM`J9^YaIPc16w}{fp0|LP4gJ1ur5Cy6v4xZi|JJzB z)uK1&v^GlydwL6{UK<<#1<=)wPYtqZ5b2ExqA$t@WjVaJo|a=oL#aiZ5n+Q4g&#>G z@$F!bRtPmlai-0j>bdMRpDW3w2eORK9J69ct0K}3I5v1`R;hIL(9dQ!=)SX=t9pq< z-`(sI6yU5e%j8YSdKRD~;8hcan0ZX=_K9MA^r5F>@7KM0?Td}C3MFM9WP``ElXK5b z1`MX|-sO+i_m53dd-&n8G*X6guIhu^o$ND%h3Hogy4N}C1(>-~%2gZlmX)nae$VB{ zY*O8-Ty?Y1I2xb%94YGRn=0p(+TC61y8C9vFGhlFL^kjRl0?5?(QmoNHD_ZxE>j+Q zkab^=eA9wNg&cj`>uJN+Dlr0t7OwJQ|8k;kS3JwZQWr1khC`z4qICmi^L^>cZu?ZV zzq&^iE=^vaGDZfHdS5kX26`r$R}KGgmPRXd>HbXjy7On~BYx@wIqg=ZQ()P8;>xMf zwtLlnp8nB=dP}okE?HS-Vuoac$@hMkJJ_pyRU?$mf1Tt&1yX|C3?ZN>o9OD5>Ei~Q9K_5 z(&&GEIQQip{$T|8@2K?d3#PE+dp_1oniZfnU9f+jc{Vyf7_&TSyScQ>hz{ zN<%mB0l*}viR%;U3g#QW94gxvJy?6EmZDU_94lpPkfK*Y!0nv17h-2ghV=i0y2>c3 zeDPAV80&~Y_sdLYB&%{qAqOaWl2Z)nC&UD8HhW_5c=e0?taKfzJ-6TbZGXB@zmx&- zfj<K0jm9E^j~`FAPzI)mu5ozFvE&GFa}!mFSktLL+E>NN9pj zPEPH$EnIlJC_ZB-Pa-OAVg2((aK_w<+_3hZ80`Xk|KZD_J~!4tafI9FDmlMp;Q(i} z?B21|WO0kH$wD*!GOlmLQMJ)ipBXtd6cWi~*V!>oQPsLa{WTOqFh<0aZ21D(RSVkJ z&oB7r=dd*=``CsMH0%6(+tx;`+y1$Fo#aWK%hQiO%!RLiq!3ZLVw4Z!M;<;c_)soc z(kMQl6@B~NZg!*A=_QD>mMM!d!Y4Hi?UP;BmJzwU81q)u&S6HKsr;s|Q*$4BNmiRv zq)?`dKS<nO|ETsqJPw_Net-doYb?LJTQdU-F>d+w;&7A72Wi-|vB z-VGV&SYe|1{G*B#;L6_~qJ7nJ8AMvuShez7#^Do(bLptvd~ym-D*ly||Flt4gYSWQ zD%-;cluKX2XFumG9ecHW1*b+xplVmvj3vYM&uhX9>1q8%O`G%ht7*}X)NWuDt^t|Zri_5ooSF)L`%lDzeGEAU^Y4*v`wjHLQDEuo?muIm>7xF zJ^q~igT`;2d9BkKb8jaT6~QaeJ)@5t$hgq5K!%&!xXjmLuSM47RoxY-!OoB+l(za+ zM{w<6GSiQTZ_%1K(q}!^Z8t#GQW6`Ub$$AjqX3~ojFk& zEmjW^YETkA_-tF7@Zh*wMb4hRS^QnZ|KjMZ1Dbl@HaL|yQKxBI|PZ5 z(gP+bUD8S;-O|l~(MU)$x}{_Tg~nr7kwxpR*ZPu^{fdxaqP`ybry~33FsZpTDaVH6dpZ~_+#~a+ zUidy!>a>(m_%^0YCC#D~CuYNlBk^{zvMsUTS)zmEL>mLm;%xFR#L9iOpFhfHrcv_L zd>(D0)A~Jgw>^-9QfxWI)a!iM>icXNE}E%=j4BEUS**Q-GTCWrZPOO6 zPVLGhF)7NwC{}%Thx_VwR`}dJG%M#+3;FU-qSAbrY~`kh)wlPS5uG+@UioNW;4Zvh zH$N;a{RKoT3gIlwovkg#9I8pBYy3iiPu)g$4CNhDNYFP!?It07Q7!v(Zoa3dj9N~; zl+(*pLaCif=`H6HZn)A$Hfy0neWK{8-F%9@R9W|w z*uGNzzqUPFd0cH<;a2>U27Hi%uTjuX!uS)>? z`Bdbpb_xy9jM?J^2)=q8#oHNexSbk**$_h;G;ylCLqU#yA^*q*Qfcmd9c1x@LT08C zp~awTSaro*Oi8YGJHJKqCmTzndbB%T1NgXcP#4J|LN9UxK>%FPd2T35`F@Te}C#g1c0{iO`|5y&(+uf4C5nEamRNt=8A|M!0VM{ zOCmo=QXCPY%`-R_Pu!zX6Hd2F9i^dO`u=0!Ae^aT!_hKTcU_udDZ;Qo8r@;+#m`tqYQ$uD*%3HtJ@xl;DodCl#=yUCGVk642Aw^{yl;OjHl1MkmWCszlb z)Y*A`j>JPzc!1n}%eK$L+$UxqU9AUaPFBBy+znz*#dAsPYtkJx%x9Z0#(eEJftSM7uDaL`xqCz0p@WaaA z(qX?)WaP2z>t)s(V6*OF-N)@LRhzTp0etA7;KYIJ{C)mAHca@99fc-@ z<=Vicf6&Pk&IW&DnhTPsB0A^sWU)tp~jgZA19o^rKXtjA|?%zQ@~ zSkLh^kBg;0EeJ#`^YFUxF_aHYw#^%?O9qwb>qQxD3`galVJ6GIjiAOJ!z;&#abtxy zlA$k@c`i2G);`otK&kI?p?Y9sQ)oiYa&j^9a&u$&v8h^F>+mi3+w)Eg)blYx665a& z`plhs)aJ^?R=)(dRI1bqSQ{fuYg;*Nn(o?h*26f)t!iI+3kCTdcD*B4ui&r9jvc~i zW+nUtSA-fAE@9P*(2nyMX^p1%L4{o4O!^Bmz02h|$H&_`)j|dg24#qP0!#Dffsvl1JIqC- z|H7Kn5SEttzs_<*CkXCbod~m}_|38(O&e!@hQXbCZ{AQzQb}4)#7xR@0#>_fz{}_f z##m!j=R)mlm?7^^a&)6>J+Q)ip~;&}?XAJOoR3_zDN;iwo!?^&2RO);Ux@REy!&f& zPLHy<_Me4qmxNN8>{gu9>`a+#KWRkHXePk>XtEH@j%5CUZhRH-8V9aukM|MMxq93x z`2md&Cvco3TFRVrS`Nf z^gTt3jq0}bnt4!dP9rv5y*|v%$fSXC*?5L62oFRq)|~E%Coxa%m;M7$_C39yC?v+x zAStf>QK4|mIm1aPtybBLJy^77DOJOZ!75?wTlURWtXON#-H)2z6BY63_WOs8+wx&7 z{L4M^NFSpvlng_J=>SEnpT&(>kWp*I$hEQgi$WUsXa!zA_e{#J9ECQhiy9nUksQu2TX%~uSe-2pCEC8YT}7R8@mskJjh2_f0_ z$gG1Dn)J2K&8hUDY+aXd0F)K^Qh3~&?~=$2iYEKg*ne;g-2A8`@3C`^R8()VH=PC)BtED>vYLYSEl?6Jw9m2cPBmy@SFA;s}}Qb+Wf&+m+q6=&li94 z=bTWd(ex1WjJ|*T^It+b(b8x8(@<^axu}A(PIvHw7CSEXhb0oM_g%ph=5M!2-y1l6 zwT+$FKF9ZEcCD}f16gK+NSAuXN@@oZobeXEi&cxyf;CO zi6Q(`ZJlqW*CTn@V1Wr?;^NGj=P>QE4MROvx&oZ7U3z?}CSso0))aO*h5v5Zi_!lA zpVXc#RaZy1zhgeb3*#S>WrNg}M%pCGxFbhLZUu&HqC?oSHBjVnRco8hU8N5K5E~rv z_8A`d4i-G8@DWzWwlx|tX|2xDI>*B8pepWVX{qybgU3DfO{HO!zC}UFwYP5ZakWR) z)jk!kD!H^@sW%6snIg+46Y(m@;I&!ynb@RTCCIm*EyZU(WiST{uB-{ahQ!W1#k&`6 z&NGmBLf&nnzPiM!-X6tj&|)U!U$jEZ(s9R2@-|zc=e-t*SiI78PHAA`IM8>j5KT>^H#|IRaTU-w16q-cCk5q^`gZ>ZQN@tH+&?7Aw4Y*_EP zlIBr#KdX7JY6NE=%g5MG9MjnFon-l$1O0TVT+7;@vrrAl4IE?gHXt!V9s+l1Jdzvi zdi??J{iy#B@0h%@rGJ%ANslg=C61=~H>-?p2kLK)xk+4wQ}lpc)MFexYPo{NmiJkS zS2gbr3^wE2Q|Ed&nqXNT_V^zZy;5%%T{p}pMnto~ipFjP`b11lOPwUSou%DrA65j| zWPDGtHCn)hURU;`>9OS^el{ARd#bIo-$NCl8`?kbNqfBgDapYn?;Z7HERcj_6peGV z2&8LAz9(R{{8Me-a9uXYxMs%@Yg?m)whi)1X>hR;Q2MANdo?QBiRb@D!9(6)DgPjt zWcA&GWGRd>XNl$6{DnQ?G-cZdy%f!62k#qD<5wm>MxP7QnH`#Bl}pDC$q#0qx{>`znuW7zC~Nwve2h%!21Rbso!8{QR%qDHV2%Hh8o;v=wN- zqR4%gE2OKqvPT{E_$Eri_we&~W@k=4vHw8Lw{zj)b6N3p9wVKjoUMYt&x_cn^Qi>~ ze}54A$SvT0*cmy|-VI^=AZG{CW$vu4>|qAw&G=Mmo>|B|Oa2(Vu&LS@#mzguw(qjO zg)keLv$EuIr{@{X`^YPFG~&-?Xx9Ek3v@6WM!OJ{Q?LdXqkQAoS>XE3z=L1imcZv1 zkK?SbZNQ6cBFU3S1~;pEw=FE~q2WrHVZ`&lRV_IPf5r|tPvPl><@i&j zgCAnKZ{;UO_9|~fpuq+dpWM#|Iu}Ka)MKnt^9o1H9JnUbiZ$yQGTdn|*WrBe9;%Rv z6V;IsB%*acICj19E3NKO&7h1{GNzp6CX(HhPv;oq}g7^>0YIH_Lp-SJ{ zx_eVbY!%<0c$dCs)zeyny_R>>Q;T7o zI!pq;q=dJIoZj@2`qTMSduI)8D;l#8VD5t$4{%1WmPHh`?X8}YF~M&@nG_`H3>yJc zScCf`1UJ*=ir(VtX{9FmX#BsM>LFcn29-|^ZaN}*dp8W%+Z+5pxCd9+Lv6rM%+m4} zN8wa!oLNdAZwjO?<)sKpc4p?{@D-KS>{#d8kAH(VJ0JdA`^5qC13h;2QFHE9O;!5+ zhal=pVNLY2&$fPLF9BEAfj<9~GeWRPSVz23DrE zZQ08z}rr%$D7W zSUr|S1ie#|@xGM5j5)YhPL`Z|)wO=u5SvL?qc}Nx#k#6{{qU~hKaksgUmsBJQ-)T6 zy@>s+>`r``Tk|Zg={dOScW?+_QYUi%sfWJ>iWtq1tu&~5CmM{rxei)_y3MLr7O*4p zThg58)2c@u&L@;vaNJA#es)k^=--y+f)3~cn{7CBYj01ld;jM z85%&`ik(|XP;y4Ls<7EV2_x#l^AoEK{7O9fV&^<89xtGL1>E%s=AtV?814LASGM` zlmFqx74&;&(#YkSoK5f8%=~|##tQ7?+p8U>WuUMOk-HxYrNV+yoN$KW-kV4nin6H^ z09_&($YiaRUS&BYcttC~wu(pf+Kio$y+7nd$Qp|*^6+adloHLhH`%TgPjwni67crTnyRy>X^SFLyv@#jJZTU%>!rhR^FPLacxt3BvE#O4k zJDK6tks}6Hy@yr!oQEQ);Mcn-n<&3Rf^p2N(_6=4KbNKJO`AB8)^}6z|PUi8hE-R2AL}ZnD?RZ9C zj*_*dh~?sa%sy||w^X(E+@j@a6r@kdd}?$xQquzyrj4%oR5D3Wf8Ao?j@?M2>tV*o zhQJZNLGlBzSiDhd0Te-@UkSQ>M9-zo5wV&hLAM58`mDi`SiQEQCCrsQsoeNV1;U!p z$Ih83Cu$9NTQ=&;zL{>CTmA>K+gOA6TYPp@3y6N*o&|x^KcDCcpT^5V=-L?FwE|Wg z&s9d7wkF+G)*aoL7Cyi;?^XY+OLjBc>)Y#aDrv}~nQe!o!tfDyXM#A%aG*dmR1sVU zVN~uxCsn)LhR^X=#HemP`{%!A#vp3q5jLj!JHYNC^? zoeSP&q=;WGcp0$;XYeSl`y7{tWSyW^9et4eG z-+GceYlL)c`iD2^=*zwJf}kbsquAEqN&Gn{SZLEQXHHhE|4@^gp+JjQM>T0dd1F?# z`k!~iT3O!ab@DrBzFQO`um>*2m&ewx=Jqju`^X-K%&qwC`J(t0)=gFREY2$qkC{V| z#DsWgi5x}9OxIy%1#5h06C-+aau*hLL?s`EaMhX*w6nL7`b|=qiti@fU%YQioh)ec zw0=|Prxjti95-Zsry=g8jMh%CjuOKEn?P|>j`1bS2O=t=2qAd#$C$a;367-_~{jBsoq8M)|JBqJ9YVVE;RbT(tVojy1mG*a`O3u&t<&#Lxk8Xeh=W z9kbIuM3NFAriWEsln0A0^*rAz#5?_DI%3z^0(Cj9{z{_u^5r~NTt+#++JxEXhNJ&L z2|W*X8*s3SOMP^Z3T=#7>&~6=sqP|Qdjxw9u{Ae{J=$t)g+1bxn)%ddmQCuiQniFV-KlEPA?)zgm}k36d_glenHz zl(~8Q$T4$`S-epKdonzoE1Dkr`&%k8Jwo${HOeH5CQ00rBR!F3SXpQEjcmcM-~WLe z&)G3*yME;*Puj0FT9&k8?N@XWYG2|}zX|sl&5}b`hd(~RXssS+g*K1W+3##oB2*ln zBLaim+BWsBs1E59i0NTLXYX@K62p>gB}`XqV9U|e{B-}0|8tAfFBV?(Dx#Vhwcfm1mV&REHhs0l1{-|-NBx0xL#Swmrj#R6dX=% zLAHBLGNrdHVnX_XWn5d@tYhfDY0nm}D9cU|k}R0wEOb{F2P%(>YLAzDij{3$l94Vw zN$^48w4O`3YiY?brrIaF`n)6I4%{!CxGeLgd12w`n50+ALP6btmlgHJXMx3a7C5BP z6gerh_-^+aGl~8Jt2*jqj&tA3xfXOWxHXtCRm&_om98lD`=?@KIAwurmTnFiOV78x zYDrcG)06M$rbDg&Kt!STa^Kh&+FEi4hC8Ui_eiJm3vM#j9(O9xB z%NN7N zAAKHMFPZ)&-_a7%HAtq9u)OqJ5v@s%WEB_n(raDuS(~~q-)6Z-UyH{1*3+$?#CVDrSKqXqQvU}MGg6iQ z4;0PKBldQoTDLJTLHx3eFB6))HoaKD{#c{kS2*j#9HWaWOCRBq#$ zwmZdOZ1qhaCUk4p#5xdv^T7O1Y}*~yA;EsW%!EC8=Dh23HB=fzvv*lBzJ8P?*%?UB@E|%elsIRgKC@)xK%6iVZQLWa z%N{OLk@x^i3bdBrDK1Mb z)6=*YOtn|I*kylx3n#PPNKzBw<(zzq&(cXFSl&6xv3KI7sOK(AvB(NEDsW)W;6IS- z4EiZ7s*e(_JCMV?oYcd+XJv9vbsls9Z{%I&$j-i0dAU5pI^N0gsrmi6RrePVS%~<_ zqZx;fveCcxA?42DaRVl{UYBhj6#w3uoHbw{mt2$FWdQ~A4EkAV2tyvk7QM?#dlHnA z`2MFyUD>jG7H9TZ!!uQL4?CkZMx0E9QUTyl2b4d4`R%+u%DV=jZn>a>1Yc*O%6qqU z387LyDPp0joJgays}rQf$&=ZsiYOKfg|qa_z2N$TK^DzRYn~iW`+2w~Pp@_m`?~x# zKwW7DyufFin1@jLyOa<<=zC;n!jtLEkM?lw?F;;2ma=zMC#;TrUGYbTS;j($D9GaL zr}Reb{D!It=AmsSXP(<+wAV7|$4H-R8X)cB4xDXftQN97n>99s5bZjIXZXEw;jyk% z)ZdwOIx01`jt;Qco7%>xFKN~Bk>?F-&G*E5Ko@y;_{G1y)W(F4h|@_`Krm zvyArj%%^tq7rkI+%-XuMi|^zGTYVH#Kg&yNf0FAxcXS-F;F8xthWJAFLb|ru=Eda1 z&=%4#G|?Itt>TA-@2H&{ARiB234FpTZ@cob4?V*2rD!if1z(61jmK*?S|=zoB0VxgcV>u><@jSTy0jlG z*47akVDcgsX?+jv+6e7`N*4^cMUnp^G1m9* zPh#H;qeY_yHU@DM)fmWSgQY{r&)_^*73VOFHC{~3h<^81ISCJwzBAHEGMN-KfkO0V zZG8|qKk1)KE<)G%U_Z93Sa;TANw*$}f(}%-MP35*%>O_ZV^ik6OIX1Qh?EV{F~i;O z5~e0%Bd2-eb){8nWlwL#fqx$e*>eswQ)iA;FI@Wk=6C_;l#msJT|dI4+ zX-tZ<6B8QZ%v;b}R{1MO%2^K`skwZfd~6@#F0|`)-THZm`GB%=AjW^2QSukjg;{X2 z)Srq5z4EW?Xhx$YsL{5S#m;nHh{K%78sWmrb8M!7=d&MC2+k3sFT$khv!8i?0b5_d zU&QI-$MXKfS|KBq7kr5>JkBljGCj(B3ubgkseXOa@;Q*k{qdoq)^v=Jb3hIRv7R(W z!ct^(Ki-v2mO-qRC!5<$qCPco1ZMUj{~?|hD{{2A%Uj*UH<|nHO0c}FaDnJPmP>&@ zTJlX`G4uK=hPa1o^l$p?ciu9|<9oG`qnUl#iPg5wAZAe-b5%h)>vcA5H4Q!)XikhJ zI^o&?xUj4!!o96<(Owp9Ld)h{g+isKM`o^{El40C)30AX+iW|@#lpmoxbtiu@7c7f z4HJckg)G}V4&fdx8Lv>;rJy^ZZ42@}Bh5ng{z$AGR=^JnWRJfEcm=JYLjpihca!Zd z?GFXP^b1rXH@JGB0V|Ph=5Au#v^2oF5+FEXAK~o2PV33{?+usQ3VbZo9rpNsK7<#2 z_4s~q>tQ)EAkG~sOZxLzynx|;vLlNm3#`9uN`xS@aS~EPg0-$FhL>Lf~}-GU2YYB`lni02ay;}-M;?xZFjN- z^GqFgl2y}K>Fqi7iRHOx87;X}@Lz_;Zvt7d)IkqjEi44rXW7_4t6yk|pw!^x`T-4GI$~C_g-O0Y=VgG)+t;1`|@8Xdwa~8_kp3J6FUJoOqh|(uERwn%^q{T>`C1#NM z;e+B0KBbA{{KeebxjBOY=nmQ7yB6s6 z&h-S>4EWCW?ekq%c(vTny+bcCK5Jy`3OF|#;jYQg^zt@XyLGC%Uz4Y(mvJs&ysHmk zL9?st#w5vo-IlnhZMEnW5dEk>qupK*j9IB)bkyLN8Ta0Ha}2-E0!jZPy{De5u+!&E z^qBd*&yGA2z1S3i6^;Uf8w|G21gSeF8s4SZPf+HnnJ$W1(iku0nMOEvE0& z9TFP841Ye?Yt?~Ub5xMbm~(qyt|Y2xeot%5uUm01%k0g=C2_tkI>PI$0ukoD{TNsz z$*cm{N7uTU-@J?eU<+nUJyu{#B=ma2Uo-8}*I0`HzY=NZCy@V?$MCy{8@UV*x)|Mx zfsx4w`0a+qQM&qf`Q0R7#gP~A%eF=$ucJ-ybz{d1jlFhbX;h21?n5uC%93yEze=L> z-Gi76yE02jsVp+|w|s>`x^t<1yuzFr{CgXT=lnQ(bsvu~qL7O1inA+Z^DgTUy$nq$ zM81EMqq{qIFvoM$Cj5!DjJ-R4wtub4aQCQ}yNrq8szp0O(;}vOhq;;kpW0b*a4D1? zEwFt~v7^&~ERc`;4@3hs_~40ELuu*EwUX%Kt^WGK8U5kr!{ajRz_swCp>dvnABk0J z@9MN*0qxd@Gh|ws<`(~0Mb%{9;F#es$G0g~(KOqka#%!yVx5&o7uBj zZBuDPT?|p+xn$b~LkgA$3tnJ?!$q6cM+GRWTT~dq4vvTuqcDl7!3N=GHCaun=uwdA zLu)eCih!kp5}M+$mbW_G-B(zEHXk|Sj39JT=m(~^w2P1>`QfE%1K_+v9>|L*mgw-B z6{EM@&fmgcef#`bYA!Icqv%mt*q+Fe8Ik zKs9^-MgoGDQz#R}_+t2;ybZ;-75%$-j=i}Lqx!GZ3pb^i`A`Wz7fFnXNzoyiuVKhL zwqi+g`SToj(fscAZ2cocc&&{KL$I`CPHGDN3~)j81Id}178fONIY`$;g# z?SWtRS)QRC(+Ko>_1`q&@0~P+hmsWns4|Au$-?Aib9-=`4e`r)E%ftu+xsaB$nt#Z z2Bvh2b&(6lq^D|IRMp>g`2vK7T7grG)V=_?Y00j#;(G!K0-~X$mgst%8mp6Rq;dd9 z+Dsh7>kX-K4~_(|K|9+Q+!8Wl!2jB1gES(uzZOS}`v4Ky=(lK3iv+Xi8|AL97E}Vf z8gWwaCic+)Zc-fMyF#CxWLgj5bgG3Kb53%yg(wnHS6PAO`kZ@d*3Y3xb1Pts%h}Hz zPvUzxtkG#C^s!3;X^z&0&uANb_({9DTusftV``Hp*Vi#_I8SKbGI4VsKs)s>{vDR! z<^0C_?WR0|nxW*1Q6#$|&2m-sCy5+=3;eMU)}QJPh7o}9!Vw+0mByP22_oJOiW~G} zhi$&=&r(l!_B#WEQk@d*;wh{%4D)eRsB6N2)H{#|=N?MjXHe1&0;W3@;R01FxwM|H zt$I0SJjlp0x#e->Fi%r>1eorq48+DU3rq^Z0Z3riM%}jbC3ZJUS$P=9wJ)gjAWU*wkX0!qr>T`el*89E8wj9 zCC;9xkCS7#Ps%_Y7Ff>4Rc2RF1`M2{7Q_S1f2XsZ_oi?We+W`~<)s2_F}(#5IG0&d zh}8Z+j-I@w^r)4CRMR`f#knGK_!VvHT%@8z>3Y#DP6v65Cv{XtVYfDiKQ-v^-Rwh8 zV5~#9s>BqCy6F8JP7Xv*Vd?NXVGkmrOQgFqI@@ww5WM8yk*j0&LQsZ`Ui%+DXw6E^ zPWUXa{qjrtqo@9)fix$D`1kbAa?fT3{<;T|Fq^eLy8YOe?dr{f(S@sy{QXA90~@R> zPJ@ zd3Q3Cotb!mJhG;gdfuAwVU?1I$IyeN<@Iy^)fgLNwR% zkOk}$;zhWpXO#;JQ-+AtNU^JT`j@@-Ev7ID-%lXL&H5wmmK?o&^|j0|Mz>`y&DW{R zp5h)=EcqCb`}KgWCvuO`?E~4jp~Em*$W4Ehd~B%G6eFC$J^wmo`*gC(@`NGjRy~<& z>!y;vl#GFxqhDztW_qhle7FH24#a&ZtF$pn=sg`2VSOe zes*smS?ugPlBn@2mSBq=uLZ}3_*eUriPB9=j~rD2cIotv0*&$gzf}<$|9)F%c^}Lz znV9Ef&AT``cXzfi9kfMgP}kL(a%?JFCaoVG$aod>K9F0(NXEXB$_nj{9{02~l60&6 z8~AmvFQeAURgDfog0ryi6Th};!Bj1>e|Jt>bPA(6_7~@K<@)-Sk?dgfGfzv1c z(;`;>J(L8qTH~;5`WJt=;Hw{R7J^bQaPQReu$4!*a%|k=CzTh6hpIApFRzv^GS?bW z_Cu;sVQVlp#9)5GuwsCNpZps|O(17M(BCQ-Zwtox0;*3NW&bioW=OQE%=xwuMtJWZ z2&T_2O#xv1ZpUPMN`D=ly-fQ=U)k!zeCMUC)HRXrAI`L1%q|}XAk|3{WsTzoG{)Xw zSt5=(!28=Y>3Z##1PF2>f*^&xoLly5+c{CzCs2x?So$4z+~2qEv}Wx~4KIDy9J3rg z*@Rh+gnvn+Cf%cd)(7pjzt+$!c&(i>(VKGp44vzTbb_-Y(;?mni?qa%fAXyb3xQr! zhZ+1OY+CNWLStZ(b0nK!e@RzsLjzAo82eO+3}o7dH3ZnEdVw zb$#9<$GX(Re>=Otkv7im`(?wttX7bAt=TOmf3+dArTbvP7wx%c`}!wuvd;pZbt6U& zYLz`8CyjR4HP%+T3?+mhf?3gOP`>&tvs3fU>>6&1v3IHM=5Tt0m-rRgytzN96sR}_ zP+L2_Hv_Pg5Gk~BC0b0LTze;l-X+M@nbL*eT;w4BL`BOtubDpcv0WVT^L|ntZ3iul zjyBiWo}$uj4)1?<5>ssWeigXEcB##?g>!8ZwJ+3vxk#^ClW2I*h*KwiXZ8u#ucA9O zglc$QyEE7y{&N@^hWbu%7MDr1i^TmQlser+d#a$D?aRRo<(XvDRTQzm88(+rE-5yj zH^&Ze@HQgW$vZ`9hXmq+qN`AL7eiZ*WQ-j4a&uiL4ZD`k_{&gkh=B$UkQ6f$x%K2e)Rzndi(laM|osy=&Ur zbgd|iCPZvcv|gvYNZ8X2|6>!?_hMc|fD8>+L5U~YoS7%yI>kTNCf6o=qw}(WUU}Wh zEtMu?QuqO-$^dW9sb{E*eDr^yCs=u8`%c4%wzSF59&zOSKu~!m^*z)4d23+(g-1O{ zhgNiJR~Fqv)^%QfBz$Zmf0X@3`I-w*&Rzkc=JR`YEug%JhY`N?sKu%jBg{5k0QQAg z1t!m}gQypMX7cUMMr?DFteq&3~r%u7DYIi6MJL zJ}ze=TkctF$D9Y>{?8uVzNgLE3a!Yje3AO48L&fX^MIq?d!Hz$6xX%@DviN*v{^Cq z`RnC-!TZ?|W^`nUOCSA`p9xa;6I82`S@qC#^KgQ`Ec;BCrg_-^+ZEL#hRxL(=}e1T zD&P+T%W;4s)ZS)Icl%~YAYP8*F3009ELn~oX}NsQTsS}*^QLRD-kQ_G`N+Lb<&fd2 ze^*Pmfn8Hzr2KT~ITs$lrf|B#gfjM2-aE8zn5do?MR|~LC-Ogl1&XV#= zZvJ7X*Y0DcCAcM|iP8on_N{J^HFyZmJoLeKAkCDWD?LXs0A6zhP-vi!1<@Lc2 zoAW*}&Fy~nJ=RkAGAKC0rPFdqPaP|rs%SFnN3EyGPL~!~TINv!*x=7gKahzjRd?qW zQ5Sa{{abDe0bc3fIY&~^T=GNbT02LBR`zfP(TW%muR3&z6{?^@G%2brmw8C<$ENRx z$txUA8M30^93b^LtxU_MJj48g(M49IRw0@rJ6bgKllkbm0LC9;E^E^dqwisK0&c>{ zCvwE7QgF?QRPV-q(^%toHol{1GARR|sZM-vsn2H|D*ul9VNF}-KFFiJ%|=xEHfOA_ zVlk8-9VT+l_y*;f$d+1^d0lHf#~#u2Wo}1HU8z#AjSv^6c+Y$m69)Wm3$g)p96_Y=7x1lE`LZ^?`5)S**uw&FnMLkJi-@;pJSyGGAnPCP0PvKp z!Dt`~SLClX&?U4(xeZLF=8&0PwWQ=un)+PVz(7(Pmw3IGisNzPO54qm(ZmbJ)bWZu9?ae#_SEMH?)gHQJe9utx1~co-_GZG&zQrg zbR?#EyYJdsC3)B&od>B$n(0sOl8v#P~?=5X*r7$IAb25?r;y_FNWYW6DUhn{Uyp3k9433D$|v z+?+WEGaE%-i%}r444^kzA&4A(7REpwsk>I7afJ8`U7t%2`yf30;!I!39WPwl7N@@= zGRNNUSWQp%)Bk{qBmiylZRj*N7pM$qy}uk0WIQ4V9AW*#Y?2bxuq3AIBK*-h_6N)= z(x=+Mti2qNHXPGJz#eZ^9Z06}>C73&G;&PjQ$rbkqL->#8R$7)9Z&eeTpqbv9f<98 zE{u5lZ7|bp2XOqrm{1+PG3v;bxq8L1GvO&BCm8fqp(YxP5!!?r&3+5-dCk_V$Gqa* z3;@cC?7{zxzU-L(k$L#Dcd>=fb!Vh^Pn*M1ODysmNnF8t6JJX+7jX}3PoI6Iu^IswhG_$;Dy<+9hx6x8+6BT{78QzxTbRa$}C+#2n$LYZ%N!)Jgb+AoY>bB-X)AHQz!>vheS&EWS z7lGI%`R0l<2 z9e9Vw0G=^)mBOqSNqJWny8X@Ok&Lnz3N{?{Mydi%5p_@B^gUhW9&TEcn?$&Nc#3rWLUci}Ucd5}i4$eW+KUZ2Zt6-JYJ`%Pl8^!=7jn zX&mSS92F-96B7%MVT&hK&mF*Sg~7eLF?}2^?f0_i(R%dcP>{}7*J>MAlgFpV=I%Ml z?qu*rM^ig}Bl{Tz;?agWtzH7@FKN<7$xLDv#Ca($8|d6^J}vl@E}LP-4Si9mzkhz- zMJae@^F3?yldyYK#GV|P%#)TLZbVm}BVJ<;9?=U5sqvPTT6E)MZ^85bac&1<=M>e% z4Be_^3=$T4NlM1z5}uk{+H?5mJFkInN}QKl(97a%<^8xR>$(VY zvH=YvuZCF2?|{HO7`AFKRKSlGt+aFz1Ydq^$H>i?^|rnbOOX*fQ1{??6B*^N-)URl zQpORH&uQQhZ4>_==zR(zvVV)v{azY!u^nAeiU!ysCT(+PtOhw;0u9eQ!loF9-~Z-+ zA2uR<6pQWqK$mIT7r31i07t~Y@3i1)SWO1^g`f;$@J>sUR&njirgGi9iW?kqZ&jc0 zg8ut_D3IETXvHd^xq)hsuis@`h)+>^~#u2BfsmT;|A8{}?Arm35 z(9EbAO|%LI;wn`!czQ0bRB&?1XvMNMMD_a0BWuIttX(sOy7u9P$%~iXwTd)XHlIX| z7yo2*IY%&USLcQQxpNKRny6{lXJQx}IW;OqU^(aI=v`n>WTc%?xkH63_cX4Tep3eL zmx#Lpns_y`Lpc7Wzy%dQmC)2+MCWEj%0=$5IRb0gvey|Oy!)Vj*5O8v=HemS+^#0{^gUcQyVYI zka>L$)%J$Di?y#Jd1`=DIMLVlHm~|j_@bVY#jvG_HdLQb9(Vb+C#9r@ywwrfh_c^A zkL&^U)oLL!>Eve4=GZ)}tFgN$@tZ~Sv!2uhGx5r2me}o`!TrkGqb4;E^4yHP{|mOeb>&U5)jHAsz`9XJqRDvB@OArc z4Q7V=G<#WmIe^Ne3zon7b+t+9;)w9)M*^vb0Kf%c?%~g(6Hv=L(J2_E`$<+3tgc+E zSE+JHyE$`f)7lBi0i1{^PSW`~X>%u?0Gr^s0gP90+1S_aIm3syRZB<5Dbe!VWq??s z>xt$H0KRUAZsA@4!aj&7?RtIPrX^eR%lxo}z?`o3$qv7hoY^}%=k>$40iP6#@@-;Z z%_e8X7&+|oxjr7KA?hMbWQ)Zb!d83FhJYOHZcJB-sNqU~*`GhRf4R*6Q}t-Vs;oaw zaZC~`i{w00L~V_1wd6v%(Z%KHf_anHg>N>LG6;>-x>C#=k=Hv=iz)9A~MoMZK%R+dIQklT9V-0e0LUT7AAkVhKLtk`Rz*{i3Jz>un~y^r!{EkB<#yhz=- zi18HKeDkv*9WQ%+Z!N#$L79Shnok%nN`9oPyuo#k4@g}n`z6f8%h8~7%alP^4LpPG)<_xwAdwA*}bp8$9 zJ(Nw`wyXy>4#3fr`OE>#+hW@!_^nWWzj=>?w!u7tnj+f=wpLF^f&${Op4+;(C*~$Y zcXm@{kY^n^B2lW|H1zsTY?QIa(mG%s7esScd=yV!#@Xhk=2{TzE9gTc$Gu!=@f2O(&kI&7Ev;bQV0EX?K7m7;xUWSC2c-RJ9dCaq)M+tdEYMF}&5UL%W&CfK zMR#*UK?CK^RXbLm<_n^_XPI(r+Q!n5Z*8#6fs!`CET<$x&L0>JjtGhRt6km1dn)wa z9yzQ5ONMj+MigTCyvP#3x7MX?r$U-pscIiE?qNwZM;duNM>r#a+hFaM+OC}4V{Uk1 zqe8)I8R+kL5owshFL2<@MqNQn1|N0UqrkFKK(+>EA-_;ORyPGk_2R#q!A;8}nrRhN zZlRL)QF!u47H=qod-1$Se20Q!%LP&Qr%xxp44jqXdFx$QcL50^pEeu zy>9kZO@5(p=zuWHF$E8e*}0nm+AjgblOy;Ry$l&DWzZi+F2Y{==GIPlgSYv_hx#?; zOdJi32fIXTs;PJm?wuFPKphzn6Y5&$x!rzVxaUa&hCPP*Rl#?`t)^ws+PLr22E9nd zmc>2UqQt9*YUus;c#~Qa&GY`Q+8nx?{U1%|9nI$dzkh9&qA0az?M>}jX|;BVQ8Pwc zHB&;Z&`6BhdlyA(R_(p_rmA*riK2EwkrH`-@6Yd?-=Cc0Bu;YQ_w)6TGwP_!AS=n@L-+vi5vnPvxJ#+Wt2iuR8hnp|5GF7qP ztB|%m7F3w^<;e3VQwS+0u6Aiw$y+t`(l>kU=34xhN_Ylr;ueRNaRTewG4W?a0kmS(_%qP6SK z%`Q#gu^UXB=ces;W11!ip(hu$`?_h)9x3c8W(UzeNqpXV5~}Rv!fSL>2U1S&ZC%Vz z)g&FRY0}MSaN)Xpfh>)%g~wXq@|qCfYDiywP}YMO%gPjmTxO*V+hFpnkbmn`tr0rg z>1{Kw;vM27r9)x@9{fyhv^pKzpmj(bOVjbrb|-Pl5_`2A!opW=y`^Sc9F*{TRSV?L zGdcE=>d;n~ujZ?~*t6NUd2?y>PlUlv2X0Q)?Ch`h+Tm?ciD)Wt__`y+kmLQs z_3ti>zUj#D7K*VHvL)EMs1fSvz@Hl^I2MmTa*)Fcny0<8NGPL~^xx3j%~4wq5R|E1!Me*F=Cy|fB*LzSv?3}u>eqM z9oAcVmnJmX@I9sfrf$3k;~au!=HSde-i~TUp4|md7I6{joZn3!yn!#B-y0iSyjw(n zN9~>=G`;#u_eN?L4c-gKOr+Gt+M{;{*Y8+CiR=paRL5@`aWWH1WzCpd~P7y{9{}ttqx>&5~d`mynL0AR9kuI+q^6 zeKtrMs(sK0A~|^nw#I_OyV&Lt7T83LQ?#17UnUpNjGAomuYVV@>=oYoQ;7W=D<@xF zf?wb0xr}MP(i|EW}ApJX`sig5q@Hl$TxUT1kzp<8->=D&R9$hZLI z^sDx~nJaI=Gf|6;J)eVx+22=_FH?;2sgAzCH?J|h&HA?TZ+p4R2j3pzoc~~_`j>J0=FuxP=cBmWD-8K*A)n5xpI(1amxf<# z?hMm15#F}qxW0Ua7DDC@{~m%(W296JRMsxvG&T#zd{ua6_IP)=69HI$Z}ZLih;cKx zbTNk7woP=UmUPw9YbyQARxWX6&5Cm;wmrB>qfqlmd9KW)=wI`m*YtlRuptd8$BT=9 zY@i1D(on#D?SP706Tl`$(&WIn%3(RKA-cTlFwZ(^li?dn^2j0wmLcfq&n@pmdsE`L z-3@H>p*A`;KZN)QdtFk@m59wBQ2B0dYy-++{E=T^V{5h2oHjQ0tSq4&qVynC6Or?I zHK<;ykEKrqTWkvkA2Mn@TU_s=q?ao64y(u9UHW_$EA3q7 zw!^1xb;;=PF`kq6SK}pwhQ^_ligsQ2bsR5@sVdgd(ewQF2MU4C>^}NC=$C~zyj!$S z9r&fk6&QIY#bm#I`lgZXm8j50%;)<9256tm9hw_bOXP#=6y1*Yi;33wactiH;M86+ zanha+aj&hC81L$OuPJ4TDmKeGW>8`+U|vqF^~GP+=;}w;-+83j03}2b_gwNG%>OO(P*drDoZ#0&Ev`@McA|6F*dxL?eMM_~b6YT+rP2@D zY>y|4o=aP3Kk7V&t|B9LhGEN8o5KVK5JoXvT>`nVL{^TuvZWas?#J5T&HGfLtLF2I zS=p=}Hb~+|7E8lt2cHk&tT#J^`hF^8@$LHi)ma;^cR_R`zen}IyVjZpsr*F+qbS~V zU@v0jsu`@IifwDDXpBz~C55du>rNJ*MYHB;0L}KxV2*_MY`?B+kT>zr4ep^y3M;&j z!7O@84T6RBbxF(!&Ydx|GtkL=JR}<#X&eOSsmB5>@d>)4LAI!DDRDU4w`%H$8yT8mXvXj6u5}Otj z%}rR|I-EH0?#U;LD>y_e6nW-n5uTJl)u~(NpE6y(^V;UkcfURdSHyUWjc?vsdP33`;MLOlI9FElnWViMbLYQltWR(bsbz$K%`GeNwD$e&h5j z`a$Tc{bYY&oh$@yFlJ<@i!v?~U=?hf0u&PU(d#OObn<(bG5l~%2q&W$r;$@mZXkst=mJ)}7 zF57y1{^mkLg&O&nKl7e@Y-^2PrTYHoj})xVMIp-?%c~*2i!8!7gJqP+TS0aD#A&uO zV&|0ra%P%fIp@&n>9@74S*u&UUd9p5x;&_H6L#KB71-qIA<%TMu|rC*D~e$;|G`tBX2#T4Q@ zkrygemfvM_9<){6e0!@_m7Qw8n9VF=RL(nx|B5Im;dwSEUL)JfO_G3{THN70m)LSrRI-5s^pqa5R(*N(Cn zwVLsfCfhl9gi<9+z8wj5uReEWY!3GHs~P(g>>0o*R_C}9v#y5!mx{v#KP znc#yYEdH-ZSG6=_{@qkL@vtaCk>6vfH(AH=)v}O3I(o6uAX+mZ}h{!jnx zYfs0#i2@L~ampK}_506PbU)uKBJs-q(Ftfo*Ku8sh%4Rq1@Hz~`eDt4qZ!>Clex1= z2B=8suC+mtI~!}22Mg!tQ90qSF(=ZgJbD#zpQM6`+=OTN*3C|KG^h_mz6uW;MDllC zF-JD2N_4p&j+*o`dy#k+rRb2{gkC_;m4OMw48D&>^&ASF+v8nv+I?O3r`1f|3-?j1 z9mWnNmEEz1<*sb{G^y{B$EE1h->7b}v+1TAn`@D?rHfZID~5gu+C_9sP6D1bU>ibC zppP9Ed&S(#s;)p#$6Z%t!8WVO@rmG!OIfdykqP}z`qo9o!*gLQplq7-22|-#}{?=yw5shxj*_;O1OAye~D+S zt+q%pIQ8GX4rD_<>cVegZ}oe*1|}wSFc)jolK&(~U~;uy%!^CJ7KpBf$vt_fw&54e z8mCRsn6?mtkHlzw!8s4jz)MYP8)KkBGE~ZIBiw>k_gej*pN2wC2DLYBnFqPpv2SJZ z`xuGs>N5N{F)z`k!t+KQqvLoXZL-IIdXj(Kc!eJeP$=Xa}^61?@&K`yOW z=(mp^L)rB9)ab5H<(}cAGEeZ$G!eNi8?#Rb9{syI>%ybgqI#8OK`oH{ns2NWM|e!g z(BZF8fYjE~!c?oHPnWdp*(p1V$*_e!kKNL5$^D@*#KAdSL)fP^ojOW?7Kn^hSc%iw z&zRf@H1|2rPS1|^c#y)ApH{<{Jvy=MFjX2}sMso4>m@&UkYX6Z86_S&Wk}9w_-R{P zAUF2@Y-*}Og=2Z^9|`&=DetHB9>PDD6-f*KPvg3$Z4Dd*Em*fBZhiesS`Y_hQ5ZP< zfU~C=>0dX>J|aw0cH*cs=p@Wx_<>C{4>LEXv}&tCKaT z>P50SU0j#UvcoZbpuDd;!|{_Nrr;UKT3AReTSVTg^4=E7MUgl_SxeH^(|gUJeD+!P zK7e>_0Z_3MOQ}H9Xf3JNQj+3p_-E4IAJR_%BZ(}{Z1CyGXHt$SL-Ee=|Ig8Hw3VSje%6k9G!5gVhl6A)f9NtdSV~m zKKU(7lB6s2S!w4cF!hpiLJv@Q{^o;qoZ_Z@;$U?Qid-$A6qsJ|-spA-4dLThvi1mQ zgm%0_IX%*5(}RYbPi~V@$jKr4+wMnJ!;oU&p zEA&hLUs@Y?$jQ5>%K<_-=XKE+oK`0W6qe06K)i#k`vvW0aIa_-eieBoICS;h>WE33 znpfkn94{B z5nTa1t)t4@T@2SHXHQU9+W0=qb7qw*u}I|~bDDg7tI$0#6+s4@m-uCmOA!CwTl{4A zav;#D8&)yOu6uV45m$LjOMQFZCWHUehQ(+%m*bW5P^I7Hk5%jU@wOj}+cMU9_<~hZ zz;4pC7buy!Z$5JYdNh}oS1=;QCK^Tse|lb&u&6G+?y`g$KvAv1=|M~i$(#o&d{8Fi zMdp*<$L5MjgbChncWZypAWd+S{qg!6-2=9$jkS7zn722&(hw@p-k7b-*A~M6>UJN? z>cX4afOl1_5epo7jRz{ukp#z0?!_GoY;zQW>bkpPU&VU32=C)sudSwd5@pVtG%$83 z(`02FMy7PzlD=ezz>w2#{t%&yg$=LYA>7VKmj-t@Z$PO*y=$Cv@*^HnFI?tvu9*`2 zH=Q#`PYXng=bpX<96o51>9|6Vp|sR;%I3K;l)2j7ds^ChMmn5sVvwBoUpvNK(|h(_ zOv#PYd#trSI9!1XmMwn?&ppst3Xza~ZJpUk|dcCjL3c-1%Ow!}#Le@N~Ikdl880tM+mk zZ>w0m-uAXuimqiQf6Z#|&P*|1@eCxVTA-ux0rLUHuJNIyulCKfpj|h2sC7xM^4ht} zA(x*{vrY1D$g#1j{XO4A8n>p)^>Fu;>GNORsnWTVV|&Iw;}TePIqn5i$SkTQ|C^>W z`hDa(^no{J<(!)qc&O+n5G4dJ&b{(}{2mbGodnZ&1^)Z2WO}Mo$}PRSvcSCw2$;*m zY!*=j(~W-(@5Pi~aXsyQVEg5JoX*?dCveXF+UsnB8D@Wy?mE%BdtTmF!W|uJGV_{( zFTnjBUsLi^mHIndx#RAmlmnY23yWO>zyk^aU1#dJA5gGV{K+85fuY83(4QgCyDo*) zqv+(b5=^6{G0suxC?H+Tw0C|hd+MzH8Z396-vFj|Lov#I><}yZWs9#mS#s@=3+2BL zJNYQy`YQB`|2tih>PD~brWX7Z2AH)7ckrD!*$o>a^;8j_xezba&pZP)UvRKj=UR96 z4lJiwy_u0APuCU}l4QxTz>2*;lqWr-M)5`0vC3tMnqViOB9Rz>{5^HW700qgwlc8Z z{_rrjZn%akv@`#F2CF$7(!KG?zRt28AMH@iG~2}kv2x9ZKEt^-)j}zQ$+h{T1-M?W z#(C@}y)(;{*Qqrw`7`tBe&<2g=2l_I^K5DH=aDUgq7OyYKg}$_1QKtR$!kAqeAuA6 zYJo<@R(8P9VETzdsDeeZ%^$YTtfYz3(feW)>6z)iJUV=zDg!MBC%iXG2Z3Jm%wY&9 z#;*;Q0JM&~ivnyG1v|>@B@o>xKYdWWSpvFRkjybzJE!xttn9x6rHi-p1m^2(Bp-3g z`fL;%*#~CD*FVKJ_$?4s6ML*}{M&MY`!_}~n}s7$zU~gmtxy@y8}jGoU;d{=T_<#a zF_u75APUtW6-5+YUIsP+>wVb<`7sjU^V@}kBC!UuB~2!^_D|BCWB6)WlAcCPc(=KZ zO|AUpl4K|oF<-tUOh(GvM{?5fpyxEDy>9pi@DGM@p^a^SiZjftShU5z`@sn|d65I|$`D8q`?YB@ z0mYk8*kc@7@mKuiBnH)YsNb7MF-vfMk17Edxt>NfT(iv;CNR^-riz4$&};Y0-ao13 zgvMb7)`NZUzWdeOcze^XmP~E98b~tBrzY0mafhQ*R*pb{84V>(ab$_MHnzU^vU_-) z%auqmg)l2}$)0WUYf`@#{dX(eSAWKf;bG4)WiZFTs-b`zEQxsrn#TeTCHg66LiPKX z5c`g~S;VbPS~fS@&1x3-g?`Sn`~mYk_IareRW%*SMZd$7SJC%ugrCKCOq6={j>;AUb>W|C5gUTXK=sCtdR8R`I}eYXlX#P zjS_~(8{kO9>jzT}C^mtU(eegqJ=n9psnU4d50dpQ+3=of?HRlbmpX;L8F`n-|S%*n0#R}GnL?DS*+4GJxPF6B;zQWhZZ77PA%dH@>Yv@WcA<$`M&#ic&+~IDBN{;WyZXru6i!oPV3aa}Q)E#+-5A z-Rq`r5NgEg+wL|^qg*TKY=+s#tlS}?=*jFSn|@no-|`d^F4w5-q|0p=wJY|TB_yN8 z8cfD`TmSKAOP{EUq&#U?lhGlQ9>cd|hJmU!!t)N?&Y-&xIMHPOsIq9zgJ;Hi`cB#% z%+-^K)j-n6!{ZwE+e%IjACddD#ve+l2A9Eh>sYOQ6qPS+q;-5m)+XE>efA&8-NuE; zmsnyk#|c$565`E!M%4*Z^!Y5@{Y}Hl&8w^TV7lEkju~bH;ABbQ zrF!%^g&iJRJS%N8Q2#-=>UUe&-H9Zzzsp1l?khTk@O6QFEH^v8{W;!yla_>_2G#Fo z0f;rekPuP@ljYI(*GWw$8WP1F2?2b}?`&kbdFDudJe&zvIvv3bTPS#t z%_GT>ZJJ`8OUa${tm{&O!-i@%uyd1-1a{8O$BX&BOJ*ne_m>t0whJp3n{t73%y#76 z3@^y!y%Y>xZISUdfAG6F(Vh4X3!rP8(jO-m*SVh?aO%ab z{Lfq-=zDFA!nWK`=?Wwo5Bt(j=gPzIg`2IYjiP+|#^YFZ={b2?QsOx3M%L}KI2Fx4 z>pfjpwW#w-80j(T_iwKepSi3_|J<3B-x6HuMz;qxQJ?GqA5!8!K0wht=q^F72MUJc zpyxOs;5-;x9rg|$zCH7IGG65`HLQG9|0VspWvvQwvPKKN?Hj*}(adChr)aSgdH6q< z@D`A=g2k>;;=O?%j_dHXxZCo!lo!UcQfj)+C7mVJ?%b*37Hkm6Kd?BNG6$2d`}eR{ zh=<(fmI&Mb@u4=9jif;Z)Qqey}zZ0Q#UAcxpH{>lM0AT}I1Xmmr=t|Ie79K(t@)h4IzXXKTW%z&}wR`cdDnQ<>Xu?K)eba4B6J7U(u*QBP4Yx(Vl%itPBvSyyA zn8(=oNLT7phfvz5+1GJc`@_L2C-|~%CWe`C|0$6o84U_Y(aMvzEJzXg*ZwGEHXB>k z$3k_aapJh?Wmmobu-BLXvFE^)#>zV9Ti>I9`8IbHD)*-uqWBZbXGhd*8Mh7~z&% zo50!XxX#l@zb%Yb_;t6$U-BCy>9W@p`ukr!L-ls8*Ddte-?VE!=)bz7y}8?{UnVKF zg%gUCl&7kck!yUTbFi6m^fPz*@O3<2ner&f4U^j09AlWp+*@~X`Y`uZ?PF93uA0Dp zioHMFP1(V`nTQwpU(18j{9(hY`9jYcIXA4YqnV!1-d4UG(*3E{&}S>bnAbf;WP#k3 z@9*V8?|LIR!iUov?H|!0|AnAlk1GdzZPG>|MRggLZGMzff?ZxEJ@bh0zn!L49L%cR zdjiJu!43p)+Qd6MSL_6%8vG9KeP7^uREMS)Q@v~9Q*Wh+9~c%k-h@<^tY+yC8Jgxh z+zN9-vDbwt7;Oxw!6N$0^cl6&<$`u|OPuSaWahhWrwA)fn$c8(KJhHlYt`i*}b(`zkFr ze#20^L2(9i7q50dl!^z&JJfI=?Shqg$yhP1!>P$8mo zF2V$djK+~;o)`8v87ZWfPI^nk_ryi#e@}g2_?_&6^7_17?Rc~k9B?673vw+Kal zZ@C45b+5I7JdjF947ssU z$E(l1`}l~;P6D3Zy9<8@*?7^+f)H0kZBm@~3XeSXSmj~6HN~^H{Yt(&tUF;=C-9U_ zL(PPJaDdLpm6m7q+s;0KrrPe^*-eQf}ehkYR?_FSCClxT*(P)@#M!(j6Bf zo+)CAV^unQCtQu`6@UCy9zPYYReG)U8nKa3&w>Mleeq<-^%q&vJtc<5Sk-$UjfX@k*^-&>%4XQs+MiS{ONyf0v~RA0<ClLhB()}CJON(u6> zOTzs3dkP}%7$O_`?^@Be&aYx z2f+{b0*kZKVyS`z1Ku>L1si8I--EA2y|2kIg@<-kG`w-kX z{lPW>bo#WHiMg4!WDy!>mZ%jW=s6*C$J*qZuIghWirx0L&bApecRyft+8pi$W*K}F z5sG5h4Jx*W@AtDUM3y#oVmk*;dgbWGoWLLTVdAoqYcKR0HsUNYcJuEZ5EwCcd{JcU zuI+5+nw>TDUvJ9Yo>!|;HqlWgPm~g>L}nmRc=jtM{LJ|({_0AHfW!_J0P`R+hK63mHTX-9iqt*L|K}9n@MgOqt<=z1ZTrvcyQcN3d1&p4THrz? zk{e2Vh=s*99x5qDtNEO|FyFHod7YK9f&6`o3o+B`NwVBKI*16s9adEkRp2RbA;4p? zz%MDjj2Gp1BBblZrezfA4pt)Qp$2t}XI)d@P?L}gkLctFQ z<7ypRoQo03xUQ4Ei%qHMW2px&zf&PC;?}#lkbb85OUwGs*)Je>XnC|CP!e<=AsqaPdU14r5E%vl%^Md0 zg?o(=9D6w&Z4Ur^eB;+cx}^4-pD$!EaWU(whDVOd=*2qwZ|5kPJ6~xGGnhP#tNB+y zp!N2t_;eOJEmA0_J3_6Ptv!gL)(6<`4Rrudfjf$IL^jY%eQx78s>Z))jdF3j@1 zMG(wi!uu+)r&@!HpN6l$MiI!+tIN$t2vTgpm-Q;%%k+x+8wBTIrTs-|2V+I)`_* z#HY9#^yy~N^SdglPwNZ?m7n&T*6Ygsqx-Cjw28`na#x$TQ~#Xex>!CRKz?Bo&%49U z_+SAQXdlm?QRv#%cw3+@MUg-5P3lp|=FaqkL$ak_b)w{>;m|NI(!Wd8@TywJO%x5n4R_RC2A{U|YOrUl z>c*(%Kv}+Ay|%s6KT%7fbDonqCd{d1b1Sh3c^|)y76R@cF(Qi52rZNhd!!vAi%(Q9@@c7 zmWpZD=e~!x7$mC3KAZE{1pK-QBvT`d(*mAWSjI&yij5#1?_xIq_63aBMfQ!^1pe!f z$VGHihb@Md#?H;pcx*n8bJ`kepn^NcxH))UL+?>P+!tZ85=A6p-z65FK4hlV}S4NCD4J@(tD*ltXZhar@{bL8r`2d zhV45Xas#2o8c-POwO1ja78wKYBhQYud(P*M&-fLL6(NG-jy`N;#>N-7HxmqK3TB)h zv-P=}GwD8o7Tgc-J%KH;ZzRNG7qkIiYbbD{>IESmy4eZh4gAZh%5mJiiX~!^5l1I~ zAQE$JgRrz_vviJzs<596fHR*Ikg!9u2nN?5y9By>>=W3eYw8>41b!lg5Xv3Xm4^~t zBk}xB3g+5F{c`Q;UZWRE$3(SNgdp%&?#LM!x*bK``~FIm;EL^7unyXeXlnEAyj*z# zyF0&td?Gppp-&m$r2U??vn?lZaOhkL-Y+eiG%*u0D|0(+_Gw0TCURVtp+DE&_!uMzs_{QkvU9(+`WNY(@686h@1f-%8kG~n?kfKqzU zH$N<&LcEc7G4?zUyH!<)oxzZQLXsn=E>sB9u0-aRtdfK!%&z#7Qf`#ycgY@-vQM|d zaFN5b)P(of;T=fiU4r*aNez&`{Ie$5viy60>FEfr7xk8L{lc67?sx?M-5|HlU>62aH|>LBj?FA9e1+ZhpO$_0aW8AA zk&#i!7pJ%IB&*uv62&VPxFQv%x&-iCmqE^kfEl5_<3{Of#d$N^+k)N2H<_ctU2a-E zgpC~!TD!N%=`|I6&gLUA9b8F!*^SQ~3v_>Et@g$yWcj}hSv{b!Q=zcQq;JpY zI`bzH9q(-@1q=E*tX^DphbJ39%z?D#HyJD5G-K~FbENKhd&u~1*&aJoR%U|`!gi&* z7r7GoaPoDE(PtT{hjhOJzVhjwkNy_d`IVJ*4>TVCi{-1k)Kk}?cWv2zR}C}vcyj+M z4S4w=h#twb3u0;vqU~ESz`)p{ODWKrr4P7!uEnMTC7-86pUAyR%;K8;_dGF9jFii^ zdW~R)n>=U3N6W|S?e*(Lf~V0LQ)@aEh0YHLf+ejVPAi%2>HL6~XXjqTHRRuRmF8xJ zC`K0I7y%96=6<2Rs~nW>eWKVguTF}Hi6Kkb-|9NhMk1=wt`*x)q$DrJf1^zdRO4b+ zxlN4qttJ@Neps=>yRC^-`)g*+@^37E6V(<|Jbw5M7~!cFyN2HRy1ZJ!r0V@g;{PmA z@qiAvsNp~_2YQw7{3CFgCQEepABVHu9;{r#+v)bst09`nm<`m10cYWpTVLF#x!0)c zBzsR)0wWKB&a>OM7I?7cu~)3ffv%ekSa8U*@7bUaKG1xgBXJ|uQHiPVd2q{ApOh9q zRm&ueH-yD24OFj*_P{Zh9du1bWjI<&f+zF`HCVqp(tTIsyU^N3vzF-R-@%3ZcK&Gl zXwuxpFR#IkSD6vE27zAcrj6j|pk$qcGV7x|rzC2SPMHa6e=);!(a*nOzG0bV3W zXS8pEICVeo12Ps-&`?bq$7e8o;LsYW6@lqn6Y+8NvmtxAJZ<*FGD(-jS!pIxUf*xO ztCRS2z^qK~Q&4tCUOwuqbsxk9f^q-4AX4~abx}@}A?MkewNvsE>Qap0LP!8xWK>CW z#=X-beZSiSrjIE{qqSa)hGwzgQRkf3pOApK+xrIP#%ZxRIh?EbBDUX8@!^uI2K4c{ z{mc6IaIIWci7s8o9^&8CxG~)kT|9~h`&GoXdQ{ba1Ztzo|qDd*I5r!24b?5GSPJD(g?NXTwqQmZkM`9k0IN%^Dzw4u<;C#NqP_<)rV) zy2N_V2l<(wh5jwzLAZ5u9O#e?<3BF0ft=N;GY4fwbNpz}@L<{$74>2&2ekbZ3()CgzuQ zqpJXSmQSr`-)pusSi!RQ*?J$60V~xDzOf8<(CK_neP1uGLdNZKV1Z0P+>q^k7U#(L zOAm*TU?mcZEf|66ib(ZzbA9mwV;;RhyNJR75Y@=#{_M0Ge8#2H+nt8lJe`e)X%9yE zc$w1m=(r&HA8*TJxer0WrJjgS##w`f2J`RxO6XzsjWU*I^xywEnvrQce3tIT;FaW=&tqW-Zp^d>(ztfky ze?uV;)6nDNquhi4xWDDsaTA!hH>wXo8->{AVeWd{<~W2d1`=DI3p1V8TbzI&Jd1M> zpX9BvB;m2r9topLfKPHD=TWumJ(FbX2n}rHf!C&$8u<3?u}WH>vtaXd8Slm{*ARm(I0~b}vo~1$PEC zhXBp#%lTaRrFC@vAOv5DP!u?*n=H3YJ&)QR!upe0rt1ekv;c~w0Lza=j8%Ll!0H{S)`_*)ISu0Zna z<~_iv04>}>v(&{di^Tbp0t+ii-2}_;?;?~*m`s#_cwR48E>8bE6T9Ba9WJtw|H0q& z+y0?n#--#}SY;I^bOmwp?`sABsA=%yo(D9;AjzerC^lW2dVRSF-6HStR{qp~sn&+Z z`Y9mkpJoCem??49zIvptIMLql@7d%_k>JflJ+oJ#vX?LFMnx(tfs#E+ZSbyM58Zsy ze4I<~9{Hw$%gdpkVI&S7N@XM_%G{MwV_*{F7H_Mp%QTh9jI!c7o{<&(dyl#D((l@1 zQ*31`=a!yCjLCdWYEf^!#VKZ-tUJOGA-yb@<|}7r9bOT`bSc;Od&O?0atM9Ow=B&1 zjVL-(;QnysMwmx;I|=p%U*Z--AXuqHC))F_%mV;SeP={YPjrcfvE-YGdgQH8RTGX2 zd5QU6)q@R~64$5M=kK6N7i|=e&kJHmLHX9!k6-u~kK9r&8j=nskI^%Kx%!pmZ>g76 zl**}I4^2c8y^3kr<DFC1DdJ%F;3BO6;AFM3|K}rc=Yh)>7H%bd&}~0b-VE+}-I?&ax<$Pn&WpdE1|U zdufj*bQhB-#0Y;2b$Kb~wPs{793I_B&9&h>jmg^VLW<`zg!S56! z$Jc4Q7`j6m7S*|z;0ptpbbB%)*^sN){Q5x|T~_z9-yaKoJk)XfwsQZ{=8`enbmwVr z(lVbafI?ApX8}H0zK~lbf2^BhOQ(D~O(@Vwlj3^SYR<0wbR5yM4m+Fj=gfz_j<_Lv zyeJsZ4jv&V)+n(ZAnFdDE70PfJdvqJ69*lHNYQTF+X7YBCo=5CEk28kh{63K&IJR-%Q7`Nh#qoWQG8oVs49HH~Su{ zPdO2%@mAj~+aZRx$_4XFWTl0|62(JHPmiq)KrSh(ws}6HU#H(e-%H^^0XXO39Bz7e ze{UXn=g+_H8r#eLYqE{Ah4u9xWC!oWf_&a2w;J95#j!Av-)LJ~cU_=n@j4K)ry>9Q zuVoTVx85ZbjO!{Z{X=BX%qmq0bH%t)_n3?E+)}&Ma`*49y%O?QAyFo5sAZB6Av@V& zoWF0_)*$uA7iiV0*tit>SDw{fpC8rGeV5=kbtIqW9Dy!wGOCSSjR3H}iI}e)w!j7+g?DuDuIP8?zZ8nDJlx9A*NR!B>M*%^_dAF_4ZYB z#(yMc3SL$=OCshnT6K3jc9TArsU4ce#bi^9K1>4O;v-N58ng@+cSY)70)3o{Qe{15GSk0p7yCzV&8fWSKxO|m?GveejLvVrdP+v z;yhN6PXE9=VJ=8PEVA}1{QfW(NB30YD&@H?$a?Bb-y(E-Xirc?Tm}eD$f&f{rN2tj z5@kO6rsB`Ab(Sqgx9;_K%P3%i=N9Xrvi8?X8e^A&RDY$L!OXX&Q(1Q88jNQpwS^^> zs$c^tf;qf4cBM4TF48B); zj~|6pzsKj|ZlY+3CfP0F~P9Hg*{^EgLuQq0v2hJGT9uh1Zsu}8%f z)^6ubZLjgL zXxUr3&z$+dO~lLJ4J!xDBI^y8XfMGism*EFZN436jMQf|d~~+9B*B^Z4mc>RASeDK zX-e#Y#RLL!GK1=~*}tmxAJ*9jx(<#7^3Bo6nMZ%xrZcu#J>0pJ2)Wp0J>A=(+?g#- zz?b1-_&5<&Z!u)0E)KUhX^A!IqCoN_Z|m!~IE7ft)^CkajyySM!E_rF`3a7Aiz^La z{-i=Y0!l?JFj}R!`&P9$C_Z%hcram7nVxa zqCVLt@7r-)7a?VkJzX-u-YId}v?qDp()A=Ddm)lPgZfp&?h*x?h{U3x3x?8pWvnvk z7g^`&#=>DF&O#H9STgRy!4i?ws{`&nllSqb2KAv5QZG`UXOVqM^raroxN`K>2#<-r zVLS-4MlOKrzyu~m^iH_?4dj}-WDB-?KtkO>19THVHY?DSL;XENk7!qNK!gs|Jz?-l z`p~Qz=FEszm&8M^-lBRX)Vy6cq!QIBT5-(%ohD+?k7~APpvS;w9q$H>{b-`|duDBq z9j?C2Ms8DPPVQxsJtk`8muhEwN&4mPbL*`}gB6(LKDX@GYhXFHk-J9PIUPBK`q15A z@d3%EO|{3CW>2GLTfGAP*-M?HN|G@LNA=!;0q)8+3t$9olhu zFEHVYbE1ww-N%9oF;FhuI@=H#o##UfYI}Wqw|p{nS=Vze3OodtN~CKq&w;qg z$J0Q^LyGKIzIzCyTW!Y+y84YUSr(2RiIc(IPH5Q>+%sKV0_WAZL=7Bm5FE_X%lXNyN(NEH)5qXzYGSN zBGj*Q2%Pe1mp^ifaw<>Q-%EH~NTzz;xSovzV521DroR>fu=eNouk+L;;X?ZO`c2xU zx*fEC|Ej)~)lTyqffYGJp%#&%4-qM8rSdFi+m}2An=tGaSXsTJfFM?ztWypqrigf@awK*>F9rwXYeku*?1i}D9Dfi5I|If85pPmkysI|`b~D}{Lk>Lu zxbdp`Ku=y6=8@^ZJKH)`<#<>H`R90@%^-fXP!^BYK2d2g-|_NFVf`$ z-d7j-x1ZMb0$IgI@@O?WT=fulv-aVHS21Xq2loCmoPJpQ{;CU-v!*EmBP=dA9AV6n zl9Od;@jfzLC#fbu(CNu3=pY$8j5#JSFrR-0UjG`m+X!Nih?~Gj(XC7rNE|c|4IbWF z)TWUBY_1(4er$Xy+^=xs^f+Nn1($z_!cji50Eg~B#?nM1J*2i{*qdh%V$`eqDd?it z52=!F)r@=e(_7}%8v)J>RrF+7W_~^D0P-2i7CtdI*SL^?a9U#fcfu~hpeYd7)an?c z!RPFx$;}(AELf>U!JiR(dZ(|kwR`J#+us;_OZV)l$o>h8z*v6%5eVHy{|Pcae#CJN?vWXqs_t=J_!1eSE(nMUujtQfU``zVxHgwNf$a_3ZZho!pX?6Q|QR zDO&vX_3HZ4{3(XIYS|O*0*tkDPpOo~bIYx)Q2C~NiHoP_8a4QIxi!J*4pV@Br0_(m zbmz_ny%uHY1g}a`#h70boSz%LQ-Nzf2*>(AnG&4qu*XsRMn4-DS9!zs(#WWFOfF;? zyGf(UGt8+*HnVv=5O3du!Un@-hyB_F<4avnzyM+hwxV^qCzHRXGGKn|dPN)+@<=)n zG*BtJqaO+g6;Pa0GoMD?L^0%7tWS(ha?QxJOxtGMA?wJa@)CKGq7>~<*p|iFcWISd z(00xj>-W@Y2$Z-NP5+V55;*xU7t-%qbT2Ve`^4XEf0H^ctS3gEAnw7+$|paGA0GxW zsDZy~bkm&`W4DvVrOREI7ZwC|BFvI8`3Ixpl3T2>G-u8PEe3UQ-1!%eOm%i!A&vXL zq9i@!%I~Gv3O=D0;Xg*DIkxP+NDObJ*1Ea^52#!ZZVe4m^XKYt+(-elV7~kSqi3)x zv%)6n+s9I!|BxO~M(81L^<+xWiPdDh-*UoBn2nLN%E9_J#Cct=DpVP0#QqW#vXWneLI=Xn`O z!koX;wPEVI(%)Q?w>L_oAGsI-eeyH@O=>--hVCDmxZQy7a!(o09Pv#50EB)94BAXK zl5TI9F+6eD(tOf2qwMMG_wyi&#%>fZ*p%R7nNKx)OV;i+FPW?rBgfxacVOqHF;R~W z!Ea+N*0%zzXrz=$akz1S4{GO*vw09OTg$dFl|a0Fy}D9u!**#JG^;1c8$RbxsCa`; z(^v^*-;zP{u*H6(JXG3Vtro2tO>YE>igA}*1IBput|6GSZX}b}B-VzX;$1^aw)-uq zO}n>z>Ph-_rR{apbucU0`?|BT$TXSH0=df{8r;cnkzPj%p?o};KPdI9m-^Y%ZOyKc zs9P&I{{UEKD#_m?Bhsx&Gm=Dp)fe_bqR847;)UrMDuwV~^Fk7pL7 z(H8zPrAWuQs^`L2`m%}dwfJY+r*Vx-p1nJBS<&cP-kT_wPqlXsfEn$^M^2%S6)sZj zbW)*1r2XacMH{G1z1!Of1MF;WQ=I$L0_63rZA5Fv#80Z}OR_g0J4B-yXJw zX~-DGD9Ies6O(~J2|(tGC;`d`N*o;Y;+04umVhIom4*%}C;>{gDJja?7^Ee0z@P^y z9R)91K9r2u#Ub2Wk6Lfed(a#Y;iN84PAIj2UB!4JkTImCQOz+9$)Xf8ND&7ta0k6F zT9Z!sFQFqJ>sR^EmZNfZ(CsbRtgR!3$PAIFe4gM}*_NIj@b7~E0N|2;1wJR~dKA-L zYTpn%a~8CPfNPYFcvLF3I&ByL=bHG&`tmCaX1pdWD()sm#%t_&{BPmCSN;g^`#$M+ zI?Q)&pBDUS1>J*4HiI?QiCDucWMw7{GmabSp0)1Oibu~@gO(OjebMEg06a6{ABn#c zJRjoSW5YVcUt{=_rNN{}bK)syNTWAU5K0rZ2yLoB?Vn2e_x8^58d-nAMSp6G^srll zd;Ps&*3Ac)l6ksqxXA?IjN?Al;NP>?g}xd5GWdz%{{Z+*FLgH2ZaiNF>4MJg2(IFq z7Z(9wdB>K)S`}iAmSqf~fndYj{yOT`zApa&f{A=|)@`h%wYR(Yi!4?m;>n6!TTKnS zM$E5`q2mFDPXWepTG>XXtD(hSeAJ}Y%GUeOm%bptJU8M`3ix{1c~M*F+I_;u8C{t| z9~j1PFnAU7r|mQ1&kp$G_JHwci##W)#e1gTYMy1C+yR10o>~lzz#gEEM^J05@PChd zWvu?(nkJv(-xprZ9j}bVy4qe}EUJ))DkB4hW$j$o#d}+A6ZVnuZkw!V4fbtk#5#?g zgUw-q9_h-gu;i+ervo72LC-xaDYq!;wa-ffPwMsE^?bMc+2_HIeqJ%q*LU!G`qM-B zjimUS!*(|dtS+GhntST54V;@}{{To1%e0Rxp74(v*%oo-vxn7E-f4OhV?P zb*lXjv$Z=Z{w;hy()@Ywx5fIVm#jmbL&18boaV;wOuj3%WsX#DHWyYq!B$qt7$UsK z_OkeK@mKbu*Zh0?cmB^Gv%a|(!tVswXu1cCHKnzNHBCapOt7@Qy0~Ao%Pf+-&a$+l z%r35Fk@p8`&i#%4DB0<{UDtv2d%JBW>+NRyPlijSid&C0M$|~$f^Z`zfO?Nw`p5QA z(}#tBYS{i4cw5I2cz3}602urmulP^I-WSw#*kkbB=BIV0%9eL`@ip8jJhEMzc!O*Y zg$S%ngjSX0)ay$RQ)jjR0I%tvoQmpHGLMypRQl3~CyZ9##}9`R{0RM_ z{BQ6AZy8#6iF_gA8=X4OU$TWFi&eLc$cpI_H<1EJn_YIhF4hDw9M&3;NI9xfQi^E0 zl%-0ejJgk_0*Wb_1r$+01xGRmU8kWKKJ_OCkde}j#*7^=NYt%7eWk~zMGUH6%ZcwL zl*JGrZBjrxeqcxg(!Rp*=Zvj>5qPuV-;aDnsm3(F2YB;J*L8g^)&n)&^ijJ+<`f_X z!py{yK)~*JuavLmy0eJiY45h;0wsaA2E>cXoF2T_(2(gr3p{)9>p=L6;{N~;8x2m= zPKLw8!d+G%BHmGo{J^YC%uh@l1?HVKWa7G&h?114)O{|yoGzW^2)=f`qdae0__0;QFkOFisM8r#G-l6gSH^y!>YNhdotUN%#XAD$7r zTHE~mk5~PkKVoe!$NvBgAH&*5#*ITm@$RCUjCPu(mVqA4ZVQWbZ?VsDBO@eiBVfUc z6fQs+HR%5Uvrp~o`$PNy)O1gQ-?q=eYp)PRYp>breh}1reWD#!Eeicx<&x2L2^J+q zMjl%$0te08C(r)?YoCvQ@QFvF_)kpm#;0kfM{d^##9B@CsTIkUnkTn$8lYAU26AL9 zIl|Yke#*bH--v(Uqu&8%@Xm|ys%Wh3HNiVY5ti!eIVXr)8Qxj0i+M%i$X*qA=dEuj zQcCL9UC#m)Yf3!zby9kFUY7iiH~qbn_FwqrH-fF~KW2>w;E#*^PvX<0!Q<}@TG{EI z4!*M)wrQt|#4%}FVH-4x7BDw9TO^+q_@nS+_M82WH5l~oieC=xwe1$<%YUcpnm?7P z>Gx5?F@x;^a^g7MxCUs^$UJSXtM-EZmVat5*v7-eKMs5?tm$4X@TK;gAn^{8ws76c z6cJApl0vcwk{d(%jL%@^KPQNlI>)b=4hCh))fLA05S;lj|coJ{kFa$h`c%Q z`~C_gc|GOEll_z7`yUcbs6lKjCR7L#L%l4Oq7LfV0EJPkg14{6v z*PW_N?RR-^s2f8j&=dYWgUay|RhtgY!O15)`JadW6nua12pV65emGj2Qzjl1p6W1x z6_o~dy}$(k?tjMQmVJX5(_X$#Qwkdv}Y!;Fdq|L{Ec$3xmaeHTZ$?hsBdw zSX=)9!a*jN;`=LmYgs^vWsrH+5y;TA%=p1z6-IDzUmN@?_&xht_=CkdUbKH{{TD)g zGU^E}bxmheosmne^%uq;+u!y}@bALk z5Bx6ukp3O%whiE&2FFCxej|AD($4cx7S;)LkwFZxpmms=fwD-^OO`vB;2QV~jNJwZEfKt0y6V%tqucr8$#vUjd zcCmLfSH+=?A5)mAjwS=k$&ih!wUmLt!30uvg5`u&U-bM4wmbbBOfl*nW7xO+> zkl=8Pcwk0Ju6xAZ5BN>+>%)5GstZ{)s9<)|lXH;~W>k3J%wf2Q+>kKXW$JNOsm&*S zKdy$KT%#tGF8=_or;zxCJT|wHj|{E%k}cQm4SvX7=I472qXADC2Pf3k1Mfy~F^}s? zi7c)nf)Is`BA)lkOG_r5a57keG6?kNHP!r8&@KKQ=sE|4tgkOxO;1aQR@9@rvskk4 zxJE$h!jcFi@()blRrpV&c%x9d)GvHJqYI^$)alO8FhLxb0EpOqXX2D z#bj$g2WDbdYWiFk#WIE?*yoDT)6+#4akA*Qt`wc>XGh4v z?Zs@bhCDcgZmB=2&AVm7^c=|P*Fty_A~%dLC0zbS^!WodQyewkxm%J6ov=VnSc*8;#a@& zrjkE|el)}(qL*;#wv6MY046AHtS8pIL#Oyc!$a`I7MFT-RyP*b z?LE}6qNU7?(I`?^a9Gr{GZSAK+Ud8NgRJ(C60~o;dEBWZo=2w!zd^PC02JN$-~I^6 z`#4+pgHDa7vG|MQxGx&rRw!S6@=gd)HmZXmTy?<3YNINZlJz{w?ihSKaMh-_JbU(M z_~oO;`(J*|I*z1Td)pt38a#TWSFlGjPEF0dt4vdr+WvdC4_&8@F<)H%(>4g7@KW#E zA4#x=C|y1&k133yMopEoZRCs$jC}=sS@7G#+6RI@BzRlLI$nutmi`*?){m}gGR0*G zk~ppP3wh)y>@pi_FaR*gIL|fpAMFRGcq8_(_}Tky{?y(c@XnxhF9zz->pl+t*q-Xb zeIDslpeBI*XQ{fJ}>azkKw&0 zUkrGPJL`WF=`S2kZl((z#knWT^5SF;08OVk#yfPbFsOFH=zC_qiG#yl8~vm_G`gmZ z;wbF=O{BAn`K7Xj#P1>GvWyobAW+1RGI*~C*ZeK7XgAk(*ZND_n@f`f@t5-jyY65S zokj^EPCamIDZ^&AJzOn#wBsl5Ez{}$008fP7W`1P@b`&rJW;6lTT<7O($XWU+{Wl+ zwlTgU^5kVKiG@%`yatx`!hsevuj zJIT3K^MHO#o|&(Jz8Cn#{14(p)vq)-H5dU#l|IkDNP>bxA?Oc3#29hXy4&xH9}~U| zJ-3Vg9czEt*7uV<-Wk@ktF~M17^&JCDWNOm%42t2gOTPoG1BYvEsvUMjZuq2XVO z-X4Kx|H%BgVfbil2twK z!BP{cLeN^KnT7jK{5I1*5PU?iyR)&>FKlnL@pEo9McSBYq;Dh@1BF7FT;ya|lHE*~ z7gAhD0Ej!55hD_)3HzftI2{Mly>s@o_?Ph?#@eo#rFi?oH+n>Ne`=FYj_Ua?4Dq|D z+#M7Q4S{?9mE;)}glV*|_zN#%wHagHnGJD-J~Hu#0&^s!A&O+&=j*OJ>@X@)j=jl^3^ zNYXLn9mD25>)d1T_r+g>R{9KI7Gk>b4ea-V(@sq)X1tyLO~Tlq8;cevpO}-t>0NPC zPR#IeQNzk=%ieu8Uvk*%ekuOZpS6d_sO%u|FMxEbMuSldx34*zqL~i)8YCeu56)PE zNhgjg&Gp~d($~eyajakXji$MknpmWc6}GmHN0WQz7S7N{crEzX?U(E&{{RI2{g8Y| z@PfKb;X ztXvdXn6_CXP{08g2L}f#d*Z!E#((f`H|@jVzY0s@JtM+;--?ZmvdySz{u|L6=&)%D zN8|wJNr?ct9#|^9d*klE0{j^LwSVA|-?TP^47|d;dho*&?9z= zHoChqCA33tn9i|?*@#!m5Hnv&&)`qn%i;e3#i&1O-`Gdu--3Q9_!nH$rJmzUzSmmP z*5zIqB#u3xc}WySqmzG}8=Pz)kyzE8D_%PP0A0;#*36?`Fp^1mHTs{G-vU42fL;ag zuY$E-h~Kx@?OCSyR?#MfVDN8&bqjmVel52lCuyzS9LDK}Mu?#(a>wo%+o1inz7v1J zI{pOy&N@be`yl?sa1Rpc7dHNH#P5jLH}k%)V)pF}*Gp_}QV%`b%XAXLVTuyn+!;a-Xs< z>>8i728XWvRQT890i%33f48-!nIp$xcRj;F=UNTKH=7rmu?mnu2u4OLNX01LO5fMw zbJWDusZq*LPK%>HQt|%)?HdlK;P|v}gci3K(p@K;7MW=wm-{+LK&58L%CJGn89a6e zHS>?fj}6}FUIq`S_&P{|yA2+>HlCtOsYpg)=k8)q2}l5AB}RG8eK-40`0L=$!QFRM zhe?JjTZl}u*~M*OrdxuMc_4zID*ULOFgdS|{v&)<@!yY@Gq1GvdVI)|S?Q@8M{X5C zKybJL}7R#sM)=SE*nQ<9V;WqaNJha^edaa%tQp*MdJv>OzWmF{)BNRY=V zjkh$&1{iV=Jx5B$0|(N*7xr`2wZ8>w`uD|6B6tIMXG1p&1oK9s;o4Zj#zQG25E%T0 zTa0IuT(MVYw_bddTkE&Y=!!qIKZ|bsRq=aTnoH>?vbVfs(&3Wt&s$q_^9WJF zYv2C>VGo0P`uNrjGgQ3M<QUUB#f<1_@wLA?TukcI4o*n(B{9oZ^)cgw{!mlS(w6@npuiLLn zsI-S};O@&LyYK-RR?kY_2}*Zon~id(hm9z;s%zETPnq&xh4lrGOu%5x9(X6dNayma zHy8SRva3yZX%xtRc%gv@)0*Y&wF{eKTF&5&#QoLaWaq!utO@li^Rnhbss`p~P`rAM z25U7t=yXdBc{w+^Ys40I*HZ~J`{<^204xwM-Ss*8)H+v&^&6@7%V)F>NtI6AjB!h( zu9B0pYAErc1g*)HhJC*r{{SlKG`o!*x51>&9DU})6YbQ|7^zEAYF3>ZZZR`I;R*8` zJojJ%$14i-&taO&ySK2lxi&UBmgU=*X#(RTsL1@QvTRgkQF&DZ*8-`*bUCTw=YM}w zm9v9YwY-XJSQ6m<@0LBv2OOVHwb59`kkhuE_GuWM!;hQt{{TEyl@1$oNuDu{qL=Ze zqhc!8bymR|IAHnd-k!$;@uWg~(w};x2fm{zrs~~a%4ySg_je5bRU>+j(x^}2{UYM! zuO8T$9Oalw!#VtEYi$aOgZP_6HEnZGvv0Ca^C989=u|e(%>MwK)i?1jg2>7Jt*J7y zo!}w^kIYttULMlnk!6n1WlljZPv?`(Pd1%lDwKODNIgJ_dHpF`Y~4zPG)cd>%hQL4 zH6{DfyQnz(OZ@CIdFnx`8pe}ulcZL0$>kCAZozHY>_F*V1X@0o046;;B_tfMPJcRz z??BToVssY4S&)T%pOpHJYI$_j))<(^cTL;O=4aDwVTG6m4gnw+$p_q3K%Dbi+K-2) z(=4Q#&rvc&6EepnV>tFThASznbUUb2RUvflF^SF%CNoOd%_Tvwp-H482L_Ch(t>lz zpamz4Vv>W7)KCMH)Y9$*;*cDiP&STe0e1}JG>7Im27<#pQUXcM03{UW+IrJy0Hw*s zDJY-SmUUN>y?lX!oJt(Pcq=sa-KJ*Ne#VU?L9+U>hTA>OzcQnE< zX~nt7G;j43gdkkd-jv`*Gf2fqqWX^74Wg8s@rp_qCt#w0GesJPf~yh53=VTa1!&#I zDTod;){x`1I5-`t3Ejm2B@|E&DJ5aIaq0#$OHB?j%_wk9F$+>!{{XH7)}yH{a%WXj zf>;W1(TVJIdIWC`xs}zhO8|Yke_H!D;eW*oUy2{_OMi#I33RUoYnGDu1LBW}KeV;^ z;ZtLKCHl3(MFfMRBynMtj&smrzB;mnqqdF`2_T)!4hJT_toTjwGve=u{{Y~YIuFCW zbHSJTZ-(FEuC3xv1?%%o8(ZrRw(nFyuUNg zwfoNuc#g_Hhtt{ICX;)p+QF+{CDN;lGj$rwQHX7?ur>||1P%zzeM{rj*MDcf+7I^A z{fqt>>UL6T`rf-em7D95NiF>Lfej_p#Ag`0K#mv!}wle-QYl=I$LP z#tTbU{{Tie6Nf0V1t1k97CiCAetvkS-uL2X#JyKi@ac>j%gd{{Ma;rH#u=P)Pu|!% zdhuUu{?d2e1JHg9_zS|imx;95>@777DlJOp=WWyz`4BOGHa9K2Z$M6WbDZYB9r&wv zqUwJV_3Qrt4EY02ms-1hKkTsti^(&-&58gDyGXzQV0Nj*K8D#W6O5(yo%QLXI$zn> z;-$ZUd`2wp?aRTe&lFb|O(MoE$jDh)h$O0)EI`I~^{-I)?eNHWr$L{@`W?menvBNY zNu#!q8+*9dhPg4QEX);&7(EXHyuZU95zsy*_)r@*vC}oZIWamU1yXBh(0suYIdVzM zcduLcVdIIluMK~~6R6zHZLevzv4|wRfFr(B8A$V%RZMmn1RAPIxLR8mjFW|LYfna> zyu7+UL%^(c9~FEz@mHT}&u6LHsobUV0C_`K7b>0Cu3P%;Q@ms+1Sol^u>-{Y)^(zCu@@CU;_mFN8tfqB4 zSC$_s8R=ecZ?8vZ18Dk{gm*S=Ih@9-75vSc6}-Xo5CP8I<2978OGC0QIJ$iCTCE?S zr|5k#{{RHt{j7Ws@LO0u8S#(6%?rdUr^|P%!>b(@D~)0$7QnJWDGRknlo*C=e9h_4 zefv;+X804}Z;1X4@jt?^72ar{5B@4Z@%&csW|?Iamr+|h@foj@&gd9nyJV7IE@cY; z03pNeIIoAa>Gd5N^=@?QiS4G^Ld$N>jkNrvWOIyU8v29wefV?XJtl2i_ImiMbL8s( z01;$@*G2J^_aA4|^s#MsC)#bMH_;;yOlm_!Pt52!B!EUzoi_tI^l4$SD-fQqrT+f_ zEe<30g8iTVCjQFb6QuZE@n1q~C!W$hN5l6+P`12|`%Ih}EoBqhyTa~bE4@*^RwNKQ zS1TVl$?MI2uzt^g~YZNb~YCmP)C1l z0z%=hq|6S=jIYGNpi#QND|~0+KNb8n@#eemyT^JY`ewP|tzzR%)wKJoSs;=Lp^&2j zlB&9cjDX6g1Y`=BNvFu(#uG}cJ*+l=ca!;)^NuLMC#5qv=lW8sVDzm{VazzqGM>x_ z7^YAHIO93Ty=A13r-HTpA^am@J2lKLCZRLpq2eLqi8MgyKfzkY6i;++w^ak_TS(^xuyBA*COM z-YL~SBzUV;(qYqlOEuSrJR5x^ky+gv%XXS6BSeLS5|stI?J6)>WE%O9^4P5ED>QcC zWZfwz-TG^-m!Rc288k6v8~> z>NkQ*lM{tO5izda<>L*?j-7eUeaY~v!d?*g^YG!d-803hqWGqJ*ex|I3O3?g zM$Ek&C>tCH84Yhv^c$(7R!G0|lQO5);Z)^4w3>gh8yGZi+d)R_h09)7TUWKpt z=i;ZpJrd4e3M<}tZ6#vnE0+@6muy6(!-B+?asrMyIThJXNzvu#co^(6o+|P9-+sS7 z=hj-+#4pkUAzlb~$YpoepZxdT-N@5n)>{(}4ICjgT4mP>-0k715*!$pL z{1boR#*-iIBjJyZcG|yzFm+}*+(#UoSK#N1zi7XW zUl}eeJZtdFU-53M;$2kzpTubvv3YT9kw&?R6w3HO0Kmy3JGjk#ANw-=6aB1zYjl_4 zwT7Yp01EEbJt$mich`Egot#%HlKctqe@pNujX!H&2zWl-uH~N3L6Y$$)LV4RBD|L>3~aJ1bl4kf z4t+luKWe}DCD)0*7v5R;!^R#t)E`f@vs*i9rxy1X(@36SAsRioLf8R$0RI3LewTj4 z{{ZkrAK5G6M}s_nulzvx&uQ^n`&&WNWbp2b;Ta93-kgbO+vAEAxR?^=RN6rRYzF{} ziqUEolCpm>;p$k6PH2Ntv)3DSNKtA{wNa(;qe9k0EDfs<$=wzu}E$tV0c3l z!9hRZs2(2p@vG}Y;C_RxJ=UkCTNyMx5(6s8ZM?#bAo;?mXBpZQ;~g>2mVU?o0Psw0 zV^H{?2Zq0D{{W5lHrgGoqiC9)wx6#g?v}DduF{DSniVI^McQ!6K?GLM?N#v~_D%hq zd?|DA)8M>%Y*zM(b8Y>-acL3MHM5w*i5}f@%eg~i7{+}orkyHrsm&YT`q<)}=gOfc z%&*Z~Uo+ru9sdAscqP~3XN@$}x$$pv2HCTZ4RZ`HKv;h$O5ETr-$w2`Hb z*KNm4whU}z3_)H+d5?g!mDY8ojr2yph6rA1?bDx?RFZIAGCe?Gahy`9uO$?HCJi`K zbCUkMBPbl;55m1S!_YV?V&mv8^6Xpwzwjb_Hq z9Zudj?W|^wIiW$hi9^f$rE$Xh=wY9Sb zhTiJv60t@R0wHc?zyk_7+w`xf{{U{hvz?d`z4XiI&KOzKPS{teg(lh-)!U8jw; zIDB($Vexeh?YrIU@1%W->R}=zHuhG=J){B72^hiP3TjQa=3!o!y-v>Dzn!!&wEqAI zY1T0`S10WypLX{fNa@GQdVh^txY2a0iG2CA_?f`Q;=QWr8SDB}4m%ptl}AKz%C$*5 zwlW)dU_lg7DyZn7aZ&)FaC=fwL6ehvfj;zvfx#4}jAV)dTc`#fN^G-30`HnYtDI$y z25N=v=CN%rm1U#NFa-SNzz4q_{{a0}gMD-2DQco+w*Woh0YTaDvYj`0Z} zyJUyu2j4%^t=Q-~wWCQ6jjziDa;_#Z#>icL^VhvkG^DgPjT#iCc{}=|w7x6XCXavE zqFDEWvaP8Fy|*0JhL@@Mg8pP%ixh=1muHEFMh8m0{hQ`#BTl@SOv*oY&ZGrkFbDwk zs}M%9K(L1`v=5oOnxz&+O4OWeqKM(Sx(<=cXinktN{k3!!>|7UuB-rBg&EI3oj441 z$2DggY3zoOM;N6Dd(gz>1Nu-HbRVq&dzE#yW2Ib$O#bNcj@8ASXNu{3MdC|1;+su@ z42;TA-B@i?+LQtmet#KS6&g=y4EP|Yf&hr%8r7R5O@nr zLujXCoEkxl^FRxUjMWkhIHs}f=}s)8 zy*0M>p#Yf87^NI@no)-9Kn=m`ih6XQFRcNWr6;J+v>fA#C?^9oHZI|S2LhU-oX~jy zQ%46iMq}^+;8KteT1~?lGzKTP>r4Y7c+EA6o|NXn>rJ3yQA$ZYX(=#5f=42TB%Wz0 zK?A6!AtPUT@^ zvN0r=F|jLx#w?ue71Xt<6U3ZXv6A%r&SzM$)jl$5_C6!fbW2|j>6!(j!!z97<_lDc z4>Xoz_e&6PF~MwC)PJ_7pW|B}5q{0zv{!|6jSEz@(tl%*3D2on>sr)SWnpOUEZyT- zWK%n-BMPAOIT#h-njeK<{uG|SVDBl9TSl0LjPFoWYcIY6mdCiRSH?I003G~S;tzuU z2KcSueOB8~w(t$2cn-pS5$#`8(B5mQqPSkB<~N+rhviPwfH6vGsVCH`U%aOzwpaU_ z)PI0Hb@5NczBc%8;9nf1pI~iSB(b;_$j^3?Oba8G`3O;v6byje*B9}-NN9dEc(TV$ zw028fYVDaLLVUQ^LzWyb-irfX=<;ZuRCgL=UVXoq z=$Hp^PdH;7=cfj_3$)a<585-u5crvIEvLM()TMOR#ECW3KQw^OU>ow{Fh~OjBcL?o ztsY(V-{e&)wv($Am7}ujuIHL~7sa}lf;>eAzozAyHpH=qE9S;eC`jp?SEWnhJ7?9c zJbmHoXpOYD84YziPb_j2Uo~HV!4zaEJPg+r;vWnquXQfJ;Y*8K$S)nPA+ys`Qt&A( z%!L>hU7Q1wdW;e%_-F9~KM87bY5LKcO&?MH)};bWz?CCz?m5T=@tku?5>R}-4yyFy zS}vp&h{{X~a4CvZD^{0nr z)6(58FP22rri+b*Kr!I~E&0RVXEnmtix_}$!4{=+?QH>zF~+=F}(|PB@O|>#dRn~ac7vS%MVg3?DXh( zM~!aVQB5-G_20IJ)0g)Fbf)#ieNb+1S z2_8}WtT8yjhyDsZ@PPi*o*nUb?Wyq7_H6OhkBxjS4W_g4ug2G&F|fJOwP@y9VxDBP zltVqVu{?I@k=vt2v3>E7uHGl`*Tvo~@yCGdJT38?!f?wajO`tzhNEvRW++j-!7QIP z=4O?hkIjR|0Ovm0`zHR_U$mF(>*H-R;?KjKZ^K%ri}YCU?e8o#iz$YmtiWv>?TLBj z%^Q-d<@sSB4$3xzh80yQdq{I6xt8D8^{M7itnl?5Wwz4SPb+pl7__;D?i8L01FNn< z2Q?`NwSAZSV1B~B75K~WFH`>jf|CBjS{A7KZN0_rr}5{&S2|1@b+3aiCz3mnJ%T)e z&5Xn0(5=7g%aG+JquYX_eHBuSlSP^Ywe#Ic$dST zA^3lze$bv7@b%`Y;~xy@i{ZUfNVTwQRA^@pADV_Dcel=W5Um^TT@J+|VZ-_d_ zfG+MLmR%nC?PhpRS9;(wkD^8)1c132du^asGH?*1hBK0k+go{e!9t7~dvx3!yU zz04#RGq{~q6nyC#wb zE3qUpF$$>~=j8(@t!+u#OyS2tPKvv>yY_t#NBxq%KKL`j_wo22;>2D}{*NSg8c z4Bt8V$@`|iGUWIK{{Ru~v|k%|SH`mG`rXv29=&w&sz)0zEYe1?fXC(_1JQ;}de?^k z0N|aUv^R`2m^J?ZhrTTFHmh{49j(;bEyR(g!~<&n?0)HboE(hvjOMyyJVYbz{{X-| z99|zSuUDDRmQQtS>W;(qz5T8AT?^rz$Ai2f;#)$u`iv8;l9;YcDH*{r%C6Wd%mH4! zoQzkg{=z@-R@U(C_K~mZ-Xw=d@iv7FP}_#Ej72q_ym6#T>=+-IB4iJli0V1d8{!Z6 zBS(ci2m3x;d}F@&w1-e=0G7t?C~ildptR5l0}Z4c0!Kf4Juz2*WzYCG&*C@6kBE9q ze;Yh;7lu3=sNKe9@dS7Fb3<)xQfUwFe8B9*qlp3Byj*VnADPa*c*)9JJqU#yrgVLp zma%tFt^AMC=KlbK>}c1X9hUo8@n45^3rnj8U2{mA!EqFsN(CvAcbNetn1&tu=Daud zt^WXm>ijqH7lqrxzXE;;cxvNOw9sNp{YygATFAnv#TRjl%#C9Ji~`(n1~|q?ihtnT zzxXBhfHfPtJ$v@@@ph@HG*ZoFW#RoI$|%}T;85}zcP4l{TZ|l#NYB>)0I{#^JNpxS zCjFoMVXJ8#8PjiceKz@{)~~fiNa56e(2=o;?XB>S7-Wk8fs8jCam^W0isy_h6=zA> zDsFe_(@yXFkI7$y{{Xcw#edoR;91drGx$GQ(Dkd28ETr;Pc5t1U0pTmz|5g8R0qeF z>a5B}PXyPD>RPXke`pUF$?-Q;it^lAc!A$X(WBI+n#$43w9&}+?xry3?j5*R^3MR~ zzeT^`slOGxG5c5S*8$XGCCd`Wlix%3UH<@r zZO^HG&XQki9v-@~(XB0`xxUnAxsDr)^g^%pn4@wWq6c8xfMq$(a7}HrS3Zb7wN9IL zDaYQI;E&BOj2;!${6FED^=)d~klB1&kg{UluKOE1Q>>69Co|!lsdJFQzSHbRu_Df3m&1C{^#4 zVZqO8T*(_kgr=^VIt+1)(?$Tn1M7;+i&@o~6kOPqmvIs-aF!iLFvWnWts=O(xLfPy znkI~pu!%lGJ-{S>wE3d;2SveNO&3@nN^VXtPZa&b)|pM1tpb2Ez!Xxc!RbhLV5^=D z1e3!46z}Is30{;4uXS-9q(*y}+KbB)GgKq-PM;VuPlAQ8o?GRZWb#+HL02WxY#qLM znB})H^IHw1Qkqn{7u)T$_)+F`Wsy@1 zLFT!U(z>4)?Eb|G5`_X)!j8iRxo=v+cDd=`zk~B)7QyLECnq%WpwkG)2B7M0;Ak1o z6yT~xd87oX;(#5J2Q)*TtJkM`GwVtU5AmUb9Y)>UQ9w93H3ow~$Q)6y zp4g`hcB6q-K;58qYG0Q;8bZt5P!3xlP#`WTq>^(^ARd&_j`RQ?Xc_NC7|lz$NuZ*G z#S|na&{0JdKon8M6s{JyQAHGAP)I1EihGDu>(-T*z9>L5PM{8h!?UECd5AdP8|DM9 zI~w{Q;Pk#KzyAP&UHogbj_x+nw6BeR4PhPBuEqm3hPJY-DA|n+jAAZ$-Q^}p*tq$d zLDZnr?uojLnB0YO2P@A}>tA1f$$k^@KgHkpCa3KK;17qs7}Pa8i+_pU2-kI}?Bk7o z%ch{zV0)J=N63#fTd~uAdICnbx?k60୬hTGa3BveCP%vwn)xX*$^6hNa>RU%S zNLEPIl&B{i3C;lgYu0`we$Zb9el&br{g1TogZ?hD)GoXw@Rr}hJ~3NcIn}i5_+`F- zv#^#V5)G4~4IbsrKqnRRrk(L5m+^~9pd=9JT7TH?gjbAA`xwGlF&G5ka5L7uGRNVU zfxZ~{8{q!{jyw(EQE0l)#~bZF%UF`>p7g~Pj+EvXa0c|v{#Upe6};scPAzPX3Ut(A zE`9B9!&9}3z*?_^e{4?;d|=eakoT(L&KlY>uIJAVQ~duRkw6tLVQF=-Lm1d|%;f+dX3MQoGmueS0yv zyVU+jL}@aJghUdfoCBV6E5N^Q{{RYW+E>II4-snc1&2_zk)d_kKmtyUgTd#%D(W|9 z+U7ZQlg3kT`5OC~$y#`(ONq4q0Ek`|(;f(eM{nW{F47TeYb3yAqAYFqT@V&LeA&ff zc>e%T@V2RRy61pZO{&-lbqiF8#CA}{oZ~2jw9hmi!{w+L~n!MD7(0~)3qCsHNE6l0an^!wYRWvK_4Jq zoy~T7ezhNjFJkadiR2MO<>OA8;(W5GAy=u~0|K}th2x6zZ;5{n?>rH4Yjm>twwI9Z zw3w9*DO?sfT!FzI>u?3b1*xYD{X8H6O3n?@f*~R z%TSUVJxlE=1e;;INZLOz1H*uMT<~yt73~(@An^x;wpn~mh}+6!^6hTmkIaf(1>nd& zT;;NJ&vWZoKNoZ_07x4CYm1vLZsy&8v+ZncT5C!6fS|m9e2jLm3ZV2JxvHrY;@Z%7 zD$=I;B(9##b@Mq-hW;R3JH{|;clzD*I+QXjnns{z-yAnZ*9|BsBf4XDRR-cnuVVO9 z@wdZz_r*&+BT==VM}?q>JXbRpGU{Pl&X;x+A~D?CU#A`G!D6x0EGM3A&22q{hGD;C zirat$W1NG7#a{bPkK*@O{9S)7tj10A>Pc>HX1enw9%D(qMafkxz>~=sIL<~Yq@vEO zMi!N8x3#Tx(EI-Y;kU(aieIzmjWn;0e+8t1PY_vOM)x{x)tg>hYIcSxA$xhPx2$tU z(ak3Zk({Yh&0&7qf3a79zBG8M*Y>pk0D@fjKgM1%@b`>m)$aUj@a|hEuY5(}i`#pa zdzxza zO}R-emee$ov~pbM%kvnAT$4s2D!;sj=beS;!%yno^%enF;wd5CxzTQCV+=H5w z{o4Ci{t83;0sh9n0)J;OhZLQKUz2Yahlixn-JyV#bV-Xy3kXQZR2qZ{N{^6kq@_W+ zrJK=6clRjijT|!ed!P3&*gk{jJokOh_goj4F5uH-N@X9{Y$cFoekCJ9)8!EE|VYBt@FXiH7ZmO7##x`Zo zRv#-hgFYscC@}4}_6lu>zf&B(5f@F;Vu_~6Vw2UKSjPx83y-xjkD3NlFpl2toU@BG@V`yAi1Vwt`z%GZ+Ay|2E}bS&f8!GsseI< z^X!lSZoO;=ZYXVhQByn1i&4q%XgK*P^F({9YPT;10- zyG0M1VJkxByv)*GPevWF6QqQj7PVjlLwVwRz>(9R?I@S9JXHOl(SIOHv~soAd2g5V*l!E3_TCllAC8Olf|+gZzWI9^ zyYf~sTi@FW$DLJEWH$Aq8Be+JwKtB<&a3VjG4cz}0d{~0&goADO0Y=8(!caKL&_l)B~CV^S=~_vnH0~Oih%cR1{FxeSxK5g7XEPtPgbppSd?Avd9yocDusScV*lXs za@;)^8-TDpMr&=g6NuGN=}3f^n$cM`&k1@pW5ti}iGIIL&a$>*T8u!mJwy~O3eo~& zMgriwk)s{wt1<|O-E|_;QcblpK87+dwp%y1WHaoOOA*wUnv2{rEj~r!-&i6Adt&hw z5kmmzhS8n{t2TO2NVNuSjL40)T_|b_Ep{;7Fmo-{bPQ!n1`JzD57|^f=1E}V#MFp` zID_yksrQYTHuDEglsj-QSA59rB0+r`Rj7xBUkA`E<@*LudJT?jxVo$^sHmj{l?#o8 zkFSTZr0gj)NusIsHg|?+UtBvYyq`9l|wx z8pRZWu|5Y+&Xng?K^=jQ9{FKvk(<##PoXY{d#a}E2`cl(33Xh$WX#!5YghweU3SrZ zM!ELd#nv!x+l1~*;X$BCZxL-E4OgEEp ztNiFpEqU%8NB+G^``|p5YMR^<@(F)2#f&GI1G-a z6B(RAef<~1ANEzcf2um>x9qUNl!nCj{bdp22mRyV0R>8h?Wc1Pcga~BBvUGlC1b+r z=_ygUjcR%k@sqxNYL0&Wr?0G97-|s}@Wt3O4AF6JJ#F~DI=}m=ic~-CN8(m*7V*#M z{JC6S!Avj0OFu`pR*P8V>pCtEj4eDa+UH_oh=CJ>~@QRvO@;< zSxrv?mKFV7ZIf5#ERuPLeHlAwlf0F`rh5zV4y6O%eh3++av5SZ#SW)%svB~;6~?Cp zsStb0E2P42hdgMT$&~5R`WQSWpF@Pz?m4s;v9m-HWq`oU^SGEdclq@EjR7f9e+aGQ zT*vtYr1kQziY@wGo(fe?vINAE5LBh_RGo;NX-0h9bavr{Zaqi)i&II`9+GFi`%QlF zhyd*W_4rWVY_*WQQgJ;3G)KR$l7-I6EJ2XW&eV4IEL_^RHVft&YTy@VHQxPUp7?Gq!;J6fyK z$s#J(44kLe=O+KI;eECX3H>%1*3VwfU0*8%Vhr5&jiT@pxnp7~5*XstuPTXcSHW|h z8`z+YUAPS8uRhjl>U&<>%3;BcP2VM?^GQ@Z&U8ninn%NmI(Lk|48(C0@A=5dKSeE zD$-3I;1oFP*Zo4pGYKx@`K%Y?QRtEk3JhKd(w_lbU5ad1RG{!fWh%YTg+VDkJ53+a(ou<78rcrk>#S2d7Y z^4TWiWzQvhkV#(VKCTikMV)0r|}c^YFWv=ccO za6A%u$I=Lw7hRN9D(mwsMqT!2q+lxO<2L9SzIi237`j!vwxGv$KU}*wEn#rcT*#q8 z!Q}$Dl?ha}ei{%-9N)_fq)jP=g-n|}ijK9pw~c!-sXH=`^R@qcFp`~bb!xu;nzlTc zO|^Rup49Z`YB~1jo9PflAxOnf!MF|M@(0^op$d(kodt@*1|{Qc zL(P>!-V0L2NRlY-GTfEiv`=>^Zf!nt#4xo@p))lnBSenW-Kpz-=5WO+M|gMdW$h+r zegRFK%`fV!!9;tyOXr4^`QaEHLoaQh(Aru^q1Cq^9H%Tz+r>QIt>rdhu`CF%W1j`8 zPx$a$)tCdrJPn126*h$P+$p3qQ;683*8%Clu(czaU`{nF z+_ud>=s$jXJxRa4!|`D|`Gri6V8*5t0$TwbwbKjlHJSb#?_v<1??|xN zNu-YO#ig@SFXh8&!`vU1T^ge=PkiIrx2H={66bx*@h?)JPaCW~n#DDTuC`3B({I^j z+}(rg+YmZY9AOI&(WcsUtL8s@Y2PUt@jk}p_%?iKnYne}o*U66)QMzi&$o2Sq4j2F zN1XTzB#vAx%$3)+KBiF$!X~l~(qRvDTCNPRiwDF?H$kXxVl}}zoSn1R{1k%*!HRRI zTTx2w-x3O&MYn&t__fjl*f4w-$t=IlEFTs>Y2@f8zu}7S;V*x`0PJyDS|n>Pn5IL{ zX8W9qthxE!sLQmb3xi=2k*V=2&Kr-dgVw`CW21j0wTPUj+Yr{ldX()y2;W;+OG3KU zMtG!&%GS`n0xxp-x<(cW2|_y~G6%jIANzc4Xl+U_pe1j$Z+TH-l|T4}lD)fdHF*q4p|f#nqq6z55Q*LKi`_ltN#2#=r@^`s}XO%IndhPSFV{6-NCB8 z5uY!+@uUMe-8d)oI}vRMq$54I&O=S*i|lSJ-eivQD;i0> zrF#|~{zc;VglM1w`#V&oSzF8ES%(}vmpC(?e2ijcLQ8&^L(^@-Pz#9zkxg8}A)g?X z2@>YIl`V>?9Q753W=^BHH}hU0b-1Y7T8I~x1cp39(&%oBo~20C;K z)|RA~Exnu@j!#9VlZ=Ag$z?QbUdo&7G8d`VP#0~(C^rr*S;BiUY>Q8mdT%8!N`o}P z@@704;zn(8?DYqP7h&ti1FvV_JLzRP&R%1xTSDF2rPcT%gP+g?C zq=eBw>aemx)6Js{&a+IPG@7&(^RnF@9LTfNH18yzK`grCN&op=5|}lh&D9P@lHN2t zB%qD*(bA~0Ehm1>_o!@yzF}*sGV)c>zB;f?CvvBn#4$VkB_fr(K;C4v0jqsaAzXn; z92}BsJ;Q~H--*XMZc~ps=(7|+VA@^jn}6E~Qt{h{#7>x)|JY%AB)wRJnS6&9eMkk+ zEuJ^Ai1SnO9bf(ct#;osu~q@+DhR}Ko9MHmq3ut}pS%6tyFUn|#6?4_XM^g`TsOWY zxm)k8Y5{Gl3wf;tajjSNhd!yfHzue1);ahSSFSxo1h~d51&wy>cpv1BuS;$^QKX0( z454NT3VSf1e(yZgpC0WxE2d>R+i!`z_|0j%)N6v!Q_`UL z_p*J+*Xh3ZB`*aGAOb^+0riuCP)?-M7E2o9axh~oSOv*8Q&rSzV?x|`WS$!IQYn%4 zi(jS0tvFnvaU-R;2w0A*l2NLk#mpD1D|1K~mOV+Lo_(&7hb`wl;0~*;8I)mW1(G57 zkss#7@#Y$TZq3Ae!4DeH#fJO{qNfsGZ?Q)H6W4a=UgVVvsB`}G1(52J-EH#O2#l7c0*WU*L{{9BvmcrJ_^_?G zK$=6H<(i+fybgmXFU3+@Q_(T~8+`j2V3Vcq!68p3bf-I|8*kaU;F3KGD_<=Uc$qa& zS(LjUe3S5K#m%y~kt?{$=v~ko5t+e#ikWg=vhk;~=Yu{*>ToTyo`AZNlag&?42upY z2DZ~F;shfb6>pQR{lUIc!OJ^LXF{I#k&BpKq2H-r){1oCJb0zvOU8JL^guc%zV&;S#Z9e1E&3qSgvbE84T%2~7(j{o-mBWg91H@uuxpof1 z(FO%aGz%ApE0}~|>*njr(XAA3>OC{4+w|(J?{r-J$E#s1r5|GSd*_uC5>?wKDg(VV8*-L@rwl?E675<>**%OymA znCWoh>hBbLUSHtEKs-Lb8B8!ovsLaWnRQoBt^1-j@d-B&?^$qjb>0N0mxrpW2ndWr zW-)j}-uHYc?3=EpX$+4gX22t3Fn@~_f5qZB=S2Y3U!-cWj&v((4PWM@=GEw-%$&V1&Y!C*avD_4*3uJz5||H1~CJwRQbY6y*F6cBE@1 zQ#AT3|6^aW8VHgc1=sW<-4={5K-`p7*c*}fGdbKC85z-NiI=vg%N|TT2(*kh)%XhiJL@EOxJBV+e*2lRXj}><<+kR!AMVJnSRfsZ$Egx6NRDtMvbGuk>1&gyg3BDc z%|hQGIa71x2Ge|-IGv)!BwWrP)lodljwgP(;9BQih1uAE`*LP$^2JIUBT=Si@!;a<)3O2b!qX^$O zsLh=RK6R8uiRIe5rGudsBHnmj;MeTLC1vAGxcWQ;cfkgV4<^MJXZw%~FxdntpiC$m zt{{IL$6S1_#;z_caK8{B$B>wDJTS6fn2xP?6c&oO`zov)q$40wCq$lVQ^N+pwj5bO zchZ8vm=})z&%0WuwW?v|#$NSC?+rfj?x*hCh-zr|)VuH6SkU{n9=P=C6C@YQ3 zfjZ;EW*qLe1)@|BSB=#%wr^S!MYV$(F}pF-V{Pnedf95e|BA0pA?Zi*_^9AgFHcoe zv>l>dxeG`L?Bs@-E+oJS{dlawD3vSJ*|S#9RAY>0#Jn?g=8r(^MK+@}%-CCVXa-!oJzBb}r^t1Sqfh%R2VFrp+D&A4q`3C}dm>@%9NJU0AY_%CK_lwzyS zS&2o_meJ>tk0I;H-N$k-&z-2h8A&3RCVhUm{lXfIpKJ3Cv66rEx#cLb?XX9&J?vEt z>5<2=co=#t?&XhrWfwvyj-FeEOI|{D=wv3GrqH_EbXTx&FfsJYzf|kRtI@x)SqY^a zJ#0$cY*$OQTx_gKMcxNdQSr2n31oc?F)$w4i-Vd2%X;MNV|CU?{5Gz?d1 z9+J}Eeusu>=I>4nUe%PgUQvYvdKY}5iWyPi z#*vPaZ+OR+XVpmc;RzsK)>jYoew3UQKbWv4%!b!AeV3e&j9kk1N7ZJ=Exn;y$ z<9J?vM4?IeGBToj2%}~fZ;VvpYq0&{>9;=#qCwHiB*_$kqFmCdwv^zhX{;CL2?ohv|d5X`(;6$=h z^zs}2O2)d+toDh{NABUn3~svfw~9&1OuDZ~bc&>Zb~>!4Edb`9@2naSQ&-nG9;!fZ zD*o@08hBcKxa`jo)R-M20yGHltHg8hqu$*e>s8C-Kk;EOC!cy^%5%g(^g&hZ=d&Db zABNZ6$hWUTZpDrqw^$mEK%^R1fGq_FN%e2NCeD45^tdU9B3qnMriOggc#^q5ojJLN zv!#`A&pT5C8d`rpu#;d3xuguy8>;)B=yU{&!7u^MIa|`D%kEqvN;oFALTP9GDb&L6 zV}bUf?fTh=AYXf%sC^LsbLHn!vc)nZSyvTt`*e{jycrwdH2v=DfJcX2Tw1>U8F+c0 zpZ$&$bpDpDXuQrSWuE1Y*wfn+u)fl z$S(RM&L?wk7O|&D*Uej)&>lm1^q7%fk29U8vDt z+2vSIRS0C~#r;UW73sx`_?RA#EXa>MWSlQtZsmq&RmN;C{i(%a62aS-YYFblSUGg2CV2URZBrQhsq>s#^)j}Kzyn-kx!e2^ZXZ)2X^ZJSYh=Rab!-gSWJseqfDN4wmxY(K@vrDJ7Ci<2QtOju~YBRG^csE zMMpD6K24#cN~PsJQq9MYI_yw@6La-sVAA2fJGlK2vD(ou{4p)IPc&ctuvzy!;JZU+ z%uqUvW-Q8#^j>o=55WblGfGjVZar6$*EKlhPWNpFT>t5}y5 zVrlNPJMKlzK}hpT0gK&F>xeY$F|MHT9MM57AC;snNEnMiGX=^_x5Ks6TV?1}IxE0_ zI!m2Lrnd(9*|IR}haX=UDjxwJ0OPn1&Oo8;s+uv1IIii+W3TugKW2SCqo!9B?0!|< z-b1l^?0GP#fOqYh=eXgd?w3EnYc}+iCmAP*NO+k{&mSq(BOWU5%n`TtCjaHVsh)#; z=Mzh*+F4maYFLQ86w2x3g-uJQ77{lJzrFJ-$+OGlXh;Y};VENRNVY`nD@N=0X;wnhvi(4JUDh>^8>va3x?8=<1G1lU+>||`a z_)`wSC#kaewkopUuB&sn{vCyINJ{7lY_Yj#I??tD1C(0~HS~QaLNKQ48#vO40eHn% zhqxuP*sKQ+4rIJcReAC_`D6WIRD_!a&x!lOLCW(o$!|5z>DOsJ@e!NkvNX2S;+xb; zPDpI^9L)#v9r9pVr(mkegw#jR*}_z|LVIvn{7U))NMW{2H~`` zP~=*A)Ww9#-r6J?`G8a@a*a-#6{w{2GJYB+Y15K;B$Q8JfV;%{ql*m#lvh$&i=7H^ zGz*D^+nj@k57gOxS1f2>OoTDDBkI{I6BOS(;THaD#{nc)qv~)xFRR1=`7)ooCA*1$-( zCo)J3_#JKurH?v*-}Y=SudMd@GkeTIu1SL}nHrnspC|G$&s5I5pqY^x zytRJ!zMg28%<)Lwa$+dyNmPuuo@Rw}h2Oz$aSEK!LOEj+o*L>~>L}?E(x9L5 z?dqvW?1ssw%fb4c0wTd!P)+>ME_M{Y*{m#or52Ms_Y}+fCh39BhQQh|b@EgqJS>mu zDWf96h(=;UwXX2q4Ixc(7trcfe=_}!luGEJx z*j839iGl-USwRmKI0e?)$&3Z-hfT~N=uVx1K_Ka5_Ey*8hdXvI(1%-8t{&oaJ}0=y zE9^p%ilO3dYQzzA8RtcQAw8o8&8NH|Mee>v{pc7-~Bc82CDC1ydWL_`B6F`FEor6MQ(1JulUE80dvz!}w1&{@ zS@PE|(pCNP)EP1k>3j1{52^ta2*1Bw3Q5~(r;7KqM;Mkx!MC_B?#v>5^!&R?q(mn_ zIvl5yx&6Pqk6p$W-(_WyCqzp>WTSP8p-w1fqvJegqv3jg!s z_uu1Oqpl~zHfw=SBIu}23`W<%4^Nrr$MN)_{SQP~SGGXp{D=;VJwtpbT6^JNafywm_-RpBUj35JzKR}Pn3rhlW6*CR z88T(h4Yqk%(Ml*a!nW4VD%MH`i93-}w$_zrvD+*$vhb&t0@^ag4nSfk{En9u99dD% zNn=l-;4)P7%@01xQ3+=%n8STc@m*<4e4JPU{#{+_=IBs8mQ$uX zS9vU}J9WX+vv~N*+>}R>WUhgLhd$yZRUte-=Zu@fc$YNwut`Fpl!}_JRqnA-iTQ$E z){_#S@aeM$Kux|gy8x1R zYh!LfO3p#)kyN2o(yPa+Tty%XhXJ(%vC42)SSVFtl*T7uT{Vze?XUgkq^klp66vYs zNik3|kh8V`>1vddnqpaI+S4WLC9FNsFeHq7?Hc8JsFuy6B0A31s`=q`CZmt*yJm~e zl*Yf=BmSxNszXJbCl+@%g&enH*IbI+McvnhdDvWZpJH z0_l^EmHFHY^B%<{sAvl-gXFxaDC0XERJHBdSbhc4EuA>ac(WM%gtcY# zgRR~39L!IEzAyyW%NMRNRD*{i9SAxEw0Qjs9?ip6JaJZxYNB+iek?3n%is_c{$3=i+8U{d|i~hK1+i8ppn&)?O{Tx)XYN*1#Y0>fWO`^(b z0==h;4YP0ylPC4xO%{3DLvTH;8%7G1LE3hfE}@NP(0aERK}6`7yl#D6NBx+hT`+IY zFST1z(J%L}7*!ZLq6cfeH1B=(74W*m>Km)xt4Y|ytTD1+o@+))IYc7$;^z)d?K_V^(L~Vk zaJd4F{4+(w`Ay7Jhh+W{`5}+HYXP&4LC~RdaZ7^Wg`uH-x*Oe|4#W|u0D`J7qMh#5 z4+9#qH^TwBQx{UaDC}3p*Up9e@FwFwZ&H=m>&soXPW8Hph@LE>8h?4Q_WcKHXb!Wh zn`&5wH9!Nttz2hnEGAVv{%~Os_f|tg{yNs}&p=8v2-lg`QKA_wd|=qu+a$VyF_ZDM zm=r)wR~%(PhFIw>mMw<~*Ss>{U52RIe{r$q)RvA}R08IbC||fvXl4)QnLW*$FqJsT zK(>Z}6syE%kG+4A-r03a{WGFRnz*aWKXdYwZVc_Gl&|rqD;l%0urW!uHrzSK`@>#a z?IY>6Zf*E9If&j2hfMMGs?ti{(5E`6LR-)_ad8)nR1I?{#di|1|5xZ%z_SkFxH)~C zA^W2a*X7kqaltV0QGN>ac-h~Dl@L-&b|p`m>(^`EQKGj)x|Z4Zl4xawSQmG&G75n6 zj@{BX*0;Ae(6Tx@6zVp4a|W!JTk(#FhD(Do%tSS6l;%kw5#g!aJ)9p&PUEVG;tN%z+8>MVE4r$h5a|;Z`Z@eac@|i>N)963otS1XCe3hfb(DK1MWCA- zhx*j)Z^1zQmcwySgK~2goQR&Rxz3FQlVF~syrIlH(R>xB0v_XI zEIP>v!+{lzaOb_(2SKWG$30!#{u5myD9y@vCNyt*OXpO7uY0b#9sj3-ug}^mM1?@s zN!@?F_bU!JcxMl08(Eo9f{Js4k=7CJ6|PiiHH8p92H6?9U*Xn?!teVigp{m;d?v$T z^rz0(q$dxA=5@ZlKmP-Hm#o!D{#i8|d2g{~^@r(d!e;?JRav!<oR~1b37jwUsoZ zu~QLy`}I57+KX_7aDR@KWz=u3Wk_Y?ORknQqnF;qL+L!$Yom2fS(!o)Er$^@JIE>Y z$A`$WQTcHAy6l>W=~$p9%aeNEF_NY4)+_JrWWQTlAM4j?v6m#a>Op9Fo7&VcjNOpKtECfCc1u3a74Tz?QTo;v0qqSyh%Xv#|WF z*4d_P{9tE-vTOR;*})h+kqzJ*H*-P)_AHd!i&-EoyIlW*k8{0wb*p*yRNNk?&$l58 zTjzerh=4%G>!!x04yo{eeOVriK=nK3xt9lg)M85P@Ah=#!<)y~GHlW0_h@@h&v(sH^j}NmH0wTf7PM#P&|JMT_8Vw z8qpi1+Udzk)sU^)EzJRY+$Cvtl(CUntg@ql^h^EG+Vp)*nJA1iY2=lMGtO{(oX>vO zxB1xE;v!d)@KR0ja*bi4%0~@RBv>CR`?5%4R9h=84o8(1@;^IEWK3V1se8)p40xCd z#&uXY0Mqr23fd@m3TEAROYVbM*n&DOrEsuEPdipq&0Es+mhzlOz+(A-AneT}7&**( zGNOwQk<`t=^z1?h>BaE_Su3rA;wfXP!}=fk+xJCYF7; z?&NTrLnYz$nLr55ifCX@vUQeS#{7b;1>8bVeFh>g>?Po5c%-QbL8-XMn%)>h@r#H) z`}r$WqB3GUsWl$KA|<9#Xj9`>_VGv;TJyd^eHAi#(E85?Ib?$Jy|?h60MPGTK(_W3 ziqK)JhM6nWdIrsZuZVt$3=56Pv{`^q!MOn>KW+(Xb&;oO&zY9h*4jfZUDf+fOECE;1=|p;vw*)s3 z=lEqS`143e!9WFCY})YPt*`USVh|BXnI~A@D*cyD>gqUW-Ps8puKth~ESR-va{#u) zzB4cxlmq7j(}4E9E=oTy9stSohz2+)P@wU1Re%;lS0k15-d;aL<%|fW ztFNov*2PCPrHYf+s|ISs&G*y_vHl?*Bdi0b6W{)S`H;Y-0SVPrVoj3kyo}E=A&TVarFgH&ZFHAL zeVNvq8*M3yC=T2tKJ}+JK9YYr%aI6vVqa4{DfzSc$*4~i)8}7C#&an@5MP#w18ITA z3g*cjQiOE%xQ}MxU*|6`usR}p{s7H)3Vt=s)zMblCea=3;6J(F@XI&a>lq&RY>+-% z*5WRqlfNv|U?B-P`8MgqQVbDHwICKtLtWnzH^Y8^lVaumEiz?A;*;WNO1G?08L87q z>jEs}C6Bb8wy@=qzY|!HYwrFYL!f-GjAp2vKZ9Af`#EXOF&t}l%!{?)@YDakOvH6^ zyHE)-G0Am!V&*dT!8JD?C|dd8`ri*JvOI{P?SLrwOmSOR)U9#TT*GlBhjN|MUDBT~ zx)L^bydp1|g)MXMX}l7rfWL`$7u6A%_=PO{)+rzGV3WS6-UpNP@TX?mm5n>gY8#j3 z=yG`SPP3@&&~3SbUkCJj1kS_{4B&8oszxL@bgu(h(tH1a{imQT*(Bq^Sq-o)vwz`Y!a35*93S>J&t4eUZeC;k83^@8!2R3VK1_TNJ%CpWw1oq}% z$m&!*q!~R~aS!{M*ilK{O|h#MPMCCOG#o%A3x<=1uM9NzD~kYt(sxbqru9Kve4A{p zTq(^mf9^zq6}79?Ezh6>R4r61Psh`qK+%t>yE!8@fzDk}P1NaRB&{VKqN>s@fj$k3sRhh{44X8fM&<^E4`PZQxvu|MH zLNEJAQ|U?B$6>AyIFv~L1Vq|R9FSRYC6255lED={_DHRv>g`I4$~V{6Uq9=xn*&G+ znZ8v)LKJ8M>~)q@cbIEJAZS;~;A=m;>xR|)@n?JNIWi8Wq8t!+N2O768@)d!;Ug-1 zSM@hhC{ctFhLC+*j&GogZSh+G9uzX&V1hdtb>&AQ*@%p(9Rxjmi3IWqD7bF-~=# zzxKj&!R`cbJ^*GvSw=A47|hzlZ*9hKII$8OwqLiemQIznc=^wnol1<}dIHKo#xGLr zSv^Qk%o8xsB#C^8gX@q$opi_mp|Z_>ij~ib;rH!KubHKh5d%~Bnf->*({!D44k=(N z`z-6|rGO2W-P9$|VntN>wnoh7&Hyo}^d=b$!sy#hO7Eypn{vLwfJ~LbFriXs)fV1_ zJV(t~$cu`R|ItXtn_;q&-HOlt59CNp2}JLD6|hlU+qZo$WnJ@~L@mLN3RFbeiS$AMJ=Z!!1+^lMS{XCjI-=VfTH7*PyfiNF- zyQojtC9YyI+ker$AG;jL0iUv{s>gNBNjsD z8f6~3LuF0*Cr@lig9l&=az77@e)XjDWwGdo196eTCyO0G!BoKD{Z*ia>cRtPyNe;H{>to z<)Rg=J=kRSn*Q|snc-ym-Y>>446j61YbTVwnCiml=niv};br0+dbjQ>Ecx5xqB^bz z$K7EsV3L9@?h~Xf$0m|NFX>MUgw?|p4#~65SW+PU^=3sVO<}rT=s7vQtDKv%ZS~ir zjo-;_>X_`IAuCu#G+>x^9~DGepuL<>6;Ieo=%7(7W;f= z&*`gAR+tkqgOwCT_~_;F>m1jtci7zkS+!(ajo#0}K}@Wlm(=ui7XWATonbMPD_wxk z^nI}xL(T+YG2Ikna~FM((Ic$_adQ>hv$^A?7-h{M4_^@he1YpV|Lf;++@uqa^Ke{R z#yR2d1$aSiazQ8*Z)${LLq3s($0mxK6RLMsN_dFE)E9u6)!VA_0jbqu@ z3iZXWys;*UUV-*ob>jV1Qh`kg3P;*Rg|I8m*|Ws!1ejM{J0zx9HMJ*f!{^B~ihRp2 z0FEDW?J?a&uM<#+GQD6n8|-@8ND%K-EJ1s6AsgH5MCDel`hvvA=*{X)YSYMq>^$SP z^*K^z^WVkPU-_5zx#W#7GGHH0Ui|pqK?J0WZPZ&JE#LIW8&=!;ecD-};VHKPg^c%m zUV$%90$9To3^&;DpUCxUqMis^gC7O=(lNFijCvBL_{wsE2P6DrzW*s22MU47W5({svTf%R<8-5Gx{ z(JR_u2F__6HAuh?7GK3CZ28^;IEy`ZSkjRW7%ENQod6t18ocwNigE`=mk%E)*9(}Q zuZ^9k>5+U9ky#YJ7Z>k5OG9!gNf7c6EcVH%t&E&t#gE!sf9MD@4jsfg*yswG?NHvf zP~C0{E%*9`F>$smxvrel&Q!Xu* zLp@MDg`fhE3ktJ~+&2dH|vTxl6Rusdqy50@RREz+Yhns4L z64r?8zwbj$J;Ob^{9Yw&(oHH^1|tq`Qc#(Qy{eD1?)q|#St{J8g$7Ul&hSw~lFvYR zgtIPZTc28tX57g>7&LxzArpHNLUG6OfuwNPikhW|p1VH`e_wx&wdnDL3`rHQ_|B;K z*AsB~Ca_Z;-l6GUyguY)N7vSnqj_(CZt0XMm1gfWo$rB;ZlBz6K6@oVepLqSKJ9qCObGS_?;TpGFXIEQ8kdQJNz2&=9nUUqa zGwmCHUr=(rSTmN{&w`5*tiTKHB5{;wTo4d#!rP@8wYBkZQbWE_C>ThcD~q zY7}5AxU@K!O9}PaBz+;zvy7sJ>mT_zL4|%V=J`6y^v6u{v_MYv-gxj+aJaE0=w#Vk zbd$WN@v6{7DI;+e8pQb?%Tn%WI!QQ{0@s{+*v~MCq!Ud_`oxqF-dE!dR;0o4vSbf9 z`bPf^VuEGmE{n0{`5SrDv`?c=3MdL*qF+1fcCgm=hV*i0OJ9Wz-a9Fq} z%ku`r5YVE)JIs(TV_us9AEiR-9BeMuXUTRWQRb9N#XLkX_z)*9D`Y~1&al=sS)xY)twvBkMoJ0VdkeS-jMd5uPMRkLWIqmqn!^@$a(MzyE= z;P$x8kOH>8cGzk^jBv%wLVL!@snmaQU-pww5sSQVqEdFNoU%Fl%PyO8OcS$DvXknv zL7jgF6dmtB_ql`gUc>44@fU#62#H6_x!(9TH8tLA^zyIg{>hPiM9a9GOhzE%JwfcP z(+>-W5e-EtY*V04zp{q7Upne*AxTmoL_U^zt7IzY&JI*HPr~`LK<2x<9vADPL#8At za1(KzNK=Vw_vq+D0l~(0@1=FKj<~vEw$OBThsOu|Y-9&Ziw!lWW|TdZUhF0d;-oZC zfsU?wl9-IV=HIa9rd6h20Q>(^>Q!aYo1a{=GwwX2ss)&4VdJ;j44TVMj6P;)LA%}b z%kx+$vG3Np%Yl~WZdX&-r{9i3{m3D=0vzdzz~di^eIQj=LntMZ=CbFDB`|pY(A3d9 z$G`G8@l4!`g4&&*WzV@Pjl(x?-RabfGzeBtIuL-j?69yQo~DXGQyi!_0Wc2^VKeqp zcl&3%ZKnxt+CD7)`j(_fv;Wa_mJLz0Z5IXs>Fx#r>F!pMmXy`*v1&0hum~Ev)lZ;0SY1&P7)==!D z3mbuslhajX@9YvkNZh`&lOA>~z*Ui(Te*5ja@-I2vfcHo26YWYsJ&;No>{IsnVk&{ zWhb2T-EgJ7T;P*SQz?V#ZYe43RMMb{{KH^R9r6n$?UfENh8@IY_ge`e{Uze6k3`@3 zj5Sxs{*71vL(^SVo=xz==!s_Rq>qO3@A4L2GeRp-tL%iEZaE9`&KNKjWMobspEiY4@G4^JM5Pgok>Y&&q!hW~s(DKfrlnHo`Rz|npS1k?( zY3=oDeev(Oap-Rc?!bhKx5jh6+p(cUrR~V1k`uDfj{&9q*?__*dH;fM?8QbGq(|_; zly#%=UHr+u5OLVgp52{;;i6Sv@dU;H?Wd(9Q|dxy&HNg?pLd3c2Vf8TFXzsD<@=i~ z<+i(c?u+l6t(Q!x-1$JO@b+`fn}*a@6erwxmlbK_?i&p45#EQp-?mF;8(-48Uqksk zho1$0js+?%S*82ND38~aEBdzS|NIGvgl2VB2G~MZF$LmphO;`P4TfSB9+=fdi>mCmmw1tc;R8k(rs6dHDIO@}f>M!7s_IBxM|nb+e4 zTtH=JDmH=V=hG!eoM6po*ErL`Y@u-wBy)ppOfF@*C~@oAV=>r;-vCx|Mhj2b@m;z} zfuuAk4q21^E8%U|I-85Y6<{fRTd)q&$JR}>(=~;sX4jiP<|sOC$5}Uqo)K1n0+9x= z>LP;eV+G!0y@sy<1Mu-?hcem@mjAgz}2PQ9#0 zb56=3$-yN@uBrX=H14s>AvndldHc*Akqrw?>c&R=GN}RCl?BvY=q&nNkUkdFiF2{Q z|0SlnzUc;{p7Oo!(3`Tl! zb5$2$c=09x;bW-LEg-rvtzX44D7vObN&h?(kL7#U1x}<;{wE+`d!ugH+a( z7d}=;DkV6S!P%BQKQe5DeIY*M=2ZJ-Ih{pP*+Ngzr%nccAnX-E$DANGvwGKOO>zc$ zwelp>kCJy^D9Rr)F<&mv6THxrKa}`gTHygt|gg^eGS!xZ0xP-I*HI*gdJ!B3C zH`5~AQRG1|>^^sflP`{~@SYk2q%%Zsu}pMhORLiKCx5yh#faO-m%=S-`W|Xify*&a zSM1&WqH5%TyvDLSRb|BTJw&$^Q;pFtxK-M#8YhlaWkXu7ut3by%U{P*vEIPUmx(E( zYRT%@@1M`Ll|vJX9r*Y4InAxF1KzZCeN6&gWKzhiET`dU! zbJV6Y%;@m$wfOOY0)*6}f8{x9(8mgO2mP_Y+PBFqUipRkZ3M zv;IYG^@GH~398n%e0ss(tp^022JZBg$^!y-($Ahrn&@$WaP@`BJ`iU#F)0yG{fD;Z z4^s;0GMT@YSGdz#{2wNfvF=CZc4lgM&+wRKS;}8X#)smIb-#)$z z$HJHzv3;w9WPUIXP+75l8eeGEp?YPzoO`^6W7Cnlv-Ue)_Og0kPMT}7?BLEWHCe$O z$>{l@4I)8oY~upT-q?Li@^u2C#iX2n)s(NR3v@Y`Kue*>n_cGxSraAy^O2pT4dZN@ zg?xteCB|*b!G*y$=~1xTw9rWFdasl-C16Zl3>n#Oof*Psjx8eD4~?mK2QQPcDs_N| zzWF^@yxgLbbFgTy8ezYBRl*+RPne8Pq8uU!2q=1h#F$dltb-y0!w9<-gcg~H6wsF4 z_9F+LMBAD}McjF$a+20me##ozUbNt+VLDWz=iNe})F_Jj+c)u716KidP=_-~SE3Y{ zrab-N+H|ICjn$!y?;zFedR5QWxyi&QuU|}3X6j}lr)6p8M|pw?MbChO4~&5A9qi$m zL~DHCB4#<5$5^=N;Bh93pw&K|tbF8cMLKVNSbc&mvj`x5W=dt?l43>^c-54966`6$_P zU*YcHNq)4=^el8S$c06{C`jh+nt823^T9#x!GJNs1>E>*;q=oVDMMP|1TcHFhMxfj zYUoam^>dW)1C29TXUO6cUC*prH_ts`v)7?}h2@4Oh<%aiZ%JTzqsdo0* zCxh!s%W+B&$(;>xUmYH~)kNwcnxOl&&_}^xI>k6~Fi}9gQi4wM`g;UU?lJ7txx%)x z5NGpUP@inb3JE7cNiW4BNL748L93Hy@xYTaiz(lyzPMK$MAVB+hllDSZ{Q0f`kGMF zi#lI05z=AUiq{-WF5an5*;~B7jMH7N=$IwFx?n5DYT2Qbl5>YKt!h>n)VA+$bEvHB zE!!-WcvB|Tf2Q7kUGaf5agj07YhsALX*o>9Q^PNEJ{;${ld%3XS$%sQJq@4`j-VuC zx12*5ZN{1V_&ouJnnkEza_R3i4@0(EoFi-=PvBGDnrw^0;-kzngDuV;srq@27x_ z!QypAJm0;E-o-AL$R9_Wc4|h`)5gQuSpa(Q{+GVO(<_Wfi%0WHWO8o#>q zV4EzThR`0Fg(SJ=5yj2Ba)3u~RZktU85g;>Tm*+P;+AMqa|7KuMa`W8etNCnn7xVam97;oTQtNJsU+`VHlu&TVT6>VZ6C z6kp%WNilaAy+YspId@|9WgO8E@3_jS&B*Yf>Kx}ZxH31`j~D-Rm#XwE##_QIUJW2r!od!me)HIcI1p^EBxNg!)N7B|RCr`%n@AITsH(k}w@?zgW zX}{Vx45Sw}|HW7IdGENn}YV(zIXIseKGnNB#P6ALNwe z&Yw~1e;f5NU+1#MMvcqBojt9>Pen+D$crr7Ba4Z5XYR>*#b8^3B4EX^5il^JiliiS zM?Z?=16r76v1Pvo>7JrJzj-3H3Wo}=x!fi`CV`Y{K{h}Wl0~iwqVDTGb(~xA?2nF~ z1+hyTf#n6Ynpx363oi?Uwi2$1JmA$Z&Le9GwPge4YBi?E9e>(KOSC2Osl15csZpxXH4I}r?4oC09eKjL z@h?TmAF$;soB-Ws+#I{NQtYy5<o`pwide~{lmi3!3R6cXPFPGAjzeeXnvwvD2`x7 zYKsn;(`B{Q`Y_|$_HUHl^f*m{XXWLQ_JabjW{jfDdUsYbYSlJVT4r5bsDZX45k?E$Hn71KGOrfoW~}t8Et+TK+kj(aCZZx#jh= zfWG0793=OHIZ6qk*gvHTO^NL$gaO?-&qgPLe-7H`z3WkDOI|H+_qWON!r?+6Mjs=1 z)x4zh(vxd>0Fuje4Z3z&s6PZbJ~5?0%;EzMpa-!ZY#0Y4br!5HrCVq`X+B(#!S!C- zZ-?PNubn_NLI%xP;Rl07_#;(jYQ}U?EqxKk5?2_JU3RF_&M?svs{|M@=z_Qq74hd4 zNZDGBqS*cJRN&!u;B~PVoW^(|AeqI+XRNL~Kg_yPPg zSolF2xWuRf&Sq%TeYYZgx9qNL5BZSpkgQU%g>r%Hd-Xyi_f2ikPbbERXQg`>kyaJZ z3jnrq8j1h|7JQ-{Bd~;nTYp-Q&@^*VDmm#ijukJk>zkjrZRZ3#iRGERv{Z0<>sCDC z&ccy=V9{heV%$piGt;k-?fEv0^XnPI;PSbZsn3K@dca#LU535K4Y(|ZsTI#$2=%d% zk(D44_jwhxD{C)Qz%s5~ z(vPS{;b;T9;3ggE<*y(~afcOc|7x8Omhq$l)PZ8va37H8yiFNm}j&Ggt z{b>=<8sKU^8I-5Fp2DWl{GBQtXI|#Jogpz8gD2HR3-uqGk_OMs;sL$*x@$^Y2u;Af zBEC~6IL6)en$5k|Y{Y@%ysbjZ`>~J!A>9$hCZ|>+UzYi~`ZxZR3DRX(hXf_IM6VBD znri(mSX(GN;hVW+r)@WJZiwEBg4AJnPrtfhPE>@y1Fsw0y1}!`cLfG6p%)vG}!$g#4+Wvbe8or(Z+)m$Kw3^#|dIs^q*NClQ9 zmP!m6ev_OWGF1k(AW~rO0n~4|srV$B1tHb)zWXV?Y~`*gKQ#5OV9V?mH7CK)`;WJj zEgFT>vd*5+%7-sSnLR6?kEepHzotWgESms`8+t(|Q9xB|yKHNY z%jW0FrgZfa{$LXO&D}zXwx6~n!TJ29X(rcV?!m%kDBGR?6Rz-sAxdJU1sf^9+rz0* zc;mFk3M5TTeL7QUbltRP1zCd!#peQ~O$HaNVRd=?2_;enNm#uW( z7FE9Z)z4zQj{a)@jbXIvD1_D$!XAQU@-z!3>t$T$j6x~Pt*lv|rj5E^bGdQmd@xnQ z*|!zWC%sHt?LXu_R18;a-S|SB#2+F9a1z=U*?$-E4$X_ZNWJ4Rcw`NWCC3@+B+#7wpv2GQCR2ri}@ zZ(DUK6r^wbvwM%IKV^jH_1!a{zOD?w8-WqWZEN=aUh)ZDy%_K~%F_P0Sc|n;J4ofP zNm#AJE&+pbeB(=C=(=UgsE-caX|RT?STf&c!UKV$FEXUh8ov%eEUdbI&W0)Wjq>ri zp7U9cI^>@3JvJ*yqeJ+&}U~v8M+vF3srd$ceggkmIsRUqiymK?5DZ=lxP%p z6>^+@o7S}Ki&kTBr*Q;V-Alh_NxH&II>|PJUft13Ny1?}YJAhx>)zfjA92G2ePhr4 zn6#GOM^n_mQEpOQg#+VFVu{+GMHNMxh*eph>*?|<6@Tgx@jEbzLHa=f#fDS|&gY=r zy8&XVqtI1rDmiYO&>E!SXR?9+&|WWPt>RKsk-nxgQ5ElK^^N;8J^xt#odkpVYuK95 zK#ztYrJ1v;xLL?>sZodi{;?ygpHDJtGdbJ0{=mIQ-rObk8zny`el_V2c)^*-VYMgn z74c<@T5v|l>@T}v=Fm69cDW~D2kTW?81)$kj8I7*E>T|=pb4>Jiag7`O95$pxy@CH zqOnh63baky)4FQ*6j-$DeLbSjs8U-kLfR5hMMXl?{ z-uAZE@Pd+-uWnfmN3G%vS?qRfi^iV2p*R5O&2jnKnii>JyeM{NwY9Gqc*FI|5!U{m zbx;HigV$CC4cJf=3~`yWhu?)iF}l?5@?-1dT$|HJIiWPGgNu)4a>Ypd`DR!$`y(`? z(hS4i((uL8%esszh$HV_Ar2Dw9h#Q~+?p#vZ8`1t(~FPY}YzZxcv`yAmNp6(P}3vj>jUE9L9<$@q|1u@uAGn&phnJGj~4z z>$BG{3e~12@8Hd6+w-iB+FKVrVS@q?DW{JJSyiAxkzeC!-5CBjndWGm zwU*E?o(vy1qtdzYLK}?6h(5qB4{1dS0Ixz+fa>ktV}>|*_2IT7W+3+fqDW5J0!Fas zE{^>|33hlhwnUfuyWN718u`}C)N4oe=b7b-ZAS|AmJxzEP|ja>);D&DU{9TTAmX>a z`-Ee&qZnq5Q>W-$zp8XQ58qBuV4#`jm*QSI%y8^2k@z^~gZzAJm=seii{tltB z*d=19?B?(1zY<&MhlM@2b;6d{!c1SBTMnb}2>6k#_0n@bTUy!~?OFOL#aFvXZ7lD; zGPYc_S03J)X~SvxrOd*`n7r}Nb)IEZfM%%~&Wo|oh!!gt4~rS-B9;e)AZXkj#lkG! zYTC}D7|Imr>4~%G$^zJTRa|H#0C2b@17n54gA1LjoaJVS1v4KH&BGS!CAw4v7MlKi zCu0ti^bo~W;w3lDM?}0Wy)uRFvwEwXim1^cabX>U$Xs-{U?AC!If(SGMTXvzAt8u` zH}JNYb3v5WZY^~`RWEC=4ks|%G_G1XQ?~(2DY_GKto*qf%tc?aMs-uJ+|P(%!L*<2 zL88S9Esy2yY(?a>{Z##lrK2D5!)b<}FI--t(H@0AC?dgwp~RoNb$07p1H#3E6p5_X zDCR*GZ4bVSPMB{#W)A$4crO-D5QYU{KPh*EB?ry0V+DLd$(*g7JB^JBp>71#(!)v@ za$tZh7`4mz1q}HyB*RlDzFEzyn7aa>9obSJtIM4+Tf6~B8*dRi%(FGmyBWV%$rWl# zZxVT9n-sI9%OGtL`rLcSYftuDDnWzPvmT~n_b6+E5DsT1=0!PKU?t3c_D6FeFQbVq z>>5Im!da;Med*J9Mk2=7^>)-?rL|E}>YSOnSgn8Ozfed%R^NhLf_H_whs97{kvs+3 z>fv`zHk!TN!VRNU1P2hajpRc~Ryj$oq?uZaJ%s|{W4}~NLt#D}1%1Pif1DNCyoK$2 zjhPMv@3Hu(Y5RsfWPE`8q(VFFub$TtJ=aubEt{F2bxEregHp1`zVl%(HbhNz?3* zPa{VlwS+Z=yvfFC+&4i9Z>F5~qEjguM`?GnhZUJ_>Y>K){W$3Il6$vEdY-xTsqcwH z;o=ngWtNa8-Z(8h;kU3Z@x)4xcah61d4I|W(DG8A0a;+;S%b}=*Ysc9Hj}?Br!9%u zsY}gl_MV*ETQV^+!A_NGw=B&2Mm_nv@p*YY6RYe;Pqw8;%<}Z$+p#_g%8PZ^V@7{6 z*S)^V1=DV#oS{%{kr`B~;%-9n|!_d?|8l|egG0gW+b=NpX ziBpHmnZi156r*G;|JGbE6gk6}n;7&*LX!Kbq`s4U`@j$_%@Q7e`EW*dps99)!BAw| zp7q+^Z>;$p$xgllTjj}#o#!+M}SG_C)BI7?LnCT`&j{~HIHtTny2s@HIIqw zNxN^Y)3{cd7tAi^tEFXqsf*#2D#z{_z6SiM;Z|P8fT4zA^Jr31JTd%Fpz;Wr2l|G5 za5aJFG;b*~54uf`G&WArLHI|lYv$m;XlUU{&p-H^em<5M{>|m(!7IROiEWuw<*%tM zFK_#%_QF;T_vOYv_sgP;t3)G14N+x3l*PCb9-_B(lD*)E@ zXdR51!7SkRa{dA;m6y5w0F>(=+BHh=R#+KC}H9(M%Jt5z{AT(XmqByLtbvoh|d25m_h~~lRr6!wz zae1@f$!ef9T^ruLSR1N%WvK&J{78)CZ5zD!O1=gnM9$cF*Ex}HZY0#lY;ot(*4X2U zOuQHg{nFU&S;Y6uPVP4icDl6)@O6A`_ZSOBOt-)kS0y1%EQNoE4&d}8R7 zz<{~Eh+1dT;DG)VZz+~=nHmQRmM&r7MQjL%i!1!zniv_QZcXVZ35=|3_m--zL7z?H zNn4-0_;q?`A)_wn0*Xm+6#D3OH_F5o8=Y-WzX2giP{;TKR~14(H;4<%g> zuv&(G`lh2$PoYtwbK?<9$q-2~^qum6ny1+(ce`~s{=KK@#eHaIXOT!7WQz4;ic&|r zmfYm)1;Mk`vgF5cvaUOZH=>CSG|w7toKV3#!AvKRv(VsM&RB_Zq8xwL)=sRL3HDT= z#Q^Nvw9w*?R2^tSk`H#q^w%eE(dR)rA5eL~n%A zr5jNc=aWKvmTN!a%GbQEz==Sv@PvjD=Y}2#2Et5br;hA(8>pp zdVf`MHV3Lk9fr>;!spu+DUkk9A}|3EUn2(0Du+O(+0IX`sl=^09BY_-UwL?vwU1Ap za8VW!^8q&nvcm~w$9KY=a(?q=FLpUf2miK4;NXq8*PGqN_2Q$@kZl#<#Pe?A5;LvJ zX}O0@nK3_BQrD01EJGy!B3beilfTT-XmlIatla$JfgSDeNa~+V`3C2<^g4`~4W%SJ zF`cAhb#*p&M!m~wlei1~r>)!A$Uv}@+~P85#XX1eBm^{oSdi>r%Lxi6cZpojeeE9h zjPXfRHM@N8zWN}#K2!#kFFi@fmYN<|#zaA_zE*#|a`Pohv<@==9?5MJ9@x85= zNWtd#Ay-X`uRzP{=Va`huh83?K?qW- zkVSY}tZnO@Sc_gu-o6E9^6IBWaN|vFOKW0h{-IcxBQ$Mo|H5dY8A{gtXx|xw=%TmT!&| zO!4_eP_(u+rIvppsUc?nfJW?nH4_7Lkm)aIKQM>+(r~sX|536j#n0IE=CQHc%%Xo^ zCEsh|Q0|DrLvDLRndy&n{aV|e2*C(m{;$34a0M`fr@{)4LL@g3~3vDh>dEc#D?oQLoKtc%YXgTx;)~EGWa5Ht3!VBxxYG@BWM97-a zYRzZe-OZPm3VW=_M)XYrq;=&ViI5rmf)a@h%Raq9po1h4K~U`~=vm0HRNW__DGekC zS9_5ul6ZTkhHGSy$q{%=jKSqKJgZ46P)ilmud+MbA+d^V>>`=NG$t>!eWA_s@FGssa{* z+R^sHt;B;Ko`v?So`=v_qJYMoBynpdk3g3Nm(xHt@jW5{gP?w-+_xaln@4xM}> zcHXH#ChRIkJ@GH>!DC`C>{{r)k|jK=qA>n|MvcbJo~d8)c=~wmlDCNR_5Xp@I@_!{ zg()|AM|I~vB|(oy7=KLg5j{+n*tzA$`jOu~<`#bvxD`myxRVSvT5wEtq-sQGeduDF ztoZv!8z!V`)}f_!=%7PTsk&vXGy16V7_0a>6{_U`QKXO)#)21a>s=X_aW(SNu=i&& z>V7k)&$xquKX&6kgg#BV!)@ueBmD2}qfV@*vpRL+e5F38(Q0-#S!@7Jx$Lev%z<8~ z+RvI8TToq3V~S+W#AsXV0g)OlPW69#o+esnYj1K&Olr;8*t3l!O&-YHvIvA;jidJze!1bc}t|ElGYYOj!I-Vemf5)`c4 zjae4FU$B(d*#v^eaKlji0G+`voZ-#PI3`<a_m#6N`_PjHle>y_5~rpmB#o%BHT zv{;0tz#cLa!r0oq46tZbwHEZpuLiH28v~OC^z7RM>jc75F9gh%wp65phqO=kRtn-E z1G(B+BUMrLRt0Vr@9MTT$^I3}{)dLm=m^GA5PF)~qC=7g{c;kqDq!V;svpgL68;y`^B}dSsqTh=28WFra6jB zQp8LFvepE}VH*)H*D+6caR~AOx|E?{9Sx*3<7QiU=`xv%tU+ZCdz+7u;lD9~f0uv4 zJ0cG1zaa1WLYv+D>myebNp4h;;!c4GstdEY<|4}f&^}K-d%JEGV1?c;?T3!)8&_h| zp{W~xU%4vlU_H}4FU*dppGlnw4h`quHijJ8@fM`e{}6b+9$^w5O(TuzY0xyorpY=XN;U#e zPiC|WoU)EDMMjuR+R*H3zYvEh5Ca_Yqb6kf@R!=GoN`n4+CW~(BCa$chBpn>0wllRVWPh(H}(@ZnCz0iau`tVFntzExAG%8uh zJH7~_Ac+u!xKk3kKvd>syVT>Ox*MY}sn#?9+8e1bdU&1_e>r~=N0uB|!EbshV(46{ z`!yY}uTA)}Dms~<=2O=* zaA!RN?}=|S=YVYsopoL%q&M97_S<7g%a{U7z{9{=Zwq|)HVc^qdk9s8P?1_$SVBqy zB6UQIBQ_#EQYRhb5t{=mB`5Jk$5^S3Qe7EsY zKku0p7+wt!EdK2Z5{>N?C4ez~0S+}X9ikuL+3o94xo)vBQ)Tfkb=_(@TaTIVEuGLi zH-=cakW|ev@3D<`b`xmsi|Cl5qjl616=2DMhl=p!uo1v|%T^q8(^->WcK8dIPNVZ| zB1L<`$25WE8F*J>WVHA&M&Z%}FRTd3mNHNjZ#FUrMgo@zdw2q%5H~YNfdng#!FcCS zm;cS5E;RudLqe~q zs*9ahWZbGKYu7APvV}C}G^+SMmc=vDVCx%(jk42434HP$@XYrSjd$n~i>RP@YF?o| zUC4<|%_#9!tB8+YI7Z zyemynO1ocav}iajs@~DGT=4A+gD#N>E=8S0bo%_a{P_k<#4FxJh6Q#Fv>6Sl@{_yQ z#n?PMzU61iTqEAEW;Ed+n}#0PQEyE~*EwUG1B%%4$tD3KA}s!@Hgr&?B2JL(KQyCM zI+GnWC7xZLQVfNgl>pg6Eq8e7U@vJ;TSxl4&c*AKt}912)8`{x#i9oo1lrGThP8P! zTLFMjMftY#{f9uR>G#i9?HtnW$gdbn(a@yDo6CK&Q^!<<8j7oUhWR@7wG9Ma%o`dB#KL&)r-F$xr?FS2zBBvf+M3*=vwS zBsCK5MKd{q`IeUY}OlzuGk!!FfUOnAC7?U z8flq4uL+27SZ=Da(jStzqz!-kS~0wH^s^@aABP6d4ptNw!tCgO6zJ|eQ;|2Z&c4k~ z*pN^ueL2QRtL=GHW8T9A*xqmHBxA&Q%Ys#4Qa)Yky{MW!9<)I;f8mpb+?L%GQsnwb z?xd9jVz|*)Udg0&`+%16FE^D9)>6p9eN$rMH_`2vKs>jO(OPqP&?CpkzRmn?Iw`bq@J z#4HOGiBIC*gLEM+PTowVwd)z_1~F$1WPShQ*d!-~0x+X@c4>aGcFfc&&HXuw)aK5< zp3*wathINdTXwDXcc;e^eR*S>7c1-C>?O~$1%965Nz(&=SrF3tZGA+boN_Y$ExBlF z3yy4o>bN9nS`gj{0XFSHi@K|?d<|mLYYIOAf>ptTLBpkYE@-E*H+Ic0%{@d_mWEaH9jHtPd-!1oN zW~6f8L)x-t)VoO_{Iey~yZ!6vUny zGe6N-8Ay=O_lMTJm1ATq_?d?}ZxK4c38UX`HhpV4O!Y^|qJwrX&C6*^PR80e|rl;3m4pO?cAzMk>x>oA+T&?%`` zqP4APyA`LZPo@^fVlZ<)mKL_e{4_x+E}Fq0?-2x@@6WtcisWwVIXYte`7Z97!ox3< zyO*^I`L&TSHjajz5|{h!7=abt*&A;DPsRjHa=|<0uUYoUFeI(bHsONtry$n)kzGqg zcAx*yWN=Ga*we@^qqZX^F`kJ8^c_u(V|t0%v|-s|5XEfgrbtV}$~7kE z-|y6utm^YJuPB2AbLD4bYXCLqf$|cvM!{-L7>1B|gya(~c}$tw2IvEOvAM z3jOSeSdT;Hyio9M9K};BH?fJ)$KCsoJluJK9`JMm`GPVo#6W!QrH#hzU2w4bk`zj2 zk@z8sr)rE(QUul2RCu$b-Rzgvc^ZIBY%Nh=$jk+r)bAID6Rhdq%WRzQo;X|2P95{es< zGNc#|#%m#_oPa7aD|hub{&AMsPO0-*Uw%2IwD$Uzd*Fq}JUPQ>0ueGad$UEj;F(${ z;XIOgcR2eoGK9lk=6mM@Nakye=IAjSmYo5cz@omPl3f^Y=lotvGcxH1$Oq|J`7;KA z4{53e@VO{MtTJQk5BaR5qc*{F4QN?-CyT@y-=QoEnbMZG!9-5G$MelR{pCNas%1lr z6`Y#jZau{={1tCj>`(dk7Fvp8dO6y&EY05*N|#?1s=ae&!#TM#cX{rGmuR#ZGsrJ# z+D=91mQuYv($Kvvu}Q^xxyS0jR!5Bah1B{D=*?rX;wN`{XBp!Gptb#D+ zKa^U5#_8Vu>(D86J@cBoZ$c24^;s=NB@HDa?Y~qf4Ofm8)jX!jN2 zat3Z@gvLrMpP99mYWH(U8)rwU%>8@=HkB&JQIL2o>;BxCm_akwrJ?#*F_&rxL!*na zJIA%esVIARvcEqD4U26jHD8e&W0CKZs!WxPf4QZVJOvo|BiO$X54f)_yh8qCE%Y7bBs*2Uz*0*QV=aEnIl36L-Cbe zec^Xi`MlV$KE7o;2(NxH5Dsuij>?6H4GeWCK)R>p@=lv zCM{keKl1|a7VK|mKYWeYq4r{O=+nFNEG*2#j_&r{sSZ{b=*Fm?`I(h{Fx%3%k~N>^ zLB(HureIFm1K%LeJ@YXMbwJ)oxuJZaNe+FNR;Fxb=1#dkdfWW;4?le(u|JaB>XTT45g?%&Dj!b*nM{{ zd0a6J;Aa4+W;aRUMAuX|xX}6x+xmr8-@n8z^H9e2y1QYZLa)3vsaEcF6|za?r72$> zE8(-U)j!%}nqcY8Q37uZ?d+YPB9cF}V!^L;0vI!|5BdHEMubB?5P5}I5ai$1{3SAV zYS_jb_okL5*8=IsFr$+3rgSAo@MM)Bvyq|q_L813!6V;@9b zmF|Sbg*qr=A?F81MiiLA@W7U3W4+b{-Dm_bmXnUxM4S4ly=Jj5#Y5+u@BPsEdr{1M zxOwrcyrn~h^+$VLsjtnVO&Cjxk|jsVPzsf~sl}fYe&7oi_AlKXoMdS?)`$aGw|(^R#$&Hs~0POT?+7muv_rTGN-A)kkv9x(f&_ON+ZwA$l8a4-zBPVtPe>3w(6-aoC-}9f^<}*~bSA-ni)!iSZR_GkS8_vS+7@9? zn(}W`{yJ-ePV*DVD=Pz%=J+j1VmjH3xR-=GOk_HdR8PXuD}&qkExd#Z(`Us1;ydUe zNe_Td+kG4EV#}t%pbxVdwaQ#u4OswVg|MrBQjkY6#pozIr16_jb-zJ>z?31x6Qxer@4Fh!X9#|#-1aCMhFh*GdIO7ON8}%5L^P9r zQ8PmlDFuUaMRZo4aM$&_7tQj`yw=SHdzk29)~lSBh^?$%b|n8USGRH*#HDv@L32K3 zjqK&W%)R($``i}4>D6YirTXir2ku9PwD9#7rgMlI{Hfy5uUI0m?c*iBjjZ1Sr3INo^EAy}@rT!X@=3=V|Cp>g>*E;ha2pnl zV}AgN5(_0>t*neIupp&CG>BA1S_OiD38-Ifg@q-_p^-Oi+k_c2Y2xxDr)YZ5*TX@x6?z`_$dO_O9%!?D)T+JU`+7`hs4O zfS23QirCZZ>cidzzcsi2qv$NdntaEX{P{=r02QtD@lhbhJA)dA}V5oBPbX`kz@A_qb8 z!_7oa!rI0y>;iGqpVwxn4QZ~#Pcy~K~c=AN3uWy@? zgP4PtJ<*;$KOhwr2y7>2d=Py3j~MMr1#x+w%_t(YolO^*Ijx@PBv>xS(!BHrH2Ns( zDK7)rzjyh&{4j7?eE{~<8taM9d@1*Vok1dTwf;WVMF3Kk@gK;DMz?lDK`3!?o{jc= zi1y<|0);G)C6@Om4yWu+mxZclviJd!8(na=CR%`NUb)8GXDpKi%2ROrYCd<9BINuC z66TLh#W|PY%$M0w?8zTkmDSOMWjhEtso49>vN#Q*4)^U>Zb%}^XoB}feVDZ(UJN2d z64;cOW|x4o!O~Lf+n@)6o{TSxI=S*=g986n$it^&lonw&XyP($m{#zAAoPamA#Q91 z_=c`LsV(D0c&MKL5C@yR(2V#g%2UnB^JMft(9v>5=tLN?#Cn)j10e3dY`4=`v?WyVO-!s5tEpdxq69q6NjpqTdi2TC*zM%lFU9m;gx z%~Dwj3S+9W;{-e`7_%X1%Q;7E0!&h!By9O_yMoOyn_wFzHja0Z=ihph>gc@S!rkfE zq83#zn+$PH&(%(Th8AM0JMM2qM3b(oO49`oV%eQ~<9svpZMt!P@^7E|7~>WHAZ>3d&6lziBxQQC!O8uJlY*H7D_q|r^2_zQ4r_o;1=?+Rx1#+eI30|} zbsYkwOosLB_iy`f^3F}YIKU6u&FPd>?BLhO&bm zM>#w%`%49+jfA-w4x}?VHE&X7rsQRAlB!|piKEu7a%vLSVg)%(yr(bs*^Yw!AsAqtX*|O)QZZtixmQWVRN+6?P z(^KIHQA44cnqm$gJg2;&f>#tj{0UV!Vr2HJ`V7`-n9>1Gv)%JyES`2CiZ(zKz1Lk= z{6%AquSM-}wp=3=2%W)Imo3ozTGMj+5X~DurX6)&OHQc#;>q`U%cVn&)QdbI%FZS1 zxYN|7Vea&~7oi;yR)NcENiL@n)PeuA%UZVZjhpoDe z7*lO^0#?_ci=G2J$7Oc(7py5f-50Uv?P(V$^!@10=A+PZYCM@i~i zd$A$IFqyvnGxoO{JnclrrHg09*<=rb^0HlZzBsR}AQw^TdTe|z81-9@RLwUz@6`&^ zd-v_(Gye6~p6HCzU&_xCIQY{rG&k&)yh!JgvGfm->D5?vZk&f^C8oAT6$BHLvBtyWol@ z_-VaVbRp6)`mL#Zn-UW&qmNaSd^Q7nbZr8eNjIPuM}d1=1=bJn+`i39*<`cRXH1o4WLC9p9d;n7tWb^+ zaW|(iT&z9LU64t^II6FBPbqW<)oJy3 z3sI{E0S&w<#dfaFfn-a$`#Rp#Wlfv!?Qi7?OoW=eZeE)bgtsd`uLH7-ikE~WVRA&L zQD?T$mf|ntT12EJfeL;e_lARdZSWzZy#QPGRrHW%LmG;Ytq@MV35o32SIYmfZq^YV zI!p8>sh`m@a$2=$sP5_D;ad~_CKlT(|1iG|xl2^;(owksBUw0R5c8DXZ z+=P7DmTE^2jjMvI1nY*ngzF@wY#Ik2g&IXLh{Fq_J~kY|HOjn_O1vK`eO=0l^b|aS zYIu^v>NlO2=v81>B%N}cJT-WAECAG~aotD!=(X$Lz&XkBNnTVI8Ehe);goyj2p-o@ znnuC$QTJ8WoLw0ZC4p=^`YUeH2jElv$&g?Qs!uJAF^aP8CO3lge;Wi)GS+-cJ0@a%C7JUNT5!p(cjGx5~e-ec|a7LhHGd zf8v(0F%tE}M?O04wMW#>2-2};YpWJlpJxG#tfdd1dC#zwBRUvSqX2ifh#G=tHCG%% zX85Xw&9;d|w8g}bsZl(sk{=6Vp_3e_vEPnScb?AT{aQH>n>Nsb*QJiFD>=Qbg32ZK z{^+mWz*cB?P)Ue|WJ}vlvGY(8GP3y90+U;7tEix*B8f&d{!@-sT0GDxM+$M0olLpQUvqdV$;=2j0u-ZzanCYvl*h&sglq|LJKWOYF*YHIF-# zQT1fH&JuE$BIVQGJG=wUCNGf8aj2xq3(oX}_H20sRqu`uzs_cCkoKBt82W6$|L+2Y z|9_yjO&8-X-VAosjj#?E{0-*J^kEld?H0J={p5hxNm7@C8(#QK@L!`9f;h=;Vi%0- z2J@ohkM>wD`7iz}Ta-qr#SbE{%1bjuv-oNvZ^C*N1$vYz&uZ(M7BG*i6p!VSlG(}} zYTaGi)o**}83rKs@?Qvcw}>+bH_1IDP9CEMlu5267GWMg&6To3TyjhSW}Cm4WkGCs z66y9)$|5wN1X7{fYC{KcATPH?=&-83dP~n=W_60^Ax_5}L^X3+iol2@;h0^^csrI5 zRIjSS-p%~5lu!cG-ix5NbBoOK2xMeg8Y>NSo8pUwF;)q&dnDBal)Ya$*(fM}pBLmT z?G3)MC>TOi#-;B+mlj5mtO15t zToJy4F)1a~Y+jhNJ;Ryp!Vo^ckV`Z!(8wtqI6X$sz~Ns9|I$F|M;6fwd0Ifg z<2py)Jk6`vAsj5k)@!D~td7Ec50eQ2zgj$# zOpN1p_EZ1y!zoS1O_TEeDkgsi1$&Jt`UsyUvdomq3T=iljbyH^9CNUr*>UOx(-dmJ z9FBLg<4(;IeDV^4eoTK16@Yx{`5}}PKo(fij#&L*UcO2Th~UY3JYJ!FN?ASzo7!!O zBud>qjQC@TwL^`cky}r5Yj!aPv%^=ke-S6{jTZXv@7aoe^tIL_;;s)0u%?heNi}no z(-nZ%gKluC#a!6F4dOi4=|me6$A$8xwduM;aRybN!`kA6er>-^R*IRpwoz6NR)jd&jP4w=ZkIDeeeE zUPGqqo;IjCNFEDS-9%7v#TPOxmJ+2Gw6{zty5!H#)|BM#9`ycN(Qn@L{=2$Gfqi;i zgUPvu%qh_Wa;sNLq`z=3^LCvJB9hVz)U4zu{yfb~HT$caE$!=gJFlvL;5B8-tXpm- z04l@+n}+%m`Ql#?fUrn(t2u~XwZV|L3qWGGy9c`|VO^=)1zgN@Sv%%+-&(o@oR?@# zZZ7tewwXBWZZ0>euE6W}$B@edf2bw%FH}4OyuG^(sN!ZSA;YIjY>{4kz-Yk+or#o= zlYEf8AJ5hOIVCYEKjo!;nf3MV#R1av^2YFo>)C0f~T||p0a!$fz`p-T)QvP z_ir|v9{)jZ#-6WDd%J$c{!nB(9M@YU)h3ieWPXG9o!b6GLlc>TR(H7=mly$`z60!sHh_Y_n27kbyPT zU&MclAxB&v>5?B0rF8-T!K6$HSCX7}_P!AlBtEW(n~9r^(#Hh!$G4?8Rc!065O(=> z*9?LHJAccLbzIgDcel%6mib~Z?^(YadqS2Jcqti^WMtI2 zKOY=sU9nd&z#JC!cfkwm19YkuE<;=(8b5!1D2FFJ&EI}`B5+?_WygEiBTJ*dkO7;F z9;decEmg=f%l5wT*rIVFiYMuoNhPBFqsKi(*A++X+gsCvC24=pTUw|gM*riqcP1}Qy0A$Mf6=JB?hEYAZBUtRv-#Yptq_kcS6-8#f ze=MdT!adUZq>3f|`>&y6mK1nxpo=8W6@VfUE0Z-SM+xOjpD*!!aj}+07Zf(wg>8r3 zDNdqdr?8^sHTt2k`Gbts*J59jgf&t5ruo>& z>wsC|^0s!YB*yR+hSVhev~^y@4pIl(TREQHcls*zc_4MZS_uSA|2NiNc%DT#1ELRobP}S|*z`X^9r_M-S;cK;~h})Ol;G6{a-hoOk zo+^HZdt6D8bCri1jC1wr@UVxF0$5pmypF)ZqVRVj7P&2tUG>HN%meGC#4Q^dh|(&! z6TR13()|;BoV~$FrRM4`=b<7w*%Y7_t9G+?%3XP2xtJR9p@>R_;1|@u4*B``Ti~~O zsLVxwl^VC$)A!p6Tpz>e_IPH;(o`SqtOn=?hH0L66Jb**$O8ZJ#VZK8*P4%W2@S#z zk!Jqdb$yJo&l=r+P7v^WCmepLIpMZx%3cF*_A^3UiwcwSYOUt=9W7dG-W)w94^w3b zI(_l_+p=qrRT8;e?s8hEyg&)jyd#=rH4z#hFz%%yv$I%431PbEw=h`n=+G!xqmZ7XGPx=ak02-|y%3y}Xd&u!i$WHS9GZwN!8zMXG5{9X8Yk7$wh%^qNA z$a0J@U`{axa-iWKvcnh@?C^8QvjVFnk4<3A2Yc7%1+Zp1c{>uWI>LA4TS27ns*H4h z?m=j2?N2vtj#Mvgw!3k30oMpLMR;uAC3d+Sg3{|)`tqi^5j)5Pss7Nx#TmEP^=XWg zFr|jUttwBqwskNN$hI-P6$_ndbfp6l>AUU5%{ug}59H3rF$Db^q8*Km@P#wsIh20h zux3=hvq!c8(H8jmu7|?pxolWom%@yK`F65{Cq=?#veJqJ!YM`r(U!X(@Oi|Tu`V_% zDe1!lJfO$Xu${_w*v8g23n*8)utAgd&hEljH6n_3#+KDh!H)M5vxjD<0u>Jxv+&Qx zJ%OMwI6bXmF#Ky1x+GM}$`MjH)kdlAldp!y4xJKBEJEH$U82#QNiqkteoDw#d_O7-1_unWb#<>(Y z?7%?R$(`rUKl#~)1K4#an^wc0g24xaYY)}^-Zk4nhHBS>>TdbgKw_-)gj8>}wLI*^ zNk9?b0o!hg$xRab?75IFNVWh8$hfy-y1t- z&a8NpbjDeK^w_7XtbJ_-ZJ{{qzUyP379INm=4p5Cp-r^<<}dB@(YU)=87=?m{>_NHlO{l{UupIoN@Pv5kmfRX`jHP1Vxt^%Y!H5Lyz$H7(D z5`#}bYLiBsyVIP)Go3V1K};jOTlPVWEjc;=a4L{9$BuTNDq+WQb`y7R)rE3=#|RBz z#yx$JWD18Sq64(K+uje8_!&MbU6wo`C-=6TGYnz6v_X?)1reR!YWxwPyYj^HF82V_ zOWA72H%pGchy7<&t_KF(YhrTp^p{1eXQfL zOm-XKT;V<%$A=S`)MAX;yVqkk^O2(2+sZNbmi=zpnja0@Ye%nMkJ`{2(v990;HhBU zgZ%=%ZiuV7%@LK3oT_3dzRnPL^z9wl7FKy%R#3s|Rt;DQ`k}PS5yv~q=uFkEN&D49 z57rEsZwS}Vg_4}B!SdV=>i3g!SlLp8(W=)%v!Tzhp4Tt2`sgBH3W>gk1GfI8S?G(d z1)Q<)(a-G^&n5+DPbW?|%`1gyhLvI;Ey0XWOGLe2U5>)El5uQAhuo=M9V=@^X&=)=0qx+_#dDjQQ)tna8b7vpClpNVF&A+D0kYk--8_ zyMNA`!Z*UjHllPgc3DzS{HUd;yV;f9i{iWRyD=t_PE{^5IPGOm`!E{F$U3vY7a}&b ze8oiYvk%VP*^u%zz=;Fm8za-H5D+Ke15=`CF`o0D^A`#1?pB@ zf;?cTkT-va4ZhE_jgfrbYs)Z(ob2#^eZd^}GovIzPawPk3?5eiZqCu`Klw?|bzM^L zVGCZ5N;Zi;vD|YlwK;kb>96Q)6vb9Ir1{`a@yAK4rWttR$jhY_XtdUidCq&~SBr^Z z1V^SX**PiMl6k&TR4|rgSVi+MWS?6E=7t-E4>B+ey1TG}F!%-bo(ZZl7qoN&PGXva zDfo{_3*k0*l&Q?L8w%{zC&MPpfA`D%yjmTAe}ZX*n-FZv5N3v^@3=#F#gKqne_dEMm@ z!$GDAoA+}a@_}9jg)$HYrz8|N;{g~@%HiX@{g}qGml7E9-kzmVrO%`+Ebt1Yi^H^w z26?)igtVd+kZlDz+xl^rak1CYi=Q)IuCsVeb`&{sybT;aGN<35Ub@7Ee4F`EXrh^N zHAFNztandg{zGXSu}p$kkoKMjzIcMVbs$6Ca(@vKAh8n0>DD=Wuf|iAA`*_ z{3^(%dZ=WueKJqLQowUn|ffz>cibywV13@E8$B(GJ#MTKU zS!#dpSGcZyrS#*QwcFt>1clK zWr18z!;3srOeW9I{{6Z}&jsU*8~fD$L*vm$anedyG(dPkgbN$?S`=$omLxvzCv{4- z&=$&isxD%pUxs^)Nl7i$DlvD_e3zjXa`A#EUGq{XpTf<^G>jT&>;=0kc;v7{z9%3v z&-39oTso$MZ%Y^a3JeQCmNGev`Y=si=I-#zv-YQiRIharVVzv;3PqCXGGe`2+;bUu#7@4*>E1%s|9_UBX`9|iAtb*Q$^r5p)GlEr3>!G~l4Oz;@5VFiC*k7E*GvF=Nd5r1@`r4@D$midMJ$sOAb}M^7!J%3 zcO>Y(v3?zFeeom%$J0D@bpZJgxw%mSM?1xe)bg|dCr{Bg4Y5g{cMF5!^3_}TuM-0B zr|;)i8@c9Oi6^s2*Z^k>1(u!{Jyhjf)h|_C2RR*9Zvkh&7dpX-vm}T|c5^})QJ#v5 zM=v41+g+U@k4x%tW*7B5xl_L{r}?D}lAhrUawe9ZhUv~&B$&NvH-tcy<<7OlxL4L zd9nG19k{s*ET^a2Ma;<(gH{9Renme3g=RG%nY&}#tTR>$VuwOJO9Rl|RD3=bb$|Wz zdi{em>tEQz2Vig!5yO6~U)nT~qV;N^Q8-xev%$1pzVXO$hkk(9pPFf_4l)2Ak&gXq@nQTVhaMYg`<9@0+wQzepu zAxq8R493G1PnE7Kgj6Gwz~t?c26x<3XR=uP3=2eAKYa zHx4n}4y`ErIS%yVYx?`gK8|ptnow)*-&TM1aq-A*#u-4r2kVAR9HQo+YCdnSMPk@^ zE{yhwy0;}bhSrJLmDKs0JMnWI)2$$gZMyI0>!O+t9T?w{2~(c%q{5vgVkkF8;`+#! zuKR0~Jrwq@`SX5}9z5~eQC>x)WN2rDVSlfVSCyNx_gnO`QsRVf%dzbKIwTg!*7)%9tCl~{oGr&#ztBZ)%4u*u&4D2z z>W-#SML7~@O7{)3#%;OcvTSnwPP1XGCNO{hqGWSD^!=wwb(7tI%bY!a>}Id2A)%WB zd!53CHr=y3j!zD$c*@G1CLI{QnBv*}`KIZIFWVxlI>egGk={(URsD3MUO{YGZGR~u z$XbDrWbn7I1ZN^iFfdzzhfH-qUO+gfe@h3}x4fBrE*=@|xL)+)kQNm))VLkX$^>8;+D< zr+04aN=NrCF$X(R_`X#t_4wBQPG8XHIm0m9Vr21wG@B5{UQQ~@1C#hAVvr-LAwgj$ zO@3Qtc%C+?1eWsGShjd#vFmJR9X)0aaoTRKLb2-fF69+W6^D?2DUm9(6HFWYl)nE- zt}UD^oZ+=^!OkTu`#|=R!mH*@>NB^uF+wjG+#RVVT3su@>Pse&n|cG8d_Ad>smQEZ z4$Q+HHm3GqfVnbeZlyy#%+r8(-Uz}c7YN%%9u$hsiG;Er{rS-+RD0&9$oTbqd7|Bn zUO-^vIn{CE*KwMjo%ybg`k8q3QRAcK*-Kd+f!1T;Z(U6}_6?dpUf!y#jHwV1a96TI zYWxuyE*5`Ki36Ii$*ilzZNUZrrlg_`X0U zh3zuj+e8{|LND1xQDO4yAeqpIVmm z&{WG>D>wIoJyrS|yLMaJZu)d2jDO+Z$x@NL%VT69UYX4tP6cVkA!X8*ylVd9<=ija zTyM17E=u{S)qoQ>%k2`xV^K01c-~7G#$#;zOqIj$?Qi4o2f>tTjw!in+ENW=NM$-# zCBBx}*BxL;SppTIoL@D#2BdY{u=T;s`Y-R0``y?~RuSUQ?4&&tgA6{7gdG;rFTPv)AkgUU&By?WApxoM za_8IQEyImZufz;K*}WGCvl_Ff|VepqTd_u&joY5lv4qlFS1p;B>UaSow=R;$@*%?J4jSo4#P%NdP`7Jf5D-!k<&@YN_{sGD3~>7SCF{ZjfOFCM%EFm~^FZ0}Xv` zk3ub}^KF~Le|`5&I;mm*1thk5S0yWN|4AZS*);!G?Yo`JAGhS4GnOuV zSklo-H;!z}WODdJm6>V99v>=UjZ>eF{vd+q!UV55m~x5{Sk%JX=N&O};E&?IA2`yh z)OsC8rSK3%MhuXGU!t2V-l@40n_FWYdtaW;ax#1x8|M7p%FU8#=F|&xa)oKk(QL(j zl|4&Gf`~kZYz_E^7ia#r zshn$5DtvmnKMq711nIMcAiHLljqvSc_JP+7Uoplo*qk1129nW2SunM8k1IVNlSBb? z!6{>lUAKjTbahP8DPL+w1N~tEm4}$zQ!YK#<7ws;EuKI3+frGfR#-z+ORdEJZ~Nn{ z(NV{fUJM$(kL>G|rYc{Evw&1nKxMS_%+1CwpFiuqc;_wvD0W2(mkdG_I$Kz#rgWLws~=a`h!5xu~Y8n70kq0!{bSBpwjUGuUl*kGTz0saL2~A3^JQ%y0Q8wuYaP%1%UfZ0S)mK` z3`WCxwG_zgmzKjQ0soVZ{UAmP;mwdG%`?j1&+#hFKkIFeV%q}73HN9i02L(Hf!VQ7 zQjhNeR|=+soFKBnqzx&wR5D`d;2GifHIhGVno}b){Acmk#|+k*%J^6?vU?!VPX;Ga zeDrtnE{B^WSdsj~=v^|1pN=}{Uc-xgJ9ORkKJwvmq%dcSA`>gQZyAwaFzd@v3F_{` z0UjHBMFw|EO%1*xiz26(DvUr7%WS_<-{h^tr@ZDfyA3EXbb7Ff1?a+Bb*^D(J;&B2#B8Jdp7Tb<%A;sDU{F+{;6~&iz+Me;s_u*kAU@cS_v0`Pm z>-$xmXQe_pak4oh$?F}kG4gZY`4ra;Wykte_Ui^Lt*0mZarCW`i`>JMVqc*J3x^5+ zj03}oN=~O|)_v!%kTPh3G5p09^@qej*w`OKUH_o4q8)bg$js}@l?&j_!2T8~LJTdM zm(tYG0fSQ3JRQ*{`o|$*X3ll6{suvdZP0VtXQkvfm$gNYur}L6sXhwwD8TDQ&&Jpi zvBI1PGgNPWOV+M6WL5G2b+79`(EYA{?C`A)76@so0}2fVt=k|#Jw~p?F}=N7@M6nq zI?QjY1*rkt#2u~cty&g0M@ahQ(EEq!u0h?AX9})pSM#Mh#>@Ys zpVZOtQ()}!h;A1Ad?jmfWt1c9PkW>K7EO~dA$}(uqQ3a{M)LgeBd^81b;jnur$yU$ zCJOBXMMO{yG)k4;hAfnC)YlWXI_yiH>suw5BP}%~mCh
    nnUN@sb+$da%l*&ToP zB!;Aj+*OGsV(MI3h#I-B)bH&wqJ9i(d6j`rXqQrO^jmqQ|Jvza*&PTAU|X-({zY~e zqLCzU#QbFu9c`L9Z{MJJDVHYeH^+A=8`|Idif@8bc<-2?bQsSl_sd%m+5=eCSgEC} z_5q-+)%F097LZTvGiE~(RE zA>nUJW$@_<-kJUP%X;fJEGxQ1yD?SIGsg6cGzC+RcsS5M3EH1{yY~;Wnj$c+#06pQ zy`x>0n8fSJyKu>&|GnATlB=Jwr>2<|M@$>P7HZdnSNOg_c1Q^WBQ@rSyOY$dnoXh? z&yp2rox+p~zM8Lt6MG*{E)EsZPI#|zI1tx!W&Pfl;fo;iN3auL{WICJbYZeCLnbD+ zzu#|3?QaB|o2x$FO3F<(*CAYByPw`dO(DB?#ZC%bn>UgPVsPH*zhkbhgtQ9u(_C z@4v@Dlij$bB~vS+H@CU7ARnIrX)E=eP)lHhC-qIxhx#&{2uhjUwZ!Pl&;~wWSVq95 zlaxv-EH#2?{W;9J9jz)&J)YGDu`Fl1h7oiS1jBSaOK{HfOOE-mk%lUJjO1FQs!5qA zGmCmz@RW&ZvJ?Xk$xL0p&2w2T92gl594X_SJ}W1%f|ADOR=<{De|1x_&%2~F-rNLT z#+QnAz1cOuw>w^v`rlV~~Voy5T3p zBE*0pmH$j9xh&yT(p3+4{Tt9U%xCUk&N(l>5yM+HnVZUGwi{LY@h_zY%ikr>6``r0 zwUTDHFlF7TeZZSccGa%<=4hah9INULI|zbBd6pyM{J{1ZEI;HmEuK=^XL;e{;~5hv zfGdVkuDVh{Ka=h+=@NZyThvmH!?mzC2M7LU_)KKNew{>c{N=ncMN}+J=vg)F$dPD zAq0XDXKSt$YPA%NLo6SfVLY5E8+KV$@7~lgV@WajD=Y2kH%}GT;kTr<=A^nip<>2 zcFdg`GrZhy+;7Y-H}P<$Xr65SO6)e>#;<-@XJHQX!b*Mh(>oO|6ieo?o2gE5=o}D| zAs=8@iq*f42DiWUUvcWJ$W5gizzuFz)5;BJsz5zGT22Gxoj2 zZszSm$}<9`tfK!H#Tz0^Jj)$wl_XzA4d}F>pOU^C6XR1p`3*Xl)EN-BIlkUGYqV|- zO~p;anmkw3!|0v=tON|Du5_CPgR@i}=)zrHJ62WKjh1*b>a` zwt8x{TJeFY5;tZrKf%Ue5zbDn%Q`S6{qO-T<@a93f6ME`P}II!j=(|sW!ZY6@+%|l z_7DPnp(qI-|C4VvF%`bmIPXPw-Y!qjd(3-0!-#cBx(LTSEel>epQhY%gp>_Y1QDKh zPhG_|0CQ{dTonO^g`USKRys79Knm4MPccIe-CJ~WUNV)o0BnjWRDb-0v#OO-Dz@1&d89*`wWcWe)6e=(d$iR`ph`L<%QT!3!OHVLmxQ1VgfJ zT$I&{t#iU_bd2LW2v!Ze6n+`U*=$;KpcD2~Dz(#Ng>}YQ`SriU(FKV~0Rtw_1ek(Q z#V|EB@9bH|PP6*+zQ#Y2I@VaS4+ppQX}OBG;UDvjW#!k+|NRHrd&Twb z6Bse7JkwBN>9TK<`37B|Dye82=dY`jUa4dMJBlJ_UoepS5~k_58GpST3T@L*ehk;} z6qD(A`}kkWmXosTTr0yJ)B5VJJJkFu<@24xGCl8QW+2rj+PQY*MxW}pAh;f<8$Mlc zpfzR%`xhA18R>DMzZjN|sKFV`UaqSL%Uq_?^or?=G_j7dGlP2PCBSz zXf#^8ouOJ^Z4Q?-;)LqqRZhXL{db0@G}rw91APdM_~sccx0=h7X)`m! z3nVNS#PCqX-4s{ypHH|uG2Ne48;jAt_u$X@9>~h>&t+V9k~t{w z);~Gfv2#|YoYndm^uNV*_auidgFW+d$ zX$WZT#}X4li$2?W0fxh}1t>fETIh|gw00NfWhyzH*=|E~@{*np@i-UNjCbVHkBUZY zs2eM)YuT=4t?P}|N*`5BsNE;K`MJ~(Kf+o`^|G;ll8801O_GuV6(PN0GvT8rHpjp9 z@hXh}1IbpufuO9@{YQlg#YgX^qr9(H2c7%B;@Cccx`Z*$xMS_UK3>GB=KCH2l)bG5 zvgUCleH`oNt`U=j3&TGhWX_rV9q-e(nSb8h?K$-VzZObor{h0uO1a(_H4LYMGlk+q zuam#-Rc}C+2c?^993I#681O%Qf0CNboR3=#{R7yWC6*l zec-5RpRpz`c21cACMFjjQgb-$V!`@-v*ayrK(bS=>hS11{v|<4L@Iy(hMVI;)tKI9 zAkU|7d}9~KuFokLDuL6T6C6xQM^*`a13?>l+4S)5jlKyo)(U-sz1|BHK80#uObWi> zD+GK5=NAQE5_U)zqLpaP+*_L$uiVwb_g3~s-BE7ndwz}%ihqqYJB+uEAd8+*d} z52lF{@5^m@gGnBE8m|gYqWeL&7(|H|GA7bqtqwVKLn_}20aAiiRHx`;U1dwrf8YG` z-f$Y`cvPeh>qXwLv2rcEm%XHU+{L;M*5^up^y5fOMm6Q@qx}llTkoIyg{@V-87t~( zWiQHZs#cdai|=a_f}Y_HpQ{#>#VWeaxSiaQ^;W7>Ior@4C$5ZlA1~k06nx7KN~+E* zj55_Hh*u&#G8lD56;V3}v<1Eu(Z;A~=^X0T)dkUG6itA%xubnDjPqtl)_bvpDoBYFI!wXt1<3^223~YF%O# z9+3zyxgFc;rpBuhAPszUiLNYe+CE6RZXeCHbktG8-E|9Q)PlcMqis zL3$*ZjR`A>EMl(B%SjAnTwl?5d$IDs!O_q1qfW@9Wt}ppEEdnfi6w01 zPW)ntbDvrMfGgEs>0M3Q^Xr=Z?bx2%pCIXON(9g61kFy z&@eP$&sNUVm!!Y5H}MA={-tDg&S?4pY4TdColNWI+@xGZ{ruoN;|Tyfg5UoC?015r zqWe&N2Y$^cT_>h>hSm3PBf6h%$9U-}!RK`VtSfS0Ic!Cl=Khe%7x#ks%nZ1f_0aGgWisA?Kcxk@TFpagXjVVzN3M#jk5;ej zG~40?_SO(n8_;YL#^lyiBmFtI36MUW1p64r*>Qnm+_t|{&??6(aHIbsgVzo9XB0dT zQ-c#GD-S!+O}niQN=_sAVgzOS=)-A^`BR<+i30_QFq?v22G(LNhOcfZFx1laLs?hi z#r*j{?S!bXK-X?vz@D-+T!^u)CFeD_5B{6ifnp778kKbw`twlUhX8DNfC{p*Vj|$G zIJkRh(1`No5AS9AreLkbjIX){@AmOCS6>$(tqqx@{xbPo{zpMhPJpXcT-IX0rkXU=q z43+ZOj)5=k=98DeY==O_-Lyq{xO)IFE_3Iz!qK2 zx)meyP4Tr!FKsFE#XT&YlE}LjH3qr_v8*+H%`4K!!@){N!{%4_N?~(13?o?qZ~W&)0ldpq{8}~Ez8CNt#Q2RD(ZP3;))bH&iGEWk47gVT|yUa&WZ$8vPoa^w;ZN zZ9CvsCL69WUsXZX$7GH*)arRO<%Sw`kY=8r$^aX-zlBsd8r&~kv?8b9Gfh((&gedP zl{N8AnCF$9?^-w!T)9 zmRb5}teZ@azzCfhU8f-AC%HVN43bz{n)?FQ5h2x^8#AJ&mS(}X8`AY!af);QFdh42 z)B)*Syv*Y?xA#3mXuE08YT&8;jgn8#cH?9)eOzi3REJ01lNFoYtMU15V`^`)k2Fh~ zjzfDW&vH7T`}M6pus8u~_GCSd#Gte_Gg$wy#LP1#N8;4hCRzpH7~i@u z?@wt;!lU{vQ!D2ZGB5mNYOTKT>o;?10 z7{ng$2Z%9!w~dE;*X{cMT>p(pu4!s(GHu8{f9qZ*OF(k*YJzN2`FDa6Un&+Ck>@?NGkgcO^4$_-D!gI5qu4r%qM{H8o z^ImYdT;9~Yf~rU~Twoc!J2p)=ST>k3>F0LuJuicxsj`4A-g2a>hu+!WV>|64A!Xm- z&HaUe2SxgQg{7!d%pw1NoSOuRqQ)3{s=+tRb*I?*v^I*Iho7W;X0pfa{=|1fnxjhz5SyD(-Xl= z-S{&Ya{kofDdJy#k@&8qLw*<#FB~~&kEfr2)YLlv{862GEr_Xf&LUk#*6)T@ck-MMUmNZO5h^`70dPrJ{qHGN z?YS#O$D?B=<0u4;o6zpSmoM)bdG0Mg8XuSMlsh<-NgCU<*&}WO(iBWR#s89fndWzN`>Xh3(J7MU_n@UNKOW9?} zFv;8x>C{t{Gph7e-+$S_0vF7>t*gOJ3lpR#%*@~nk;1 z`U0Wt!H7hcv7gGm%22Wj9{c;EON}yoZ2yj&{$G?UIB$c$1b5;Mh+A})da^eEMA;?` z3xXWDGxQZho+O$s@SbpGM0YucCc<2m*t(_L9v3T?^}LBO1G|3I;FdgPCzf1Se$(87 zKwoDSLn;hf=N<$!Gfjwv)NN&?3TTNZC(*`^htC>0C7j211P3AsK4Y&c7O76`HK7fp zZ+OZOHD~9eL)#JZHI#(N9N-g?!Oz(7ThM_&TA!SBjUC=_WKa@E^NbmT<-bd1_)y%3 zN96^%_`Gu-YO<(0y*cex528p>qJb*L$otl0qoa2auY^zim@|2+`dCL940_ia8Mz}u z9tP$lL7!4YOUk&NC}_N`>h&Ycn>rkF@14m2d5qzFT4k!nc!a28#!V)$&1C3A#+A869$g0`r`8CQb=QeA<-Q7T^}YO zR=7j4sx73&@>h7J!qH=hZAukW%qU)+OdS`X3^pARktAayI+Iw{iuke^YGp0u=h0-~J&x;|ys$W&YU#R0aQTs` zs1DUS%}rS|TQ2htdE-78;p2WPb-!=l@(^I4R`_{6iD!b9#mEXa6^J9bAwDa-w^lc4 zRDJ>jtMhJ+qHnOEfc2ED17)&~kW$E@vmn%T%h~TlY;GI&p&sZLz55?W=NZrD`}Sci zrE2dzT6^yu6t#=mo2u5{Gl*T(ilV69+FR|t_pVLsplT;(O87nZ|9S6)aDQ@N*Li-w z#}UhK`r_Bu!WvsIU~Ae7Ydt8PG{b?4rZ1Qs!v#JwBk|dv#Zh1=*3+1&k@PL=klH_VE{;cae`UH2; zE~01ZIzy@AK+0u~cjtpTFo|I~p5_QdcT53V73mAG0)@DZOtAdPBu4*ECf0=y5DQtA z->U#R>})wcFjId!QCQD56d>T`$1Jf#qD^0k#ma$gKexU}KO^+QRCT zV#tpd&i?TDuccqQkx)+-8+cS;s{}iw(X$!l6uS5BcS}b%9!zH> zR~G=@Zv0TkeAwK?4#$a*e;I^x7H#e6i2n}lii&9Os;-_*gxTDDYZfkI;vS)9H>Ivo zr@P^BF9_)cM&fu5UQX>ZC#p!Lp+MjE3~LIMOfQ+)+NSxJf^Uu1ZcyAMX135w_>(wF zi|Ely`7hELfI3}a=D5-vD1^y4-`O>|3no((Q)#^@XC42xZHIzUGT=hM_u&M;bN+`x59Hx?8%>G1F;|C-Lh`Xu2=vE z`-e4ICukG@p&*134PvB3#>T63BUO?R`fAOc^FQ1-Ebuh5P0~O4LLKSO1*Ig1Jx#47 zAM$&)GxCYh=HB)Q!1Jh%OjT_O;&S5^ebC?bskhv)R2Kd66_jjc9zodePu+`g7l94A zHmVN%5994&IX<6Sjj{ji(ehNa4m;AmuLs}KacK+D+{se~HoKVo++IIhefg{z(@w0} zR8EB>W&5ia5rTw|q*K}Zo&>C9EP+t>`K1n&QQqIwr73U;>d5&E`NE_oUBs`Z>&mgtuC75xzXuJ9 z9*%1{TsyPcF2>QXQJHXR?6e&LN)(4)x@)$J=)^$^+{MdQt%$jfg(E`n*?VwwDEa!| z8<$eEvYPizZNlT*f**#8-^_33AU!;Qs6Xlg=$5;dRaWl+tv5@tB zG&p-wS<2TYtT4sHGtMiAt+R)m+|ejucY=VSVrK;0DJAAITVwLUalysze#tkkc`LMg-MPYtgSvhWf@kD$6YFrNlJ*Jy4nh#MSu& z)`^tDR#qkdcG`cvud&7X;Kt0I5|sM;p7zXDi~!GauAmWVAJ%x-L={73;dluXK9^iE zgjwvjr>I&iB{x8ifiyq6qv^DWo1m*}NOya6g1T|Wxq4UGECJXG@90+Zn0)uAOcbJrRJRdaS}hKeuxdlTx~6|HvK z7)n6O5@nE1QrDI=F*ZXjb)2_YynSlCgMWLt^YF3;qKv1yZ)QG#fWwZCC+((j$yS0Iw_5rBSgA>J~PAE%q8bP^vs?}%&K@{%zL4wEd~;w1d!B~;^#?w!-Se z;j~fD`kMnI(bIzNv5rUUKLJL$_nhGD{yee9hcq;gV>wzCRl94>S%?sWhI5;l{?(rm zMlTayJ$+lyR`-#=2QZga@se9JXAwHh@%iyZAhXa zCSs@g4KUR4`p)BCk&c=D6#H8DT9oImA*acQ-MEc&a)PK^6J&J8Hb8%ca#mNl zoNVHrzEg~K`88UPo9&IHd7(r$54to*LS&X9uU@F$zlyIGX1V`a_Psbw!SaVt;zfv? zs%*pYJ5*3#{%X5cbH>g&^u~x1sZv%qw0#@4O(^`qq9HH^uxR!4hhn2`cNNI`kTd#= z)vkNGyn#wOpO{A^`NVhD{i?Tfj9|bZb!-s+{?Go@*}uz>{6Ah)W(-69oq8d|?ScPh zlk#xDCis!lYst|3>AIwdrgD=a>-y$ztaefo9*yH+2dR%=aalmYJnNqxl0nw8t@%2r z@ZC`ssdpcd6b+xoj#FC_fQdcP<6wx`qVi^SA=@%{VeAs1h( z?|+poOI?j0Qy*1$sG>D9<%dK6KrRJNG8wUqS}xxlg?M_q)tFO{VhCa^twEk4{KGnh z?|PteRO+%_o$Q*`I#{Fn^2d}y{6gc<$o%TSke`VBepsiQi>usr|pg zs-BSZg!bddKzr&_eIA$Ff4SrpTs00Y_M2PfF#>Vjd}iZ% zyKwP}dJYl!Z_r-M$lEXSj}>lhyS1@Mhp~zy+SGzak?==y zo`z)jl{;@Ud_iSYNp`z_r%hY%NO3){t9GGma~l_|>n zZ5@2R_9*AWt7^unmG?Q2NntR{k0}d8PqgS3*~+>Fs^D0CcBj6tP4j_$nu25xV}+S& zuNIRdS!cDe%KmyE=Tyu}y>^UcKj}Hxe@EcP1pz)7ro#2%S7MunMtoqQrp8F{PMwkE zDQj2+@$8s$5%n{XI@N7pz5Rvg^zNK~el#bTuqubJCX#mmwFz7c}`OT=aVs>8HV{%&8~ zWHGkfJ~&W@?N&6v{U*n69$4F2L2R=%T65CdXFlt#PUKJuG)4@}FVj@r*HW!a@R&&q zKQF#;ORGMsfk;}KxMKB?zV{y4I9{b3u7Ah9x`Pqo;C$^o9X^0Clb5b@0?*K zQM)D+mu>)0i8g9xssY2E`Y^A1F-(H;Z{Tvx5#!T&Ujb4rAfqomRVb=+<0`!gr&H%! zk6KID^CwDchhE*w$Amube0_N+M}^>T3o0XbZy0ffKY2OI6!cUi`Ja(+p_EL^ZQf_0 zMn?tCp&sSZzn(&9BV_(FUjur-hA*KSU(xzVmY?^^y~#NjkgxK*^nMH-#udtyXu7zC zb!#-u?}eA_%4)8$Fl_KdsP?rAf$C1;V}V!~(T+~c99!^&tEau&Hb$VJ?gNjqMpHLS z@`qpNkCq{vm#1VSSyTO*_|@fW1>61YqRGR!cB~ns_8fneeFNR2cG?tHKBQ_k_+-vt+U-qalJu5cCE++P z5#6{73^7u}EYv{-2(yMd`ZmM2_Th7l2E|LNqIC=FZa)g{W%5ER(BeqO2+GSLGSud8 zOBwi4upM8$bQG(bv4`5|15X7)0_v;t^w72N@9nJw7vKC0?_DlzLZpK`^3t}1#6!q3 z70fYo2hq(2Hztv2`HVd6Kfd)Svp}D6Y&PqYAgaS-Mk`B48mL|Su-6< zaK*T*{Gc3mM@M~*YiEL)%Rhg7$XYaTWM(N2tc{enn@K=$TOR?rn={DELQTTsE`MxE zJ%MjA$+i}wneV0kY6TM@B5#x*lCF+FBIQrX?p;;A=}(kfV$gzEE+_R*DZR#oI42gL z780FfYI`S8*7uZ@;#Ed}?po-nRl3~Ni5Zsq*z~)bWK&c@EkS)(sz8AT>r;3>^~g@7 zK8k0%rntKYqdc4T_pu&tG>Jht3Mh5L#pU@y;`fh3cPj(QR zy=L9@7jIx8KgGjE>sOhC;+d{iHrS|7b9^w2i4ghb4|#x6BUs*eR!#`)B=8i~KA;_| zKV(Ik>w1N9g+DX0KDnfc+7lLBuX|=U97MlM<868&+C@^;Ae}eXad>nV0^UHgE!yPD z@4Q+@8yBv9w!t!Ut9-RhxMo_nkOzR%R#Xuk1F((H8I*U^&3x56j_mFJt*vpA3vO&1 z5}cAWdkLP_uTl3mPf+F6Grm=5PSo#B@wvEiwZ>CfzJrgON-ynGxwk0}=u?6Fpx@?m zR2QOxeXdD9rc|k^sbh^-{O%*BaFkx(4ZZrT*9gmI`%5=hk~9m5lY-Zjc)Q>I3?ZU9 zjpOq*jX)<4lD3bZ|CJz7lbcLxh?mkY*)GZIEnM(9d}t)0%I7}m3+!2?7MFR@-$p>; z>mlz~PoY>A)x4jL;V)UUY&|PS?=(2H8ye*|xh(Pkpx{il)AeU2F9t_inIP2~)cN+G>UxNUrD||-=7;1j@63a^IC6rFShwnQhV@C0jPnQ)4|^hE1zJQF zjZN{g(&nR2INSniwGi?r0F2x;g^B2Ji`IvT=vesdo^->cdSo)bm69&IS)COc6W8W_ z{|aq8>yxW3OLUWrSikvW7od(LNzg8;AWd#$p(j<02-P5W?LbePekdmL%SpM8w@%)j zdmQ%*p%SzJAB@MXj~c>th^qz#vCckCgSU6Pxr;OUWlj~}AUVPy-XK3J;$$Zv=sbY+ zREc6;MMc3Xve@50zkVs-)xqr#%DNm}V?*yYKLx)wxNPI?vwf0@(KlkPF;oXUX0pzM zB<3q`L^C7#I*ssn)MkIYG~(M=QR}6H5{--Kears6DK;M?dSt!G6AbIg3~muv>4!ofVPtq);xuTX+YzVbs`Sch}#l$0Njh3nUI z68i|(M{#u0TSB;w@}Hs^m*r^NQEa<(uKuIMAFOE=UnaDlnNq9LRT94D$x9o6$TuJx z0G;GHRP;ZLxGh5YMzp-|O|Fdg5^q5kY_Ul3vnG84i|r*@gmf6Vw+N=*@-I%z*(fgM z);Pzg$Fl>mb;F7(_OGxqM~&RnBFNuuD7UU0!6y2X3APiHxVK4uZyQd9_AxyTwLd5S z52IfOX*^<<|HT(Of`+dc^$CvW$d_q?%)HrVBs6Beg16Tu+|3LLFgW-b<%uJg`}mxW z=%QO&IuKS-&i0;e2J}@m$)^sh-_e-|Oo{eKcSI*^#Sq!KgJ7deQ)I|b=k~klxt9bv zZ0dyLwjTI#^u$$yLs}Xkr`7Jcqd7%;r5sbC`|6=zk7p9)5jy4*q7BHAlO`m`V8OGC z&KY8eqStJR`pdU^1Z~rjBN`VoFq|D=0z!snSl+tfL=X)WerSMY)7S{ZM0~%Y0j}AFD-@Xp~j@!v0H@yMB z)md`%uI)Vn2$Cs(cnHjUjVS}0OR?KNARJ+00PUf}RUz(qDQ92!rzdrdZc=Msaci`} z`%y57#I&zFY0)o|S0eRIwyX{_z8*>YE_}5xAFuBNX&V;$N*U=%VG$Dsm-D|*eh)o8 zXUQyCpL-=jl@L8Lle}9epcm7twKR(87dMA*eR{S(#O5sEN$JIoRb;tzFp9q zdQgj%5!s}d0*Sw@XNs!6#fnQ_PqpRTwR2e$XK~x2+lSZ%^L0(~skZkvb-jHDdmK-T zkaB4@p8y~%Dxj8MG}2@C@b=cvP5{J7*VQmOiUV4d50qaVqEjri9M!Irzw!FpKfdrI ztwbbVS%ma8wQ%rh?(IHH`9Hd^k!4RiMArp`NUWdUC zY6377dH5fnSD)KOGwhQpvIz52*V-m|MxthUTGpF0F^kNhYRZ_TI@ zf3zviHt+GI{0IYzQ+_I{%yVlimZ-{iSwZGOGWG(0v@%IIpRMmG{`i1nM6H{ekn^5Y zL?kP?YoR#<*V}FXqpFcAg8~loqc0WrJF}+N_Nc_ORDZVUVn8{7|V|1|OGgO+Y%LH1Q(B#Ru+0^gqw%M(~m^Pa|F-78_^2-%w@w&vX6Ac)U~ z@W$Cb&J)){`;9dg%wq8j@z4G48C$boGd=vSB+GqH74J2=ll12KH}SqeKV(r32)Gf= z%jc@QvbCwqo&WS08cpmo5E=!x(4MwIV!P@3)vFdnjl3>#*&32Uzc3ib)#U?g zQ6bh$hrbR3OCunfpDNTbr!VMAa(@G$Ht5OXn5cXKt0Z?6PLMqk^L6I}bEMgP4M?VvChmxe z*052xYBEHRjbI$ZfK+HW(17xn+4E1$i)bpU*n(y|0q>m-JwJ60-WhJ&KcH=5WA5N* zA5Fl!0}_FFf2{-%qW<%;1JhZ#U6%?1-^Z~n(rlThwQ(^yew;H5jUlf00+YfZx&aJ1 zbF5C!U;|Rgx(qGDiIX-(+zhQQOp4qK^Jd>G2xQpYC-#;qe;-^^MDrZti|fOB&t}{S zW+$qGpzApV>mF+K@Iu%QX1yRmZc&YhRi2#4@C~t}H5D3@0DVktE~^+U#%Nk-x2~AZ z%|fTKlgiN(n77t10zS|%kLQRq`0e^LMbnv&3kE+|iOp^opJx%WZhtZ?S-5)XawZX% zCfc_9Y4Z+}#L4^QRLjR$%As#WvA=p&|bVeb!96rc#9%^X_Ek23TS@q}G1N4q*%xGe3Ti zWsj>Psu-j(6MF;^E1;b~mxj}@hQD^dt`>5B7C$?u@FgIn9zRBIdR7k?PZBerM_R{7A)Vqr0WVnYK#e5f}OFF{a{JnA$g< z`m>+3h0V8NL(7jGj(T3Es+&%KLU-5~%{8T!7kAfR*R`(=c}=}i=!}>Q%i)@7VvqdE z-UAW6*D{;#9dVlzZBH9BNLwx_f8jCmgF$2y8X!e-^7FX_YevbIs4r}5U?w(D*Y-5s)(;d0u#k$&S{uIlC2(?{q^Mw0lt}^i?U(wrPiUtDr_POcdS4S4lFvwWW zFfP<57{LscR+s8X`v{OaQ?&dJSG1NQ>>Vu~ZucT_s)x)ItRXHb20YBUTJYKJpsDr$Tr!Te~v^5N zoVeu8Z^_V5v!<$CO3T+%I}<_Qt3E0_gU>%1e|uUe6PMV=0V2%hF5k25QZmafS$7jG zAZsl+Sb#das{nqOE*y1f#mG_O-*HRgPyC1ZoyRFfz)z`5g8J%h3F!Bma)4^5Aa(b~WySuZBwFL>v!O&bZ7f z7a#kti9a>qvT4Ymz8+!klIdeY=+**n?1sEl&uyIuc{0F@U9b86R>I7`|J0k-=j>m` zKGrvXnPn*)I!|i`cb0uURfa@yDb_f{WI;ti*UymBBkry$vj$@;drJc+V{>kkyZ;+8+DItFpP$;o))F~bl@bn{Cpc@t~aitKFWN6BUPIXA-lH-S?a;* zCeT5U4ayVw@CEhWi2K(K6{2o;iqlZ@1XosX=lgv5T3efv!}MzDE0nmmms5`9SQoEl zRV?4G)7fXKgmRC5x7E|uUeLp!CmPQK8N#jWyFTYJccsIO!)y55_{~g8FVux_NybRI z&s=z(VryfJmAMK3O?(;kjjXB3vB~dRby5D8#Odt4Ovp6TlXEl`z#(Tq@$7DR@tOTO z8?gdlSmC=pd1?s`Zv;H%cx(fOISt)dZ)!tP@<4Bt`QdA){Z6H&js@`19Ulh*^*4Fv zEDvuVsk)+rLN~=p!ejeA3h7M4rd6H{g?MiPm~-rE`eY~RkVIBH5{gdEpKAqX7q|{- z2HbVSxG!5dO0n#ZK{lgKZKSE6bVxqEsou}4GvP1A{cwJ4au>sbY;ZPJA zoe#F1hc(6x^pz|=y6jcbyP8OQwmXjjt_+#NQ=+KQ#-0fIkFf%ux=}Ch=}@=t8s{gh zjsW#TsO)rMna-an7GYd|zY)%V`nMj#t-UXZ#8yxTk9ZGAaI-c|AsOOsA+&F5}jNeWIQa8oNC{ zS3H81HPQwi88a##xIFb=5n0}!mZ}1fyFOJusyJM$i%xpS^ZO+S^`#?#3;vg-CQ{=V zzSQt(mqFv-_1YGhz@SXif}531+n-llvsx46`j<}+_D6>Th5+hum%T~8?oy|6wX;8L zYJW0SwM?g+Df18O3~ymoy_D3LtU8C-l&!nW>#?!kqVt(U%}o9n)nCEZ8$W|gkvLyE zHNj#6q~Q2>3pH5k#H|bNMR~8k{M7ZA;&3X%APmF6dD=0vTDcS517zu`EuCPhF=AaB z%L+~RMx~75AAsw9>_v9}M<2PgKli<|&L=Y{mXW?tm_1wo3b6q;+p7nCfht8=hEX}R zIgc;Ry&b6o60$Y454++92e`G@6Lw!U7Oa)E=d?BH*kl-FIXbjlI?~>8gp0c46vDvE zJ351SL2b+l)fsU||dSk28Y=q_)YQ zvOfi^yA11IMBEMtBuXDdVLs01*A3@8R;%+)1hB`z={SG*Y&7%r^!N#rgA#5Jr)+A& z zeA-w}D)#DWls}b0=gH~; zz8TH!v&_qO2c%czWV3tapMV7GOu?1#=>|T4mBA{f)f*Y+8Bw4|oZ~aCT1xTaFu$Sb zg?1u*BV^A_O7QpsDxGuTA$w;$&vVcCIQu99D3KYQZ&ZGt`)GbPb^WLrEPSNH7cRuG zN~rzh7}|6|TY4gaBzvU45 zobGGep`?Me8M5Q}QnYBkNv9*35KL^sV!YKNHTOvR3f|I46yC#db@(CfKvm6vf{Ju~ zT``fFpsD_CKG$$SZGjKbiu-Wt-^vP0*xz0K7L)ymEls0Fk@hqhGuIy@DZ(0i#N6_9 zApmivsfse`2e?5WksF->;-v*FB!;GXCMIFVffZD`twdd^Q@DC>V{MOQIAI%ZVBd`1 zl^Q!?kTXl!`U>*-wo-{$DRQJ8YiXv-c%c?l%F6#_grTig0hqyW=k+vU7Xq#LJMHS7 z*8TQYA=p3}_-2keewRBl#p0Rd$kb*Or`g5t@@2?P)SKBoD;!iX+)^7JbWRVvGAY|I z``=LdTL}c&sS=7XJ1o#|lSHWPEj8C6^xrJPokNMtz}QkbN!+G#9P+=P)-uU;qiQu! z$a`AU@r}j2Pe3;hN?&yuzEEvodDQ)4*=0Xor**sjmq$)Z82 zC~fdA`Ge*_o|CTU#B*@dm!qs-dkT`KGK}>odZrsNEjCHD`fRXGYpqwZ+J&d61$mbpkX( zxN;iIm=;@#y5H&guAHy3*g5NQPF{CB(=94L(2KGC-kzay{``>*9BoRLB-LfyYz9kX=Ot>t=>ZVYsy1`=!=ou!Ds91 z_seB~KrnF5`IW2v8^ps|dVP8`rZ%bON|_WLIZ5hQBH7BeMx=Y#HIJ^1d<5Tn;g?X= z&oD(3k_ahS;72koMK80aTWTHhvS~zVs5;A^{1<38cao|7Rd9@UlfCtI3zS6WQ;t-a_Hn;OMXx~-~H0Y%sW9rL1`mod=SgDn@|+|TPD#! z&#L`R6X0-mHMRl}#Dlmujd5!7jc2Z>W`glepIt>%2t$x-s{yCx&DM2Wr!uupFERkG zz*%GK#1q!`{P+`FRhRq>MzC- z-}0s-@borcxAav0{`Jwj&>G(jbp@sub9av%)lT^c z&Dzy$fMr=9zw6cn8m}KKQz|e6HY0R`b8ige1#L#@$wo&{t=S&ufS$=Os$S=KYcdG$ z!%v8=laFkumb&jfkGZR{p83WR+r3;)1h&g*fP4T)#(j0>L`9zbAgzBi;8#2DQtg)$ zjZy1ZU`^LD@+HG+bF>(pqj|c&lH>$P zU7_E4VFIbJI_O1>Su(08l@wegyQl~NbQGR9;S%u zfj?LiS*+ncr7?09(aFhxCD)#7&sjE%GPlU?D?Siime3J z*{h!D%3y}(A3kUevq!&$J(KPD4-sDV*!*Qo0eDt2@Y--|;%@pw_JbYx3V0aF|8Dc} zk)fe2AS!*y_EpBkuwq&N-hpIQ4;~oEB*i5A>X1B6<;l$Rv&xwWp`5m(;uC~E%}9xA z2syH`Cn+Z6^W;kQ>z*ux?o7$YcjG=ZhJM(<(L$=8jv?STTbfJP?k5i{Lz-od4Y>Qn zxS(I@!osJkZMV(d5yGC~D?fWKF?bPecM$D zxeg?J2=M#I6H?kI{U63@ACkx%$p@`1aPSL!7L_LyKwS4>UjSQ$aj2=58^nMnr@t!+x7JvMyy6ZK8N z710n)>I40=X=>LHamVhkn;JUK@2~?u<3A%~1u$~3a#7q+uMYg% zaH$oYacE~^DfP&vXd%A;YQw)m#}5~F-##fnY$0^yQL?~A)TU$Eiu&3e>+sSllHNGQ z+QR%_Lzv&e`{Cgc4jKmTt-;W>((R^$SevFujYt*EOeIZGSmRSMe$)gfa{}36$}=a+ z#|b8cW@vo3Xyiy97mB480?L|GdzGYt()6eIqaw-F>`bZN)qI(XRXb{^SOyG-$RCH~ z5o%qk1^^TCvuTL5B16mc44i;3U6Ix6HIc)8U>J75NSF2fTRBe4fAoau>Qa{+tQ|mM zJ#*8^N)AaFyTjSU^b946O3+?wjCA*kb(xeRybzL76c)q=*9a&gTTUn6yHe>Rhw?HU z%bfCTr`$+>M1AD`X}#xYCb*nzr5& zKK4S?aj4dz`_STwkLSi0by#{NC4OKgwj{tDVQH<2)MeJ%tsNewa%xG`IzXf!_C^qRV-)!#;(5Z*6+`_d>Wp9%1 z70{Z9?qYA=46-BXqy(R~#KAfBw*9oMb&R#x;n_TevPVY9E5MPK9>9Oz<8mHrmYB9+ zZRhNZw1T?kh{jdXJrI27!U&$LKGz*HVz-y8Hls z_eO~5LbZ*U?%zS)w z50g03yW!Wfm{DPjzfMV~@;f~%*@JicB~d#w*qe~Ibyy=ixwe|9aQ1I=%G{OmxztH7 z)&|0+i7<#P_{`>1rgNp6x^l`T9ea4KcR%)!6+Bec>?61OHk@~+D_zCg?90bEW9;L7 zT;)&ZhM0qblGz4y1SW|o6BWhH-JCC}3|qoa6FdEu#4k+T;&k{u7`J2O1)o88p~u76 z&Sz8dkGRYCc$Rm%HoT#RJO2-21rr+q)kXmt8!*6Luh9i^0t)M#t zEB;v@Akvv~tU4?9_gYgej?Pt)dc10Ul$w}GyH##`VUr|d@V0&(EI&}QCRVmYw->KN z)-jlwn(%a+pcpzy2K5d%oqy-cCm`FgrZadKASLael>X5Eh|OI${aS3(Vyp}`v3-;L znuuf%V^aBv()CHt@p<}-L4uYVi9hv`9&-6yVvjXD2KKd*@y zRAC}<&;xItoAa_B^>AErLM7qeG ztsQ@4f3$Caa@ya%_#JKmU^r_&Z_4gp(PMaH13oBGpH`7PHPmJqPx7A2x;4qMm0Zm- zg7I}1mv;ThEFWH0JDVx}uF>2G9XbUu6t9`>iEE*`^)ggR+v(;W-a-pr}>u_;M^#btOcdn8b-P<(|I2u-%FEd7UXd#iY6r zleuwJSPc|BelP>lBQoT;tkic7J^o{R!koH42h_7?l;(LK1&$f%DUBbc5n_!g*~y-a zJtb>=Rj|(vgH)H|`?nIT$oa24{A)v-42@JFEQo`+YZEsy=NL;>^=JxghQXHa{DS^A z{dpKpe?U_3T>t*Sq?_)@;5~~klOL35yUDMqJyhgh%r1ATm!g(rRV|TpMS%;@6y9UT zg)|HU5>`*nH{0pF3e#IP?l9}S2kp>GZtq!#+lB|43YDBY(Rlw|1{O;RJoj*aGB)_b z-o=tJhXV$onrv&0zUAERTn#B(s}gIRm8Qc*|JI+E#-Xa?r&1WfN70+RI??W^%z!_y zRQ8)b;Y-mc4lszkZE5>;Z<2i4Ia-+QX==wkr$V&BN{GuaQvJ55*tQ^tLFU+t%_~U1 zZ$#(7EGsxVyt4BWH?f4(54t`sXE+MOl%hFK>MvaAln5<}`ue?C)##JpIQ=OOR&Lvn zMnbiZ+J9jiO@-X&XP#-OZ!n>a`d)rDrvBm2qio-$eAh; z{b%8Jb%Iy-Aq(zn$KoZf89Z>&LNQ56eLTcG9PlEf0O|${BwAU8-C70a5=1wNH`uU} zpolc{IMY?Lj$kZ!m9EFF;+xXp37&KHXQw`gXD?%v((Q!_YM%|`vEUQ+L>a9s*o28k zV5?(gOP3}HG*!B@-%YRlqJ|n8Z&3H{cnv-Yho)tdy&5kufeaZD8G7hQ!ifb$h$0OcdW*?Axfvl)M)`}n|?j* zf!hmj0*Muvfa9)Y)7wh^0xGx{Yrf{g%E|FzPX+bVG4_xnW=FnEU-IdF_%s}TF7Eai zdmZ~be{4_|#LTUC!5?Um{j1yF@yf7xvXIWYB9K06d0>WN6~=b;NV4!on1AoPsgz#p zv={a>+oz>zQZ)yrs2OBt-@KcP&HQNR2Cu4`$$-1EuMz1}71c?ipEc$dkpq-B%`tDf zyVDQ*?!7j8W651G{@H$#vdMwI{>%L_Wo7PLr8>+J(sVz0=f$}2Tj8&x3J%hMmXG?( zdoBZ0s^rYY{#DqvhXeOt%eEq^Y4N!X>g_q~8SDPA-|vJrzg?Bo$+XIHYs%RA4H4`S z@8(Rgi(J98*6HeB$(7bPiX0lNB>(xCXf~4I+d6VpcIHzV?*IgZ@slGkMJ1lEaFk*k z)SViRPcEu$F7rgfpx&yla@{dEEJhsZm;)?zL1Rx7Qo~cUF>XNy-x_J3%PRA5o;Yi& zbpjIAifNGg&fg{G$F~^uC1!wttpw(vgh~MMC9v$^EZt*}mss$c_z#gguS}*TCCT+->>jcK=vgl>NP; zQk6C9RGC8_9xAcK!9zK7)v&W|MNRlig1>D#mZvoV1cYcw1gXNGl!2N0XqP(Jqsa_< zBHzrhb~!sc6e-SY)Ky|7&_A7t8pFtQK0a02JwL^?@pdjl2P2q9X7FLh!v6yK3m^op zPd8+^KE_eB#<9AT={*&a96L4BGjMn85E+|d6!*~mNxls0`R5jFkJ#Yvi*^VZb3y}LW?s#S;$=SK0WnWWImy3Szu$=-o`FJ( zwcP3c{fJI}dgcigqz+cqjV}oSJ}3cNtP%!LYpt;e)392o%-nK!?Ut|Zj~z zhvTJT3sSSMtA@$UfqQmvPA-dps`7bK&y#93zW}}__c-aCciJ_B-2C)cdpXd;EI!kR z+KI;}g5WoEQ8IU2AuZ^UBkNyGXmZS*5x^Zq`8W@#kMnULf=gmDe+xpR^8}X#dVRyyXS3-KR@7E(KT_Z%3q^u0yf?D|1BiBM{M5U!o) zKA>&-Ay-eHaR!~2nu_Y%yTA4Te559vsV@m1Si5P#nO19u^Qh-FV(q%zv5xf3q($Ep z#d@$Lv#KOQddF9EmmRk~?l?}LAXIm1zZ6I4&=80_H*s;b&k7VePP)k1cGJ^S4ok{% zm(NFR8dEsJOGE9+^S_bFW)J3*J>ohne*}AW3m&DNaK$H7WK3@2CnS0vn z2O+b^=Rg2%2TmY-sfV-&l5nv#t~HS> z8)Zaod}tF055awIwOH7m`ssc}Yu{3xC3nQ7fm9RoA~#b8%5xMN&QzCl8VPq+gXq+t z1h&O$V_mMLqFN%+3cKc&0KcizrQ#QP{3Mj>W!l2IqCv##zhr6TO|NQbeHggUKUlN^ZAkH9!ns=71=V1nqy-gR{ z>hXAOGHm=Cuv40^;Yn?H zC;$Z30Q0CRM50q->WRPk#%r8#rrU6$OmTyYQpdfI_lqj=6*U#+ch_vjK4PWX$5WS( ztKT!gA2}O%{y(C;-i8Pu@?+4hjwMzg_wqw4vAIuFwt;0?n_T?1dGGwuRlgE)5-h%n>YDh2BNw@eW3><+`4Eu!TLRiS}O#;Nmx`c!^ zo#>mq^(f*Er=_=}D>LKK`YmPhX}*+OEi+Pcyf&(u{@wF08@utQxi8++__NhNo0fdyA(FSS^#!05i_LuL#%(|u zQpJU^z);p|3#AKuu3|*w0|B0VC%<_0wJ#^!I|zOecVWX-En+S198tL>KJ)t>&QpAH z_9@5R%*zmEe_F?_MhN8;ZG9tU7Eiv2pB$nW3*Ym)#@XaI-*v~A#>(1wGoSYOSl2vj zlnS-zU!8La(M*gpj^qTpE=963={NOgJ=B*?-EmusMt0F{ig!yW4(NubVN((z%HKML zt5X*q%H;gDfy~>nTE>{m!5kc1$?Tl9k)!gwwlwzLSC+(^DD;!v&8{GIM1EgB zL8CM@0|7VaX!$mV-=M|P_TD>p4IwXJ_E$9ji##S;)^^W1AK#_gjO0uHNwSPuDOPG~ zM>(21INQ>N%eI(utHJ9Z>x5a)NHri%d=b-YoR8FN73etMPM*7RR>mZrV`VT<`Y(D?TweawyGESjif1WrT+8zQJKA`sTt-r&(t5`F)C zEY-P1PbA!!|6_Zeug2G6B2U>Me>Q~uNjSpWpke;X{n_J!6=kyAaEnMoSS)6HC3U>I z6u;s38V|WM4<4pnqLW&r$j)#Nz8q16JINt#=@4&LQ*OmWX6c8uS!$W5KU@!_jz=gK z`{3>?!JC|Dd3bi&rV2afEc^F5797s>q65&~6RYZC6xod>vN^6@8sdu-h`OqDTzo(8 z%Ru^Q|K0Up@jE>+7OX)3KMlV0e14DT7obCp%Cyr^{rxSJ`6fx~L~}ZB^_ByktK&yM zd_qG*b-o0$;~{%g1Dq-XqFl&CMD!((_4h6*c3UvnbW6(XCzINKBrP~UYpXy{1WqRI z`JF`2CMa_xoi0-13v)-1v-5F2e&4fB%3)AIp5Z`)o8>ev&QE&JnF*zbMb|My{RJI^`yx$o=xUR#=rl|HWQ4#}p>^jP7;(@CSZ>CAE$ z6SS3!+KT9|d7&R&@{50;U%Z+Hnz{9QGlK&JUhK|x9z%A?wc;`>*X_!Y;zaM^CZ9mY ze(h-QGGk?H=i1p>&ZfvBP08abg8_yrcUMCOr6!L8)45-s!+!pD4L_x zwHPMd6T-7#E%3>kzs9+&ZTqzqT4jHVd+!MR8aTs<0Q<>VxN&o4)!DJ_W<%-fy70(R zFmr2){$r1@S2r3=MEAYHl2A}%^zk#y-mo;1bKd7HjusZD-tKgE><(x4ca?1Hi9Rn< zu^D-LEW;ziwfGFPNVu1T_3m%Ez{}%8(V^^L#e{R96_4mQpT<~ul+WD#eA}Wt-dxyek=u2JKqVI%@+;-VbHY^aLrF4G`Uw6~EWtT)EAXK;&kvyFQIT9{ zv;xy>W2OdOYb@5|zPi7YmS)t`$X-n=vAmU9DJ zTUKi*wxJoJT0QoDRfLpWmcDFCz4j2Yu=L}wiaB*CA3;qe6ljyjU_l9PCj|gK&0hBb z&XezJO${F_oss> zeJzF?no@U`7HNKV6se97-Z(too65u@J z@jSI>kNuWpA?EpIG)@IuIIx2JzL~TnG(fG5N?_PCUSJ#wZM^679!cT&7Pi0~#%*(~ zwv2P50z#O`p?v4ETUs(6{yIw+3=|} z!A4sOO3ckagd9&P%;;SqvJ4fh!+KxRxr>+3KgYQLG`wFagO>+lCO@Z8TlYFWh&o+$1u0Ca^2|b=!vaMCa`mtCrFJ zX*^Q4-EszMohWpng;nImQuTmvj~zc&y>DIYX2Pw=@KSAS+qyWKv3i{@Z>O^{SYB+z zj-~eIvQ@%`==b7(1In*whb9>zmJ2J22{bEz1DM|lpH_l}^UCxWVRR@YpF1p)`{ z8f@!Qd0rlDBbsR?XW<^lVx1L5gnE&9`f}&Hhiyv^(VwaW#!F$`T+4zk=`mILvS^)n ze@P{Rsqt|q+ETS{CrPX|xd-IGl0TpC9$5Z=6kd$+fU2NoJh-?C?*>oB#9g}M*s;W@ z-{6Oef+36TlV28kC-YIR-e|tGsC+wPRlOP2%01z-4riK|+#OUzcwmYZ?gMi-PBLh~ z)p=L8Wn2NpDD_SbgRi~)9s0t*Ub3{4Th_VPuL)BaxXiR@Xrqq^X@B>NY52=#BtOm& zeU{iwmviYVJ*IIVvpUex>+9m`qDbkXRIMtP6sgEu%QByF+*SagR!^L^f^>7v7Ok1= zKIVjp+Y$?edFBWf3L2QiwV#zuSRBO~?CqK?tB#6^p3VK^>;uud$wM~3Yjsf($TI*L zP~Yd3#s@VAiVvDwGJQTg4Gr)c_Wm3XpWKr_7aEliTOlTpmtqW0FtEZ)v#x0KwgtD{ z9Br_!mFk{mEQCVEnXQ4l$ad!~YoOm~g*6>83KGJ#@DM>+xafnx@tWZIr-z~q zfa_iyULWH#NR=#?$GW3I$JA{}P81U4X?nKhDl0;vrv<|C`S*hEk5%<8NdK#@!A$>Q z4KhmmmL2|#h&}Ez1@Y%n_KF=~&=TIN%WK@cvN*Kv{bq#^wh8>@=#|M8rm=whyF*Ms zKpe$~#jb#)p_)~T!5q*p(Gz)vGOZd5=M?GH#_t_LacQl$dLZoN>~A-*L%|27cghZw ziR1TnJR$zBz#4l&wF=0e&ibjya1))unA`zb32JBQ@P)m8<3OK4SZ&JVhZ<4q4r%fB z$)gTJV?Mjxp>v#C*ZPFv=YQo4IU%bEzv+%sY{K$zv)tmo+HoYX6}tjC2(oz9`UQEQ z?eQ81*<=kmf;2%9w67Ma0!o~PMGP|34vQA~{ znc#(7o`J@V2S=In*_VZd2i}$z2Y!9Quhi$>la1Y>3|$^2R%m!TcXcS}D(b&!HG{`r0`$O^+NzyAQ zJIk*>sqh6y?afb)*olw1l#;FnxY9I*$;5O_z^a?UdhF2K*-|Uf5NImd$6&8^r zV{0dl6n?6US}9g>R5TcQTYs`vS^}$1LMKK0bZ8|=4_Px!1O3b{w*mDyPp4_s7V`5q z$!@&ucbOmLXmP$V&YWaCwn-^9U+4P^9HipAEz|B2atfy3E z3Yo0-^&Rcc?!@j`4dhA-M|>fvu<@KNA>(%)uWk=f&00%oY(F_#`f1(yZ+=}i_;HVm zq}8dvDO(3;nN$>uS)Q7gBE@_TPE?c<>9o%2nN^K( zv=5rEW3qeKM|1-3jCqHVRh}G+8hg9a6&t8odiD5jzHcuB5SCG(hwq`m%6*qe#<@2ohW^EJ_3L#c z1k8v>=YK@9=(9#Euy$m%n@jF7T36UgV1hzA&$Ac*z{tUAY3NXyIK0Rv;>?Iyra~cp zM>Wl4ik;KC9z-Q88wusN_Ws|vZ8fmD> zKwZEORaP&%gf&NEAjVEF`DAvb)HZ0tU?HK}IgoD3v-AypkyTX}arpC`sOClx1I&6` zq;!Ca(sHAx+Em*f{yrV_^6tGYfz{vDF7bZF9KYwjW$pK=DF;9?XZq=mGh%;O=`7%@ z!|*Y#0B`)8!o;;(W-HYhH8|`2r8R91`vh~9rViKmc<-jV#8!EuTRc3s6P4J>WCooM zti`b$2|g{&8P_`|CT5~MW?!kvIG=~V?3Fh(hzs0TRsaJ_-R?`I0WXkOj?BEsXK0tW5qzE~bv}<3H!^))y?u zOZo$t!!p!@hV|Ka_q@ny_MXp+wF+kLXQRJQ7SddQSEw-pL6zFu?swX9LR+|3Qbwn3 zDR|snezQZZ-CR#@0>7Snx%&J^RFiDjpTm+0jCYkFRS-W9wG_9eU{yIg;`=6NY$>mD zhy?f>S|02WMb9;y+-Nm| z{&q^DYUrtsmt)RPB`tVcrhc-etbOUfEqh^hZY2_0qikfXsV#ZqkJx|bQ!J7gabSLh zyt5#&$~zz5oZ&Za5_Dh!^_nhY?Y8;0;z5NR)|{B*>BV(+kR zxS*xEWP+(K%AXsl3+`X3;-tn!{ES`q1@zCiYq>gt>u!6!ipS^Wz{=|@lzIC3rFrOW z$mAmqpMdUh#FTt#5#yxAC0DaxaN)S|9sh~T7UYsup-5Ji7^jYq>gwX>e21=Dxm0^u5&-t9b78UtPRJR+e6P*c2$Tt}SgH0&H>H_|^}ccZ{F00Cn#Fa1 zkzt(X5UIXY{c0pqgQIgHCwpsy`2dhH+s$<92fH(P?+knR?Gc4?k)qy8S~;37oQAAc z9;U93C3M>l6faS>j-IHd(|C86nTBOiewp!HnvK%vAz2`#ZfT2Y&AzM6K<$3=!B(^E z?!I`F;-#a*M&(B8Ow+yfrI`M-;_I#27r)C$7!6b|V@`_fthFj%hmj9?ujUB7!yDy| zN-WaA6=#`ug2z5N8pYV$e@qqcnWMCwIhAX@;23W)R&L2Oe_Pnv+trBlk>@PYh0dri zpQgLhD$rVUa3_Y%P?&VJVG>K}o(*?v6xSsinarh-a{PAYU}&A~RIo=2%pcoZtd>2p zkb`E=4mRmU`4XsC0TGP0iZ{B3#(Kc@6t5i2Eqh{@ax%ho$(54@;C{8yp$~AZ=$a^b z=oTk=Nf)5xzR5l<%O4F~82hn0DBhXAYj>xBvfKnlQhgkc&PIiD8w_|M5046tcFLyl zJQ!idZZ>T2a2$aQRyd#-8dbfCIV~%8x|*quF7LsNU;N~TO()x2&?xc$iGPzqC-+jK zn+Nv12T6=UCU4rJYB+&wI$iz(e+xF`6Z!%FW8s1i0}i9E1?c^8w2A{wdD1tJ7xb5B zcv{;_o14n+$HPB>sX1H)O`#jzJ``DXkQrQER=H+<(B7aqX6tS5&8o|>K&EkFrSW+H z@tBF{K$jj*-)ZiES?mB+RKg3UycCRzb zp-TTt_N9E_a_8gsmMmQvIyZ>%b6uPOsF#W)v{w!;RzR2qGfUoB^ykv~R#6$&&UeaH zB43F#uG+#h&mtMeM`Kz2<<^@U^WN#)3DgDj_p7v*UO>4Seqb$dlZ9~B{lviVerR&+ zEyl7vcx}ag^~m7UqqnhUbHh(4xT!z7aKG96kn{<(S%F{+;efxwhDPJXFna^-;7@s4 zT5-!wOJ_T6$=t2!;_0pwXd#D~mohIkNWAAvl2>5ED7APzh_VYkjFkwHYMzZRH0)k< z)h?dHe6esUFuVnu<4&Zw6*Ht!Rgl*;*L3RDsQ`b=z+aTAZQm6k8>b$03LMX>(4BX$@A>sdF+E6)-MEWa@We(BOIg#_ z0Uz=UETW%!%HhId12@&XQhD3=eCOQ`=~vZ3{5Lwc&!UFQb^9TVxMJx~Ks$Xxw+Dby z`>6Y_ds}=T0UVzdWf~QxtX#*hYhNc&C+;Y}=E>xagok;j^X{32_A24ouf=uC;G{Px zodLx#N^(~osFj)tPRste)0s$2lyBl8;S{~?nPD~AFD@m+OQTuU+4aWBykN)q!lE%% zccLOht2c`kEu;M>V@*5m@B^*k)O7`sLShZjG12@^>Ut<23 zbnxx%9EYn*OWZSzkXdH`mLs0V_+rpp+^h{~tK5dGAX;+ssqeVWs_7Yg3do9CuUI*RnVx0lV4s+ak%q1&hTR-e!1z^;BMKBih)v`Fk90F=fo#W+^~JIS>B z8L|=#29|a^5SVSV!-J29ZZ_`9v85Hs< z+#Qij&n796ic$HB!nioBdv6tx$<&_Ie@1jz$2VsB3PG8_@G}AH2B~JTQMS{JluGF! zt#S?RPb3K8eR1C2=n2NlKCJIh1hhm$5)s|$yZN_qb>jVr>sU-4wPk$(<$b4mspITn z5=ywiHG%xm)(OA`IQs-93lTU--zAdYKUrFiQtx#t^qbs#J}NW1*QJ@!8*pw~U#!U_z(nlP7ZgEM0^$@NXYyzmQu^Mp0y#Xjqr36QJM z!%5!Fc*tPQhXwUdF;)#G;7uN`9GUo?&`NlfQSe%j`Mi%*mw#$&-2ufi8sj`st$2#f zBVv@*Bhj2o1-ahEXw`ME>3+79vnC<_MN{sz$mWzTK@_=is zlc4%!9=SNsWj=P9in%jb#J|8wE>CY4j(*0(6w7>;TyTGM(uDPkNjEIxlKdCpAzU^> z^X3Z(njkkQ{qN7hjk9~~rQfB2X`hrDo1U&4uanl!xwxvh%x?EP>~O+=M8Msi9X5G2 zKw!TqX(BT|4VY-o_JmTd`i6Y!eC==B!J*6hNAi0fT<4~>o5eI5m$0Qvfg5`h`*=5Y z*l59cu;*iHlhq^TxpVRt2XFIoYC?Hfnw*UrAq#OW%l@GvCWk=LN{z7BT}?9jFw?&o zk{@gnrf^xa$^M=K-T%nSK>Ip_XkfB}}VV)FSk-BJ8`r!56XIiIepy=7DIlgDI6tzsYV#2t&?VPTY`tH)jV=e=A&Y+`!UrFp|9tja zXQM)%*cb?%^u3+n?`LoND@xsM{C>|?e0=gu#b3mOzpY7qET6q@caEVuB66O-?CBY) zY5fhP$+6-h%C*FR$wQ2+)j~eGG)w17c6SEUR<6zA?S~TmN5s3l=^&Wl8G#P3IbVZn zi5m#LS759wu90gwvoXPY>qC?b;B%GjDEs{swy1sH+H`pGkCV>nDV%XZlws&fb@9ZX zv>y~#a?V5K`I)XoAlAwq#h=WF&Fy26XKDXAzT@iq>6F=o=bjc9*J3yR4K4tid3qW& z+6l#^4C`EMLxX}o9Tz4Sk`^*8W+i&&G;LW6VOru(8H1}XKixJj)3BboB;#?ZB`QC= z)4P=wDri|&WwPlrJz(u`&@y>+u9lm?v-Qdu3k%%aYL341yJO`s_w0E5s*H`IPIm-C zGH?pzJ{+uhiKGA}rn@VQqvf8v=jj~VI}km-_jQ!_9)Od(7KJ<1=By6nFyJB!m#l81 z*K>Al^pfjp@7uw9wiKW%1V+MCHxHt_8IVNZVC4pH&HNMieobMS_!yqjw$8ENU+B&m zO;2r@)0uQ8=Zt=$Z(>w{{{jFkd02<_i%lU2XcHinSL&}p|cW?i#WxJo46V>Djr??ixWuDIj zgSY&Lm+V@y?dntYyQkgWCoDH#v_FdM-$VrG9PZ>I0cEzSEA&ZPuDvgfxw_;AVD zKegIF97=|lb3}on%@x12>!c?u7wlg(&r-OGlWmJNGi?R;diEITmfV5QR^Yfd`mOm= zW(PJJKQbEYgOk}2Q7cbQ6S^;n8oTu)zq_q{hP~LLhlEgpP4{ciLQ|`TO5#fGy2pUV zSK5_vG`_u{&-7Hl$@@yTNtf>hTm$iTN~#JnsiC7`(VUy2nAiwZNwc`5!N7_6sR61L zxt<(`wg}Tq^55D*sI$uwoF4b5*9rWJ-knUVcl_?3tJjF(fNkfF0j>_+V5_7Rx3e;4b+DQzA8Ci}GJ3W;G3viC}zo!;= zCC?qb0#A{>UJ6J4!yC0?{nxFG1UlXL&WBj>9U3#=CqC;8LY%cdVGo~wpD1~g8dlbd zffcj7eI(??tXUT{0$Xo@Bd^}P| z=e4uAE}JdAqZaVmZ-nWU;4QTRcu>=|R{olHQ{p*=+q-xl-Vj)|qB~ANCr#mOrAhbJ z%F~Xvi)y>(*7_)rbV9!L&ki+CA0nX~EaUMl%yZL*Xq8`ob}?3einn+FBQl;n6>-cw zl{O-${k+LtD8!lZVlBA*?~~#pqlCAZ`m~)V(D^FGz_nvB09L;G+%OB4F#uwbS9%n_ zKRJU7E`Y{l1a22mmw)=6$io|PG+~8t$1^x?SvSEJ77{+P505bw|0{k zxyoVJV_@MxB#Hhvb&`a+7!0|S)}$NRuCf<*@>+k%Ipg2`=gL0cD0nQjy6hdfQb&$r ze|i;@LR7@Szy3UJ3zoN%7GzA(Sp;&rbiMzuqOS1t7ie$<9*{=#hHyzIi2Yuzk?q?U zKq_YFwLn;;leiyB(TD%U|LHx6MG-{s>NhEhPheG@-q;KRIp=1Owu$*dwWNZw`HWAt z^@6MFsh@vZj(U;d6GxFpx7shj*&CEV?rX-tKcK>JlYaurJic1|1z{P#>=UYrO>v1A z63^>ldhj7>s0*xlQ>Ms+yVjC5iNY(Or)WeYefN;&qFp2zum?Np#!{ZbRil63(jFyh zD<^X3eotf3BLCEn%$8a?@^{xZ#7`9t5B^7l#Y3FC#nt4l*{RWm}kwy&NEwMs#iCMDVCBA%Sw0+G`ojm0;D8m9)6s3y;< zLsr{EiskycU$=Bic5$;+v!TQ&Lu_QGFo}X`fQ8EaS`(Tf^<;Bnb*eu-L+UE>#GHx) z>Zx-wqJA~(p=+!F#D`qIMOWvgo*Taa)gvDTO<1(=svQqyU>Prq0Bo;IB`@wnJ`AeV zZ1LSy%VF;5 zuesi8S#{O+b9#!nRIA|gk39k$=x%kuO9SdfKEb$_CV`w0@wpE>HP9W)4qw+{pdqh8 zyYwj@8UNNf1~d6nHmP6Y>}oQ+{{T+KW-fq9*&D37do+lk>Sn;ZAyNWtfwOUS%Q&{a z#%i^5C#L+ViGhG4 zf2`@JQ{cVbqX1G^^xu~v!k4GRJC8K{dnAX=@b))pzS@+~q@>UXfQAM{t^Gbj%$~7# z>cPRZ`N(lSd%~T9zda9*B1VsLpv9OCJZ;0J1?I94^bz3kpKUG8ySdEx0`Uj^rC>^hQ${9C*ga~~zS z2-j=C&L>&W(kk{Z<4a$-{NO1i75iZE@3&ORo~qy%XD$D#mh<^8QCFPUWe`N3)w}GF zgRK>4mQ<{bf+9nxE%4$^vo1TcI~;b4!k^32lQrpG9yyS8c|8bF8$4T*zI@RzZ*X)O zj-|}roCrL%mui-7=CB&2Q5CpTW$65aFUmroMn>M`8{PqU_>b2D8(GgRe0y@$C=syJgz1q*UvA(erBNjekvyTS75f zATr>q%0x7{4~Np10)a9SNZL?Vt)OR7yN_!oq6TSbUZz`?ck_6V3q+AJ(_i``zg33z z%J?uz25X@vstYSM0!ox!f8bRaklb@3Km-kzS5N0h19$n$WWlz*pHo;`tBvpw_K-A7(S*d8Mkq$+aIQvwHB(2? zZ6jbQWEQBTsS?`#hs3C$ECBDyc(FHdFezQ@HwO7arxM2~fXr3rz5Zdka3$p`AcIb)2Pi+QrU+9z1KR^!mH9i!^2W(eM2~vmX zLE|z0J>b=;%UT?y4Cenf{H$k#4lY?{p@M>1S@a92)pyVABuZr(cYf1){x|ordd7<> zCYMFv3=|G|3>1xu*xa5e1~@Aw?X&~6>iDY!+sVLavO9Thz$dQaQ(1fZ?B}msaVZ-r z;`lj@K69QH(hpu41F06v6@dh`$!-bE;MIpt`!bxIekMSz?l=%BPC>rJwyE-X)$)qx ze5Y`r~Nt0`8>m{C4!dIwiE(p^+ah2DAdIz~R z8}fa5h75R5zIunZ*Z7XIueCUp{#$`CC2wAGZ?>O_M)on;^+cYnZbX}Zn29#eZ=o|) zwYAsGItxl$e?9e*ySI#4$8>7IrOPdqFD<^By@ReUCbDYC*ghr}>Wo|wr_{PP%yTsJ z;dhyKiD7I|B9s2Fkhg3mr6E%UIvhQgRck(k1$PP^qhiHHo6We$lcQOu9s+@TvMUyIj zqvvC^^gmlsUm}okzbT7ZOQ#8pfB01q7H}&P#MSjpEE=y{fpgfmf*1_7 z`8aBDsXb`iruxd}dt!puMk}xm9C-ukAhNCMV$Ta8!{y*-H*~)#1^S>S^WBOfgd=({Nb|OkW;kA4ClAGPtGe{Fe5D{oWlUgfle(^A2*6)dVQ6gIU- z@kwh`PSHKQi=_J!yy4?Un&Uw}7}(kU6q|c&xCQ#iNiR>82ZL&17jjW$^2&r=Ae%7%W&h z{aLTP(S_ml)Qe%6LD`wTKH0&!vuZQRjPK0Uqa}T}U*m3RP!3ak_V<4w!_yANwG1v? zEu_HmtRqs|etJPh<-_L6^(~y>)f2Jxwdp-Ni0(COKQ?wEt?JFbsIFE8h zf{TCN=)UfxDr^dnuKGTEW_(B`Syt&}o)}%MR=J^NhaKM!TXBA-`O}KRi!P;*C?aPw zwu&m2+2&l-$4csm6%pX+JUD94BbWAp*Y07?E&XB3fi~lRjO1^T_>B*0^1IJYiTaROR*G*q=(C&M(2z{6$PFkW= z{Bx$Qpp0B&=-+39Xr59!A_a(Myd8^5CPRoAmOi2M63$Y1ljSx*^Vo+Zo;Hd!)Bd{? z;}vy(Wn;6Rnj4LViz|LHtrzrMs68Z;t6tn<728hdQEnW_5jtoskUn(OQXTr%FgNeFUQR`-m!klia0l4ag&`sU_Z z;xgA`Lr=!M!6DBf)Re@vg{hCLN@5%8@7ZR|Q=cer zhTwiz_Z=fdv#+g8yQ>bW7~CQBW-$6!>Y$eNC%lrpwf0aG>`;kBax81FI$$@W%^hc} zcG8KU(Nf0?l|v>Z0*e-;Jx>)?CJ^7)3PFMu0$f`!grEH`uPH?qaidlA;s-prQ+wE7 zzMwaIs$rz37(sV4b@bPu>mOaJmGWqIy)ikHBdIej{)YuLebang_r}W|Q^hVc#3B6a zozx0v%$duUNGf|%uZqCp?P{u6(8Dky*q$+7l9U;rK#{&e2wR8lXCVJ08X1XGUEl|` zPuH;CteSvkGXDi1tGT3mKOy}*{gmfu&{-QxF`NM)Q6UviujcIjBSM$AAF;%jj=OsO z9{Ec{^#Y?-CRZQiSLzf%An`T=(}0uy(!2O3n5d+c&baTk_!+CFFbb;kkk}b{W|{l~ zV|2xqV}~#MZi*zPA~>F4GGZku*qss-72H+go0^k?AM-PxWesc{Z$Z9 z5$<^d5~F79;&BsN4iuL|Qaj7plOxoXxTw}xZ+kzz1*sn(!V~^#rk%_1x<6}AVc)a8 z-9eX8lPOYTe}#~Yb!XlO$x7`VS!df#f$HD)?H z`s?(Ti~-T<67i49nva}ypc625Z>T-D9}x*^IE(!g?5NxkWaT`>{%9*@2xauOpL?vq zB}~X(5i`t_IU#c;X&NhfnKBz}9G%)Acze9(*4kxFYv^V&XG6yE6qe?6Z%b@A_?|9x zb9A*DTcF4q(ef(U3iAwVu9Y^NBxYL1&R#z8PXy`=CvbKmjY;Y?2Mw+R#L;Uk)qwws zLgfYSaCL}4^8HvgH2uo@o%$+Nf`38MTZku8elJhaaqDbVOQRiI-QCUz@b4pkFU-3U zhSJR`#wb?5SvWAYGv8e!8jl&U6_hou-O)9SU^RRgS14#2EH*EB#aWiy0vMfEW>L*) z#Yf=V1a`>cic}Xwd_RPxy(x%{jrZx3tN^t!);AINTBq3Tw(-Q*s)Y58W`KU^hB=E5 zAzH>ME&^uVd})2O7PQuykrSy7Q1txjFR#AAcDK2aT=JHe%Za9I)KpCqpgfo}arv{bQqJ|?-A zs`3;gntZNxH9V#8&GmGo{FclZ%cThEW$_|j7gahBLJgZ6mz6B9AXa@v{18%1& z@kpc=DLvGzeIIC>GylC*+R+!6Ju@t$2r-0QwzuqtK;Xha{vfO~$i5V=`0K3c25Q{# zaAp6q#gw-QzLMN@;c?<$R^HDMtp|g_A2|CrR(Sf&UD7!LGu>u7f~FKARuulE@hq~X zA!C^>;J&~|Ddm)aW7X&2*Z9XbT_Mas08x5bC@K^uaMeE*%^}p;H5*!6{fCND4f;c- zJ$$=qg~BXHI_k-Lqm{%qv$Wl%G=pyP76+0{tk0x%)LiHc_cCzaM@={GV5x?4mmCdop`|A= z2PQef7`F5$KeU8Z4ayxN@4h1O4F8Yl$$HOj!3@H#CNf8&vmKYVnIJF_C@=fHVZ%97 zG;eyj4I)i%O-5!X=vOvO%#(S;zkt|m<={p%G|c+mkZRABWbWFQo0&oU>i=qD8aa>P zH=V=0F>i0pl19XC5gsjt_DTYEzLne2kiVi7HX7(pa^RvaS-VsTrqxYj5YtyN4@CxY z9h>66&Sl4l2Vsp%jd;rq+pnh-eP_S>@NWT8~DcF30FcLo!jxw`ZW`W`MD%rlq*E8T%KO4TKocT#^#1<9ti4B+O#i|h#N=6B+s!XoC4)iCDWS z3e}cK)Kk56`TqzTM-Z8l>ctz}pFB8!S8E32KdbJvA5aR9u=^Ujb|M8jR~&HO_ZPsGDeI}nb4 zBeI(gf_Mm5D8O6H|EU7$B=`cm)FD#ngNS7Cs<~M;>R~OPS#23zvZxX4-QYVsBk%)8 z!VPg$s5mR>%?v#4HR{gDY}D!l_dW#0R#RuZz3sr_v&wS&L*~D0mJ1<23r)hIbKAwj zd|C&S*G?G|e-!HbFVAk8|CF3dhT{151`V3AwJBC=Xw_VjAT^}T%nu{|53P3<{-RSB zFNMHIY5&Vyr_C%47-m=|Vh`i(a#`2NFI{kk{si2=~<+wTolrskCM~B`6qS>XR zrryj8-_r&~D+)PzXuH|zReV};aN6do-xU0il?d&Z2Zq!n^H~1E65C!-9Y;+Cc>MpI z#ukth1$5uys;4z&feA;Bl^bXdbStX(;Vfl-7B6C> z?=_KbnaYAkJnrF4qWAAX0JnK(1ohe~4$&XVB)`~S$*7N4olPC%%D(ou5}obcLpXbu zvN#_a>n`F)iw%lJZ0&N(3Edabi=j5TNu1;^RaKo9*P_-hE2tgYXB%-fJP&fkm_HN^ z%Mg3ANqTh)-9!QU6!51&Mk@?#Vh4lU zFvff6#fZkBUEIkv7zfz*n@=lBsx#0Da{AEb#~K1Z(;W?4YcN|8mb+!wV7PE&qZ1II z25`obL^IXLrB`xei&_{)8>3!+)`?lZr8`dL%y!sOR0C+0NbwW-<^|>7oe7or|A^)k z@BM#DAAFOFWh9XQN3>N#wIQs1Z!jOXT=n*eht%zJO}4N~8J>k!PFCFWt>T4>2gCh0 ztZ0E~o7Y0#cUxfX4L|+i9e%3iv3FG|HI6cG=rF@4M%Sb`S=BUz4WLhHG#sA_qOUYg z2@r2UzlhNC(Re>#m-Cd0Z7~`C9((nvGXSswK?pxNXt0dY`4*peq3rHf4H{xR?@9Cv z9t$xWw&v!Nu*}eSr4=)D{+30>R!qSL;j1m^<#X^ydAVyt=;Bxj#F`2#RqX3wsrm@# zMFM_I^0_DX?6#M}^(Cf+1i#QM#;+Zb4;$7HWN!>zkS!(a~xX1rP=KBVho2^hpCU?)x9x))DK0h^H z|K_C=np_>p3GNIv&uHw-Vl2+ZKO5WUY^?cY)7Ff+irtz;4q4S%u00U`rvLn^l@QTn zDyw#U<1IAhSXC*;Q<=mY_oE_=GJt|RV)&v`2oeAJa5gU65!KhYafp2Ti|&i{I_uGa z%0|3At5e-qi~bEni`hqM#ssYL3|Klrxv^nj?N6&iVD+ z_GA?2NB47SPlS0)8!KEXN7utU+e2D^PCiR0-Ie!p2F7>;2x`3g;`V$9J1hseXgIsn zU#>7&tM2l-qVB$D=c{VK3On8dJq8&6O+#>=fK6v;|lrN7Qh?+c1Gfit4wcM+#97~|sLROUw z2QUt0%Z{&&vM8iA9T9VQE!#X|yH7m)3Tn}F0h{eVl*nZZ`6cUD>c}!$KQm>R=AhQ2 z-!<;s;hjj~bNl0tKnI>=EBYgAyv>H)?pUB>c<5${d!-6THs(UJD>7{PwvxiP&+REO z4}K15QOlgnCJzQV0>hp6VB8bYIEGv-DH>=GNL=TV9`x-V4QgRF(7cS9#cA;ms!Y2gP4(+iME$MKZZf<;ZB6Nj<&Yy@=JCWoD4X%eA|&0(#k@Bk~^+o*D_0ET8MGOZ5aai~7jG2TS}DSwTP`5b8ZSVxg2ga9F{NcvyP0>I}B#MSh%JWHof z5xWPoMn2?;zV((}q5eZ%_^s_Alh4i@byEXQa0u|&MV=iqVg=sJmv%x{4u#~F1{!n* z&2FU_Th@8WY-O2LTH#HxHPJjRZJ6AXcbmF2>sDj62bb2O3y#l-zFpW|xO@@Za*n5+ z488xU`&q~wL8ygAVfQ=gjQ*f@T`5R0t|Yh_QvFElYn-sFWc?5y5ysA5DKXGUNMU0$ zam0Ag@XD5{;_OT##9tUVup18bR$;b7;M#OViOAgUE^^CyT14tmB-790Vt(b;=2HuH zB2r0!a6yG|NFqPdx4;#mD3ehWsth#!?1bzGm3bALGTZQuXeN%P-=uw1IDwjD_v@F= zr$`}8(h1L|h>ESWICum1UELKF*gVO%`gDXzrpJ=yM!_O~DxJ~7|7DZy!1=N)zD zB4>S^5d^7P!Y@oznxntqE8O*iZEk_jpnJ#uu47Viwvu}sBDmm6NPSl!VZ@&jJF<1s zZd@wdx<^!*>}HwRCG=ZM>m~)XndQMO*3AYG^*S)^%-jiXd6?f)Ezp2bp2?uG=;Sai z_CmI#z}>u??~N2-YUIH`P~S#k%Rhxi*GmN#h`DR0H;R5f9N+sk1vV-J4y=Ldn2(x$ zogHp>ZCur|=by#1Cryet4zz^OwAatVMbH*CRL+CT)mvD}!9R0SnD#vFM4aKHNA(?4 z>ugx_ko(xFgighbz?@ucQonKgWZvayP(bNYqiewZ*Wrm8#C~RE_sS{zbkz5L^Y2|c zVoZi^oM(I5H~P=$Hk|!Vf7mQGt};N$G>j-U(~OA6$NUFi|MR`QK#SP8To6cF48C>6x+=SwvlXY(U+3}O-T*=g*x_ zTDEfPDq-Nuw42H%F|q^yz&Du*r^S^kmd*_3*~brGyXK`(*zsi#5v4w8{O}q2n|L@B z^SX)=o!cv-dW|CeAl5kHt%^P3)|?by)WGZ9wrL8FV6bX1T!abdS{!>SvR_k9>EJ+<-ycV|hxx z{95(T+-ct!x$b%?rSXOZWN+^89?CJkTNLku@k_p@#`9tEp8H6iMOT(kD(B3PpCDDv z)1%Lt+r-D?(<2SQ!tV-R5m9xp1;4oF2NtxZ%}oNF9JLV@@)%Q&&d5Ll|M$%bI5hH^;G!zko(^_gTY zgU+QN>7MC;^8sxHzjC5@V~`Kp?k zmhk6hR;R(4VFYDo?CtTL4W7qyAD(B_$B;J5BR-&iY1zE1ahRSE(DIK{CS;nkmh>bQ zdx1u#ZskU{s|`>w;Xnh{%+Y$7jf5QjR@%4<9{x4SF@<_f^(5M~N4gU|l7Cu`8~%R^ z;k+?omwCV?b+Ao>UAK?GSc{o2DMnM>b#6ay$>EyuZFPy&aCT?`^Pf_L4WYtY|Be{F zq!tM_!u0n8{W1|{A<2x; z$0mKkgSY-P0naA*?F?L6q7O`Yl!{zE4u3EI;qv2{rp0dN>z~y0{?r~S5?SR|{}GwU zYkvJ#pI4?jYL2WJ@5K!F=Pq?v+>`>agvTM$uvDuI-N>la&EO#Y*nfQsx}tB+Xa_EY zT5=|mxeScFv-6DAPX5*q`d8fh5iv*#tocC*)BGdq!(Wj0&@iO^oUhF0xq<)FuUpxx z<3=5H>nHl-Y3rqTcO5G`F_Yw>Shi1gEr-Q-6x1yQ}J& z<>eP&YF~ZRc}ZyEkCwI{PBy3tC-hEA$HoZ6M^Nm?Ki5CUSp^Q^w>R_$YJg~*9J@pto<@68Jtes27v&M;TA zqEgRVIn$6sA^R75y$x^7W{G= zU+#W*EN+DgTuBSvL0b$Nt@sX*I00g_^9KL>3q)Mwjmy#QyVgX7SsuL_CpANbq#Xb6 zno^x|1NE{tU$RC`lL|<2L=VF8CEK4c9;{9eaHTg)#WW%52#S>Qdfda=s;^axB4^gr znTH}d?7|kM8q;L;_2PmAHeZV>0KF;J!01;1KJF^5n*}H|EK;TS{fuJPB-@a4>PqO2 z36G=y$m;h+#5Ny8uMC3X?42{{)5fe~6%bv9zM=@DIjj%oAk`-ekn@piNl0CD{rO9* z1zri)$R%9^mJRO}2O@h{rHJ}oFhdLgR4sRh)-PF4ZLjuvd3mufeflUF@w@ezjpvM} zEhs*m3=9eTtvcNQE9@4aECzQ~BR-HuLlv$T^7dG3yZ%}aO!qpl7<$~)lY9{GaLmEx z(@F<%l?h%_u{|3e<~YAz6&3J`&rjs@lFj)@e<_huCm@4v4sH?J8p=R5j`rf-xw!J z`#BK**XGZWq{-yLdRs#8BOTWHrvAszas@?cesq2mJ3`$A9A+rq!0wB)!Hb>!@Y-D^ zC8bIU-S(01-(o1GmRSozc)y@ITfLi%jg{JeWG)&NM?$|NWsd2kvdscx-M=^k6JvBIDb?pYt5H%`Xz^uB5cboG5x+)n4-J##=d-2#Cos~Xn zPWA#m11H?$j}Lc3#z9y;)o;`WRt#Q*l{wIM=hrT|sx}N4ueweP8gd)CvqX44@$Lyy?9S9dC_0=Q#!r~v05n-mz@HYHgvYnA;k_yd zN9|w4Ov6$%iv1I>cxtGQ|X~1;54usdmq4rT|P+VSJ$)yn@5kyq-LmO&O zQbQ>Iq8x)xDL(Yy_%Wva$5c|kh@SK2YhKXuBfzEB1aVAd_(Kx9`r6GJ7&&<$S#xS* z)8%H?9kp*Dr{gJ<%_*EB?3AL#s7BtSOvY$8lz4eFYzfr@k7)v}C>cccn=iAK`1rD@ z!jlxP)E;C$3*o-UyV2O>C23pLXKb!JcPLZ;mRqRRuqwgW!oA`g{$NWBo$)b8s>P0& znom@~O!)Rw-=Fr=X<=tP_XTjW8yrI%d`mpOk)du^Lv4Wa5V9}jj3zRvGv3T_6$}Zf z7adI-s2?T+rmUgS5X@08iUXh)9wM+ugR{FWEnHH#hR(T0Zd_7yNNtW`Q38xIq5Hl)l z6A+$0=y4Le9C}tkM)y`lfff#AGI?)#-I}bR&QfA{LKCS)TOddONjmiQU-!F~%VIPp zh#yJMqkg5_u2y~8Q28eS;y!~YjWlc(Q5-`5=_kb2mv17PV)x6&yRHnZ!SD(~qG_S0 zLN%|jVq=1%g-lc{EHNp)_v&8P&*Fqt(V5e6j|UCPF15yILsi$Ldr~Nrr}$;F&Wv$oT~W^iliJXU4oQ3) z%h6+_nbp*geiCJ3iVyLR;0=YJdT5EOyAng+RlzkpLN7g}7XsePwfq3TY)mdF3iJx@ z`$ZAEH<1Cus`P_?JCwQH`2i*lqWS&juc3|HkZp{QKCd z7XO0Lf77AXofrye@&bU_=IdGLK=?Q4!1xjUaItWy^*$Kfnqnh1v;7aPg|Qck+Drk7 z`PX=KknQ-qsa`4GnUe3*ZfWSQ*x0peWKJb@g_RJ2QFSC00X#earoq{_;W8j`{)=2q z_46m;^h-;I6?Q|f`-ge^pz*n2J=w=@>*3_?DOa74^=LR_7}*}50#39aIG?6ra-VH} z+wHa|uh!NMSjTf)E5Artw#e07ZRBKNu1|F<&GZnh{OAkg+05{q8if~vU!6>KiHW!V z?s<)a)&d}Z1VKnCvirtvyH`>;fPqst!bm;UJv<_ksVljL+^U1ii`?4`5`}^}P4wRW zVIiA7d2_>#t^=s{d~hi_m=#2fJtLOC&ra76J%0J;PV>T6{oLU*Hz0L}e)X2Q$US54 ze(G%y)uwq`>E?+{QAkv@4)^YFVrXLj^2xGLk#MSJm+BjfyUT{UR&6a-alZv+H(cI! z9!&ZyXX?-RB|Dq7Ov_72Z(m&eGv+NT%jz(YoD3HKa^3Rs+A`8U+yNRN#@ujK2y+HL z(BB1hXEZ-K!E^wJ(!oqn8`VP@*R1Www`}Co8Wr%tn`w6U2iZyH&%^lo%^B-XiTY^zhj1H28|WxS)Z^^6EFL zYuYb-(RUfR!2ido1d6tsYgjPyGcmY(+CyFEGbBzSmBKO*Y`|-F=qdGz%2UWDLfYWo zbJ<77LWWmA>8ptxS6{=JVLCG>w4(SVoN!~&-Bm}gTZ@TO0h)v9X&k?#K1inSQUs3*A4J(uIa0waaFc4?IKsV}SMBX0BjcQm)9H+#jh)B1@+aFi~+J(RoaN1K4Cjp7k*Z~kSM9o>L*K?m+ zo8}avDpzZ)n!Rtgz!)-Q$&`EE@LPwXhP`6ecnP^)m4OJ8pGC(yb9HPGCflV!sfqko z4`zfiz|YfCu7R7*<jk8KR)7qSifLV-3;cqH&@E~2bo-e<@}&?Uuz5+C@9OqqLx`_s<4S}HqH7Yi=)ss7U~(eX$! znjh#=uSxm_r56m%JRYQ!A(q~l75rQm1wc-*4H)xWS3L5X78=fha#u9)!HhInX=k}R zbFqB9ihh>14{MgRYiRm*O{E4d`aF~ch=^v~G!L;?g)I}ObO=G%W4r;u022pXR-isU zWgH2KsdV6@>HuixzWKcLd~DOj8XUk9FsDU5}Xy1uJ!whoPi zvdNF{-O@XiIARRU=5CD6Gwk58mZk(X9C2xCUCJvz~-rMjRku~6b<%ECZ_jS zx?Vi_r}K^X^KisJ32(w3KCKXn9$?#fFx7*kF#JrA8z2c|!KI7uQI>?TWr(=B3Hk1) z)XvXzR99QIu0wFgaJfugn#od-UdOI~(SKypvEK+SB+3b|bvu>LN7XRN1+Koaf6GVD zTDzy0#cDV7u76W{##pFP_I4Kqnk9VyVt_OD^rGs5I}k0L`QVjqv3Y@3NPA^cP~I(f8cKH0e7;~ z>Qj{ewW%x*BDwxFA_(_}iOi-Os94WegyX8+BJRakj6fOoJCIu^W%*|_XKtbMr|X07 zZ+?8^Ii*ng(fa9vdxJWh@XS0*OJvcn;>US2KjCgFk=4NjXP8n;-+MqmVByp1?s`BH zbyX7)Xz>RBRP>#^eP9LQL$0Smu%<>aMS?Rx3J@Z)ora_^R|IXaBp3~`1+)VeqX7=x zX73I)?`!lNX?SHJ=Y?9NOE|^jZs!=JJM@O@^!46XQ0AJa+Om&=Jjo$cGg#;_ihJq7 zMb7(f6}QMW*O8DecKgh+tl1m>n{V!~UxRBJ{F>+z>OLZf{QOa$wqR^v@MbEZ4y;Ht zZJ%E!Kydk(!NvYAi~bx(1UV9IrTtm@I?KPh8-n`YHo~vToGHi_Oa3%NSp7n{!#P0* z@u8uw^<22@t`$c<5VG6d8usdp4CJ9@9zrJFzA8voRsoPI!0x|pnk99@Md)jIr>zv%uk{yZ`r`B6{GH-O#!)^9=)XJ zkuQ2}?+Lf6HP{|3_Cem;tHi8@n&My0dRQ8C9E8!=BacUw$Fr0S3u~u7pVaN4k9zpI z2>p+|7>Kl2gYa=Wra+N@wT zD$uD(NDp|*g;pn$?va~y(8rpb;NazDCEWEIVV6y_bG_vr`eKAFLFJMnYz}}#>>q-{ zgb3rN*fA~frpN)LN0HT2Zcp&fs=|O9t*IX)@b!uVV{AoV3-x;V(h+7MRk7u! zN2sIpdu*frwL2r{5?MDZH<^6i2O-?B@crFOYr<6jS#a6ZaIHgsaM_6E-Npr2sVnbi z*=s`d-onYl9Fe3<%5Uy;Bx&?~un1VFF) zC(u{+y$l0kP98rzd4+qH71y1;HysoPP^5`)PNI|-4T>*Jn5c<8{T))F$`(;pi!WeI z`1Cu`6;J*OF6*KG{;i>B;LHw*$_6X4jMBy}RA7=pdi5UlZiyQ8Ezh2=Zaezl{PxU$ z$NQG=LIt*Bh@Wp1y{BO?fNV+JWj||}gvngiL*OSLEjanEhCbS*S>Yj zxBEl&odBt(HF(EwgAvZvXa8X=Bl5GRQ@CarftS2EDv_@J|)QY(<*qljzQ| z#8CjmY<>6foFI@FLY-g5RfRh~?emQcwTQee5n!Ot`P#++v?MW*u6<_X|C{iV+{|WM z*~vcaWkK5QnpD>CUNe~I!WYz#1)oB~nvRQOb7uhK$bRptZjes_%gE`SjatXu@Rqe` z%u?7?F~Qfavo*_yE3P=1>itt{&cOBilgcYo#@5;;d%|bD)YJ*aGeA3?-bLRZzWh?^ zRWA6py(_I)x>IASexzu;#Z9$z88XFC?fdQ(SZBa>8+`U8-&PN%zgNr9`Kb5x(E$zwAosC9)iNrcHiZ>NryNet4E60YRctLD#a| zscH+*!EY%qP_-tN^{swn; z>yk{qEQ+|tvexG_QOxXe-E%+Q5HwQm;m0(>PP}N??wWLd75=jvo;)oNZ;FZHK_Kx_ z20lBS9$E6$gMlUD_ltAi-uH#q`dY&exUm`c&yE9^yo6;HcTy%_{mUHnw8%W&?nK)D zM7nsf{0(>OSP+eIE^K+w{=?}$F~h=v^+r)tiaX!bx@ZdVv0Yh%hpNY3=h{eku#HfA zdfvq1fckI#SAd%>Trlm_9+zPuR^I_u_WjhiPxZMz`6|<1{X~HWm+)W{z#egZB_?p){2uU5n#?(oxn#0c=d!KP#Bm z&(4`^j7DC`0~fCz%`}~)MxN!t!tCKVrxEg@?b-Fr%tapMshzdXuXLY_y4*a}t#ra^ za;`3;!DK zs?r=#I7Aw$kQF#LnHV)(p4>MRYgKO3nXsNZ>fS-XRIX}B5`p4F|8EW>$r5h#w?997 zvT$)9_ejhA4U}deMyf$*bE|#3BbA;s4QXCXREU`+UMmR<$B5hLP_L~L^e@!%T>`Qt zc)qi1wtf($m}vvVsgD+^%A-I)&ZUVC&wXoZ0|}F(552;lk_tdb*rNN(OFft?)<1hX zPzMiQXq0cK@^rK@u*`Tu`_%?Sn%=zFZa4kDV16#Q^LN%XbL(^d@y9UyY}+Vge-P(u zH`k3q{15Fjo?AydHYJ)UnEGRF-{#KR`)dvb?|Ko|SoZz%%g3&&%1yE8x>zi}Z-V>^ z1SMpZe-HX_&+1jOr_gVe&HGanwLu4fH&YCkq$LO1Kd3=wH6=~dTHkXNO1gDShcO}p zDYMq1;mbV_mO~!a%FAJ*qJ4k!$a+Y@G zWhYHB)i;!9MqUETxSJ?UsN*__m$cd*x|)ngK)OMrb1tMBao`G<<+A*7g@i1oN8~GS zZ+w?#7v(v&Z$i^A=irU!_5sq#V0gruz@p#Ygt_vGAbMoq;hz8?ZY`)@?VPH7a9< z@#c3qR`62TIaAemA)5))XQ^Af!K;zJvr$9t!g{sV#0fs8q{6EsVh(Yt*%5cNZ?mD0 z+*oLY*_uvKOh4EM-x2(n^g>1^x3n+Dk#pacW`30(1KD3iufN2$48W7E%{u>WKkNoI zwb^~@^|KP(iI~0P)a`mz81A|PSpu3Z`}zO1T<^j3*skGt`K{Te#Jzi7Ad&3ZA51~q zbs}kZv#DFjI=;yjP#ttLtilutQFZl%Hf#k38e1IM%eH28oe*@Yh-{?^(C^!LHIRQB zBJgr}M^7Fudzs?)afcFY@b3aN{tukeeAWF98Ewtv0-@Mf;AeU2B-`DABUjUNdXnP6 zFvz!X;|4|GQM&Cy3((OCUVT*vr(bnRcPnCTO87h1E4WLdPZ90aNYKB1GE&n*@Vn$$ z`r-9*2I3Ok?9!7$N#e5_71{2KohqvEJoxRgyVeFtgnzf#55R>CEP%zZ!vMx0u|FUi z|E#AyEDHPmhNqp8EQ|A-4w=ovo(;0+W6!@dCOXM`*HxJp+F04QQx3;L@Bl)10yT!1IYJGUCAa7n8+% z;cIW#Qwj$ITL!0=rqC6=t1d*y&+s=#?15p^h$rP680UyX^_4cfcvatBQ|{}E_xcYd zb$FN`JBxvlL8}}luG$4zi)RoGnmrU7Az*bcXI)8;5h$% zgzNF8dL)1DHL~mjr~y%M2Kfq2;Ajt+RKu}|-XNzCs_m#k$Z7m%x` z>5bx()!~(~H@=i6K>Hy#NTR<3QTX)51JYerZx?p+W-gjFo)iw+-!U>Y$AiJIle1X# z-ZLm#^5E=`ac~mV4z^;wBDV2}97a9cDU6Qu5I#12&~Pc8m+iJBInG-zZsQ+jp31Z1 zq4vBBX(BPTZ1^z2(++cT8I7}#y%Zy=H?|S%fQ&^zCb_%-f4hrr3lnsul}@jE@<-Zi zCt1BQOHfGLsQ}Hun7v$eAAA?tXS4*|LTre2ARR<|K_1Ehb)8=0wboE&TR7EwuA}rT zZK>O^WyD^%>VUBl8q{z$y~)T zQu&$q3+3MtpROx;4Tj3CqvDbEsD1c){t+c=cL&gq4Hl|yI43sov%0dgwTtBY-ncb# z{QT;}Fep1(P`Wlvv!6#yDa4BatVaZf>En_R8tl){{IBRgg}WB+(LmF7;V=b41%kH=baW!`c^^Nutuki4O5|X3XOK zfrJs5R4I4BlK(`J-NoQP-)owH~b+mq`2RnL85yw)d^&i+eZEiYq;*3}5CIe3?mdo(%v1_g7lL z`x6XQv+@A*iT_>bT_6-)W1=F)>AuzP-$APHWVOhY*uAwls9NaE8D?~sd<9Q87bn8$ zA?x-0WZ_Qka3-SSZ1?R{)@I~Je)WH3Y=MaupRU?fN(+c zNfaAQ3F~e$cN%^}VHKGql2%t%`A9soq)$`;)0kx&vvIB9kTxPkl~7bdhuA=HxP2p7 z^tV_~mVN!p9zgvrUSobg!7<3*_4X_Jo7vtam7)t@^yzIp{m|dX0x~jTc{b3_t07=( zayO8gL{*4|=;174z~I1qeS-INX3cIh$f@P+N=||RV>X(zcC7uLlVkb?)$>b+M=$zqH=0HorZ;k9KX@{nm(Gxw%FKw*}P~p<7*Y4TR&CV$)BPkTn zz&81yrq?$VlnA3Q3rsn-&US7^&O3HozM7JhVrm~{*~_Tu?QwkB8th{wAzGZxFOgSz z?q;tvZG#Kl4{IikK*(XvRU&O0^xR=Hcs_;Mlhs@DOi9KQtbf&kTrYsKc&XpO@GrOYw3A}1T-Ml=TH^L+4$)0_Q-fq{E^i?}3Th3! zK6<8JLxU@5>%JE@1_x9o{i_tuu+Tw7GKrj!&Sgo@^rxNnplqukFS!&aznGx~`DjHZ z{Zd<$CQ608JBHu`ToB>2-E@TO$Nl_`v8nO^r9JFAfOry}7n~L8YH6OYI~4V4F_@cK zmc4dPt;*(TH>RUf)#>(dByM`}1x~z6;Ya>=^A;j?5Iht2O)%vnddkN_T`Qo>&0b`# zNs3yRD>QksSiLzoxb3Aov+j?y$RIVAs?C4?$4_z6=^medFR$3RFNXqyN_m2`!7ttY zyRHl}(Pv*Uk44?DWsN91@hni5r`EKc?GPE^cpk#2FK((A+1NAF>0Gk(NL`7OzjJ9@J9z*M1{%!u@;(I&lDy_ zIDd9CiT)`}NyhLwxus5q^Y&^cuj+qf$|yRdTk10P`c!|d7dofUD?X>4JO{)5_0Z2~ zAIsz``SNfxq@k9Qbelt)nfuP@DN?F0f{8K-69dfM9E&eXk4crw^6wcV^eGM zyr*DWLXUQOqsvV3Dz|LfPE_HFURAWRUNfrr-}xYoZ#CE0)VtcqHCZJZUFHR~oe`Na^JXH)U^Azlmv8d+GeD zo`|4>#BE-sK-Nof+L0JNCY~0*k59K?kIqeD`WSDa2;dA38wi)(Sl_;)OJ%2Mr z!QBAO9ix-j%@{Tn>=fZpvFzHOQd=5$ zrrD}jY!Ir-vC}Ho{P@|AZL57?C-I9$+T3ZcQ5XbOV3U&6KAfz5-F?bdHI*sdQs$^kI?WNZvOu5 zwRMRb5JoM@#mIkpmK*yM%%4Qb3cs>^7`f@~J_Iw}5L4I0bQug>*rz*`id2NC?>w0? zo>`c8^!L4~yFd8K_P|VX*o7=JX|C-sW0u%n2&`1;l`HjH$`_YTbryqT2a)l4;Zf4+ zIvcAx(AiFb4SwcPrKoN(0#K~k-M8Ae@`&v9?llm?Ht==?p6eligJ~TYdpAl)Uz)ji zIj@6ge^V0Wm;H(mwSgJB59U%9CkE*LG1Xa<`>Q=C;dE4X{*9xRhM=)IT&(au6!6b2 z<{iZVbZwQzclnD@1{eHvNoDhFS)O)t0=s0{Mh4}LH{AL>_b;9C4p&uR4%mI{t@3oN zk=?w)1b_bpEN4Mg>#w!V9>a3!3YS5u;8`FI&w8_emhz6mJKNIz$v0;d<1w(bPDELw zp6iw6l@T^|zjmFT6XuFjfDa^74BUT&p15xi6#n&#^)ELAzH`1@he%rom3^>QQjS`V%lka3)1+Cr)E zClGG1*q$Pk4kky@KSfpBoDb}7l}rbPJ8TR%SDKKg$tz*y^Ab)>SNkQNk83yKr2eO*iLN_ij8< zjeA9OZacyKn{$iKyTXGF-6t5s%MW+HY?2LUngQF6qhAR8hpP&b_!3MIOVPh-k9yYq zy|q1I$K>Z>25Sn(lMk6&$E^oif0T4{@9-?{OLtuAkw!_P1h^vx8P`r1jj^frqOWaE z3~;Y&9};vCvHJMsTXF->hk!{Pg>@ts;G)dqfl$-Oche9HaQ!#zFtnt&M`%2!LtRGxOPMyni6bI)&7i;HxNZ6gJi=vT4?t@E@JrVhgkwO7jIn?WF}hPli6{k) zvk3lhfw8vJ5l!@14?$*v+W5x#bRA!Q6hHUW#dJ&Hpa*T24=23eL6Z3!iz+wrCB}6+ zQ^yu7S}$*n(o~rh=rkJ-v3MFi^G&D@z*QR%R*QG}_~Cu*)|>WhZBmX^gjhR+ko4^& zxXj}Sp-Gt`ZwbrUBu+DAW0kd;sNNT0O`=-l_KE_WE{@4NA)OqgbLSy z*?#`WX?E28cPAwN*N``d1k>lj&ncZ&S6?CP8OVl@T;+w8VFS>{OX#oKvMD@~pQ+wm zQt4XpKek`XHfdvK<&r<1Qc0^8z=}7#=xtoAHD`%t*o&C}c7YntcT-I7rLGA8fpOVP z4D1;}%B=2v-h{rs3trzoC{KAv>nkRy_P`{HTWOx!;Fm)byke@)e`jUd$Na2JOfbo^ zsmrkrxjrtcdP}bvZO34k%wrP|UKO-d!dQsRX zpcUW}5||;XhdX+4xK>s{SC(lFjAv(*rIPCEEavxGQvu%33?)xBkqC zut`Ey)vwWO!Db;`{vA#R+<9(YdG@YIq#@%9U{|?miu2k>dj;VdHc$uDXaijsFNWIY zE0G-%`?{lbQR-DkoND)CNZ@?tSJ0i_J5eKuhjZZ`AixgO;}vHCXX)l54HR)U<0ht- zj!u#d%#Z-2RpMC!8a~w$@5#n(+~PTB`AreTF&V}~sJzr9{X9G4>Z%xwJ4MMoZ|;bh z`J*TOHf(gqqC;wBwb_=XD=KWK6hD7qPYVju6<5-&X5;2*6oRZg!l9R1a__+_#MEYL)~|wltf}6D&dTxNj!fN-o>3Pos8dX>G=4i zQ#C$w>i9;>6ldzS77yiq-xFwbw>nXl(Bb&?ci;ti#@dc~8)>4YF>6gC(Pi@PIAW|$ z)3@=RXdcN*oflU<#71K1AXwBAjd1ia>a3Nk;4Ns>LMZ~=_anC-A78V2ApT%P zgHASDMeVQm;+W69k#}GdY41y&sKJQF^qX1|6#U0-G zz_Oti|0^PA`_`vO@7pv%#!vxw{w9T%M0J%iBE?m5x40qZ5=!lI#)V2e1%LoJB3SoA6uX1jmgI8wigp|81CQcx7*8?N)OX5bozGf1tXt zZNWAp!N8!+9FwZzq;QOgf%%mZ5dB5MK(eP}IHwIkdSi%>C9qr6l>}aRx8mX@q%^A1 zGULf}9+%woyz<|uR6tAV6 z!O^NG=7OGnD>8zm8+`V^M4aw?78H1@JoVDjo&ng-I{qoTKivuc%j7brjLN}&`T@$E03XT zuL6hNm@7s7|04rTWHsonQDdTWbfEu zR|giX*K+9=f<$$t5Hu#Lx71jBd1zupx*q~CAa-m;;+Od_D$)c=5sQkE_PA>*I+)Dm zK5B@{o19?DZXW5-SJ$*~{i7!;$aho%oIp(glXkzh?gSATraD{R)Vc;bfISp?r5_O) zW48L9oSZJCfX1Q5cN=?6Z{5JND$7SOy6z0Sz9UL-@Fm4|an+da!`p6I*> z>@I4f)UBs~emi^lR9_9e+%nJfta!Ue>sYvXKIzUQRzOKA^| zMR4%EW4#dYz?I+)#ib6A>)DW-pY!hgM#OlXi4Cz3XOCOz=r?SgQ^WX4KOj7(v|>by zOOZhKK2^g!_SQKf#TUcU3AK;UBAr5#liq*U(7buFInAXUbE-eo@B{0nn2>SYK79c- z-GNhtjdaUk>9Q1a*P$!Wo`(x3tQnIaY0E9z7N7C42g=6F)c}rL1G^JvJtP%^FT+y( zwze7NR?K&Bee+tlh0TX&yz_)p;RFt#6`Ya3e0%d^@k0o#vks28HR52=V6oHY-NMi8 z+k?YPo{WVbt9@Iso4yg&YqG!-w*tO;nNDcs6pq4_P=ON#z<#>Yj#yMQQN`7#Vrg5R z&z2sND`pz`c3)4Zh)`Y0&db7WUm;90LkF98SMDaphv|$ihZC9O{!VBAB&qHyRq%|v zmzTzI@G!PH-)#Z|wTon@D}vC+4T|GulWJV0tgYkQK6*H7xVoP1AflW>kspDsj8Jw#?$_$#^KBBd&izlb}(+wIC%&xx=xga?k9k2De^V z>?D#7xgH52?+htUWpL$hf}~2BEYELulIF4abO)iQ^|9hNwePRRB{1_%wM+{;D*ru$v*P+ z2~f;f4o$l6VRC$)^0za6YqU09 zdQ~OesjXA5G*O)V!H^JfckU}XtrB>iyTC`2ICFHM%6oxf)T7ZRrg zas(6bsj|1@ZQu70Hz49CgQ11E06^XM%`5iAkb5AUOMVr+G0axKF#zTzgiB7l8oP-| z>UnGn`ls#FW?mi4Z#)Z|Z-!H#n+br`YCY#eqm=>!-k-!@w7p^4*3y(igR=|Tp%4hV zlRm;*B_KAR=&BT+!K#03zq!2FTn>s0Qzg=M&5F(v1uumO&bn=BF$w=Xw02T%bSU5d zG?Mnh;pW+d-a0Z)6^i$m7)q{&X<$1SUGR&F-~TvK7730ko<>CQ!4-9$O7u5Pr9y85 zMxLiq8e~C?WDkJUI!Y zJwmT(A`0l_JcbJ1X@Bb*&#fvt8trH>z`zHd6Rb*CP`tNJZ7#=8qMl55FXElsqzb;b zY4d}4Q`cCXwQxrVnP2y)1HKUNV2g4~62J9@0QsK7JN=a6EX^|=aihw{2UY-LFXU2i z7mt$yG9-o8R=Z}-82}&hM05eomX3tPnzDVueX;|4J)9AGJEwS669MCDY?{O5@`7sp z5X|RZo&#_DM_xZu@#}Hgo8_51hB}lN@g;4H3e{aS9-No#8Br0vu1a7xYDO-yW3dpc z=GIyKkM^|+$<2&Myd{^9JzjkVX{PjWr49hpkhL-_{sQ%|b^KBH&vhhZ_M&DA0e~c+6&k0`PbDV^ z-~YRUUIayG7Wt>jtrdSAT^)oB?4?j;sfmKx$4|lYIV38J^;K1jA@~^YM-V{gI?KH< z!jk$ZIe4!3zJD8}F}it~hcjB{#>ZfD;)NUMH@XP0GwUR}S%Zo{{%NJ$9CxD`wLi#g z5(jp8X#<_3V9-)cA2pcnT&I$MJygBf+~{7HVRY=6V}|MQ*!}yr`<+!b$~$Jm9T6NO zUUerR`jzJUm%=HlHkIcO$9pE-UUK;?FeWG@i|RLR?+9;I5g!9x^@a~RSqzD$&wM=R z%o$=6(DITqExqtZQn9v1^4q+Yg9cn9`Rplw%o^Qt>Cuwsv9!ve?LsyJjret`+njxY z>3`ysEVtGF)j+V}#HsqH#MZZ0vJ{D%$kDuD=L0cJ{PdT(8lnbz&s7A)`;kj%=gwF1CsF%4 z`o{;p80P`0rx#{zxWi%}j<@NZrm_-uL~nvPI8MuOen9-*M_?F4NMs1U#MvLb!Z z;8ybK4<~nbJv$b3k@Bbap(8}G5A;Su2-hNU9ACWWLc4a8uLn1HTUSJ!`UOoII5My4 zl%-(iEI`f3dZUa$5iS{v~Ws85@JrdFq!H#cD2&% zy(f8w@A-n%>Ds26d@jP{PA9}K?2HWN4?XHcRPq9y#3y}=bXC-kt>s|P30blno4B>B|CMYgE zNeW%33#v6#1GICTFr(68%&Od@hR#_;iEJsTa^!fRxH;{W6It`~G!=y6G~km8u=*ZS zD>z_1@N?x`T#W^>ocxfbAo@lt2TQxf0FtNa4|<1#ro>^!t z`pa^(@_%Hzkit66b;MEyh9X}6wz`&R6p7JtA_y*_J16-h01canm8o%L=0J_V+sPaZ z7Ky^9Vus)E3pUSyC5W=qQdYTxgia``TPQfDx_lP9MF4Wc2X^b<0bG8YgH}$> z9daCJ42rRuy_^U3sh_P0P!eOq28cWG`w++BZC?o{K1I6c8Bp5MomA)(bJ8TEP9l^! zu4#Kw3g4nM9zO7g#7{IM&|*E+3T^P!!00xyTs&5PMqQ?Av?5C2rp(8}f2>>JKODWa zh&WUWXrB?o%~&3I10OVd@WBKwa%MGubhu46RP}6Yo`ZsJeSdT{<-J9Q8(8ToQ=PUF z6juv6p+3+?`w#nhmBd#F3g}Avwg~cGS{Sc;rNHUbAM))ym@OFgB-xCEGHG5tQ1Z!y z&r~c8j-3&oh;*S`N7cgDB@R`mV)&a8#3xcj{!8^ey^6mU|I~WR3BhYyBHiM-cR-(R zFr;s86iB=88b!fr!q+PyJX=jTuMb4W4PNOr%ujXewI(`&!EL0h1m>a@=Xng!T_f-Bh5Hc||{HsXg z3OK{xAfvh&8i7z+pas7%?>O(-^!huPZCbc1h(+R6(5=27*7iixg{Dt5I%MX+<%M>0d9jFqe?3f!~>Z{&}MxIt5qw8BxA1P`=(H8<+6yN#jE^VT`x*^OiM={pG=|B)>u zd7M**>Gra2{euNw6&KUP-bvjZ-#)ga9=cs+q`rQ#FK5eocEDKv$No-h$AWx+)!#H7 zp`UK|2?<-DZB~;U#1k83V;pbtALdmmcm@6Oh#KFk^wky{bw?^~x$~mlcQd$JD@A%X zAyQC{@Bv;6yT@_Mfso!akRx6N)>Gz~foErW>7Q0rnZ($-jd0_myZY$SX%>PJQ&-~6 zI$iyp^HwRz?_M1OuIwfI#3N4SO|yvt#~a^-bAZUk2lLukQA@P5wS0W$8}E7e#zVc* z=|yk16Gi!hvklHVnav>Xkg_VX95(ycK%>Umu;8salXl;O%jal*9}aIinc0Ntxo{W$WE6)wB%o|BOl|(8 zkndPVuSBs}{#D>Si%fg64?gC_*B?K~*2*HKeW23I_N!JSB8?px?7VzpRNsg?cN;-O zyIQwk!|r5nT#)&`%@5u8+1fkXLEvLPpGCg8uJ4}v$o;|FUuVx-NIH(S20_>o+nj+g zR@{8T->{J3TOZ5~yaih_WVs$3mKk5rk-bdQtbt{B#Ibct91v`>ddmf{8dC!!JscI zf?gN|!MJpeS-lCA^)eYM;4C>%-*_#U4Lj9Oy?4%50aZkzI=z zqR()fb)Bd+RE%Z8?fcXuh8xiG6DX)$gAF+-y$J;A2oh*U;YzOr3R)xk5JdEUMlpRx-=|1EUvN(t@Gw&SkdIF7E0MRJP=HO zpFH(sA4Y~VEQ~?0<=%%}T`*<{ zYvAHHvr7>}Q`>^nbzAGEg`)QG>~x-isBw>u94g8?*?--~V46U%Sl2^6(7XN;6;~04 zt8Cw-dJZege=DTwHezh-8o&WsiA+=kuWh!e3AZ#qG#=1cL!<6?c z!qbO2Ob}5&nc4vJqpsXrn2N76_}5!y9Td{zrw36(ayKxvZmdntm%$Q1Q>GjyTHXPDUy7W7DjbSZdC%e$IF8z+ND9 zD=?Alp+2y56)>d=FDfvghZQJB`?XvgOU!Du1G0CiA$MZB3{@Q7{|PgH4*2-+<(BHo z8dKXv(|~q}KK|Am9RDKE&0p!V4zzhm-JX6qoO2iiiNajX0HY9IH>KY-SREs zxiTUk`wcN8*$SLRl1bK3m0Iw@kY|rQa7Gz%JuU~TYa!ShLSqTyp@daicge6A$R_&h; zSbEgefM=kO!#?Kx%@rUIJ6C?fiVsKzEX6n^)jZ6^nM>bfgnuXN$i05CYJZWs zx@OqFSXMNLmZw6}z>F6BcsJtniO^0sS@t``^`~E+vGNR8?vQ_RvF1K!Z%U4D9J|ur zR~q;`+j|rPxC-!C*qYA&@L=mQZHu~z{voB=XSbqMgMn|9XFqBz4`^6Pl+_h!u3N<_B0*1F!=9$HS2d9_j{S6mw3xm)k4P=ULjkTT zg zQ->4$k`1LziIfz;Ipx6Q5SFL!2=#wl5RwSEA*&zXFirzv!quVr~s zlA|8CuIb;7Uh9Ezw>mAUzu4ybb|Da+H+XLYUEwCq#Ir~ggCnS$m-(Iz!v%6wWo&}y z&qw}ESUx>#=eN!}u;N0~46?-DT0*~P4jQ#RC?>?7PG3V31`>$`ls*nO4D2^L;@V?1lwIjj)`h{3Sx18nAl*#BF_rv z?31eBla#>22nRA`R(rG&Z!|t*ZuUi}=s-A0*ehpn1Ex%M!CwPR2$k8pa{E5}Lql3U z0xz;Ze!;33g2P^xdTESNFxg&iXeplY?mu5`jwr^;!8>@j>gpLnw~kcT_Z=C8Gc4G7 z6b#i)RbK>7_%aJ(G%BoJp~g4{UuflunUG-&VWaS|h0l;5E@7oOXj!t+b5E!=hG3yk z1DwQvvRbqJ{grT5oxn#;>PV?Z+ja_>pMbC{wJ`0>5%1b)x=;M0)UHnHGZ-=Cy;0+Q zRJ>j$I#8~aowjh&eDfF8{o=2)*{9~|f0@uZn0wkWf2h+RF<%_b>NWXYI$4Wb;x>xc z8UZWWA|pSL?WF0ODjy8czru?G1RhsEa)`-in z;!Z5R%P}yp5NkTimt0ea2~?Xs{;^ZmnNdWN7D?;Kx+m7W&VqLQK1*fdWy6dm5HK(8o z2ElEiO=NsCy5%Eo^|c}sk@=9ybe1ewIXqCC1KSK;4?YJ>T_q5WNajCnv9}eL&e9?m zk{vtM$^9_8qFBQrhAj<0dj1Mf*lWQdOn*FY4%LkHkBJ544R{W;{yOOZDwz zUgp?^ldCgkADZKIp#QK!-`lQZenXnUpGyyoQMbQi4$L`K&xqut@*3%5FSr08w)PUj?UN|f8n(T;>FpSy0{TQe?UgopyFFh%{a7v94+$^mH zRrR8vCez%mnPBAd+`z#!-o$|St8eM}YdMKV)X<@DqH19#Ekx~4I8OxGeNMF?D-(bx z7=2?{jM+hzexmS2?K#nl^u0aiYlc z0z>xp6?o=~l2RVm7S(wE#1n?p)6(HTlLt2t^|zLEL+5JbbW5hnbw$)X9iQ|I|ES+0 zgF0Q0(AE}N;A}6w+SVVzXa(kVC2n7i_{K^b5C>l3FG0lWJx>*&3c(><1Is}0tJ0-J z6{!I2mir4QkpN`crxo0S!p|W8jS4qi=oogQY6|~h7Gw`?yEx{rss1oMC;%b;@0UJ< z(+GDY;D30B#&pg|T?VYcB5M~e!~F}|lEv1!Rx;T@;5C@x@Wi`QeS}E9>dO|=tu4`Z zG1Sw@MA^nJ^?psyJ23<-SQO1v}Ug(t=YlO?!(?{7MS;paK1N z^{|pa(hNhJlwn%=5I8^C@w|%Kvc0{&C|&wjr6ESQq$!ND4>3SCN~ld4-;^X&^q`D%>Jp+>W$-r;h1ygb-i;2>KPItU5 zaWU3|HE2i_Rw(JK{&4?W$m-^sIda83fAdN{OJo4~`rqcx85E1(*TZU8e>i2fFeB%= zrTA=F9u$o=t#D5Hpry@R5X$lRoiR}WjG^VS&H}ZNd30Up0=~7Zi@9*Pd!O_2?{ zOgBWQuVxT2<@@mvXD@w-2ny$i#i6-18=Xx?#jYK^pQU9e8J;Hw?v-$A8eN-oH#tfB z7)HgPTkrTr%qU1=O=cKJ?6x}J<`sB@k)F~KFqx5DFX2!Ar*X_OaB&D)pbTkV6#l}7 ztu+bToTREs^F`v4JJCnu)N(iWPWoWoebm`(Bii2|OqL+Nc2Ukh^7*YE-Q8bCM|g<= zT!GZN4H{QG4HQPQP%KS7rG(^7)(bm&DFiSSao4$_qYRG@#a-j2ayvf(D}vhn&SfZK zSeiUR5OZPIpejJ|+KL4}Js^xIw@FC=*v~P59jYK1suTaajM>vd>(o(06BXzIHLu!p z`3EPiVugwSaKmh+2LW#rX zy*T)SFs1Ot6b-$SkTQ~@&=oiFr8)Z3?HD}&whRstBdb6?Zd%rDN`JVOn zam2Uec6FGJh!BzZIU%U>;V;dUyK^zl&we{7Dbc|2)%KIzSM{_xR`2CD90|_gs$^dL zP+fu5WS`z6d5-0np@tRQ7A>4=NA^Qq>TvMW2Bfjk=uB=sfFD*M1MNE`V60#zkn(-6aMA^#sj=Z3>5ry%K9hhv9JXFKq$@Ube-{G) zYcC;j~`5G1R##U5X0hhpf>mPf;ZM0b|X&B$59pDSws zmk?iest1GJk3qAabn}h4VYk70% z1C3CNakgJca)Kb>*7Z?!iq>8S4$89&WQD5pzYWCgPvvL3H+F(u|HI1wHMuLgZY(#9 zPI7uK2O=Ol85O3sb9+q-W%2sSv19%czohhOo`qSbiT7fa@4FOTC|;U(;_@J;v`%dv zk#W2hkfyX{$S^0I{Q zh(yTCiaQ%DTc&|)l2Q0`4Ig;%+GTFHN+n^VeDr7aQR*XMK zI9zET4eNc?kqMbk!D^z0;*YmycN!MmNK-^0>m`Wx;v|yCt?N-cFyGwdbeT-^{Ajr@ zp|r4xZu$S=;Rn^?0{BsSsVCOoStz(WK6lxqc(U126Un|;qczmK806fD>5^6N(*SCq z&J5SzCJEMM;;JGA!)IF$)jP;GwI%v26%FT3v{z%EdK}m7f{|(uf@`fJc2bv&$d(%8 ztFpNxk9-C}lGW9|+Q+&+gFf=!sp{BASJVPt@r$ZBzETyhL8Nnd-~;ioS$IFivVy(0 z<8J`-xh=17Gn(M0pB#^n#caABwQ*cl^moJ?AuTo`Lrn2=(aZz-`uQlH;cE5w;`8~d zDb4c@(y+zUWm;BL8OTqy>0LlCpkYOWl2v$$@rMRJlzK(wPT%=VX%MSYBHXjqc67nv zNVnH1E~D+t<-1Ul9Cclxb`rj8xd;I*!yZ=dh^~HMO6&?le~V{+XbQ3K$aMC4U&YZt z3*XZ&ew0c>RARr+(s+_kZpBsai>?hd83GL5v3z{_dlb{)zKk|kPZb)mJNprOklcyx z?tS2yD{X}XiP^Q~suLYv&ORLDEpK^y{Yq7*y~ZWCxiM*XqR!AK#t64*i;OSl4zkKn@6=Qnn_u01}~Cp&E+7)2n|= z!&Bp*)}IdsK7X-IWjgyXR?y%+uXkUBIL#5GJcpFljzC0=E!j99?qm|i77;a{`PCNW@=$PQBj8TpK4W(+E%Zs81}wWCq~04tQ6_d z(6jN9BK;z6r?q^AvKrRC`CEP8+^zH4H`*iXi}JT(>?)=b8#%2CdEw#32mc+kxzF`_ zd$Ohy|CX}%9%fz4Z$+~YJ#fSxwVftHc*{X14sGt;nVN$ZdlBoo!poU*sgMcAS6s!5 zzaQWGgv&56y)9OJBSxCfqniKwqs-;6Er_5CVVzB|Z~mI_TYQMZYVU4&ixH3dTGJU3 zgnwm4Lt4V?=N1glaYW(bh&N@M`RN1^$LG2|qo&tQrv75Ol$NV+ogp0~?ysIpNlEpk z5?L5M6qaDQw7$Gt=UN2&CKWi<$5GXV7v#$tXf!#>RFd&3w(RjI&T4{Dt2b751OgW2 zAJqx!S^5vntprgNSau3$@{BDe7IW8DO%5}TSq(NQuFcNEK9}@MmBqdlZK|~041`~G z*N)QZQKUGjcaM~ht6ComX@{rB2y()_=XT)MFnvY~*gUO8dd!R%w=W#oW8J){N;IE^ z-;=r+#k;r|X_aO-&dEum5)kAd)PkHj&X1>U$Gen}&{{I@0Cs}o`yl1)cIogv)HF9R zuISXhYqMsIBMOd?yB*xYj%WMDaP+diB*2zL=926B0ICIJ6&pdvkI=u*EW>+r%l97$ zJKJ01`_9c4sDR+ZbYYn{8~N(oPDHuJdXh(4o+z^yXdKbR@TMaz~7W^XV+78Y5YdDQzuAXe_>_p)_xY~fI0Tw=?y~htWUR*z745T z!{pc)6a?x7}H6Kggy*muHTv+eCd*!OS zr7>sUwOHEP9r6MiBS+`Jwq=|8XmVNu+2Q&Tv$5IUYM-M!D~^!L`156fGL!YzefVRr zfk(o>=$JB)`=G}DZgID0?LzpMdqw@hPYo`nc6oGqrWfh;&+xI1A`EX(b8A)Kft5zL=}9swk4wp+i|NKDK^YXKp3( zDf0XDRrU!_);F)?z7a(Zz!{bm<7^x4zmYJ#qMp>CZnh{iy!KQ&v&Iz=zDdz{N<;S< zl{px6Nr%`~{{{X2Ir!_;l(JQYFCxjY56si1lS$snpnfW1QLNy^k?2nRbOZZ7ZGW*9 zMCZ~?^o&jex9Rd(6(M0Jb;(CHw8$Ey3ilI&kBHR$WlO8qqBN?9w`{? z_)p1)L8xPob+_)>mM*5K06LQ=+A-2|`pv1_UcoWS$wP%qRrmweG+2D(Q+<-ts5bW> zs+`>o0@-AHw7t*p6d>fEsC4LoNp@N+MgnLTT)vUH6h)R8&Cc2Y{*VBD>%AEi&FvBm7BGy z$Kw?1BR8t9hR4#L8&eODM%SLmYPZ+ou3*g~nU?pz`L~^cmSrn7t)FWgigl6#e7qie zIKGqgpOT_}vJoez9q1z{zNUG$j4&U|gQ#!zC`qZj-m%zfecW2(i@#43p5Oz{kuPqrprVd8hlMFFGZ?RfC0~)`!9_ zYPn%I?+UB4^Gu?{3_enaA+mPf@+1dnytFpNlmUph+Ba(rayva`HZ;P+3n-VmW}IiH$9QCit^<{kBysM=PyKnt z>$Q&|J_J55M&(YEz5wk9sDh@*LCm@#zrj*<;^)X=G0N^3ewyO%Y%= zbOC4e!2?QTvcgbU)fQKI4!NqGqFtf7yh>6RhNvhw>t&re3L4Y(<}d)zcruMb9;5xW_Wum{`O#2Or4!FVH zp%k?go*dvpLRugiZJcOH(tah1y1!54tZusVBwE(E>d|ZNXnc`}C+pMi3Kicjpae4E z+`mVt@IiU&A;rePuU&8c8T*Ls^}Y-+yZpVhpLTo(Ha2hZ;K=p4QGP{0IY)hN9oZ$d zjL}?UpAnZ=?c;>4kT?*^58?@!vljgHyHME8+S*vgH%51M2p!VzmiU0@Xdq3L%A~@n zcy?#N)riA_;F&Qp9EZ9#Hc#tG)?CeKrB)i;dXPmIAbVAc^6b6B2}bUBiWrK4WpF+_ zO)6GtPV8=2K-B`Ax@MzBa7xSbm)Y!cFjNsSg@fZBMWONg!E>v)@BXF>e}uYEgQ;_& zJ9_Z<=p)$n*(Bjpxu^{}zq%2Id%GUV5zvVK*hFp22nG_Sws*fej zI%ZGo+MBZ-zi8Vjxh^&ojB%rD0hWU^iNaVrgtkF`-6W@j1{I z-ZZkf#241XojSW@w`$oiJAh})@}x0hs06r$P>g#JN1aqdv%?bveg!GTxK_nFFWFA9 z?{b4&F5DHbzQa$Dt`wAjcFp<16uh(34qjLG=Pj=*&q&q4_}u3N-sU{hsgR~~sqThD zn}ZNTUd@#u-QLndak-KU>{*KW2+`)%7 z^)Gw#o0dL(BkO_#OFmV$ByOHG_~g_X93_XtTp-BnT@~{m@X!WNe)0@YuYl9$lM??9 z?=QC1uxy6Mc<`~#L(C_P#wL>-QfD`Rr84gYj=}H-gIQu(F~GnEbnm zCRjHPD;!YrePSqh+)RboxN zJk`8_Teod?cB(mi!On-v<`Kop;q#x5%6THXNjJv$vY_s=?yyBN5salhS;jCg35={FcF%LfjtgCrmFW_uDn3p(@NZ}f2L#Pu`yPO zowmTrHqN-4>_3o${XcOeDfDp(0JhJBht6tgjL?pWxb3huxhDxGdFX>EIK|Bntjta4 zuyp1deSKZ`r4eI@6r_2#9NXvmKRn8P2`_<_B3B{3w3)TyH10(5s2ck*hl+pRnTv`} zhb8gE|5@1S#i*)s(@Oo=^zzk{QUIOtB)>76UAPKtyQ>9pw0F&Z`|?&XSr5cFUTn9L zc~QHyS=Mu!5Ki5c1$0NX>!CH5mxs}-TKua{!v>`NTvk#;dzPSx2XP=NN}!!00jq%= z0h)_fh%TEeRPZr>`jNs1McGCb8J-4mpIM; z`V9i%j2n*KmO8Y*sW>84!uc45+@fyay8h@oq*akG*!uS`~xB4+8X93@`w5;P>i^2%O#VVa-4^aU+Nq7FW+E2Ug3WI(2KfvI56Rp z2N(-I(4FOLxYHDYRvE)UK_Eyi?z9)e$qBet`f|3)`-G_hkI5HjI|-ZVlGJ*`-krRR z+-|mQ75+v%7a1=U%rf~$+&V$=KM3ztx5Ddu*5mdg)N7OUI|2Fj-AY5J5jWrJZf4}x z#OST;gW7cW^X|=TTuVoLPCt%P`W1Bov3YXQM_0S<>Rj6V{i}cx?Mt_lkv{O+*+m`4 z;sg1^Og>`=B_^$(=HHCD{92Pt#=K8V;u}w4n=c%s_>;?vxS)-a#Z(Yc%!3%_>ZU`M zRHwnb*jHA^Ql0MX?|&~cc5iwmBBGn!pVwh_Mbk*oDODM@#Czo2-MslG|<@m1GLmq z{&TeLv+uu&y@KxF?m>b^?lbE+^Br>rgWZPbB&LpN?i{+6Rt&ELCRdpO*Citc_WpCQ z&lb|f)enyHh|@^s*ZJqV^K}<3;v~c;hNKeo#R9XrEa~nZ7?`hBhTWZv6V+e7dMxe2 z`}pYMWUZZzh?RRMx;puVu1A0b^^`g+MY+ZJ;#p;3_WMX((c~A8g|A~d;>Xe9U&G`8 z0smBxuf^Z>1|rFnk9n%n=3(P9dx_U&FDm{ae0W9yS%dG|bW0CWt&3|9<5sW0C+6Qz zyZT8}MU`Ey5@9d6UlFg3;NxXa&4)YQvwyH|JisAjt3onhhau7LKYK|n+Y@-b-M94Y zJN?%EAB2U>#2S;?-?-H4<^3X4rr>mM6?eor{&DBBT1g00f-D6zD&0u%|jGq*)o z*pdf4#1+7R-89|)R&%tfx+7qketju0=Q{y^ziukxtxCNdgBs{r@zf7N{)dr3{<`dj zAfJYyxS2oRDMv2C$JPdi8-L3B7}mm$aZRA?gJufZ*CGs0fhxbvM|hNTE5PczpVpFF z@V+!aDE?AuHj)Toy7uuSnvq*-N&n?K;@y|!XXNx7T9RMpZt~Ufhti$f&=oQFpVfun zGVlgPKvlF1z`BQpS!}GrHg0=XU#=6nFDP@q| zG;~gXa8vu&%J7{CV1H zw{KNa{Lqsx5%StoP7h6@K6|2o%e>86EjxQW7a9nP_(8kEPL{NW3YrL1V7X5Xdx~*< z56KyP87Nb8pA&R`a45G}j@zRFJO9%5>~&GpI6o8LzLKt&PBte%=B$l>VVO81k)uqRvmlrtmH6Aqvvfhn=+Bthl*!Fm^as_YvI7^6}&?jO{C?HZ<)Taq8`Wz8EpNaDCMw=zouW&+! z22bOADbtVX+psPBpzPvUSU%mnK#>9q<`OMJ6L&qHo!?16#AENFqTonyi|ESe(LiX( zanNBy5tbk0@J!x$KuuP^ql+8xMJH^_bv{u1czDaY3-XGi+ms#^EiFFSmQ2gVLz93f{= zJyc{4^gw5fpO3PsGYq0iuh=$LwNFpb1J;@QBA?BkQ7qfomm6HGXw%D)>en1D6;@6UU8<$>>&_QMQ5 zV^iExHCmu0-pv;QFQHvz&2zQ>v|K+A)l9mAezh6#?+6&|(8~Ah<-6{&#shVn#H{)ZQ?g!Nvo#Wb54V4vlamZwF^rQfJa;37Jt-Sbr+f=`H~} zKbE?#>DP`we$<_!Xc=Lpv2);zAU{Om+oG7fZ!c6AaZj|_u*9zZUhywwS&H;WMF8IR zwq2bZTn@-tw60@4SnzD8-u;j*v`#rnaEiYp(l`4Y(8c4rK>;Bq8nCM})e_^rQ&>@h z|NbfP4E!ZkGPKhh*!G64EPmgVtj5h@OOmq@L8NRJY~P)U$7Bn2th54`2&%ReQbh z8553H(~~jz7F1R1>fK%)<;_F=0*{C(_}l_qh>k@%K&B(NVDHs`DwqxArivD1c;_0< z-Kk>^%mGKIO`U8A1H}+s9+E)Mj95j4{=rO`nu8p(op!~WH=&Ez6bdXa#do-#N+1nL zthMZG)+^QYsNBS)l~CP%%YyG%H5^*-avt*k4(#K;ZQN40G{{L~za3c8*ee$d=XSn( z2WTy^mSEy}omiN2EHqsIdMdP*oM`bETA-ugrH8wDp8^Tg-RO0xyQ=%MRpj9=fh3r2 z_!*%{@NT0|bRCmUrY^N~om)nx)keJJWx|B#VDN`FD(8nsGp|xv9a7hdzo%A{do^UN z3K6j`I$R$uZH2yhuI)HzCgv?cd=8<}W4$84b7kpQc$9r@7Rkb5qU}&j@-;iXPAcZT z)#gjGNmXHx%W*g&FO0%MmqQoLe6P1M9!WMPFxbP+zk`$gV$E`-o0hxB<1@hYF1aqI z@_r!6E#EA2MRK5IySB`Ek3<)LK2lI@s?^d#2#S}{`=2_lID@UA&RLRK_`eAR#aH^{ zytWt`k^5}hS*oNGAj~GwG5er{0VUd>tvpqZvD>nN##nHUb89+ndp(sxep3871o2n_ z@=fn8kb=WR(B_;CG4W226>spWVx&eeo+v1|L}U3>xBdK;?LJSo3*30Tn+)_4Ef^)< z`JAO`0>Px(w@N+U_U)BPBSrfe`Y-YiJV1IPlnAMaXYDL;l~ihuNrTZC(>NHv@6Lv) z+sm57IG7T1FnWVv9f#%^d^GITAoUhE`5RwpX}&e5-7+x*{Hrvrg6tH)tvPS!*~75RzGL9&25-3)bCXJlKl)U!kfjn_kA-ihAv$ASu+ zSW1lYmb?@Izc<#*oWT}O54{>4yDAd1GFROk2uSbw{FdOk>$qCqMx5il^;iG2Ar`dY z50)K6@eMLeS^sZQq#}jYUpmp9`^u%FwK-P%koa|xban@-n38AW2VE{nWmldLYO~EO z%zKNUa|}`Nf!zKy+L>WP`^g#lp%$V{M)D`#>#y$1AEW_-29*2x@(Z6cOgc2*J^8>a z((r2dHXd~-yD}lOFIeqS9OLv;%x7RgAzNlu{o^SH~qlzaz&YyZTL?_#G zb!;h_815t(QP4#6bt(ooUSw}*pZBf4Wm@QHPIB;vM5l(pzJQNkh}J(V&}aqKTa8qw;0X=*w2DTjwstGIH&>cWZ9g zS1tsT!dV1?ie#X8KU}-f*eU5t|AeE{_OdZHs%tOuP@VzBrbVcylfUi@%*&I-QQ1O# zqV?VK8$yf3FNA##5KEQS&MT4XQryPc6 zg7@Wqh3Bi6&@a5#eyBsI`=dJdtmf{Jx^!HFJ3g8hLxbxFfupttKLW;7;eP71{MR6M zy<~%zF#T>J#(ZM=wr3X_VuH&ddi>swwHW5lr%*QuWA9obkM2G3U9chz4l3jK&<`&{ z-M-?Pc1g9g))Io@zg$(qmp=R(FyZ0MLfJ*TY+8s`gjrJ^1}+&~eLod&C(vr5;5U@A zNtr)4q|tUJx&I&Du8Kok?oB1f28JO#rXX(4;as!hj91cIv#p-= z53>c&9%v8KFjn%wcfC zhA8Xl2DN=a&J8FCr0L8?HyYw6wx$uVc_c5&YS!8#+!R82Z~k%wgTqvD`Z`uzAWsqcJDsOY6Ow`ye; zjidcpBK6Eis&QMo0{6wTd{cp1H~L-iFM-3$xxV>c@?@G7DyGWT`g_U@Vmk(^w<^}S zZopXCjhDD|WEA2r^X}eeSP6k1G()aRz9W^u?rWK?qw`kX;}$aIt87&CV3i535~aO` z?#4tp`1@PftTA!#pr;lB6c;?vw*Np!5{kG0;G*d++)JhBbXq@Fc1$^7r-hYs*3OIi zy@gg-s@Tcp8L{YGQ7a7FW;8zeG#y#iu zC9P+xXPu|z2d}c+T?tsICi;_xogvwzj}EVbQM0j3hNgakL5`Kq;@#1tq9H0NxjtO} z5Odz2AUBs)a^^tE%AH!M=S9eq9`-o?)|4Hx;2tpKy;CzfY4*mLZj~4>QUkxt&it0U zk6}8^`F5{g_oZ(6TTuv(Xg2sONe%xIy^fdf++y8ZRIJrJN2V@Hu{WIgAUN&hPQC-Z zf^A`K+snq`J_OJ_TB{Oep1+2I{P0UTD-6p;D`+D&(k;-XCXPfebNtXP!sRCI?=UYCiE@{ zuFO}&ME=5!mpzYKxo$la(Whn;<<_oDdU=5iFg@39tgzW>pB3MqCU<2$R9BJbeo zA+UQh86SFCGD$(0Ed(gp^rMy#II1VCt5~WmN!seE^!bfPMMOJkOeE)DQ%4BYLMwi| z92WQX@tl3W)HH8d`u#+|_}DIKMWc6UZ?^TgC;MHH+?;;8Rbs4WE^;2cS9xH~c;W8z zKfF8r|KWW^Tjn%SpEcdviYJQ?-~2~lS#?%1R8CFMO(VzneRlbvOHw31JgBBnm1#bb zf@q~)d{-`iqlB9k+2mh3XZSrpB0Vu5nzYT9;h(-3rCzNM5+o|& zpW>!sydOd$kB$uh1y?^Yd&nw`KbaPie_PiBfiQo)6+s#6l~QhTi=LFOr3wrdH8^&G zxHjrmAS`Zjsqe{5arRT$I4k7VV0KzZs#t2H)yR3H@E2~P3XTF;ozn(Q80Wu0;q`qh z(aspB8to?i*e9uME6tDJ_N-0#eoKzJ{Keb@n#`2DYAr6GPF>_ZQ8O>a24Nx z&5PIiqdWhl{P(=x`sb!2qu$7`u0M6qoBNgA}(HSKS-vS7v+sn}%NaGlajIe+Y-VN0dqJeL#){)_yANkR-fQ$?QPFk(a4 z^QtRqgTMWETKNCNQ>5H^k^?`l&FNF5>v{tqQg_Gi4HIpdt6mPsDvW$REYSPbts!kj zZN~`W84*r-bg5A-#zJA~>h+!o`#~&0+CC!r5v#D?@ISzjOHEy$Ak#hM)go59+{FBJ z;F`krcqfrDuY+p#Tcygruf{?zyv(@??&yfY$J(F=*Q>?X!md_~+Kp9BFU`d=e$)y# zCA$BUG1lV$FBl^01Q{9{uOT>nyLDOJBGyeH>*ZCwI!On z3cPLawoVhp=}0uLXqW!H7_$9UN=QgN!WaVA-SmtLd%D1%sKAL?+Y03`Y*v14#B7o3 zMK8ugENf+^8ahGRMS0+z4~TWQdA%m!~U##MQJ(ortXQ6ks>$#pDE2B z9&9B@M^_cLE%3+m^x_q$n&%ArqCglsR-r9Y_r*VEaa@Z|)zdYy{D{)ZoQ%<9!cQrh zq+$4;ngz!9B|!5sCw=F23d{-;_v;D&5U+*0(|}+2c&*$0=Q|gFmL#fGVAPe|NB2^c zFTT{2oLWR_L_T&A0tv^{w()Zl<2NJIciLL>Wh&ISp`H3T6d0DD&a+@&M{T1;5*4jN zH~OH18%reoz$_5SWBk&UdoUasI-?}i~Q5x?H>t^gld$?8n3hHcWeE+mE87 zfLhjMhZDy4)Zs$f-q1GY#xlzLqT)64ll`j%N02;bmC)5r6{Ck{u>2G%*#~v7?@cPP z=9BP_B>7A^p;=+MAMo%6L=h3&Jx0A}Z#diGzjaKnvEC1BEB+EN9w~c6D6<)QB9jf} z9;}NiKJol+HmMr)Fqa9!217eE?j&&KNr90Uxb!(D(p-bz^HQ?Gl}y4Y|7vYo^d+DV zVT>QuvgdVK+l_!9jp0B6&VLTNpEWV;rq1p-q#h2)(0!}m5qdU0oF+(i?IZF;if1-J zJ8NOU0Ug`q!XMZmm+koiP-XzH5kEYoUeyS3>t*d|Z50u72_>OAw2I!$v)_NM>g)n)A& zje9NFjnNR`JkrzKa+WAKjOD+k5N%mw%yPcg>idS}B&i^tzlt5~6H`Qt#(CXG{b-}z zhY(AN(MglS7N=Px@>c47ukMDST`uKBFa=K01NvfE2=l5(ws@^6RmwH^_zBZ~-H5z} ze7dRC{PQf35)SdMyL*q-Y-)B0CHvt%CfhUlZtJdGi73Bif+wYT=alOwsu2du_%|w& zfO`sG-En;@c9^Q)%VT8lC?HdLQ!>lMg1E@8F!Yfs%t~|$VQh{2e2O3w$M`+P|GhR` zZ5w$j@@iT5J9c{K(Ls=Ot(qyO7tNxS!iNJWX*qJF#JjNTTunk&nyRP*tP^;p-dm2P&Q>YM& zaY{GEr7cuW{7x6EjP{sVXPj}n*xxzxv~AJgO7HRROn*-FPDx6Nt5UdM$4o-ygKChb z-0U~~^Kg`D&(s|w=2UgT4rGvV$)HTf&-H^H>dmFJ@{n%KUMK6S*k8~{0b-qJd3fH9 z=K|GJcu8qfWjfe&vfU_}pXZ2XD9;RPI3_**>@nNdJM%KGeE-W7=ei{ z)dI5Hchj$}L1vm?z3nybG1^S#E%S^nAaSdm7Yy)YQ$av2ThVF4{(jGLOYWk*~Yln_s^1C8Dzwwtgq9yWv zy(@d)LZ527e@kj0zx6)(y^3L`Y#i*7+*bVg-RUyJR_I#VU(>L$YkCWZbdLm`Y)a;* z?CfJ!6nJpiim=su?v$5;jbVV9uT%s}ki@?Q$U*>B3{r!z_S#tH=X8(dj8im)LWH^rQf0d2rS(#;B+%Ma|IyBww42e;dj=rpT%Iqn(V{lLl#+B7HAz6Iyt{6A0p~sJi{T zb1CmL_i?^foFP=2U*9=_zr&!B&ysN3oa17OyVE#RU&Hoqy^pG-M~(5rItEm`>auJd zYccvg-;G`%?^}}6(=uDqH&T1^^Tz8>(EYj@D66`pqRcsamOFmCz}1s)ziQ}A72v8y z1?5)%;4=r=Dl03ieF#L$_pkr@TjZ16RnU$|^$x9-I%Zc%L55hvmiZm;l!p;FyA|4^ zx0vvnvFf)haUHTX<|bf8=ll(=lr_RxRT}0NmLyjfdd1!vu62NRUBZbV@~$~k@2!(G zqv%W09&(B`Y34j9P4lAfQAEen%48>L3Q;H?eA`) zU*MVJ(;Zr%!KxOb%s*kSbkJLG|zQ=sp8II9KBH)M;M({L@>Q;DWAMe30k1kz3x(b|-ja%-&~_6iluj z44`Ly(?exp<9o&#IOE3$gF^8?Mw^jklRviT4tPh9^V|^uy|OTQ%I^=VITAIM8nU|g zMN(g2NN$^4(%?Iz%1Ue0@D7;Vz~kh9c+%ln`h{vcnHqv@`5i*+ zWsIA~&+}!_%vsbY@jC;)A0FJEYp@0Jw|L+YPPrF9SCuu=KQtTNqK8bwyi~@}w+n$O zYs(t6^|o5V(j2#Gnudb)eqN(_^Qq9O%P)K;SN`c!k)P15Qjw-vjr& zjPdJM0MYC`#M19g-<=M_EzCv+jGpQh&QI6!tRcwejm$b9(xpl(q0`9UT@Itex@xjL z#s2_|Ud~wL9z*@PmGO>GdeWO%y@ZIQ@#XaK?!zDLCplkXo`3q)!nWohvCUlY@BAZ4 zsqgV>Up=3c;}#MqkU1YI`MAJ6MOvxR9Q82KlXI57R!2pv>$;@sv3O@t)^6QME_btq zPMrZHbBf2gkKzU73@$7+i6IM_7Dy#4j=3Wk$4+Z!OS{qZ+v7KYej@5RN=PD0kF~Pf zNXpCy%F(lK3(FjVfr{@ebT>(^FD`#-%`)v}-)wB|{6l!FGz_=}%547tzIt(0X-{(} zUO04>m(4r=2=Q6syte_a?PiP~hDgW<^rTlG!=8FzSJ7v}o-FZ4hewC*{w{b^#2PAF zgtxGcd$%yMj0RR#%M~4%k;h7{;UC$n;N|v=_8ukIwFlKO+0?CdIN`Tnn~X&&WSn;0 z@9kCfYL8<-?TQhPzP?Le@;p~a@E47>+XdBhe-7N;K_iq$g+mr^OlLo(T+{v+Yd13+ zU1MF*^m~M29@kmBFwCQmn`YC&$i;gPh&~7W0q}*ave@|g`dhY${hrR}#a599Zo!JG z?djJ&YaZLj-?JxyLg{+n!`Uu%J?Zw;xw?Z?RmUn)Qzq6JBOrYbN`A&Mwb?5&sa7r0 zi);Kk{w(FZJNq+utHpOsXQ6oC!#6S_Zk28CUCOVi#D2BdczgC3@p*aW@qdgos|zSf z`FGZ5%n#E$w}cUn*(CE?8gK1i@K?dmIq)aLE0`yBQ6!OBTiW@fCm^yhCmlc|9QLkL z;)m^R<1ZZAOQCpb(KL-F;@ir(vXf-(F(l=S6&rZR0CwxmHn7oJyO}xW^{QGcmOa{6 zJ4=t*li?4-7f%p;Q1S4;vgs9pc*uOI`Pm|EK(5x83tS=fFN9@g>KEXVbO)9@kW|)NTIHe;%)Cm*j^b zHjqcoqub@IasL1arjd5qm&4x&{{U@jR`*+?w2QFDPz)qe{9 z(4Pske-y5(u3PGw2Z$jo(Tzgc?KXLeRff<>=Qzm&Bk5jCd;3v*Zn==nCc6O2Ds76v z0KfykQh4O&y>;Fg{j4C?^b@E2Yw+!!sT>oJvcnFC9G@ctxz6^$U~z+t(6JYKOYcTC zGO1Ih{{V8e-y~%O`<%~Y?JFVbHyj)T&*W-dO2IE);$I4U zV9`7~4A6Nu(P~zx-)u~S$S$1+wS48N`0L(OlHy zCFRThdKw-p{hWRn__qEl9UtPKg-)w+Fo40N+K|n$j{g8D5?!W36!ix<>MNA-pX^2P z2S?K+*E}Dn#i`oEY-E-jpe^n}0G3f0EEwPneAy)QuW9&w@gv|yx8e&OJ4Ms{Cu@H# z(xseweVQbVCVo}~45`jPj~G0IUB;vFKfoGQ%h_1`NbvGsThF#g+f{^^SRa{LLuF3~ zuRI@0mr9Ja8^`7}CZQDmX?~p#gJbw@@ghkCar`;)0d6qA*moJ{r|^5$M6t^RtpxG1 zNQ^_q>w=^l5JBi`^bLP$JG~;-TkR|3PljGJD7^H@s?x--$GomOr0($mTQcd_w#bsm(3 zgL9ht@4`MA{gp3uHSm?!!aXkL{Kq8V*s|TO0o=g6asV(}0dP26R=30t*~j4?t>Nwe z01i9@q1)d@av9a*T)bNwDgkE0XK!46X)Gk9u9>8>>QJboC`n(dwU3OgZEo)+@+|FT znfmOGGRN{1mp1n{vUyi9NgSBY$xx}s(AT@`U$eKxcx?Xw;-C0;ZKlben&lGQI*ef8 zi83&Mt$2p7F1LGlW!C4omStU~=Q$yB+OnM|2zke)H*=RSDJ;HB+A+>gC6Q)!F$of^dJ|FnbazN7-0l;2aP} zdK#ARw0|;`R3x0Lzn#Cx#vpd7^zBmnNs;BSm?KD=7_>rYhSu70yaA36 zr}$Rc_#dtyK4*+PHIUm_4P_1vaoAN2Z{d~Zfu_r%tm=xf>UyQc$VMeZ z^RwWd<0iNDj|KP^#=?7zGvbst)5RMyTP~9i?=bW`>- z)-n7nAVNnVPyh!QAC)g`XE~;~(-kJSH0|`AIdqe&w}|3Ph54hiTX{F`2LtCE4_x-8 zwebeKZS&grg7ptvt>m7c?^bAYjfbGpgU3JpoLw)0O*eC%Gdh>rT`BFK4SNU(e#JZ9ZvPoWb@fL5ydD3XB1a5rgSlEKHt} zxAp3I@X7GB+jC7nU-CY}(R>r|*T&j(J|yu6h7#7|c))8b+pjKIg0UE7id}=Ie=5_r z@DIVy3F()TXub~6X1chGWx2Y6rf8Uv$_6D#13h>nHS&guYvOwdmF&JY&a37UikCB} z$r(LsxcGD9e;8@E>t(5Uy>(k@_9IC#nt2oFA9Nf6!91U8-Zgoxc>YHXd<9si%U0{Q zzp2n)kB9nA&i!lQZNtee!Hrrk3&*vaI9xL4IpVYA@el0&*HPMD{3_U88#3K!@x+V4 z<(QnNa6t7Vis?0vi+Vra;O{hIPXN2;>4!7|m~KmtGCLv6j=uUk@~U z_m^;c*fiT)R%9R#EQq6AfrHL_)GA!fOGBmN=SmJK%YOR*0ADj8Sbo7?8-h5r?*?ib zmcEwaX44;6)GlIkoRtj&0Kgmy#$OuS_?ij42c-NlzOd6SoGf(m`5(6Zo+FeD#Zzj5&c;kCDjEoHy(P2J9; zZ9eOH=h4J(8BiHnUAbi#9Xr;Rq5DSsI?(j_Zzj|oUIb=KP^e@jPu;D^#BZ5fBiZ;o=pHs}eMZVlMz_@LbpHSoc{5zb$6<|-sc9Ihl14zzdm6rJORF+*_7hQz zBd?v`-Lb(#;xF1d*pIMX_-ahx?t@o(RewgZK&6hyZw~mI z#0EKI8=Lz%rxB0tgCuM+Gt^@>nyli}yMNcBI)14N$*xqrRiEb1M)7Zp{uApF$*TC0 z(%$y&+RjITFZ4$x!UDw<%O266uTxq2AAxKvu1>x9CgMWu_J0_7-^LNE{If-Oq1yzI4hX@Ik^VKFz6a61FUbzE@Mp#_=}!sSa<>+u)t+qb z^8t?;IKbd`s&zT#qF4M%r$N(&q}pBHtMol1PW^{$WYgoixz?{@lPs>Sb#6!_9e}O7 z57}G7`bLp1pB2ujb9uR>d+0R+vK7E0FpA%W(SI zfNLWT(e*sl6*xJzl z0C-J#e@y9`9Vbh_aewf`$J0twD+6;ZTppu_>3}~f$=9@xhqhJ<+F!sQ5;L>^0HiGX zrOK#GbsIxu{Y5qpik}j`(39ML(fQ{m%!*bg>-)c2t>PbyemAzaSz-9j+KyXfmUh-9 zK2p54UN8+qlx=^}f0@%5R8SWkY{ zmEx%UDw?mY$^&Gh=spZcak{(s_Xs?;qjY#yZzY;J7{oCY27E>7dATDOACUa@JRLGk7~)L)~y|iuO&+; z&rep0pYWriTX8Jk6?`VGv~ExBKe~A1r&`6Z@Dz8^JnQ298YEfXFtgq4EER~{20rP= zLGCeEq`mkgvxKqm&b+7y+*?zREyp8ohI_EjZ` zse8@*;*ru@X;#`0eJfe<`E4Z3v)$O}_a}A3ZQ2UtV3EgO!l$*=egoOSAd|vgBD!Js zq?Y<5&;9dUrzG-!THWx+gnTcqST*Lg@fyoWluA);Zfxdq%YZ}W0T{_69@Lc6c1!R7 z0D@HL!YcEV`DytpkWJz^JU^~Yd+^Tx09VrOrhyUB??{n|if96{zU=tQ{qyo3FEz34ti=5e^Xgnwy~>g_s^;8dW`pXGGolRxRATH00SiR zzyN*}nw^!cj-fTBo~IS$QNAO(g&9&&>H`2r;yY9XFM7?&TQ+pUohbX!NqmFnBbNHo z&@tMKk6My~iZVTEI*tuXOr$L%41-DzXr--(rNm#Lq-=ECN;(gvBlW84PeHU$I5c;r zA?SFd-IIbTppnR>4n+VylW^z_BQeb%=ZaRi?#EGywWT*NQ^;p;(iHK=u@_1_3lEBfS|Ow6yNf@1eJ#YW@M!Y>)Qm zg*7|d)?ymw+g>*66FCYLL{HE$@aa{6ane`=fQ@bN7V#&bc?+o>&vGJ#fw9OWO z4%l7BmUjWxNdCnMY%tnJ@|(s$?A4dYdNQNEOPrafvw~Xd>!=0CwHX~~+`hDh#ZIid zhU{^QLP_S3^`LzzitKtG;+$EJQhz#V3ONFnfV&FU&^4b6>F^ZSJSO+@?6!)y0p)_qSo3xz?s_+3COlaCxjS{Bzcfj=X!-I+A)bHHM`Y+P=PQ=yYEV z{4AeONAVBDd;43gpEf&h4;fS24d$uo*N(a5j8b@qMfho_>1{WKJaee(H-*%BHyR(= zlWu-vyUcEQ9AdfVIXqApjtv~q{#E$@0GQP|^IgsQX>ZEombQbTT`#o-rdSb>NY~?rWJXjwl1uwMuPlT%!t#(pN{QOZ!CV zx|Bi>5qu}J)FW9;f*G~j#Ed^og^kn>gYp&LcqjIX_zb!#YF;MrJ*JK(1&p_a zp}+w7l9Q9$1op3-$UVpFKs@87YiQysMgIW6II87%IUKsrI5LfGxx-eq=stbR&)kKK1cP zBxKTz4BzO4(gU2XA1GsPMP>zKC;W1;h3Dl#iRL2>QLkPREGB8 zDFRji{p=pU<5l&`y;tM^007JT3JM&mOV-Ul{V4kj;}3^4pAcw~#o=vFMbNJyx-vGQ z_E@J^9O5t(?@^QAk81EOPvR$!yeX{Q=$D@obZ5J@a;_Un*%N%BvK>%$1P`gNHA&tk z+^#|Orj{*|PjY%xPZQ1Xt9;J9E?B6?lBBtpn*DV;nf@v2_uBkEDZjUn-rKUZtk&9$ zk^P;Qqb7G_o@&mefqsYvNTX9fMK*{9efs;)V$ft6WJqS3#rn3&2 zrkc*?`zsfJwr^!mCV9)oe)=9W`BizOjojijQJ#xYWctuCo=rY!J;anFu^v*gO>Ko(MsKaXL5P(JwZVx~B?Qk??dez3PBe7qM8jtp@TC~vW z3}KZdNCv-fu??gUHfLyFyki{J7ng?6o# zt+dfX=XQ56Uz<1>;kp{}LP_XF9QDs{TDOUpRGEs)DMj8gYwrI5Bipa_FWBk}MS$tI zmtJ5wD?RHn;PoM-1ZR`MG~FZPPr*-y_fCEq_(uLQa`~R(M{*YfY@nqJ;r5*%{cXTu9R)kU)j0$o&iG!)+5Jwc;4(60{c&RkLhiRnz zXYmcSkhRrJmn0vR;he#>f4hVjKaC{+02M7|j!56a?I4(Z=`O7>Q^oO=8ZARXQNu_*b__yKxJ{>DV_>ryJTU)3QLk^=L5r9d+=Yh$s&kz37pBS{Q z(dzy()b&`2+_7G2lc+|<0UI5ET=cI$C(u)OjP#_c)L&`+V^MGB6u4!&%RmS$m zKnW(B=aa@hoKtmFwFrdwz>T?yup!XF^1mR9NFOpOq41XBYtFg(n?HHK%Ff ze}_@qBsc#63|@JH0VLyInRmB#z!(`ltDh$TfB?^23S)DQYc~5GE5;D3UNU<_^BJ856GY`Ohz56$&X^@k@gV%^twhomf-z3t80zEmrteda-VRT#GC%@) zQtUXTR!nDj{ONqi{{X%}ItO8$C<8Pz$Dh6j<4#?mZrndQ0>T9+wJL@Or5^52Uj1R8`G}g`O_L=0gj{fpf6%6OQ7oG^Q2j0ZjL(o z(hbGhqqQ4X(vhS=$&?B~EMt=>=cO`1fE@)O1fD6y<0FX&=SUp`f2?25l4V&Bq$7?f zGDbSM{OP`YU-Qs@bj7OztwN4^W`>an$dGO@@>_WaG?Ued!E{ z21}35fU^*(2N`HX|}sR2{`L-VC{3t_k?sr={}B!fdpgN?)Sqy{t5#(j+)Y&{sHmEfP! zkdS&0)|3<-TzgR44@Vr+4F;N31oSkUlykj)gwlebgS>OongYmOgmk3Z!?ifc80zEm zpgJCRkIsU38AUzJco}i|)O*v9oOAC$SX_G1_)ug|?~l%fkwMPk`Opap19lYPxTN!A z?&5(YY%&~vbO7vTm{9hoZ%^-!&VeLnkmK{9HL%@{=}M|WL+g$&bE2ItIil zM_LqTwJSRJkbN^imLdFNf<@TAl+q4(T315Lq>a2u5-bmo;+m8KROmjfyj_hF-jB8ezXJ~ z=rSPc_1-8GXmB2syHEKv(;^P8KRN`7{qaS?0aJ`OKaCjU6mC=eL-V5`oMcgO z+y?IElpLH=WOU61*Sik1o9r4fX$S|c8<(g&Qlld_0}sxNpt2AQ3{pq|7{xq<9B1{W z86zBTADtH!hN?Cx!ZY5NaPCLvOOb$g4o@7^-IS6MR1SYCTzCGID=ER=KRQsu?uH#Y z(in#s;*$%GM?I(xjCo))>S=PnbzB_#&;lqbct1*0gWH-ir=7!}dPb5oQpQ2Yr2v2b E+5MaMj{pDw literal 0 HcmV?d00001 diff --git a/testdata/policy/bogons.rego b/testdata/policy/bogons.rego deleted file mode 100644 index 370586d..0000000 --- a/testdata/policy/bogons.rego +++ /dev/null @@ -1,58 +0,0 @@ -package styx - -import input.request as http_request - -default permit := false -default reject := 0 -default template := "" - -# Bogon networks -bogons := [ - "0.0.0.0/8", # "This" network - "10.0.0.0/8", # RFC1918 Private-use networks - "100.64.0.0/10", # Carrier-grade NAT - "127.0.0.0/8", # Loopback - "169.254.0.0/16", # Link local - "172.16.0.0/12", # RFC1918 Private-use networks - "192.0.0.0/24", # IETF protocol assignments - "192.0.2.0/24", # TEST-NET-1 - "192.168.0.0/16", # RFC1918 Private-use networks - "198.18.0.0/15", # Network interconnect device benchmark testing - "198.51.100.0/24", # TEST-NET-2 - "203.0.113.0/24", # TEST-NET-3 - "224.0.0.0/4", # Multicast - "240.0.0.0/4", # Reserved for future use - "255.255.255.255/32", # Limited broadcast -] - -# Resolve HTTP host to IPs -addrs := styx.lookup_ip_addr(http_request.host) - -template := "template/blocked.html" if { - some cidr in bogons - net.cidr_contains(cidr, http_request.host) -} - -template := "template/blocked.html" if { - some addr in addrs - some cidr in bogons - net.cidr_contains(cidr, addr) -} - -permit if { - template == "" -} - -errors contains "Bogon destination not allowed" if { - template != "" -} - -errors contains "Could not lookup host" if { - count(addrs) == 0 -} - -errors contains addr if { - some addr in addrs - some cidr in bogons - net.cidr_contains(cidr, addr) -} \ No newline at end of file diff --git a/testdata/policy/childsafe.rego b/testdata/policy/childsafe.rego deleted file mode 100644 index 6364e0c..0000000 --- a/testdata/policy/childsafe.rego +++ /dev/null @@ -1,56 +0,0 @@ -package styx - -import input.client as client -import input.request as http_request - -# HTTP -> HTTPS redirects for allowed domains -redirect = concat("", ["https://", http_request.host, http_request.path]) if { - _social - http_request.scheme == "http" -} - -reject = 403 if { - _childsafe_network - _social -} - -reject = 403 if { - _childsafe_network - _toxic -} - -# Sensitive domains are always allowed -permit if { - _sensitive -} - -permit if { - reject != 0 -} - -_sensitive if { - styx.in_domains("sensitive", http_request.host) -} - -_social if { - styx.in_domains("social", http_request.host) - print("Domain in social", http_request.host) -} - -errors contains "Social networking domain not allowed" if { - reject != 0 - _social -} - -_toxic if { - styx.in_domains("toxic", http_request.host) -} - -errors contains "Toxic domain not allowed" if { - reject != 0 - _toxic -} - -_childsafe_network if { - styx.in_networks("kids", client.ip) -} diff --git a/testdata/policy/custom/childsafe.rego b/testdata/policy/custom/childsafe.rego new file mode 100644 index 0000000..fc69d8e --- /dev/null +++ b/testdata/policy/custom/childsafe.rego @@ -0,0 +1,102 @@ +package custom + +_social_domains := [ + "reddit.com", + "roblox.com", + # X + "twitter.com", + "x.com", + # YouTube + "googlevideo.com", + "youtube.com", + "youtu.be", + "ytimg.com", +] + +_toxic_domains := [ + # Facebook + "facebook.com", + "facebook.net", + "fbsbx.com", + # Pinterest + "pinterest.com", + # TikTok + "isnssdk.com", + "musical.ly", + "musically.app.link", + "musically-alternate.app.link", + "musemuse.cn", + "sgsnssdk.com", + "tiktok.com", + "tiktok.org", + "tiktokcdn.com", + "tiktokcdn-eu.com", + "tiktokv.com", +] + +in_domains(list, name) if { + some item in list + lower(name) == lower(item) +} + +in_domains(list, name) if { + some item in list + endswith(lower(name), sprintf(".%s", [lower(item)])) +} + +# METADATA +# description: Apply childssfe rules to the request, reject if it's a social +# site between off-hours, reject if it's toxic. +# entrypoint: true +default redirect := "" + +# HTTP -> HTTPS redirects for allowed domains +redirect := location if { + _social + input.request.scheme == "http" + location := sprintf("https://%s%s", [input.request.host, input.request.path]) +} + +default reject := 0 + +template := "template/blocked.html" if { + _childsafe_network + _social + # styx.time_between("18:00", "16:00") # allowed between 16:00-18:00 +} + +template := "template/blocked.html" if { + _toxic +} + +# Sensitive domains are always allowed +permit if { + _sensitive + reject != 0 +} + +_sensitive if { + styx.domains_contain("sensitive", input.request.host) +} + +_social if { + #styx.domains_contain("social", input.request.host) + in_domains(_social_domains, input.request.host) +} + +_toxic if { + in_domains(_toxic_domains, input.request.host) +} + +_childsafe_network if { + styx.networks_contain("kids", input.client.ip) +} + +errors contains "Request to social networking site outside of allowed hours" if { + _childsafe_network + _social +} + +errors contains "Request to toxic site" if { + _toxic +} diff --git a/testdata/policy/intercept.rego b/testdata/policy/intercept.rego deleted file mode 100644 index 2791f1c..0000000 --- a/testdata/policy/intercept.rego +++ /dev/null @@ -1,21 +0,0 @@ -package styx.intercept - -reject := 403 if { - _target_blocked -} - -template := "template/intercepted.html" if { - _target_blocked -} - -errors contains "Intercepted" if { - _target_blocked -} - -_target_blocked if { - styx.in_domains("bad", input.request.host) -} - -_target_blocked if { - styx.in_networks("bogons", input.client.ip) -} diff --git a/testdata/policy/styx/bogons.rego b/testdata/policy/styx/bogons.rego new file mode 100644 index 0000000..2d6dd84 --- /dev/null +++ b/testdata/policy/styx/bogons.rego @@ -0,0 +1,54 @@ +package styx + +# Bogon networks +_bogons := [ + "0.0.0.0/8", # "This" network + "10.0.0.0/8", # RFC1918 Private-use networks + "100.64.0.0/10", # Carrier-grade NAT + "127.0.0.0/8", # Loopback + "169.254.0.0/16", # Link local + "172.16.0.0/12", # RFC1918 Private-use networks + "192.0.0.0/24", # IETF protocol assignments + "192.0.2.0/24", # TEST-NET-1 + "192.168.0.0/16", # RFC1918 Private-use networks + "198.18.0.0/15", # Network interconnect device benchmark testing + "198.51.100.0/24", # TEST-NET-2 + "203.0.113.0/24", # TEST-NET-3 + "224.0.0.0/4", # Multicast + "240.0.0.0/4", # Reserved for future use + "255.255.255.255/32", # Limited broadcast +] + +# METADATA +# description: Reject requests to bogon targets. +# entrypoint: true +default permit := false + +permit if { + template == "" +} + +default template := "" + +template := "template/blocked.html" if { + _bogon +} + +errors contains "Bogon destination not allowed" if { + _bogon +} + +errors contains _bogon if { + _bogon +} + +_bogon := addr if { + some addr in styx.lookup_ip_addr(input.request.host) + some cidr in _bogons + net.cidr_contains(cidr, addr) +} + +_bogon := input.request.host if { + some cidr in _bogons + net.cidr_contains(cidr, input.request.host) +} diff --git a/testdata/policy/styx/intercept.rego b/testdata/policy/styx/intercept.rego new file mode 100644 index 0000000..d7e0c74 --- /dev/null +++ b/testdata/policy/styx/intercept.rego @@ -0,0 +1,25 @@ +package styx.intercept + +reject := 403 if { + _bad +} + +template := "template/blocked.html" if { + _bogon +} + +errors contains "Bad domain" if { + _bad +} + +errors contains "Bogon target" if { + _bogon +} + +_bad if { + styx.domains_contain("bad", input.request.host) +} + +_bogon if { + styx.domains_contain("bogons", input.client.ip) +}