From 615e7ccf69c9edc3bebc27e4e83a50039d0aaa4c Mon Sep 17 00:00:00 2001 From: mathieuHa Date: Wed, 3 Apr 2024 17:58:18 +0200 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20Add=20ban=20html=20template=20(#142?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * ✨ Add ban html template * 📝 Add doc for custom ban page * :bento: fix Mathieu work * :bento: fix lint * :bento: fix lint * :bento: fix lint * :bento: fix lint --------- Co-authored-by: Max Lerebourg --- Makefile | 3 + README.md | 18 +- ban.html | 329 +++++++++++++++++ bouncer.go | 37 +- docker-compose.local.yml | 8 +- docker-compose.yml | 6 +- examples/custom-ban-page/README.md | 47 +++ examples/custom-ban-page/acquis.yaml | 4 + examples/custom-ban-page/ban.html | 330 ++++++++++++++++++ examples/custom-ban-page/docker-compose.yml | 67 ++++ .../custom-ban-page/image_decision_ban.png | Bin 0 -> 62795 bytes pkg/captcha/captcha.go | 34 +- pkg/configuration/configuration.go | 32 +- 13 files changed, 865 insertions(+), 50 deletions(-) create mode 100644 ban.html create mode 100644 examples/custom-ban-page/README.md create mode 100644 examples/custom-ban-page/acquis.yaml create mode 100644 examples/custom-ban-page/ban.html create mode 100644 examples/custom-ban-page/docker-compose.yml create mode 100644 examples/custom-ban-page/image_decision_ban.png diff --git a/Makefile b/Makefile index 6a60c8a..cb593af 100644 --- a/Makefile +++ b/Makefile @@ -46,6 +46,9 @@ run_appsec: run_captcha: docker compose -f examples/captcha/docker-compose.captcha.yml up -d +run_custom_ban_page: + docker compose -f examples/custom-ban-page/docker-compose.yml up -d + run: docker compose -f docker-compose.yml up -d --remove-orphans diff --git a/README.md b/README.md index a23c8bb..58cedc3 100644 --- a/README.md +++ b/README.md @@ -177,15 +177,18 @@ Only one instance of the plugin is *possible*. - CaptchaSecretKey - string - Site secret key for the captcha provider -- CaptchaHTMLFilePath - - string - - default: /captcha.html - - Path where the captcha template is stored - CaptchaGracePeriodSeconds - int64 - default: 1800 (= 30 minutes) - Period after validation of a captcha before a new validation is required if Crowdsec decision is still valid - +- CaptchaHTMLFilePath + - string + - default: /captcha.html + - Path where the captcha template is stored +- BanHTMLFilePath + - string + - default: "" + - Path where the ban html file is stored (default empty ""=disabled) ### Configuration @@ -285,11 +288,12 @@ http: captchaSecretKey: FIXME captchaGracePeriodSeconds: 1800 captchaHTMLFilePath: /captcha.html + banHTMLFilePath: ban.html ``` #### Fill variable with value of file -`CrowdsecLapiTlsCertificateBouncerKey`, `CrowdsecLapiTlsCertificateBouncer`, `CrowdsecLapiTlsCertificateAuthority`, `CrowdsecCapiMachineId`, `CrowdsecCapiPassword` and `CrowdsecLapiKey` can be provided with the content as raw or through a file path that Traefik can read. +`CrowdsecLapiTlsCertificateBouncerKey`, `CrowdsecLapiTlsCertificateBouncer`, `CrowdsecLapiTlsCertificateAuthority`, `CrowdsecCapiMachineId`, `CrowdsecCapiPassword`, `CrowdsecLapiKey`, `CaptchaSiteKey` and `CaptchaSecretKey` can be provided with the content as raw or through a file path that Traefik can read. The file variable will be used as preference if both content and file are provided for the same variable. Format is: @@ -378,6 +382,8 @@ docker exec crowdsec cscli decisions remove --ip 10.0.0.10 -t captcha #### 9. Using Traefik with Captcha remediation feature enabled [examples/captcha/README.md](https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/blob/main/examples/captcha/README.md) +#### 10. Using Traefik with Custom Ban HTML Page [examples/custom-ban-page/README.md](https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/blob/main/examples/custom-ban-page/README.md) + ### Local Mode Traefik also offers a developer mode that can be used for temporary testing of plugins not hosted on GitHub. diff --git a/ban.html b/ban.html new file mode 100644 index 0000000..ffa4a8c --- /dev/null +++ b/ban.html @@ -0,0 +1,329 @@ + + + + + CrowdSec Access Forbidden + + + + + + +
+
+
+ +

CrowdSec Access Forbidden

+
+
+

This security check has been powered by

+ + + + + + + + + + + + + + + + + + + + + CrowdSec + +
+
+
+ + diff --git a/bouncer.go b/bouncer.go index 791c9ad..89c2f82 100644 --- a/bouncer.go +++ b/bouncer.go @@ -8,6 +8,7 @@ import ( "crypto/tls" "encoding/json" "fmt" + htmlTemplate "html/template" "io" "net/http" "net/url" @@ -72,6 +73,7 @@ type Bouncer struct { customHeader string crowdsecStreamRoute string crowdsecHeader string + banTemplate *htmlTemplate.Template clientPoolStrategy *ip.PoolStrategy serverPoolStrategy *ip.PoolStrategy httpClient *http.Client @@ -118,6 +120,10 @@ func New(ctx context.Context, next http.Handler, config *configuration.Config, n } config.CrowdsecLapiKey = apiKey } + var banTemplate *htmlTemplate.Template + if config.BanHTMLFilePath != "" { + banTemplate, _ = configuration.GetHTMLTemplate(config.BanHTMLFilePath) + } bouncer := &Bouncer{ next: next, @@ -141,6 +147,7 @@ func New(ctx context.Context, next http.Handler, config *configuration.Config, n crowdsecStreamRoute: crowdsecStreamRoute, crowdsecHeader: crowdsecHeader, log: log, + banTemplate: banTemplate, serverPoolStrategy: &ip.PoolStrategy{ Checker: serverChecker, }, @@ -219,13 +226,13 @@ func (bouncer *Bouncer) ServeHTTP(rw http.ResponseWriter, req *http.Request) { remoteIP, err := ip.GetRemoteIP(req, bouncer.serverPoolStrategy, bouncer.customHeader) if err != nil { bouncer.log.Error(fmt.Sprintf("ServeHTTP:getRemoteIp ip:%s %s", remoteIP, err.Error())) - rw.WriteHeader(http.StatusForbidden) + handleBanServeHTTP(bouncer, rw) return } isTrusted, err := bouncer.clientPoolStrategy.Checker.Contains(remoteIP) if err != nil { bouncer.log.Error(fmt.Sprintf("ServeHTTP:checkerContains ip:%s %s", remoteIP, err.Error())) - rw.WriteHeader(http.StatusForbidden) + handleBanServeHTTP(bouncer, rw) return } // if our IP is in the trusted list we bypass the next checks @@ -248,7 +255,7 @@ func (bouncer *Bouncer) ServeHTTP(rw http.ResponseWriter, req *http.Request) { bouncer.log.Debug(fmt.Sprintf("ServeHTTP:Get ip:%s isBanned:false %s", remoteIP, cacheErrString)) if cacheErrString != cache.CacheMiss { bouncer.log.Error(fmt.Sprintf("ServeHTTP:Get ip:%s %s", remoteIP, cacheErrString)) - rw.WriteHeader(http.StatusForbidden) + handleBanServeHTTP(bouncer, rw) return } } else { @@ -256,7 +263,7 @@ func (bouncer *Bouncer) ServeHTTP(rw http.ResponseWriter, req *http.Request) { if value == cache.NoBannedValue { handleNextServeHTTP(bouncer, remoteIP, rw, req) } else { - handleErrorServeHTTP(bouncer, remoteIP, value, rw, req) + handleRemediationServeHTTP(bouncer, remoteIP, value, rw, req) } return } @@ -268,7 +275,7 @@ func (bouncer *Bouncer) ServeHTTP(rw http.ResponseWriter, req *http.Request) { handleNextServeHTTP(bouncer, remoteIP, rw, req) } else { bouncer.log.Debug(fmt.Sprintf("ServeHTTP isCrowdsecStreamHealthy:false ip:%s", remoteIP)) - rw.WriteHeader(http.StatusForbidden) + handleBanServeHTTP(bouncer, rw) } } else { value, err := handleNoStreamCache(bouncer, remoteIP) @@ -276,7 +283,7 @@ func (bouncer *Bouncer) ServeHTTP(rw http.ResponseWriter, req *http.Request) { handleNextServeHTTP(bouncer, remoteIP, rw, req) } else { bouncer.log.Debug(fmt.Sprintf("ServeHTTP:handleNoStreamCache ip:%s isBanned:%v %s", remoteIP, value, err.Error())) - handleErrorServeHTTP(bouncer, remoteIP, value, rw, req) + handleRemediationServeHTTP(bouncer, remoteIP, value, rw, req) } } } @@ -309,8 +316,18 @@ type Login struct { Expire string `json:"expire"` } -func handleErrorServeHTTP(bouncer *Bouncer, remoteIP, remediation string, rw http.ResponseWriter, req *http.Request) { - bouncer.log.Debug(fmt.Sprintf("handleErrorServeHTTP ip:%s remediation:%s", remoteIP, remediation)) +func handleBanServeHTTP(bouncer *Bouncer, rw http.ResponseWriter) { + rw.WriteHeader(http.StatusForbidden) + if bouncer.banTemplate != nil { + err := bouncer.banTemplate.Execute(rw, map[string]string{"caca": "caca"}) + if err != nil { + bouncer.log.Info(fmt.Sprintf("handleBanServeHTTP banTemplateServe %s", err.Error())) + } + } +} + +func handleRemediationServeHTTP(bouncer *Bouncer, remoteIP, remediation string, rw http.ResponseWriter, req *http.Request) { + bouncer.log.Debug(fmt.Sprintf("handleRemediationServeHTTP ip:%s remediation:%s", remoteIP, remediation)) if bouncer.captchaClient.Valid && remediation == cache.CaptchaValue { if bouncer.captchaClient.Check(remoteIP) { handleNextServeHTTP(bouncer, remoteIP, rw, req) @@ -319,14 +336,14 @@ func handleErrorServeHTTP(bouncer *Bouncer, remoteIP, remediation string, rw htt bouncer.captchaClient.ServeHTTP(rw, req, remoteIP) return } - rw.WriteHeader(http.StatusForbidden) + handleBanServeHTTP(bouncer, rw) } func handleNextServeHTTP(bouncer *Bouncer, remoteIP string, rw http.ResponseWriter, req *http.Request) { if bouncer.appsecEnabled { if err := appsecQuery(bouncer, remoteIP, req); err != nil { bouncer.log.Debug(fmt.Sprintf("handleNextServeHTTP ip:%s isWaf:true %s", remoteIP, err.Error())) - rw.WriteHeader(http.StatusForbidden) + handleBanServeHTTP(bouncer, rw) return } } diff --git a/docker-compose.local.yml b/docker-compose.local.yml index d8e612e..2741212 100644 --- a/docker-compose.local.yml +++ b/docker-compose.local.yml @@ -16,6 +16,8 @@ services: volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - logs-local:/var/log/traefik + - './ban.html:/ban.html:ro' + - './captcha.html:/captcha.html:ro' - ./:/plugins-local/src/github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin ports: - 8000:80 @@ -31,9 +33,9 @@ services: - "traefik.enable=true" - "traefik.http.routers.router-foo.rule=PathPrefix(`/foo`)" - "traefik.http.routers.router-foo.entrypoints=web" - - "traefik.http.routers.router-foo.middlewares=crowdsec@docker" + - "traefik.http.routers.router-foo.middlewares=crowdsec@docker" - "traefik.http.services.service-foo.loadbalancer.server.port=80" - + whoami2: image: traefik/whoami container_name: "simple-service-bar" @@ -50,7 +52,7 @@ services: - "traefik.http.middlewares.crowdsec.plugin.bouncer.crowdseclapikey=40796d93c2958f9e58345514e67740e5=" crowdsec: - image: crowdsecurity/crowdsec:1.6.0 + image: crowdsecurity/crowdsec:v1.6.0 container_name: "crowdsec" restart: unless-stopped environment: diff --git a/docker-compose.yml b/docker-compose.yml index cdb0ef1..2b9d88c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -12,9 +12,11 @@ services: - "--entrypoints.web.address=:80" - "--experimental.plugins.bouncer.modulename=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin" - - "--experimental.plugins.bouncer.version=v1.1.15" + - "--experimental.plugins.bouncer.version=v1.3.0-beta1" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" + # - './ban.html:/ban.html:ro' + # - './captcha.html:/captcha.html:ro' - "logs:/var/log/traefik" ports: - 8000:80 @@ -34,7 +36,7 @@ services: - "traefik.http.routers.router-foo.middlewares=crowdsec@docker" # Definition of the service - "traefik.http.services.service-foo.loadbalancer.server.port=80" - + whoami2: image: traefik/whoami container_name: "simple-service-bar" diff --git a/examples/custom-ban-page/README.md b/examples/custom-ban-page/README.md new file mode 100644 index 0000000..18e6b89 --- /dev/null +++ b/examples/custom-ban-page/README.md @@ -0,0 +1,47 @@ +# Example +## Adding a custom ban page + +Traefik can return a custom HTML ban page along with the 403 HTTP response code. +This can be usefull as some browser (Firefox for instance) return a 403 blank webpage and we can mistake a server/reverse-proxy error with a ban from Crowdsec. + +### Traefik configuration + + +```yaml + labels: + # Define ban HTML file path + - "traefik.http.middlewares.crowdsec.plugin.bouncer.captchaHTMLFilePath=/ban.html" +``` + +The ban HTML file must be present in the Traefik container (bind mounted or added during a custom build). +It is not directly accessible from Traefik even when importing the plugin, so [download](https://raw.githubusercontent.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/master/ban.html) it locally to expose it to Traefik. + +```yaml + ... + traefik: + image: "traefik:v2.11.0" + volumes: + - './ban.html:/ban.html' + ... +``` + +## Exemple navigation + +We can try to query normally the whoami server: +```bash +curl http://localhost:8000/foo +``` + +We can try to ban ourself + +```bash +docker exec crowdsec cscli decisions add --ip 10.0.0.20 -d 4h --type ban +``` +![image decision ban](image_decision_ban.png) + +We will see in the browser the ban custom page: + +To play the demo environment run: +```bash +make run_custom_ban_page +``` diff --git a/examples/custom-ban-page/acquis.yaml b/examples/custom-ban-page/acquis.yaml new file mode 100644 index 0000000..5d52554 --- /dev/null +++ b/examples/custom-ban-page/acquis.yaml @@ -0,0 +1,4 @@ +filenames: + - /var/log/traefik/access.log +labels: + type: traefik diff --git a/examples/custom-ban-page/ban.html b/examples/custom-ban-page/ban.html new file mode 100644 index 0000000..c6b59e0 --- /dev/null +++ b/examples/custom-ban-page/ban.html @@ -0,0 +1,330 @@ + + + + + CrowdSec Access Forbidden + + + + + + +
+
+
+ +

CrowdSec Access Forbidden

+
+
+

This security check has been powered by

+ + + + + + + + + + + + + + + + + + + + + CrowdSec + +
+
+
+ + + \ No newline at end of file diff --git a/examples/custom-ban-page/docker-compose.yml b/examples/custom-ban-page/docker-compose.yml new file mode 100644 index 0000000..8a9fa99 --- /dev/null +++ b/examples/custom-ban-page/docker-compose.yml @@ -0,0 +1,67 @@ +services: + traefik: + image: "traefik:v2.11.0" + container_name: "traefik" + restart: unless-stopped + command: + # - "--log.level=DEBUG" + - "--accesslog" + - "--accesslog.filepath=/var/log/traefik/access.log" + - "--api.insecure=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + + # - "--experimental.plugins.bouncer.modulename=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin" + # - "--experimental.plugins.bouncer.version=v1.2.0" + - "--experimental.localplugins.bouncer.modulename=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin" + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + - logs-custom-ban-page-enabled:/var/log/traefik + - './ban.html:/ban.html' + - ./../../:/plugins-local/src/github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin + ports: + - 8000:80 + - 8080:8080 + depends_on: + - crowdsec + + whoami1: + image: traefik/whoami + container_name: "simple-service-foo" + restart: unless-stopped + labels: + - "traefik.enable=true" + # Definition of the router + - "traefik.http.routers.router-foo.rule=PathPrefix(`/foo`)" + - "traefik.http.routers.router-foo.entrypoints=web" + - "traefik.http.routers.router-foo.middlewares=crowdsec@docker" + # Definition of the service + - "traefik.http.services.service-foo.loadbalancer.server.port=80" + # Definition of the middleware + - "traefik.http.middlewares.crowdsec.plugin.bouncer.enabled=true" + - "traefik.http.middlewares.crowdsec.plugin.bouncer.crowdseclapikey=40796d93c2958f9e58345514e67740e5" + - "traefik.http.middlewares.crowdsec.plugin.bouncer.loglevel=DEBUG" + # Define ban HTML file path + - "traefik.http.middlewares.crowdsec.plugin.bouncer.banHtmlFilePath=/ban.html" + + crowdsec: + image: crowdsecurity/crowdsec:v1.6.0 + container_name: "crowdsec" + restart: unless-stopped + environment: + COLLECTIONS: crowdsecurity/traefik + CUSTOM_HOSTNAME: crowdsec + BOUNCER_KEY_TRAEFIK_DEV: 40796d93c2958f9e58345514e67740e5 + volumes: + - './acquis.yaml:/etc/crowdsec/acquis.yaml:ro' + - logs-custom-ban-page-enabled:/var/log/traefik:ro + - crowdsec-db-custom-ban-page-enabled:/var/lib/crowdsec/data/ + - crowdsec-config-custom-ban-page-enabled:/etc/crowdsec/ + labels: + - "traefik.enable=false" + +volumes: + logs-custom-ban-page-enabled: + crowdsec-db-custom-ban-page-enabled: + crowdsec-config-custom-ban-page-enabled: diff --git a/examples/custom-ban-page/image_decision_ban.png b/examples/custom-ban-page/image_decision_ban.png new file mode 100644 index 0000000000000000000000000000000000000000..62c50e3df7a1784cfe19ae08d29a50350227d548 GIT binary patch literal 62795 zcmeFZcT|(x7B9-)wrxRd6sal-0sR7OhfM!C48D1JWv~nU_nWJZ(k+_&PS$zw;h^EN4V*Z5SK_jr#u)30 zD35AyZGH6ZD>jVZOKaoa53h=4zuV9wWXBrY8XL}MSf0<~K_>HDO%8hY;*Ymq@QGza z*NMW1FI@+HHz@wHWY+;>U%9RlqAdAD(kyWYZC4IQvoRh4GlE{KB8wx|f;V~hKgl2X z7Fw|Xmgd|+RJ&dd`zrb)#>HW#iAE@KCMuqop zUNf&PTrn8^ZU3=r-MROw%YxqXn<(a}8!L4%@Q3(jG31!NAr%CC3-_Fx3?Za6DIrQoE8=W6}#Lw^dXXJ{I-%Pln5NTJ~enAw0Jde5c#eSaU!Cq=-N;*E;n^XD z<3D@mc=)9M0pjMuRC9aC{_O9=-+t16rGF5qaNuVf!TmNr$=J|x_kWL2|Bar!0(X~3 zDm4A5WK4JrxBAsF9jWmBVGDQrtc6gOl=qegZL%z%^(}i2)}MD7GigiL6;?;W?fT!NlTrO1{%{&vkcoEt77SUIut=yUJG zuOEaE1qY6tyavzn9D2k#mBA9g3`0>ogmmud4ElaTcSg#>JxtOji2a7<;YSoB!a4-W z&dv2=dqX9Aq}%mfesn!acDG5VW&p7;BJIm8R*bv`42!Y1i<%~&s+mLWZZX7h)x zMu_f$6K&M46mCb~)PFljr|?7ipDu%iDb7npN!K=`&WVhBVKuSq9g62Tqc6&!$tyM1 z3HhdX3w&26daXt)*P8#>8?+%VhfW2ppLa0NmZweRxZU;jzvP-`*oFm<>PM31TH~bS zPp2Ey)1FB`$s&t~|7J(JSo>oNmbZGl8drb7YAg13OqI%o7ZE&e>XY_YDhb0m*uq9S z{<2=WiLJF9;(?g)$d@`=J4xI-91r%nS~zeJ*+JT+tFK6Zf@?TH#{-A|c=JldLU+Ke zbI5|HEI#By*}ACh>p0nu$m-I`cNO!maK)-h@7gmAm5%B49)XjWYZy4SkFlb>+bRrv zIl`ystrJ5C%Of$j`UL%*p9odkb&wUf)F7;&p&58_!5yhLO8k<<&I@<^fbC;!LzvDq z95`v)GtGDi8C~GLR;Jw_qZ0G`_e*!+oBc@VVcXj(a$fdlo@TVNdo_G=?z~~azs#vj zMlCZ|ymMN-p0`r1a?!51Iy#Fl%DgqNf`aO?-xpsaT^V1zIdj>Y&JV)SAnu)F!Qu-PC0wHBdNJt?aR#QY#^m z>^HJXHS9srDu5ONrSkiLY0VtrugE4LZurGcCdpD(rju-EEF|X7uDzji%c=34 zE+5^zz1DqJBjTd!=N93q(*EIct0kX?H_o4tf!MGI)7X=g9>%G3E7>y~bLAmv!Nq0SK#svE9Y6DD3kz*>g2c_oN?}ZAM1YX^_kTFSUd za|VB?#fxvocS0GaxuC^1v}DOXQB#b_4Zk4zNC{3_GO)wA&yt0+Nk#ZdE`F!9DN&!- z)o?VzKGxi?O+0jfq<>6LkWCwZ2{he(kVS7R`D4=hB)?A~S9ME$lH|pR-6xnq|Ilx# zk2VyF?(cp!8m-kY9kP5iN1Tjo4)C{2s#fB+Kp%(<#YPVD`M^eG#cWTBIT;UoXt8=e z#Lz!Snqi+}BO@D$D{LdBn9Igue34@IRrlNmQ(&wv_{^y<{(OJvju68+ON~8;Xz(u9f296y@=6UiMf<6zy9D!)faAaQL92=AXG$Ij3rfof0MsjpJ9-)xk2S$ z`OXd6N18R_D}tIg9ygV62AmduS6(ONPnkWsHn0=)I8UlIkxH1Pe~IcC7Ly&UaV^cY z|CT5skSIVmFwb6B?UvCPS;ZV|wbARm z;(XfK7wP~!Tss=9OJ=MPtfS?SEj^ddWjoVnXyIMf=X5n3L4J!LELCrWr<*iVa*W5k zM0{RL`tS6t=fCVnE}AsL#ibvM-nDPZSE)YsJiND)=Z}nqGY@i2Zgw7UZ3{eDG81}Fj5|3B+Zu?Fj2mRaqdksy)DU|A-!8ux!BFK=44hd zWKh#m?;EpXRAqi3b#}lVHN!yVH21f&6#7saY~cP%`7s6C?6L=x$uAK@GPqh-+v#bZ z%xejs#g%W|Ic5|!RASv4F1}mZm;Z472F7QEYI5dX{@1OwuIA|&!Gtl9m=)E?d(m#W zZfaHET2hWa>qBr<_itY)$a_gPPoVR;qHNznSnBqzs?cjbVsE`+6O~aK?kxoG(N(xG z^!+1~%>1U&>o~`e*6XT~grO_dj&J;BYT3>v`8nJe(Fmu)3H@FL`Te<8=)tO+Z-=cb zR=O`DDqyH{nlgl4eyfE*A*c4*YQ>Gg)WuHPTZ0}#$%ZjHn{&@>yPDHzUAsPi%-lV5 zcK3~OUaD&sT*Zp7*Sdo35`CS(2ZE*auA=v~3a>SnL{3PEZ*<1QJObwW3&4> zb|z{R_@-J|oOllvbhu8UQRQmxGwZx2@$E&e*Ya}fkSk>fwdv=YNtIvoWMSKLZvrhx zE9n`h5WtWua3tZlm!;S^m0Q(XGYF!e`s!gZGu;{_ylt({ED4@zl{fc_MNHthm3H<{ z*!%9(ta{UwL&sH8Z0gvh+(OEcYXf~={x|-5+@@R59Hw(@pkhXuBi4=HmA>S$T@z_&@S&Tbr1ksEb@j!}fr10o#ddunh~+kJ!Mum+3Qn&$ zoQ=9i3I%H1?wEQE1u@C^e7#;#7QMH&z;M;HBgi&ag%@)kW)*yJ#}k|6d^v`2n;L)T zr7FV~7zg}%i~3ay_x1I3RO?2U^cl_o((=~mO|y_A`9=k4s56Eb^4%TBoekA|)7VvF z(c0`A@h0zAjC9!*qgWXZY~q&Hs84rmn&DbuS?`sT(iA0kvcIJHwZzs?Y->|vMFIzh z*?eo6AuDMc)|!{r(j*)}CBH>$4HFCvTdI@_mhSblZMaT5#(2wUqU!<-6HilABex%# zQoOe7aU9)9kuwP=BXNwa$`zPILv|-LPHyU5%5AH;*Vw72j~;jVb8%^^>JrO?9DO-T zKZ+{UwA^ear5qpky25P!s)X{MO~nEezxh~=x9q*O%hzkxaorxFBpx5npuFmA=fMM8ga5YtfX>V4wHIVct2uzxyIEYiPr^_ z$l5g^7~wOqhEVwYidOELPt4n?AV-1hs}F zz*nXA<6Gn^M9!-8E{n|!BWyAAOqZ`x7f5aE>HG_oDxeRd^dH?5nOiR1Jb z4nHsah|`8mugin4@iO8JcS3E(>Q(WwKPtCc)QL^YjfQ_NFL)ej8L9}6pjIt~I^RJF z6nV$LKYe_rW%ST#e&dSJWe-USg306Mj^3$RqIGM$lpup*hfRrl#URcV6N=ec=up_I z%rI_VLyw*phfiC%lgHCnyx%FAln?P%FMGO}?&k1ex29hp>omeT*h%iD#4@ZU%E?5b zW`KXe{PV{T6@`NyU5(h%4u3Yf-PJ8G>I}Kb8?_A|b<_495#wiU8pTibE)LbMP{{W& zgH<~X{pG$Gwlw&drc22{g4OJpFJoHUM<&WFsu{oS?u*F?@WXEfE|^=l_Q>#zl8I-J zG(UATZkqBgXvMHQ8WmNUxLrM_W{sj4R~4DUnwC6uwOG0{9KBK9)*CKY>}${RVekoF z6?lIb!*YnaRSsd=arRqqK>mH^@wc(KCX`BedAI*79jhDV;dJkBO)0F+bXXZ0ov(3W zvmypiL5xv!APsZUmDK{u@Gua#;iI!Lbz zcM;irBp$n{mlqel9N9fZH!4>=$Iqu<$nL+DqEH}x+ve?hY|GaG11=df$=zZxu(QSJ zak0Ny9|;{BQI$#z9_|sjX&0zhUnJYGY5LpuAi}ntsq5x^QP+EZ%gLo+XDT8P`<=a} zDZhponc&096xdlM#-0#&raPjjE5MA|kR!=3W996unXAIbBFsSd^_iA*vS4KI5jG|n zUt(l^op0-_!*Cvfx&X^s{ey9jOqv*$O`1lLX;|x7c(q@xEIf_4%iT&;sylr=O`&vT z<2lpr(A1>;{a(5g;m7I5E+=jeRSDTp&8#x3XTNW724aU>9}g^7tUPkty?cV)|H<~J z&2lN({QBw7TV9c3r;m?^ajT9HA`(a^g3Nq3BW|Ns6DrA7H{3@mg4tU?a-cs}I3$l! zr(jJy2Zj|wU%;9;5kwezZp0crH-rt^>hngo1a?tNK3EbBg|-5xy$8Fh0u*g8KbAf< zd(O2ab0irS^D5~)QRl1qIfOj^g*Df^Ba7-3-BCikT(c^SKjK^UiJ(YUVyuqB4{KSE z`%68xQAS$>p=%S%s4%%`>NvevxVlPo%IV`6lY6P>g=Q^m^Liz}#VPUlI@T$_vp${3 zv0+d>zhqQwTjF9@v&_}J(|CM5bSi&39$zrE`?%Xr0rkm;HYm{qJytcb`C;o$Aou#0 zWrX*VAj;vPnpdW@2&DjNG3rFt^)6iL$4f1oU7IwM8h{%xwv5_ZVd*NynPMUQnrQshvu zxafynPw(h#_34k*vmZNgT=Uxqcaum;pAce~^qSEBgntn74#ZBX>%AF%elr^hXHkyX z>KWozM3w&dF=~x%(TxoH6hlq9iNKV45h8HS!AT^aQ7Y+k5W`4IN~XVatV;LtuD#dC zN?+R}YfEKGk#tD}>=s41x7~BVdpVXGd^(fubkerDkk)lU^J?niS`i&3X{#kq^P0@K zePmN~66L{8$~z&a(>1iLdd%i$m!&EqW1K*ovbHIO9U?8X1qTG-SUt^0$#x5+LF~S) z)nDx;b~=Edck*9is6S0iq6SN3OqRQIMbut=No{4swph;$Y!2T+Ve6Tacrf}dee6=` z<+9E#->H(0+JLjzU=tK$rr(Ucv!+mS^^7!`Tis4RUkuZA+V_^g&T>; z&D2Q=>S#agDZWi)D(qSr!WTPQ^$sYwx|caJj`g5D@~onI8W!wJysL8Ea=!IQ*V?Dv z6t&L?K&`w9k;cHMUogqkNS7<_`;3g=EVaMJu4;{Xkh7S?>pt=3Q2lrkcalb?61g!~ z>91FemTNAJtp*nVi>0Y-9)q%C7{4Lpx;cEhpI&1=Uc{7TGhYf9BDLtWse`bCf3Lil zzNy-EV>Sn|X%>YGpw=Kps`v5)59J`6F>mA`9e4Szx}4wUZ?pAe(Oa*LmxS3k*+LZy z$E>kIbvl1k|7l*i@p+42H9bl6UM5s-Fn)KQ@NumOerfr^_*rzT zE#K(Pm0~83VSc_3ahrxh)0-|it`%h;#3uUXnj&M!(uyq{R0BOBkEL@p(I)P)=aZyu zUg?}74P@n5tuCwHo_Hj~fZ1*1NX09UTB0NtP%42}VCa|!<%_5IKJ0kOsOY~@YI^14 z8K%zA6`>qZCGIafm0d|%u%8M!Ef+~{t!Jl(s9ScJ(M4#o_E(r{8y_FWovm5YGG-O! z61>Oi{tZ8r=j&!;fcElKk@m+`9`0oqv|r%VY-;ME(#N+DYOYZt@)rpZ64QiV$qV+u z!HKnkTWa)~Xj9jImjm4*2*)JZ>5^&WTX+1N5aN58zwub9`mq1)>Wzq+Daf0=toDsh z8GUCsLvP4uiCdLY+Et2kJ0T{ZekPsEswIpE&L;6>!WeF2czKy`Sr{pIID7)*8NPx@ zZHd7KOBu3j)Oid=tyv<=%<$P=FUwiZ9q>>I_g<@brPS2^zRNV<+_$w=F2KW&Qe)WS zh^psi_n&Ip8rhn~9e15>**y*Ru3OP4Y%{gZMvoS6M+GcXY%g#1_S)SP;e&QL@ zE=r>^Gl(r~XN#tM!Zo<^81jqD9=8 z@QXlN^d0pS8%k-V^0C`2`G<@PCj07WGx6%t$W0B&c~=GdM&(5m`)W#H3(0 zSFhM+NlFGB0ndP!tl1V{*vy~Ge*WW~?f}Mgh|zSbEVXP&$f!%w^O|}zb4g}%lRm?C z9n&;xu|ny!f#EPpjUrEA*!)_%FrsB)Xr)1dTrStTLAP^BfIK`QF~8Mlg^?lMsmK$L z{3h-#I3rM!xDa=**2cfvSX~N6&!!SCJ{8Ta5*}@2%s-O)sEA;lfcD>+-fGY5YX10w zKh><@_Eag3%Ei7r!hs#YB{IJfPLBTH2v8UcZY+9%+ukBgiyFRpGSfXFMauMa^NX+o!rRB8xT*>8;ewzOK z=3h;W8LEx}cMffO+Ip$Nu{7ew+JePOaMJGFGl{a54PhJVcz1~>wGy%LzA1r$m>_;N zLV`3}IkW4$)>8YTyZAQnGPkG^iz^)T;)&(;8J=SoB}@6JUR?>IG9kesG1#gP`VVte z`7X^i)e=?0ZAKoVCE8c>-oK8xMYi_3~3=~C@i|GyDoM@ zt5>89a@4o*Yuo}y|Jbl~j+$(I)xsIzlU1r{Ls3fuNgruF2cwkXLKpYj!+9TGO5BSd zQe$!IePZF@7kBNhxt1RqR&-7e)VPkzQJ3tyM$c1;rID@mHLT|?wq^vamgE=}OGgD{ccO7EbP-qC`}*GN z-O-3RU(#-0RlYoUqny9&eWtJ5wdgs4uzRq2E#_cln4)*DSa(rJNJZF+$@?5%#;+mb zi;dsgsA2aIEezeZkvdjYJ`TMX#gxPE38(ob^y*N2Jp}Y8>&flMg?#2QWKj|E8OG-J z__DF;QKMj4wvaAR{l-idTZ*?Id&gOuG(nkoHgbMi3_Cni904jldw(L z=XJF(Inw}hzo{&~so-<+<%1Vx@kI#x?EE^!1M~R23XAH_MKV4zuYH5Qb?OGJ^_`1w zVjSslm84t8a%xw|`gfUydO2ja+b5Q_g}3b!nU)Lj)7u^uOT~-FZV$>-JFy|uGf~BE zj{V~1A@c}gg}Xzqqe4=VV;Wj)np>K@8Dpt~)VD!tE*0Mn(Z)oyb>+M4&PRV>E$F(Y zG~-yls82kZr&cgmuI??<=V@K9EuG{(#tzBzeTwp5_l=Kif_;Nv*Unv)T2gyXvkVTT zhN81=voRzdU-TXJTBobz6~oR*Me3vFk~ESdk*%`+@!ND}Xj8$|WlcQh+Isv9T9%;O z`fk|%l4Df4dQW|itnEWh3l>yB_B(uYXRA5uY~CEP#iOxA5Cz)9dIWUMmbN+bPX$9xm>x3J)FbRh->mc(3a*-C&rn`+r>*zwwk3__6 zPMNY71=38Y$|~t3Q-rE}sU9G#jDoB@#p#iC8S;{!- zksIX+e)+xZMO;fxms~migL~IDEQ+e_(;2_=UHs&NF}q{d7&}=3m$$$iNt=E-SqmGkDe=t ztiGNXSY1pb8k0eiS$!Iawlf}$(jb|35C7RCnFn@btbaGvK5fq1XEI)0MB5LGe;=Fs zyv$Mu*Gchzt`u=8=CysNk6VAyu#?VT#djj?uRR4I+%Lv@`hQE_KS5>KP>!3Pv!+Ic~GVXLs!CbG{%JJ&Bc&M>U|#( zm?OgdX)`2O+y{})L%4!)-JW+%$1y>2J3o}xC21Gqu`)38n)w=pqDUF?B0Xe=m zkk2-U3!>{&xc?@$#?8xB?_#OWv$8&fR+oY5f6zs~-UuN9waUe1rOE<>p zagBk)u|hpbVgj2KoaTwS9@oFg*cHp9DKq#)y*m>d>dz zYVoV+=-i_s(sqg$iVyTqpTZ4%siXC`AF4@zO zVkcl|cV9?LpVD5_j}iMgKsZ1lh9%1Q6s#Ipe2Tl(N_$>f%&*h?)JJpOxR6R&`8+zk zUL)Bn&W(=hxSBP)fr>73L~7Y|tf>9tZewZ>oi^#ofCc^Q_NHF?lYCLHvTP@@Ww9gG zMbeb7x(M_J*fGPF_P#uqwm36vUl7rFQmzz#{HhtHdoBWOmXSYAcJm~LFZ!^uVFX?- zI(qI9u`>nmYd&Ry1sSmetsljG%}Z@C86x`jwhsxe&g3eKunn9^r&}%gMEFR7EGJ>8 z*q1{fy}uzzT>c|X+c8hhc)?+8=rcyot6@LW5rsukOxZ-4*DBe%l?N?taN=D8apdUQ3%s8y zL(}Nc@iccb-lv^{B*JAPq_BiXzt0V>gjG`LtXpK8M+%>efBb+>HLG>A+J+C~wyKFG zs@`-ZNmR4ZExEHQ%Ww0^O+`w}XU)V-)Vk7TR zGWvN`VXXie*$nrTE?**LQREmhDJGGF_%Y?RiGE^Jw!M^RXr%vS;oO**CCNgm$uaU= zW5*mbnSFy}?GxMZwYsT?-8)_|?a;yWN0cw0KTy^!rgm$R{4hRwi}f;)lr_9`ZRg<@ zyhjz`FZz&i$UIgQ?q_vRJO6D4tHya<_)FJsY9ifmy#iKBP4@{#r)61+rp`pPbT-Km}o6AD;dDQX;GOLdGNC{kWD==Phe z{jfnw_riP11;hO2M=R&srk~rl^$9u8!Z<>Z{54GxBMxR26t3>#M>#hAemB3uH~PJ1 z-i%-~(YrSi1s`p}n$l2S7q~n}c}Q-!bIW2mzNR^kg#u=B*0uyu=QER>UGckJDMg0H zL9V1I=WWLT4VGxOt$C(;wAg7^?v^i$D<;(^t(O>-;6<#--x4IQ=ht|)O(k|@|4T*} zt1)Pq0;ld8FWUIhd|x(N^G4!JKiPVzbxQYO#>fh@S;feuVVE(ozRcl#o^eH(f-5Eh z%^ejQE-ASr7s*Ub0XrE7A;2knc`>*HNf8FR0-O{2lb z9fQU2F@TV@di>SND`oX!E0bHxW0B1vVsO~N4=;}?lcJ&bCap7$3-z=7af06UXA`$> zkBYna?WB1*+^ZQRP6VbZk!OT_KPO=WxNm2{p`6?*u^7C|74c!rz6s`zKVsj40p%lqWsm7<%eu{P@375)2|h$v1JZLaU* zlxLFpXtupSBZ)l9nfd)`OFJT=M#4_m(Cs1v?> zbt+|s)?7U;tDz$>9`)w&3IR7hWY#lx01+AD`rc`mcc)tjC-;>Z=N?SGXuFEn2i&6LW;GpE)i80}TC&>q(R zhVX`P<<1NG#WJO?!RmWWQ}a<+=ZkygC=HTQ86VU|s^(jg81nRM7CRB2=9RhO`8J|? zETOaUzke4Qdjb!N%hsja`u+)bTsunSJ=lg+UUyt1wzXIX8m5bh_-%b>GVts`@Evrj zoy@3QDn8x(hkTEmtnAk7xuW^cUXEZ3HlmyFgAOx9g{R?)*?-neJS&LKVAAMMk1><9 zY*Wk1d7JJ0D(Ob4UVq%Nae=BI@g1}l=p*!?J|*>8-(~ekDTl%DR}dH;3TkKlH1GBO zI;O1i&-&U8o&Qx;)+c$>ZhBxr1D7lvR=l|x;0~!dnWCp zS?r)-jf;m32DXQK#H+kF7(o4-^Uor@!mxJ;gj(LYt>W&Tl_|LQ3J0}lUy!$08g4>7S3jrjb>LW+ zWkDT*S24N#51qfV*EW)r17*8f)8K0kRs>YfU;&jzPUORI7ek;I9}xgSH5O z*MeC!&lNk>Z_jLfwU*VzCwo90tfp~LvP5wH`L45_2p<1eC(i4HLC?~BXUeZ$$nJSp zUx3>65i0JZ3)pIuSj;U6VedP9lUHla;9P2=&jQkU9uX5)zBl>g;Pm-`F6oW0m6I=7 zLf#;rBl|!)T&vqaBmoy~XpTI#m*TyDK)D~8ndI-&ZPG4+>N^8k6z!7GsFrbGoEiQ- z=^M=dEC+R~HFU4|gofqwm?wr!i39G|ZL$!|ofuRH&b!Xt+_W?IJCr2>sH)g)tP-@h zT&?pxRl{zbVimQnHCo|-@(R^I-l|%H?L~!xYwELnclPqnS*-IP9VIYNLJ`{Fd*m5ziLcmAMOfUU+`e`7g0>+P|mP@1dPj@FDOLwiB z|LAmk`-Vjp7ZAw@+S>&`*PS*OT}N8T z=`OQJ|CG%u@sjR#4k!vip}?UhUAeo?mza8_|2CMWkYYHqerfwj=~emtT^f0MjK+R^aowe3bgP~7HI800T2F+sFt{U4J71TQpm?+c|&SF^FP5^97-6OPo z*_W>6nOXl7V<2ZCYwI0?jCsXo9z%%z4Gk^+b=R8hDvK-zupCRZB-uKf=zAP{B9ct{ zG3&7b4I9UwuUq(I^VE0)NLTYa9$l5?lWdZABH3k9ty&`xvNSY(XJ&nohamE8H6Ejp&-0#5 z@SH-UcHN}`%B+3AP1npIBoD7fwno6>c?g%bt#REWhUrwh8sP z|DzZFDgZH4Q=x(p^SzmjoH?1QF#^tQS7MrwnTf^#8ss;f>tl>B+&#qmQZ5(F;hEg- zS|r#ZeeE^*f-&SxSqV7x-s+AvV}y?6E7H&;`$%9^`A-3`ql^{!(q*pREtDmu+n=GN2ZK?9+t_Kf$tO?=?sijE-4OpoV*jkHj-8Q%TD+Jp5GCB@XFJAhNdXG?V5g5V7lou$=9%Dsj4YSNN2UZxcV39D#SmS!-ayc2Kew~dg}Hyx?rlUuBD6~u4z|d& zgiKQog1InBc{nUp%_g$!Q2X)Jjgl@|6XQ%kT;A|sYE*dmB`u4=Y3{#zT$!#vyxR@B zxDP)IZE7~yRbwNhEc>#w6=033T~}ndLGJ@{x@5pkJphq<#oik;&7D#>R^1FW9!1{U z6;5MQFBr{(2J%c8IRO#7We|o(c>Y)H!TSu#0 zL*KObWT?k~`18RnxA`6f#2DI+ziIXYETP8ocHd>03fImXnGl>7%Kj}0cR(S1Fq}A6 zF{fYNou<^<@YeyzmN-cKhajkwwzB&+4Hj92nm=Os^S-?FW}hyE`C_b)He?V0ggvF- zn%4|476oKYwD;)*3(u9J2ZHqE#TmfF%Xw16X-bhFgsc>Wbl4=_7tTd-sfUO;4xa?I`?cuRZAG{_@}CJD8>z9ui0=TREp+@ruJ= z;-utUGKBf+d$M+cK8tC$@OPTR6n@jnKS@L!2evg*P%+yCD8kfyW>N&GirAaB2sG^v z!;m>YW@rI-|Mna(iys_sP~VdY^EM>kcRosxl!rK}8grg|Susv@f$I{Ls+492zke3Xx zfZd(Bu^Lac*y{);q~m;9hHaQhnVmj_VAv=Bn&Z>(0Yr>>b@%hEHbC>K;tl~m$c*QP zg#b{kyamuVLj;HuFr`Xg6QnAbh9rQm_U~GFpW^y=UpQhzw$^y98Xw%J5qr#+%6 zKo-4`UIp+ny2z@v1%Ojk_ik70F42FzjoYf>>2DC9b1fk81Wkc3cb}K`T2+K!;;tj$ zA!#YJ+>2Djcq_&{OaLfk%sJNf_^yUp?4&}%|N3v>v5FUmnd6s+gn{}PggJ~>yUm{w zMD4hgI*nCBYP8w-OO3>sF}s9{7g@CF#3?DvwgxoUh~!x&Q+WoXTVmA|yeD2Yq$!znlkAH2OW%gC7<0qNq_8WsZZJs#cowfrn)>qPI2 zQ||of#HHMlPF_fASOkAjZ?WUc8%``JWfSzt4L`!}wP$sqS=+Zj4EUvwve$qqN?M8(nf7{KlnMp?PmY(D`Q>Fwr!k)7)~~!Kd71?&2naD}4{5wwUZMQ!&v0 zHC8yym$3CRFIG{pOh73B#+u z(G&_K0+!BUPyyZc#$+5Sz>iRp#Gl7kU5`GeZeO2a>k&ZeO=_UE9tEuSH2oN`Mf%+kEQB7;|&A<@zUS=@|qpwMFC`fJk_Q6Dd z8F&QYJh~a@>N28vb>fEwYL;|L;|zQv1Mq1a&;p+hb3;I$Y^NSC#t#aG-ln4QU>XUj z{cd7SLW^d8Yt2FcBp_;PjqH{9=;gU~$%xN%CYa#k#z$Z%v(mWEmlBWb@a9RtVnJpm zx%?$sgIYdO9;B3MY72IOnV>oZGxJ?S2PBGz(26#1M8 z;2^nZ|4~Uf>UNhE6y3lYhl~RI@Z%Vl4*tE)#r9k9+9q@s_;2Qb2E(Ai<-F+Xi|9+xgZLstKUe#o!eV;uY+?!Ds3S+kT{TQ6TQ6&TnVT4 zcRWQKol>o}-WwrrXmcQe12Iu5TEquGcRGq&Q^1GCU~wQ13poG)ap-|1)S3YvmHb}8 zjy@J>O7@3SqEL+6Z6_J6^Cm7G*F0pMWCqEzUFa{3jy^AHr^o8I`bnYSx(IAsnnA$S z2p^{y%D@jfjo?e^oz+I??>CP?>;Ygt{L3B9y-UIrTA=(Pf6Fr61%S3VBs{6;%ATU( zaz_(9uM%YQz?g6h6^!ao`!~phczzQ_>pcvL6Pebli5AI&-JbV#1-iK}1Hh*3W7~c2 z9?5iISt4VFtr<9@r=i6rcnl-wMDyKpq4;J_|9u3TRLhUHs5Cg4009S!@ZUOU!)W^C zX7kIe;E=vzJUA>WUat+UK067jfO;At`rz~Ptu{@69XxLoxJC(zgb_G!QJ6gBLIZLZ zX~o|bZz|r`UcF$_{tM5sS0=OlLZ29BM8-)UwqdGC0H5f`hZ#@i* zk#lKJj;GSwTfk8y#=3Sf;8~{jZ)IP+tDc?m7F@n{A6yIu8tQ#K&8evO%{ZP{2O|i_ z_4q(v_N(o89}7GlQ@3uwhIPLIPvW85?G^j51ApNhQJrcw>r z4kG#9*T>v`d4dN**?xunX>3gk2Aqe^O#1ZSeqHSX`9C!))j4~8(Cxbkqd-nAw^k<= z3abCmFr!X2%@&X<({Pv z67l}t`s}-AG9b+oUf?&)x2LD;zf6yq?B8B%!HeUJiW@WGzIp4Z3ZdX1gF*qgAL^G8 z&C>tdRrqv*UAodnzv5oWWBR<7jjn**67b1*8;SzTG$Beg9Cq$i7jNG4blvSkcsz5w zjWI8Kh&xb@0U~I$>K;L(R2Lrstgzts>DPQ+{kW&Pa$Xqxs@1k95h7Kgg7p&nOHI1q z{w*Cx5l3x*+rzxr{T4`op-qwg__S0*mV-$9l_PRnH|I;BE|5PPq}+bh0%EvObH`KZ z`BnJy5*uHIA;(RAdM^B-tQLE)(qjz#o zG{T)`zQ#I(fR&+cnDefg_-s;uf0SC}31APo_Q$9`mzwcsnZZ#Vv^vSb^vS0~d;MSE z?_bY$VF2I*|Jn5X8pu=$0j1qDrjvWXYoiB*6`CaI{qkKi&v{`N(tIW(q#?9>JdsbU z0#ULR6jc>?h$?)k63V?O>GI=CC2`yrB1pr_D|?!%4Q!R%%ad%zc)R$JzRlUM!d=(k z9)P4`BKymjQj#NSLoV)Ie|bh0!5uzAk`IAiI0g2mMl9Agf@az|a~1rFFn!#(fh#J`*&dB-g%0qTpZ^Xwk+a;RA@2PeD-=RlkX z282?bgh8uF9dOQY24omQemig&(!cCrC<=hmO3)3IS+tNlvI8`p$A=|GIFe(8Ci9|DD1ZENTI^F$IuQlXy75zfn>{ftgOn`2#-JCo^&~s^ z?)EI<41N)<*%2dHF`GRQEXHqfjYBN-fklk6mU1ciZ3({XSQ-?O|vS@Ag@=-K@ z4B_W{kEW6;S3e)$j6v-*C+7Hc$&zyuo=syTB?m8H)t`N)2w<^{$4-z+VTBNK=8MEx(go&sg>w|9-{y zMen(kSAV3E=ErI(60&7MTB2CD(CD{aux-%yb8#sOyiY4Xv8aGS*E$w%mANktNT+QV zCRzZ=N_qG0oUig`Vaq|FV0kh}LPZs`-A!|abiou)ab)2X9OXmxz=JgM2!D{s&|RC% z)J{|EXTMXHjzG+Vou0zk`#b^ygdf^aqo6ClL+%pI)8t$sd5rfgoA1dhI=Z^cdYi@L zOR(Wmq|B=`2JB{KcF{6mAv84IoRIycq4{HOX{dx*&c9aXhy@5vgA=m-!&$`3byqjz zF*}Nw0BYUO_7{J)w*l_Bq~BH{Xio*XNH9Q2%RvPN1M>ti$GD$ukyd|xp?xaxX#xvI zSepj18@LO`KULVeb5M062P_wCKgGxx)&bp0lkp`Cx~@jQew`e6gf1IIcLb2B1H8;#C zKbo8aDE!p5i`k-BIf@G$<#}Fr@KdF!0CY*M+;*Gh(iQzhAdgVY;%#tJJMb_qzM0Vi zAc{b73>YuDS_>08{1mJSyq@X=>|i;LroK$6tTY1YGoTFP1pyR$-sI0u@N?SgaUyN| zqPF_|Z;^IgocI)Ix3}OYxn?y6v9YlP(|)6BH>6X|vY7A5NeRHe{K~0gz9+#D{eO|n z`wo{vrk{q!OL}V}(Bs%-HH9!z7C`m)6(GoN|2PZc5iRZj&&YgrhrDuKl0 zX|^I<(C&aS6kpIZcz0%h2Y11h%DlP@Ck$CvueGqa&wan>tBlVz$OlPwnVWq~Af2c^*xwA9}?uF zyjGJTZ+%b|OhZfm-?UUB@?M_y(Nu%*8?G~RP~HT9GCN4B+-;5IsG#b+p_hhGP4wZH zQ)bT1^ar(bg4|DnjGg1Y;8Nz|_Iu7&?LLgrOAp^;9~0f%)I5~MuKXP<7gf<02(RAl^J}_~R#! z7NRs|i*y^dU(^D_MswlZ!95(Dkah>DFQ_YxL}}Yh@C(g_Klj0iW};R{Pw(M>eD@^L z?t3!mxl`~59BP|#VINp#ksSgxUp0Q4Wn7m9Uq974wI`8JH}pE*^Dm!!;(rkbY2zP< z_O($$a}4ZodK{BLJ$(Flmacf9d4Y4O0LSr5?-16i{CP=3N%r zkHCe{^Zl`R)At|8_X+Y8U}`4N6tm#qV8WSX0_6T?v%qS*_wnKT_cFn!l{XC`&drWP z%K+ZM90*VV=7^#Lc3J~$K$2qtgF@9o)eZeG{+J=MUVFQdQ%6Q(JU0R}5} z4rBpoM)@7St5?5+S`C?ANR@|G|5}K7{d(ePvav2O$4dxk3`Pj$fskErdSbPQaX`3+ z_b@MP-)#Vmz{`JM%J)A!<@hPUdmkrW$pi2CU$3p7mT>>`KaT-A{6i8zg#TYkiM;f^ zK~;e7$UirYZK!O(!5Uv-74@v74g|Ndtj5;G!R`63m_1y^DyZ1G=gce%7E_s&?7j+r zbD9<@s7!K?oBa>~aBo)XU-~2;UT6|&I-)@oARA$PEHf2I1ni^g8hsX-TYUhVF3dn` z_;fgLjs;GbIiucjKI1ntllix*0@^B5hv+d9;+dgu1=e;bZw<^u?>GE8t!9!cE=N+q zG)*4gmB04!#@d^4)Ai>qCo1o;#m9NeUD0NgFlBKUxT_c9?r7Sh#|C3h{>>`!`-bXx zpAvWHpb4;W{VDfn4*0kP6v@n{d7%>hyi&Xz08j++Lvv0h@Q@Ux7-zGrb1s{?X&2{{ zwwIaZwqeG*ovq+n=SqzP=PbYL^l;zN4I-8Ul{Vc$&1l2I&|N0tdg}@XF}7x+Gr{WZ z73f2D*{LuOJLgV$cZVl$&ghyf&Q{1}TgOn%I9NqCc9Fs^wUQxSbMM?8S>>|mcI!<$ zlHhu%YRar#LR?lTbJzf8xnGOroXw1Sr(k@at+4iyr81g3)}9)!vy0aC!@gv98u2ubM%X*L+0qoq3rjPBlO7!AMa>+?R2@87@YzwLPT?5X>{&g;C+ z>%0S%#}N@tVZ-`oxU<{cn3T;^6ZB8&b@r(kvk+_4mSSvzkzP|~6)dL*LjEXckqf*x z99$#F&zvt;3<>&&1a1v5{0;r${W>lm&`v_=P6*OvH{=DA%>Jw2;{uJQg(FdL^s-bc z(P$|Cd%HwF4KIv~v=@&vRdF;9ERI(Bu-0NK#88mUtxtKlm*WxjzoUg|SNNsbHy~;~ zmFFbC+|U0lH+|#MP_(rliaq#to261ZB>qJuav*%bPo`j-2M3ehM4bA0miS9Cjg3h* zT`bc&P5lKJeQ*SnZS2iZB`2?b6Hjp%JDWy(j#?cV+#PuMy;Cjc zj~1}xTfXqE6z-jHPf#a&Kb3pV6XAW$L(w^>-)p`{8P|1itG~8fZK|}bxNBTUfobH0 zrygXw-+81Pbemr1TM>p+`{sDs%LT1ctl9ASo4A$oMi!j)xZ28U)1f%t<#|dDeg|lF zQSWv>{X;M4Kq?rM$ffs?2u{LqNM<*vmQ4K??Dr*ZswjpJv7BM!X*)VN%F|**@r|3Y z%4WH*$)@Mq+0^AEC7H9~=o4wnafP8&FpI;~ZjZY%;~Z7aCoekjQ`dDKox1KbtU+Q$ z-TDSU{{**MK^_*50EYJ*Z0)+9?@`wc`>b6?-gSSSAe4*KGZ*Sv7mKVUZXuFbbf8 zndI8TZosQ?Az5!(7?xR9*LEt_6)I5KQh=ii8SJ|+CHREd9mZcag(Y9|VsW!bv&TOW z<+A+{SLKOWet1!!|LY~JZu32x$Z4hPV1(MEv8AFstW??v@LPWVE5fy__-m?{K~wZz z1tjl+MT0;etwla?-_IN;yq7D6e*U4-py2k&P2SeDvxVzc&e=T-5AFfu`0nR_@t3N( zu3@YzW#e0Mw?=K&x*VYrhem>Sdda(^x`DjTu0<(A){vYV>0RM5HG@}7yI;uJrp@zw zc^vN(HyE-+jChyu4ObjR#)#@mGN?dE0#9Tgg}F_ACb)&{rxwL z;I>)*DvGh3BgW^}ACw|8$!Ukha>Lb7+VM=AnL;p)PJrRBgiHnCY|)#*?PGei zqcBk~=bvd5+|A`z3hW<8q_NmupTRfqQAjg|Na>1_50;n~B9kXKkMUMQIt6${c#KGs zMYtiu5gvU{J?+-{$EMk~GE`FQF2ev;E@soR``^BFe(p{-P5|pL?l$VJyNRQ; z*D9kk+aC5{;Vw6zK3<3}x79jK@&Q^Nwb0Uy4b>^;Y#nP>zUWC7F}#OyIp!*^9Gn}C zV(hSP?x!6)iaM~!w?Z&=3qMyH+g~&7NyH{qr3U%fGoP<e|NUvT#4vYR^!nVr^;?MY)+5G3 z`fj&7w^{|j?_R{{W_a%@5_eD}Z&xn$e|r~rrNzzQ72oi!Q*XJqa#AMmS$r$vP4tbG zq(+TZWMryGPUM2ql%+-VbWKI;dvp1@_%*tK&BF&WNk~3)1kYTV&d&*bhOl$8s%@?^ z@*fTHq9l~jQx^`%lqZ1{#na#)7~8L<=Hu_Pl!gxV9G#4(#=4BqZiUZ32^J++HeY*L z%)PMUaXqcqoTs2X{+Tan)x>j4y@uY}{i?NWmG4w5~=8|m-iTQX5Nyn<` zPO_U5c=f@^3Svqrjopu?sU@61)60Zd~L%@IaaYbRd4Cwjx) zj`(X0?;L_T_j>NOuAZj0ygi(%sW0HPY`^WLZ^|-b{*DScRx`R?u`U1B%`j`Vd9wqn zfvp<&YB(hQtZzyy~ zjyS&K(I71+*Nn{;Qbd=3L>d=*r_vhLZpm+I?$_geA-!?J%m3L`i{te8wQrH7cn)-Z zCL%zDhOQ5oZd<)!AaGq#8)5mtsU>$iFqPnQH5OLQWvtI2Did$A84vQ z)f1mUt#K05RIxHR%1yi)$e_N6UMP?rD+s5{=_>|NIS2>|VL`e~y=V%}n#x z%Y{;g>z)>)EK)N?0@l=oYb8jlz!@2@)=>+=*g@5Z-lY8X6}Dg})RJbAk@w^xLLQR^ zxDYhH-5*GznUso!m<>Av)na{w=;nWy+H}j;xg|CVSoz4(p#n;6O4q$nwfc(G@KPVm5Quats~n`&-1ku z4Y8Qi@pcM%dtzHu5Lo=aIGaViM6dKNQdmwK9!0I|~-x3J?FX(Ay z^A;S^uv!~ZHpG$vvsrhZ*$oaaFq%<*5Xo|L7Rv9RWre){fgsiS(=M;1#G4lqyFdeG zE#7$8Fmc0jOjsHPMK;gD9P)g&4Nj5>F)kCX9OGr)fbHEj8ThnaUTe(7IRV+!rh1Xf zF(I=v84jMUIW{>+-6!j3e`8=vd#Gthv-11-_Ei?5J^K!e9)mBp_)n~XM_#3+yTWm@ z+v@<2_v)RMi*w-E>j|$lBYX|l%PnnJP;i9xKHM3R~O z>CKYdaPWG?#t)I@td>2_EsH!>Yu|L4+-VzQ|KhFUL;A))-&v-v84dlkNJYx|W1P3N z4KEDt){Xzst}ygNT(cazzpW^nHbm8tLZ34x)bjHcHeYi9NynFZ2tD0qe>Ghkd67zM zuIZkXvL_DamuaYb(x{^YPMzc}!oj9DXvlnk{I_aR)F;Km7LSF#I>D`>HG4SG_E-A8 zWm|mG3pC6~>#;TGVMpo-NH3-Z)|17V$DGhJ1 zD}ATYU_Bj|FrOpLSbCdPjQ~jRRn=$kJ|4fIF{+dJx|APT?K%sGP}640r4m?wz8{tv z!GS5ZmjII0Jt@+(#M;`OSBP7M`4#MCL;4~%KP@&{q_7P|!bAEFy)69Yp-6BCs4XfQ zYp^nN^>%X+dmB_=DBoHKkCWg)%h{rr{+O)JviGDkh>450!E+NQffdI!gg)W(Hr%B8 z9aZWq7M-<5e$ zzMLqv;iFf?^Q6^vz0|5f>B-6}`KPjO!?BSBqlGU)p8O)u+!=d{P8zg*d3*Peb3OvD zWvVxPC(wm1ZFrIZ(6A`vFbx?Gl|!1kQ@N zWsHFy4NTIV(k&I6KndKE4R%Deb5{_@a}M$mt))my!3}4JkiDsiE4k;y#>?K1ej_Ej=&@) zTbER=@J#7AUnABDo+3(C_f+ysFP1-Od0%PsIitahg5>feKdG^v=+K7zP^_p&BZjiK z=Wq_}r{-!obijxKmk_pHa4RvF3lD5QDI9a0ygGBw@EB0&k*XtN5pL8;&Lz^gcXOx9 z+djdmb9stvukl6EsZR&A8PRkayE(85J((x=@9Y;A$p!!7s@J_puUGIBG8w#cOI2U@ z>f(;La7pm%`3KD&J43It8jNcfQm3e+NhZ;4&@blMqWm4!szMH7YSp5!eU=EeF0QB^ zpTNNtc}^jVKz@QWtNJ>0R7$m#(nr0HZ;xD0k6-;HNmt>arye-^#R+Y=sk+QP+LW1K zSR?2%-j?b%sH5Wp-lgGZ@2+7FUACt^O%-<|ew||;J+`rpfR}|nA zruQlgPum)kI3lt@;rny#_CtQ-6dy4_S8eQ~y~vF2vjGYV|Fe#sC`W>2o6u1WWSC3f z{PPh}0-Epq{Rw-u4a&F$jG7p`H@)hkd5vb;>fayiOx`h<-Ku)le}iJ#7KpE8$=q-yIp*A*gBHvqKC@~nnGz-+~zYEix_93PB}R9AkP}D&&T=Z zRmY7%lDLII($(DiJG1*Ip--8bW=xJY7BBkf&QB-DYw0NW<~|v{Sd;Smq4Vksu&XKb z7Kq-7{a@)wT(Fpw^T|~Y{$PwiTM!eSPFM;aG%T#5BC3ZlewhB^YJ-I$yr0+e^|@c5 zh`)Y@;Q*)kRTp_cuT9-r%&6PP95Q|@96I)GyzZ*T@cvPKwXn=(a2+dO^v+x&;ojls z(b2*5o?^z`Z=(EfD@j!yS3uT8dUO)jmzemDnMUoL##TO`Tsan01ltC+q;y8FoDKK8 zP{J-I{O-D)aZ+m2u{X(gbaeUNci2|x5K0ey(Q@Gsb!UmcCrZcvb##z1Tkukb(&m-4 zJESh+R%EE zbdf45@&|oTxW78`u_Gk{GwJ-&_YSl(w089yb7Qm~*200)+4fU7`~{_eT>L0X_sPIC z``2$NHa0TAk3wzF8}ASv(Xt;-X1UCH2T)UXUo8}tI(W(~aOGURK77ESSxT5ao??|$ zzSi{c4sBgF`mO&J#)Nq$%B})iZ}9XJA^$I`_(6fM2O+yLpFZ^yAGRY*I7~k5*^>Om z9&j*xNeW7N_^;%#z^a-9ol@ais+RzL5eH4i#8kdq`Vy-1tNOr@EfgaMitc$p-gX}s zJXAv}@6T-&Q|#F~7`UbS`2s|yH_B{XP9%G>BZ%A-d0=CrMs_T^Gmey# zN}Ect@@>J`aKawYAYi+2|NPPV{3a-pR!us;vR}L`kdYk^|A~TfF;RFv^<`zDmBYrKQeml z0nS!y`m^509A$L-k5f-V+Rk1B%;CdkkeLP+-|N+@!g!85_<{<# zy23Y_SlYE`hLq1%R)Z4mcKmtx?}j#iZSG2^t!F|1q_4L^x#On2cfY94D(M88x48x# zV^9oVfUW;VMaSO)q$6}8`PTOqLsx&Q$!;p<(!kt-Iw>gD_JgY!G*DZJHvPkK!c}u2;3lQs$Mm&Ak)0!Vtehj~b9)!2>7Y~t`l z8naqHaq;@prs~R8e?OTl9Q12a)^59^94|@KBdoP1N`2&)KhRf}$7)P??a-2mwL2{= zW7Idq#RUBtBJVhbTB@SqGwwysGc%isu0 z4zKf48gZy_#t7FLz`=m4{t2 zA(;^)UlGzCUSCmTf{BHClbqT&cpWssBKAEsF{;8M5nWb~|wQ3Y_h3>4!ZrOpA;cL~*qj7F=PRdDC^nE!=@Xe9uiUx~a}lXE`4HOE z*!=b7;a5q&u#c~qq;8G_VZMtwUw6{ZKH#1oKuSe=qXb z5qKwyoPP72pGo_fkSLaZT29dUa)Y{fP@pC8%ya8|@a20xln+B{+F8HV;mN#~?ykz6 zTaP;bWl=RpS0~D9#NCiZe^=OBd1St0>|HdAMup@4N%R6pO&IRR5 z25d&p>X+W0#VJ-+BO9ygOW&@HlS_k*P9ECV#tZ`#cId=({Ie)zz^GO*zb4TKMpvC( zc_1I$w}bhX1>M;q>1H?uZzt$_!F|?%EK*ZJ5*+6J#u(qr(#8a-3X_9>+4^*B7guOm zJ)k{Gtl3|Gapc{Z`^)pFJ2aow4nW+bbZr+4pWpMHvjos~fkc)ojO8`QR~Tc}DtQmb z3N|eIAw&bSg>|w&;(r3Jwv+`cIavqvVO?klDR>QIa9F4{ifP%T(pP%C-O6nRxHq0G zlD|1t@$@fCT|-JNBSLxQC`Xq8@UzeJp`FdF{vMMhb{?s*AuDt=oW^1=eIj+Wch9vf zMWupqh2L6LEmHfP?kdG^(C3p6VWHc2{?0GE>ZhEaa|Ca#K2%uxGSAdU|IW7PDDdb* zsQvwJw@~#LopM|H2fIO8u+apoq*iX;Y3TckZ|hAVZ-q8nXB8$-gsPKB^kzhtHRoFi>o~HZ%LF9Kb8I_BdUciod6{ ziQR6pVon)<$okj0kavZETPn-hC+KnSB_hQ+r$8s}j5^vu&C;LAE+20A@MsE=>WWY_ z8y7z=K@K<_pA&TA6$AXpEI!Y~d;K~G;0u^BWgN>jL>d1UDGz`u<;-3IgOA$Fykg^K z6srg33WAoQw-1WYYjx%tx99e)wlJ!khBdq#?%>rij_$MBAB&z$+LhgonI>}vXS@ek zIhxPa1pfNo6|_)O<#s8@qO?@s=ClXMMQP8RrB%vl!b5r5ar*UC)egU_qNtrF^VJd~ zqs`GGX6@B5{aLOQBgiDQe|O>|<8c&?{xDe+r+#_FG`AN0cx8F0_mp6s3@xcnHn zb}60#kd=LLx{tD%VGf);QW>Q;ti`;5vV3c^piD_u{Jtqnw9~|c!ceU*mlu^ z2@dk$7sI&~a)ZsV7!$A;_(h<&1;x@aW!{r*hZl6xU`_pA9>e7$0gokC+R|tomGAOT z#RL0zWuK^~^T)x@x!n205-(8mBfj5Z+AIxgT(Fxx(iN~>SbP3SsD9SCMk0gQYD={n zW%Gr=izSQ7W&=+4{no2WS2p1C&=kWD`H2YrExXQ^+xI|nilp`Wv{TZPEcCA*fJB@c zUHyDiJv0bdvI$_)#@3S!+oSo19~!77c*X>G5iW;z-_0~{&nYTVPkl5#dm-prsY8Eq zOgw-ZO>Kfr9MsAHes2y6Rbmx2(*YOKpGlIyr`yUc0ycwvHWGC~#MuazzV9sVN+i2L zUBF}4g4rN4JIx}bXj@6W&1hk%$FbJY$C9^cB3!g}cdHQb-oJZKgL?djc+>}XZg)(i z%<5dN)4oce`nl}@DnG=N4&4P;t%;2FpM8~_{wAiXnHg6}DC@#5Oery<<1K!{ch3X)jkC3{=tRM32oumoA57&r70`&{aNMTBQt4 zPp4|wf4HqX8;=k+$u}NJNGWvU+m4pkT^6hb&-WGxyO;YKw(oE$01*V`=JD9+kH$aw zvpaEXBk^rh0knu`h>wx`#Y{JK98yI2z}YL&+#?wg9&M$X!ks+IOn~R21ydm@{90ih$KCfx%5e0l;(HNf~A!BXPo-z7V}3UNE03v?ZcFK8&*wax?oWOF7L2-h0_ee^U_LuA)wqb0 zEPW=kTO^t345rU}+|NP3OEB~CaNcI*QRlUf(wo@`e$|eN_Ng-^tshPWDpRx0JXXp? zx$+&K#1?Qf5x8LItE9~U>9h0tk$b@}*^6Ev_ZMk-LF7IsdDlfYuR60#jlOGL^_cYI zoNB!RjFhB^YzECsv)3bTRF3LNO!(QD% z+sM4|e%T_`Xo~6>rl%Xkr{+QjIjKZUQVn&03Zto7<(5G1S-2KDe9A`uLZ7$7z#;}& zby#U?S2E+MOYOu;*Njc9j;V4X{*=D_)eY)cUIXh6Nvq4?O79sP{w9*dTNw6@Bm-EX z2k6gKXt1hvouM6Vq&raz-L4#Zt;)hQ1>#;^=BBn6-ae+OC_D#|HqN zQJKu8<(K7}#Q#IlRW+K8ji0F$`ypW?z^P5puig5mh+HbSrRb~lY3PBg=;#FJyev;; zGKNC8_=s-$^2F2JH|~xkegtVKi2hL?VuD3Kxfk1WV-6mSd5MGKIdo*= zD;)KliZ;?{o(Nl>2(;M($nQ&(9asi64&77n3Q{UIMhJ z6xdE>=BK*1p1&?mx`0e6$7#@#9ggK&_dkI#6zU;D&|dUCgMUiP5{*)XGsn9C-R@r^UG9Jz4shBKmDSKA+X@ zX-tVC)w;l!1&#KCLKH&7P~yrwRNvINHDL(H z3g@N^RCqoBBl4S!TxZ-%ozhc_@UR9scPfQp+WU_17iT?C^Lh6r?T}J5#2xjHxX|0g zBAUO%W4E&VT&+AUiK1Ts2A$J&8oMf;BC()RP$MU{kvG1s|lrui?DoGm`BF#mTH_8SCfo`w=c-7`TJm^0^H%ZGSvZXqGLu%a4 zc)S=gE&%IyL1P+t%X*Dd7!95axt&pS^X8`jUhLpjKKL#3PlCLp;e@bvv8_@qoI#;J z%q8KQI@2kzYT8@OV%`&&UlRzDSZxhm*)Nz_mDzXOI^-!l1GS=+;fBsQ#Cc=sd_3l5 z!m})urcy|5?T6~Xkdq-auuOB%_3zSs>_n=Z82O=gC{!N4#JqYBdy*PR(&zV)%(J41 z?+o}pPZIE1bLr2+)bCL{h=DUeF7nMsQv$~)qn=$vcGsxt9%Dg?M4h(+@sC%Zp;zL% zwI7YP3jXM=7d-l?!lDk_a$eWqilP-NXXB2OnI zx9N)LQ-*uNm*l+h6^xJ3zWnYbuun#lcIxdm!EBgU$;#2zJs$_*~_C>X-04u z=@XF;&EWU=TEG_RGD|?a2zGab1fZw(rCuK{!F8|u_=w>zO1n7znOZokEtYjAyM0uv zehOO)I9LnuVBebRb|UeCvDEb4k<%8zO`1_)kzWrvTu8FKjWxM5eIF?K(_Ty9&e9@Z@ZRJ-31XNs;S&ESI5F@ z)zf#2O&5JsOq>IpBFL==3%`P>@|#5(WG4N(!feEmxY>18gN(+Y0He%&8<AeJ(&Ed5iPSu} za%2J@YEuS48NBAh#Y!+w$lv8AfXw7AX00}Oqn&v^GuNwpZyXop$$;$f4%-MLbdQ6s z6E3^f&NtPB>O}{*!sP!?jR779AG?XORk~t7r6(qLNH=MB> z?cubq(o61 zOcv)rG9|G4gJjkIeenP&YP@IP!vE6kQ1ZT9XV%?Hy0c)ckANZNZNxJXgthY7bFf+4 z?0XFryK7yv3<1@=pvvKzw()f^BU``ZBrZqjIXJgp#ogHr#AiCD0e=;&CJon17W^s1 zEcDDAmsh#bk%`9PWXVcSPYoAcG?-^#^}07tO%CfMJje1CaUv9)=q}-(u73%bC;LJj z;k=!P6%*7IT%WvUCE~jyY_u^Dzg93JAbppl5V(Fi?pMAeLZ*EYS>+R>_v)>$BsD5_ z><8SqD%Trb+xCu_C}($;F0p5?mthrHx7Juhd=07oTYN1`C6UOg0N=SAbO{`jDOliz zPut`zYpJPyFdQ?S9$*%SNbWXjkO}f@(jJ!&gjZGok4HcNLvFHnK+K8RH~3`gxz>Vd zVAj$ALP<|KP{ZqJ3DW~=nB9t79J*Iyv(6dntpIxdpaE_r>dM9*<+$i#;%jq(56rlP zJzPZK2aD*x(O>xA=x2juzn!D~tp(cmRjOSk6-qaQc2|EA(mB{ogxXv;pk%iHPY}tg zYMK67U(scxd5)|us&~F*oaEQa7Np5Kk2R}W62!ALFw%cr*&+%zbSs`_y1_o$=5|n{ zaMbKHfy*wku<1UoBXT!6w-p?RcSMt(fSOX@?Na67cayW#L1HzmzIny5!J^`CNscja zx0Y&YFTxUmy4=Y(i6qwNw(BV|e74!J!iMO&^c~Wn5b^78g0R9M5H81dt{w)YqqxV$ zZcAjPZSB-Q^=zDS%?zZOPh>X8dIJVwi3d~nv+0~@ENfw%8A@XlKivRv5|x&UE1&Tx znr1xrO)W7mm|RSTxtx2+c)Ktf5DWD_+u;HQb2q8`?!^x2Q2jri0zXx8h}|YTZ2;fN z*7)T+V8%MRG>TfT{@=?v@gGD<(Wg{V)|kIFdz*YWy^wlpB}J@dR7MI?VBWs2)_*xm z)b5mDok>P&Q>Fp8nqmqI`7Nz4v%5p4FOD%_9Q>SH%V8s3EA%ejzR^xK$UNaKI*zci zaVWO{BP1Jy>|AZbz0``{4!Q^}?62+x7zje-@;h`kL4ZxB zW!GcpLW>lbtWJ8}!->DL&d;_n2$=|x(gw>a&1o*B0X=3VyguYAp%B4a(7+$^od25X~-p#vx9 zM~}1qptl*+aiJ;K&XRxq`Acly=n4hzu$ZV<5{=g%QrZ8;{Quon;{%ia7GGJ}7qEAm!a-3u6n3 z@8x8z#7Suj_`+ErRC#LQj$OFtbh0Xc2iXsq-?+v00~HZrc&7amN8FPP0l^I&5xTl; zw`W%}q-ahu+}B_5B0Mu|1xR_Qc;{*XJ4?bMPs;19aWzrdxxP6tzuFCDyxeQs z{Ff{|_?s;JmXV{Y*JPCyx(9eC?ZwF2pk}31m}w0fj)e4VUb3=Pt`Fv{0Iu^n!$ne4 z$CDNf&EDH%9N94QN=TYcE-zI-N-`U1V^Rz4AfjjJR@wsADk@@UB8^Jg%&*s-E69fP z&xdtWrh{=o71S*&kDDCrYpv-{Vo&Cv)@H(;&#^lEop^L#xdBIt5v-$_@yRJ_WN(Jt zw6lzLu6et4W|<_#P!+P~Vss9=#^;xWIF2y=vUN(ZN_6AgMOJvb(~NztxO?_o7Ghsu zI7}!aGGB{Dcme^usJ-b_{aPGjt8>T#O;@4YPe}1{j?g+I|F-hj^PPD7K^}@oCq4ya z4Yl2A{r)}G=mpE@d1R?DiS(3Mar#biRkHrqDtk8&a!zu)s4`m1qL)vwfnW*bY)8BS ztinkuGQ@<$RNLMa-)n5*MSl0A%-JHOmEkxC7h7NK@(46HG`8#oy2$drzw>BL3d?mP{Tr&oq^1Jt7 zFHiPr>DLKPOQ+QKmFUwd44%55ZTO!h1zdvWdjM5NEACgVPhCiVIQh=K z8?KW~o!iY>pD?O}Ov_(m4+rBi^23X=RDETy18e@A8|H5&pkd$sQ)zysxfeeAqw4$r z=$%ZfTjDAI)H%0kQhnyT>=$9GmYN9$4?1EKCp$9Xonev}Ss6GD5Nd)4Fx^$p)$%!Z z+CHwd*@!U#U#~HpIWdWHvJOLLwp6(9>-wM+rOStbut*%5EGJtp-T+gmAvg?t>C zj_$RNylOmys|oSW%AL%+ekYLm?$rCA4k&Q>_?3)V?e=RbVyf5YeaRY2kCq``$3ZDR zy%dwpR$kW{BM=$v6o(W*8K;>Zw{+uDH)x!;HVLJfY_)2%?IC<~nCNQ3?|fSSSGj$Q z!3+C#8Tsuqmo!d}9qGZw0|D5Uf8shhgTJrx0R0^1@3sNVbHxOH!H(UE9Z)lgCSSZ%-m1Mmif;wr3E_UOZmwC4O2uC(6I*ThAk>wQhy@#U6+ z6brh!O7BIhQG}S7(rky{WnD>8q3ALlsLqxV3Q%NE+yQiX7GvQS?JTO%O@X>FQ@N`E3F!f-r{{Mh_gCa=pcOg2`7Jgi%)ba zsJMf`G5+i_H^!FK8tZ+WYnlnURFh2@hs#Wxlr&8 z>sB5Incv#5ZFy{thW+f=V0SHHY{n^6nlGz#1uPU*+^)k%pjWRMq6A=$u3sa`N-{?P zZ%BZ2koN-a{^h*2p)q`|p+5_%sAO4aj>=_PBHZzai23QzQ4lEcsEt^KR(FSnvj#u7B;20&`+FZT<=H@eoJhVrEQuq8hU zljzOrKU);6^Zqp-Li|Pp&%DplE5}6A!zQ=F8(>Z228(AG-sxvZWD7&srw{t4@UwWB zwsY%oFuNC@d>;Uq(#+R&C#0tSRsZWdzSt6ZmEt7Y>{xA>gd7KC^??k{(ZYju2RYPPFowh7wz9KzV#Q&(WDRzub2MWmfZdC(G^ z_m6K@8wV4f(g*cgi$M=ce6@b&iNjVCJa!*om%ca{6}vld$EKi%4MTGqQOP$kpF|a; z55yhW@t`6dl*=@C)OK>`E@F@m<^4MwPR>c<33~kIn4!B-_l=x>8k)SDOSkFyp-#?M zxjRV0p%ynsN|WaH)QiG70$(8av9LnhJU0ohS86@Z@9fs-hZTc=J=|aRXt>8C9t{1- z?#Xq3n4LubfF&?n@2tg*E*L8FU<=f@PDM7O3BJV*QBiMXx@ zLyQRwH|(CUW7ozOIM#kRssx=1WXF-dyq751o%Sl0Ee9nPG`|fp{iHL+Gc5LNizk-$ zM71|)qT%JUMBGJr9-L=4!{u0&?X&C?&J;gVb{xsQU>dM^Id&P|^W7Y~fB%@yLiwYf zbF01D4%u|GuCN#~=BcHg?!n9>9zO&Xl~kPm8wt!EXxyo12QEupm^t8hffIOf{%yh} zj>S=_*p1%f$*q{BvUn}d6Vf9*044tn?eRr@15hYCG+5ej9A_% zJ`GjY>%1JLT;G>g`iN2*>8PJCFei#|j&;h(zc`9GS}fdIi={{$1!$v@t5T!y+j^@v z^jYT##KJ8MbpZ*Dk!ib`jLu^E=p5tDpT+wjqJRJSvr8M=TTK@Y=-Ig zl+IvQ1DrfWQc&0O3_BY5!p8F?W~iq+3cP*FoceRJ#LXV!y(Q(t(@-Z_H}(wO$LwGv zLROHvM-vE_=)BL7cO*cAs(wYgo{K<0Q^U14k01SUtJ4SfA>58M6$u;5mW@0pP2)&s z^T5*w0DAT&5F>Z-ji`!Od;pOB`R4TdgT%jWf;UHOVPUIy(!5S?-txQkPcRb`oeZO1 zn)9_&b>2UyI$9R4rLy!POP#t9v)A_R z?c{k5ELng51ygxqDi&q?JD{Qx`PiE0NE@Fh$Cc`L3ughOj3uRd6M1a@3{>BrNLFYB zYv3&WY&3;zn8`=@eR z!MkbNPB_xhG6nA;ZgEcy;<%H?9qGs#rI*J@t5Dd$w@1xBt2PY6zQ&^~!WRiC49>`)#DAc-@#8#*=oAm(|i^EOtavC!qZ4xB~aI=-7F} z>c@~o4sJ&4?XN!P&Q@M(m7ke2W+@K6#D+q5#%Ow6jA3aSeFvsKw#JWOA~PU?u6OaI zMOv)J9-y~Z<$8jsA%*!==D54OMBl{Ygjr-%>6d% z3v_uI`rP(TNt!d`%64(oOVH1nf0Z56f3`;;Q8%e8mrK_3iUs4TQcxytA~#U$)HHm6 zsBe9*WKb!EKfemz&ho*v)L!cwI2D*$epK~H5c=>;+L?K=N6~^~D$C)fQcuN#kEa?) zHU(43bylb(Nc8DzlF3k0fsj7RwoCU==$oHY*%p=ZBE(t`Cw#_>XV0mi%+>QEj1luw zwPn@lN549R8qi)9H9L!h?u@8IvSu1t7o8v!eA3AW4_$apm@PU!2hOs|Y>+wEd68SN z9`^jW&nhzun;z+@0~{3>yMeE}#)HqDj%hk^B@bf&4_G&_>ke`U0ZJ5gK%?|@V0L2Nz@-pT2_oc6Oh)JSxE#uKXiCoBRqjq>6FncIBS8*L)wP=ORXz&wCk1meAChHji6p>fwayycIC4ScDWkK?P9x} zDzW}i4$n&i{tB4!GAr{y%0zA$_f76|{@z-6O}9rC^pNIx_=;V0QUedRSf>&$NVhN6Z#F*FvY*zkpNbWl#}6x2lhi2j z-yF%06})Nre(EH{SYdI3aq^Qf~ykmcG?v z&2c}_%j>rjW~9Im7HU5((hz|#G(OzjTpvw*I#uPEd%afMw2c&F6;_FzT}E79KBpSG z2|rv)c=@Af)g;OgUAL4SR3aG7%(u{~~`iGQ0a;QujB`tPe| z(!X>1|F*q<<>LQ+y8O?$=>I;7{msJvxBdV4*%vC%OpT+wva&YL(W>FKC(icoi&gUB z`e5~61EZAmEsD3eKJRr+-1-cdnCI!Y=h!NcNE+n;Z1+6v-ZQL^HWm{Lr^fb-b6gzG$iMce^ry+i_`fwEo#O7PCfdZU`A`25!$vV!yiTMAqPs07(%SG2pue}9{ zzusei&CD2Yfy3Zb%GJ%|i1EKmy$|sJ@78{ydabI81VOh3fhfW>;OrsL2AqnsI5N08 zKQ2cxaj5=^`zv}7c=507`S*N4kMh1ib6!u_gr%P!AyvHA;J=|7Xbn~q5dQzy-g|~M zwXJ=>C?d;(xO9Qi#IAsV3W#)20Ria{AXKFjAW}krP(+qkXiAkXy`)eBQUanB=~5C( zXrk26As{8>9bv7tpS{m}J>So{&Ys_l$z;wk$GFFsGQlutKNVD zhv;wunAJX^>o24mNQwztu_*bQMnDhrSy`uVvp!;GVZfm}jsE9`vdpW!Kmx`}saNOF zu?#5Iit+#dcEee~yveJ;_wto1EXPLy!=%sde}3EG#J3Ij$O9gRZAUYpBP{V@6+mwJ zRQ_MwB7;(J_Su{y*B;O}7Ote1%2zuP1%arL0nQTha=JWnSYhwikJPcVF7aPLYfY>F zO|dB1bDIjCIKpT_9aF~BJbiLu2#?Nfw7-iPxA~a%nq(a*H+3W|B-61sC)Ldei+g2+ zF@7w{!jvrfZ>Th|Kgj)857oV7IHF{rae2&hJ$zd&v_0V)~=okBi(! z5>V~AM+S&y5uwTPS$5@$Nre*XNRHVb~K%wt-Mu>AR0DwSK()j3cd9D0E9Et`fXtb8#dzn5OPi6}F(^gS_<&_DXMTEl69a{F=3l+bhB!QY!(aoa|u%xk(D-soinGLm1G>Yk)?hg(78pL7 zpUyIXkN#6Y&jdO_b<{0&c0Oqv(fni%KYWue9{OQBGI|>@74McqsJ8x{&|Diip_{OU z`?hJN##m#G=NXWb#G$y}0D~NWDr5jcrn&wz6sj;HhkknT^Fm0d9&Cl?cBz`aw<9NPg2f@QbtXZELLW?YbjH#0sjU zEcDPx;D|f)fDRg;2me%d`IX74q|jYoz;xUx3|bhj>@D46%r#dm-~?*iboD*1rM@8} zn3f*MwqR_r+-z+H;Tu?N3zSAP-qm;J~AXcqQI!!i1Gc2lb!m z!@uKFZ5hl|Xy$AlF;^7kFZ2<5>M7Nh>+>QD?#H{m~oieO(YDtS6~}O8CrvF1^gug@5XAdnO3s7=;uuPOQmVW7vzl8WSS+O;3qtuFsM|XkKS6}pDFy4{>8t;O3EE4>v`CBNh z*a)~2Viv}tj#bRz_!Iv;G3YM-EZ&&BZ0pjd@Nup#qVcHj)oa(t9vmi02Cy_tS4dA| z5&Q#Dy_d1V==+-%3A(1!IGKRuz#Q)*6mp1D`QpWOK9oK9u<(mjEv5W)USmFSNc<#4 ztd?BTWG3wBHrKT+T&wg0Oy|Q4@@PYybV!R9^Cv08TrEDCN#&J&FUCAg%=i!B9JU~} zRKxLS8T57Bp{v+uHcCoC3|OZFp!%oU0#5^lGTSyzK7biDdq#v-Xs5}i+G+`#(dgzb z_=|WFm8}S>G?3(4)$-TOP63{CeXEmgZ7inPPk9nv1@N21p(dPpwJaUCY2FW=8cQS% zjkQ)CJj~R0;{O^Fb`Y!Xxucr^XjmS9*R;gu^*(#GQ%F=)dvHZGhn%4e%SkLL33BuHSr7;~9w92t zQnvsj*;E0r!Q~EUT+>oA2n~GJr|`-N??7E}9q0!ZIvEV(N^oyNXPsCyv7Bg5&=0II z^a1o9rps6u;87WU_D@Ei{p6E{xhEEtFDR%KT1I;(Zf@gB&#ek3Uk<~V*FxIAz=Cx45w%IA1Q0N!A-0RBy{u}=sr>e)_$S5)p{KH1g<&}2vU zz*@;a7xeA!-fZ}XE?~rI%9!rW5~39IIArm)by+X+IkNE3l*3P07%Oup?){K`_oW5t zN8m8}qL|@&<62^6Q}rJ!PbzX`%k{2>?x)R$pIiikzu~!r)+|^BOmd0#Dg2rtKUrgt zUQ?)kPangK+0mK+ne{LY zh#};L7_iV_3&zX;4w!d0uYsDXg+1rg~P6J9g6i zjdwSMU26vYNBmFq*(^(Tx5bd<_A_v&x%arL0@|gEeZY~=0b`ZJ@l)1+yNuA#COJMc zhR5ljC(a3eEHDm&&=;SjY^485P4Y7lhR$}L0VC69f3SC6YT-LP2W+C;-rw%~YB8W|oGemu`9Vp`R?d-EG!eGENVqk-yb}jgUIFo5|$Wod6tb zn!jqA{|g@!qZuF$pIoR}_7E;x3DxKXWAM zR~F`0kQzt$our@ zZN^0E%UC^0fzkbhMW8vHXId@32$}^U6-aQC%CSq!wk%$>>Un&?OL{Tqr))YL7%z)oZ{Kj|YQrmxFKXWlqHG zT&ask)p=b3O&KSvPW4GLDU<#PUFzv1K-v4s+4 zkg4Pu=&BsPm#{g7h`g^B!g*qrGn!qSmKj;0>a}$dBI;ESuvHP=VeCieIfRc9+xAc? z7C{j)F35;PGDR9!RTNJ%?}#lWCs%ZuYlU!MwHP-EP?|VNm@_Y(s46d6gQy~L#b>6p zAu^~0d#BXQ5y5ZmNi}4w{xp;}TSRbGREFOA^>UOd`cX~HpIzzhXX$dSH=Z^l52))c zJftlbqL^xEuNUS92t zj{+=^euXq`?`JhtYkXZMKD+K#nE(26jKmjWalW?6kHN0gRukTdI~RpL1kJvjsB4zD zFTLOP{(#|)F6*cB?f4Cm&Td5yo_K@1U8EIqK0G;KH|VvKbzzb({H?39KMA&I`gN;? zAW7UIDDV~#H%iwGI@`GlynnT_ zTmkDP=pMD|761--%03HcLl1{jH=B10)e+<*21YOnF+z!fsUWy2KIM zEI8X4lqGXJd*Pd5*2ltX1#s?@AD2K-fZe!j7ueT@o44EWHJP&bB?C&^^P}HQ6nyL` zX_@timD$<5oT>lTzx*mCS4yfpAgp_6VV8@MRow2BsFj5Uet2Hm6tD4;OEcK@3*9Ux zJ57X9TJB_-fEi(jD*kb z>`MOhNIM#J=7gq`WjS^uI_&<&>S}BGq=ASsGNR40qWWB+cl&PJO5T#vg&5sb53!2N zONVOtAy>C$-AL`9uQcE3$lK-AbFWhqKP=21RXOnxFvisb13&5mGVW#ojAA#Bc%&<>KKQBGD^z9eVQeW#5x8rz&;gIk0hZE<9(VC^rdHQeK zO4V0dV!35p5x)uBvTyNCmax!x0SR^WCuqt z^_))2Dp*(jm0zznWnKk8KZz)73MbiYGki-_^eHe zss4%@mRCj#opRf=+e@w|J$#Y;w5OfLRf0O$R3B`Lzb>P%iRCveGm7qolfr(CM#g&h zy$C6P*l%r$aWOUlKpy!m%#BDAc3n1Bx>kqQAxlq{2unr3P{E;8_2FS6!71Lw6}R_( zy$YJY&@S|)WWRHeZkrG7}mc`We!OiB_a!x#SPWqgrs$usA zB0r|Zw(RV5S)hG5xEwz1>D#uiSCVQ=!{mYjhKpyjoAaIs)mMbQqb}5q+-#J6a^Qi^ z9pl#3=Lr8p+u=E-OFV;Dnu+aV_boQ*<>pOaHpa|_Rk%9`zXKFW%=#zcnI}3^26ycT zwXlD-rIo6iMzEf2vo`XLJmM~FvO|FThP<;`su21iRr<%u3h7~HEkQx6AMGP{vu9z+ z;ro{SG*x|x3wQiSrMubO76Vb$N;w(H}3o!UM z3J)_SYws=rJ;{T8pOXgyy1^F4xZm0MpaEGC-V_LnqxM1#XJE$Vfkmkny3gq@JYBG0x6GM z4EaI*c^$4%`Pqn`!;u=}()K{Er1o31^Uc+z?eTn`4qlEI84InmQTc;A*gH_Q)v^Aqn*)O3uRw zy-aLc8&`#k?>5)I2{m=v?L{7H@9my`IpVuoEHP#Ao;$3sb@I|rvqx8Fn(|@md7FnC zABy{AL^p+(Ag=}{92~nh)q*<4AkcmvQR<9!fM!Aq(8>kbz)i(V@OGIxW8aixKlAV) zcTa~V{czKVOMx;!>#HlBUKrth>Oz%@W9l0h{k_|A^hGYX^kJM@b<=3BpD=3A{6+cX z2o%4Vcg-+xxv)=YSvxKY-iPpF_ufHnd4_{WZ#T_}iUJgc{Ne+b6p6XCg)d)@8>{4P z>9F0%XSKZ9e7a^CX|<=Z>RB?|`fX>qQU>4o^a$LOT})_bkRx`sLzyC%bDNXB;-(y-A60Qpq?R z#=~`22j&PEdqdsL6Pv4ktB7|bOlRpm)v1Enax(XAz4PLyT|{2qL}S$o+d4#%Sr z0edjrZWI<_KEXu$Uf5w#-k%m4&MVAYU~E&F@ID;jtq_%O2XiVz#zsfA zn(vAGe6D(Nyet?4O5K`QPGoF}`cyl5*@i(rR=oAN!dc%q_nS^Fu%^>x)k6!7gRIj@ z*kA8gK=aUMO5^=RG!iJ$#Se3@ldC6PD&h;dW~m4wR-Za$KlZCk?{ygJ8ytab`Q{_m zV@TgGZthywEMhz3|H0ggW&QP_WWH94v{H^&qH`g-Ycs!0?wd>!A?O|vs8f|9p%Q9+ z5{}{Xo`x{oj*7iE^MGnR%o@+z z0Sa5eb?r^_`4~|@P(JKUia9ac>+jVgd)UX6fYqg$*1qUE$9k*3*H4qHw}QpNmM6by z&ij55pL0Gs@X0kHx2c8;E~o_`IR#55oWQ;#c*@3B8ru+z?e$-g;%%}20w;x?+kF>s?{>DTD~X4 z_3k2{NqlD5;WGla@ULBG)`VzIyEZhJEqB7&iW{E-qUnUXj0WFM$m&&3y*C_20^7Nx z0d{$=53%S5w6D`df#^MFTZ@FMf-|4hJ}%#bKh3T2e{)0TS6OYiQi8rk+4K$GVks|b zN2pYppD9Vba@lhW0$)_BXd!EO*51KT9kEpb2_)kKJsSyCjYIt^a>S9+@Kp+5z^1>C zZf0Qg8c_2W|H&TuhaNS-C`fMFq z0WIxG`-iw;oeUS9G~ z@_LlM#cwwW-^TWmBl%UgE}a@G>(`$5ey~^5OkH(@OUwV^h|=Pbn3Xbt(@P(^UzwSR zGw-9v4<<_6M_7RG%8E4OugDlbkX4eDuQIWu!(Q64Q9fwMxt*qDze4z8;9^%Kd2sP) zOxxJ<<*^OD7ar%leU(lOf+ASqs6uGaU#J#5CZKm&5qdW2>;a5oo`Nv_} z%R@_7E_K#`Iwh##|Gxc^qHo*nUpP) zQCXC4cu2*3?u(UEV5O9$@@RC)(Je9NmNKeVxUVI0l!O+Q&vx4!&LjtrT4hD39q3Z` zMc)Mp_dPEli&9K;P0R>Ng-qGSZBHn(x%$ULjPBn+Xgi8cTwXgK2X=p0ay#>azW5+h z{Q{83Ta&$w28)l;q_4v|%;~EkqYv^y@r@08P30sTcE$OoQ6XxZB0Ode&kZ6>3fNUR z_xMui%CPm2+{sM+`0rqVe1D}B@Uf^&ZFPFcvgeh;tBedq7khMsM`}^!&g|azQLD|@ z${q$@$9%L#O&=zzgrn6S_stjwb<7>r+8d+OEc^C-0i6W*Hj$S*@uF777i78S>;oGf<*WU!y~tK%l1M6hP$ z)ZE)UI5x@cB#f^@Nwj4k*ZNLdQ+??DlqN@m#MtY71@Se+ab;MXclCg$t;4#1Y$SR5 za+Ng?j|^hO*~ zd{{g@FrWs?`byB>=jZ#Bqe0cFxZOc-1~Eza2h`j2eVPTPrBq{xUuEL-!U~^IuP$zN zv^2VZG_TXEWVf;`*!}w(r38<~2Ojg%lqT4MOU63kqY7#UdpXu)qkpWe=SH3W<20D+`8!^=p^gdk6|e{y7_65} z)y_$2a4#qQ-kJ7Vzx%KrmNUPyvb*jfry!c=J4l!fd3?7HW4L7K@29sFlZUWJDk6wg zia&Tc=X-N=Yg!tzmYWua?n>kwj%oUX1N}JLxw_HQ4*ESOHT{Y(p~e~>Vri(-V1!7ugWucVyci{P zTzmGVeQO-Sx2JjEObtl*KF#Ptd{f>$?5u8{MHAbGVRF@~`{pI-qMzE%b`Y=i%1kZ3 zu1M<+EG!wCm(;Q2r<2fAw<=f-I>v5lu8oyv_=?!Bdx<1vDD1~T0FN6xe%~r#=iN%$LghNqxY*WYzb1^ zR|Z4y>|e-pC0CJ@?83IdT1<~cYnoSZ;wI`|q08FVFxCjYH3FaM!JKoNH^)LfXPqm~ z>8GBnlu|{@*4ZZ6DXiA;eu>SF-Fh+fR!%qdBRu$fRh^|Lm>qe^0}qJAnhvuMMcC>q@i50;38hl4VlJ`o6e|jdzk+hI#RD7hHgT8&0VUKQe!G zr1Gk=obRF5#xcrF2rEF_waeD^w&D(S6?36GE85q~?ilD82(p_ZkLpU z7rG0-(VdhiR$eLsL!`NDn^LX_z?#IVt6jDE*3{3@{XWc38+Rmx3AMP@kq8>9*^{8& zqUr18ZqY~zECvxL{CcE$CB>@FZu4eEub8UG?jrLSvPBMLbFy_P2Ean&5Oga@;k7Y2X7d6uA`o$ZfRglztY~U za_TK)@Qw8y&4Tow&5xUyn8>R>eU$+lbh^yUH1Vh5F`ck1pL1${Jo#hi?E7skTy4`Slz*W*?g!WxjK*mQ()@Z5 z(P5iiLxIN(&-yU7G}Aa%>rH;p<~fx*b)()%Y-)I;luz|_(x6aM~*dxQIaX8%H45)?HdNg|k#G0u5U%oxqg$df(;w z*+_tQ$?2+L}37gRO ziK}xr&zpvN?P{=cQlr=6^oj6*+M^pc^t|jevg2G7-TMs-?8oecmfDuerf<<*FS#so zau-iL+rxhuZhCgYX`+-3=$@T=9zQENv(OzucXbpMj`nRn$~QVmTMRudyAburl_*h% z9KgtJZ-dGj-5w7ogxWbwHmcw0d8Kx?LZd9Fa3PG}yQa#*T6~zSn!S}NCca&(7;GCN z@Wz@)XfdL$f2xpO5Z-zd;ox4Zt{r_XGP}Swz8mClB5P^=LfpLLOpFo|a&2eDTK>|V zc8`=HJ#!Up-O>7NZf8-p*VUN;X%)JIsdfRQkm`|uTlaU+1lt1Q$ns0+k6zDj`v)c^ z*e80P1r-Rjq`BYOIPUVW_k508L%BV#K%_QS?Lob|X9SXB=+ry3+RQFISAL&N*~BvN zHk(R{pD%gx9&w_UbkxI=IWT(5G_cOZlE1z84;WDR!D4MwJ*0He8-D0O!tJ}CsHecZ zWL6Y8k}>}XA2u^E*k8XQ+5r>r_MuUIONWn@Ux++TU35jl&<_wxDUWk$u?S}8BX=S8 z`Nn@m0L*QM;=g9P$v$ud(XlGv@thR$)b-*iD%BvT|NVEt>K9=UjOzuWz|e{&mXr=b zkIuORvrsV9ahEJc~xWMBX~-p`F6#1&}gNGyjjAP!TWmUQ)?Jj@jg@(m7U58JRTV_&hZ#5<=leh*A6h{VLN9U(oajTDX^C9RgO{W zQhl^@JF;<{?37@CI<|Z?mZ|S)*t<7^Zc~4rNV%IymnyR8qV3hKx1&;JUO{DdgEnZ$ zj+)?~Q&S1!PLZUOzIF8cHey zR^BfeMFIOpa=>gExbO;ceeN``$OZ;a#Cm3iv2W~7J-hnS`2zB7{nMm#eL>v35AeqI zdO{z7Zuq|TvF@n+@G?j;k#W6GQyDT3%ih!0u8`&&0ri?sM~@HnDyvmxIjXX? zCuB<2-L)=^TsCP20J{)`AzCBKQ@3SBBKO!SeNQzsj#~_fDD-R!0dnr-%fIUyVyKY< zmVan7&i>3;rW9EoLgmlpNK4TzCfq3E^!=6Tzr7TufnKY0H|opHhEuJ`P5$@S%p5TKA#4-ox^Z6Y)Y z-wEE1gdZt6c62>+C@Ge_mas&nZKfW&hww}HH7DMWUN~PM^j#gXWm}#z)Qs#*e$7n_ zJy9iFKWWYnNMRA(|8imn`X=J_o()y$yfyyKM1g1_|<(V!~5`tvgZsx(7nQQ zq;6Hx+^t+l{B-`fu->tZ`= zM-i$6@>=aW(ffRc=Zgc z48E!yUnPiPh@qgzI_HV=rltb37hxuR=6wNC@*5Zvi|%)U4nW5S=FK;!M3-@(Sz3!Y0QkyI>S&5iAivf9n7F3tE0xnPYQwJ(t4=U2!UYurdP zz=-9Zmm3bWjN-@9~aCEZDB_VEfZ!~(e0NQdeA9Uqo$x(<+}GRxV!X+eBe`P=#@{ z>fjQiDfG9Sp5<0Ab8JWzbXO_d3mR0=W0f=IMx2>|i@5WIpo^Th4lCAi>1s!3r-6P~ z1Q1b(CCo*Yjy#HWv#07+U5kQZh82JB8Scl|M`WtM7+UtlrHH_3Rc7$>#U?r1zfM>| z%gm+BZ&TYXC`sn(j$)5a8@W&yf7BC(#AQqqG|i2=Q{TaVm=}q+dMs-0HqC8vt1~NXc4%W0 zRA-mXtpMVjMvmQ5#k~MFal5tt#O{`zYaT+0-IGs7;_a^{*~0pRa(|8~xh)d%s~k6u z;2pZ}?QAC1^}7+wMv{D^+lhTv?RNg=8!VFn`k`(EI%fk8E*C6vw>F+3`-I&Gv z4a?R)_!0_SHP0EOZn3-$j-&MT1jq-i{z%*mwW~rA5I;wpQc}<^+ETk$nG|C)7$&j* zL|q*rf4cvcmX|f!nBKjq?R!!2BysM|Ci~#%`GTkrhsPhz7hJ(t+X?&YbjXUSO3-IH zt)Nbl!)Q@UJRNPk5}aD4FU z9~J(|@(0w)-U^Pav=MaKVxDBeoq!Bq7PD^B29i5|QIivAa&=70kB5z5II1(p;A(z~ z7BpOyqoQErd5;il>o?5Y2*7mU>uC|qdE6*hs`5EyQPFOmRJ+XA+&5jblE1{=K`M+4 zUW<8H(1;C5&~{v_t0ktIeCcZfh-q7QZ3#zt10mk3pTf}6q25-5xvbwa{dV|qdH*D! zn_b~OCEE#GtGvEOA?N&WUs{#|GkD&izt)x@YOA+Uqvm7Q{dLb;dxrcJ#JgHwH@xKV`5`;6=-mF%&uqSO{iP43YaSLFvuU2*nc1)yRbIqcs8?Lf zucb@^iXh~YrcsqIixXn|hlXc<3P$gUaMQ z*%x~o(|)_ZqMWvrfxwFMAEouPA%QJUTVK{Qv8(out8>Q4B_3mwiqAXv&HFMYuSZbw z#rp9^&I^fd)!RN7^RJb;rAS^jTON}3naHahp#l#1GcCx(pQEF{itW1>5j-7I(f5ri z&R94^n)}Y^$8JRMG;EHcWJbf^$lR~1!WPSw>L-mAN9XvedG%E?l12`grtteobJx5T z>|B+uB;8%_emPmC1j>uC}59F9JrdWmfg z1}|DR)J)>r;{+F}{!jI>qA9d zApveQ|5iB{(YG2$;w$uh)8x4aM#)$8x3$tHY350HCLQ~Y>t)mDQv z_eDz4v`kLb#q~Xgmik?L#3^y>+1^fZ_uTwoOQ6$Q>FM=X_{hdt?ya^$@f{Y*rjhKO zsYt^Vnf~`j)&?ww@9~MQQ zkFD0Nr%u0rPp&FS3)q|&x9B++eX$~Z1sdM(~zGfA+c?^y-) zwN~m$&vy4q&UEvD8p25q7kad7)fPK&ot@DYs}R!(l}9ND^F`FJuu0ANQ)~!E+_K2= zIrJ5}MSA_l4W{#6`x^)SwT!y}%Xx*%Wu&i0tA=mu)JjWP^X^9*5UDQ5XBot9&A#tv zG9_&FYiosX@IMHDRsBK*^Gk1R(IjjB0AJtFi9>K?9VgN}yL>*QTmOzgot1VrC}>_4 zPH=+f66N(P?jAZRY&*h~bgCMS1orb+@M9PG?!M0z_|oowL+(1HO>fQncv809)Sev2 z`5BV}`Y|A(&QRH0%7_E7aAD-rkph?qY|yssDsCt}(4Qb>1zhVFf1zCVwm$%~X|b-} zM)m7*4kYetHM$#v@Hebn== z%OR)!y7|9r*FGqNqO5<8U;n({?0*ozKwtlJJmdc-95Ox`fBDbc#`xF&pMN%?0!DVq z>h@yw()=Hc#sJ5MoaI6?wQz^U=_un>UB$_%0DNN(UHHF#qc=x$A*O$iwzKfRodXTQ z&d2m`ERg@VZ!`t&O$QDM6fy_}jDpGi!|5o!%A8(h`5`CI`u)5(Q?mZc6MTB03SnNV z@RDl8%xaq`W8d!mo`Ut#-A757e7q2eozVq7YR!A_N(;w&$`lCr`2EAc_vSd5kZ9Nb|*!_o!Y1Q z=KxG}CnJ>a9}Plik^X{S>ZIlLvA)Y-&!Hif9~5p@E!FOTOMQL%+8iiBEd8HLZ7TSJ zpL6#&K@cD*qWkIPlgM*^%Stkn)ULoi{U1%?|M!=-`l$yc*uaw4t(n_nf&uK(%sT z1>6$VN!g|p_LH!t3sN7ZfN1ButN(I6>)b$brkqiT)juOF83k%5+rTpyu%Q4jNvsHv17Y*?kTp)?86<#4zEPhbCzT4ZI*jIsX|MwLWS!!EE1kGI_3de zlN)+}|5Q=Dc6&}p7+Us_QH?3TGcSg6^noC2%N{7ZJOJCW;j5s8)}j6Vt)X(4Btllk z`no4#VaSkA#>*g-Q&={L$WNP5-LU+pmug{L!5h)+9=(nr)8KgH&B2>~V&&!ar#unC z)?5$0p53c>E)rC9#OuIU66C{gaaJp*zlyDO*+l&=b|hsr8cX>PK-pMdhYk#am%XO+H+{4lXU&#Q+h$7l*!3S zkEOkijt=qtYZ`}F)zt7B85#Zf^~*c)(|5*qmKGKkJXq-?BO`F5z5TN+Ps>AorKY7t zhK7dTO6$rM;FZ6?arZiZg#rJ$b4^~=d^@xNSp|j2{{H@zy*+vV{ZoG`Y_}_Q^Yj$g z($Z>rQhc^;(mgpPrP9AO5M1S7&HD=8`xnlI>Dg;W4wG@5y!Uq}QvB`jT6Crh|3v3M z|NEu?HUZOro8Z4q0E(~w8w>v11pn;?{~ZWm&G6rW@c)q}_{84y>x3THyX9Gyln%yf OPfc0t0q&mF^Zx_