From ad23de569c5ef4db00140b0c744de6ba96705720 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sat, 20 Jan 2018 21:49:36 +0200 Subject: [PATCH 01/10] Update README.md --- README.md | 29 +++++++---------------------- 1 file changed, 7 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index f59de5094..01ce5fcf7 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ Welcome to the Infection Monkey! The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Command and Control(C&C) server. The Infection Monkey is comprised of two parts: -* Chaos Monkey - A tool which infects other machines and propagates to them +* Monkey - A tool which infects other machines and propagates to them * Monkey Island - A C&C server with a dedicated UI to visualize the Chaos Monkey's progress inside the data center To read more about the Monkey, visit http://infectionmonkey.com @@ -33,34 +33,19 @@ The Infection Monkey uses the following techniques and exploits to propagate to * SambaCry * Elastic Search (CVE-2015-1427) - -Getting Started ---------------- - -### Requirements - -The C&C Server has been tested on Ubuntu 14.04,15.04 and 16.04. -The Monkey itself has been tested on Windows XP, 7, 8.1 and 10. The Linux build has been tested on Ubuntu server (multiple versions). - -### Installation - -For off-the-shelf use, download a Debian package from our website and follow the guide [written in our blog](https://www.guardicore.com/2016/07/infection-monkey-loose-2/). -Warning! The Debian package will uninstall the python library 'bson' because of an issue with pymongo. You can reinstall it later, but monkey island will probably not work. - -To manually set up and the C&C server follow the instructions on [Monkey Island readme](monkey_island/readme.txt). If you wish to compile the binaries yourself, follow the instructions under Building the Monkey from Source. - -### Start Infecting - -After installing the Infection Monkey on a server of your choice, just browse https://your-server-ip:5000 and follow the instructions to start infecting. +Setup +------------------------------- +Check out the [Setup](https://github.com/guardicore/monkey/wiki/setup) page in the Wiki. Building the Monkey from source ------------------------------- -If you want to build the monkey from source instead of using our provided packages, follow the instructions at the readme files under [chaos_monkey](chaos_monkey) and [monkey_island](monkey_island). +If you want to build the monkey from source, see [Setup](https://github.com/guardicore/monkey/wiki/setup) +and follow the instructions at the readme files under [chaos_monkey](chaos_monkey) and [monkey_island](monkey_island). License ======= Copyright (c) 2017 Guardicore Ltd -See the [LICENSE](LICENSE) file for license rights and limitations (GPLv3). \ No newline at end of file +See the [LICENSE](LICENSE) file for license rights and limitations (GPLv3). From 44b6c3d2433f675c3ec72231f63db3f744f56e9b Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Tue, 6 Feb 2018 19:54:41 +0200 Subject: [PATCH 02/10] Bugfix in address lookup --- chaos_monkey/network/range.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/chaos_monkey/network/range.py b/chaos_monkey/network/range.py index fdd29bc09..b07828f4b 100644 --- a/chaos_monkey/network/range.py +++ b/chaos_monkey/network/range.py @@ -1,7 +1,8 @@ -import socket import random +import socket import struct from abc import ABCMeta, abstractmethod + from model.host import VictimHost __author__ = 'itamar' @@ -77,5 +78,5 @@ class FixedRange(NetworkRange): for address in self._fixed_addresses: if not address: # Empty string continue - address_range.append(struct.unpack(">L", socket.inet_aton(address))[0]) + address_range.append(struct.unpack(">L", socket.inet_aton(address.strip()))[0]) return address_range From ab18005fd079ab347376ff542ee8c4f8067a9277 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Tue, 6 Feb 2018 19:59:04 +0200 Subject: [PATCH 03/10] Fix ping scanner exceptions --- chaos_monkey/network/ping_scanner.py | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/chaos_monkey/network/ping_scanner.py b/chaos_monkey/network/ping_scanner.py index 842a6aee8..7162c36f3 100644 --- a/chaos_monkey/network/ping_scanner.py +++ b/chaos_monkey/network/ping_scanner.py @@ -1,10 +1,11 @@ -import os -import sys -import subprocess import logging -from . import HostScanner, HostFinger -from model.host import VictimHost +import os import re +import subprocess +import sys + +from model.host import VictimHost +from . import HostScanner, HostFinger __author__ = 'itamar' @@ -62,7 +63,7 @@ class PingScanner(HostScanner, HostFinger): elif WINDOWS_TTL == ttl: host.os['type'] = 'windows' return True - except Exception, exc: + except Exception as exc: LOG.debug("Error parsing ping fingerprint: %s", exc) return False From fe2af59975a3a1d6efe27b8929c584823d460c5b Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Tue, 6 Feb 2018 19:55:01 +0200 Subject: [PATCH 04/10] Rename to check_tcp|udp_port and refactor. --- chaos_monkey/exploit/rdpgrinder.py | 6 +++--- chaos_monkey/exploit/smbexec.py | 6 +++--- chaos_monkey/exploit/sshexec.py | 4 ++-- chaos_monkey/exploit/win_ms08_067.py | 4 ++-- chaos_monkey/network/sshfinger.py | 7 ++++--- chaos_monkey/network/tcp_scanner.py | 7 ++++--- chaos_monkey/network/tools.py | 20 ++++++++++---------- chaos_monkey/tunnel.py | 4 ++-- 8 files changed, 30 insertions(+), 28 deletions(-) diff --git a/chaos_monkey/exploit/rdpgrinder.py b/chaos_monkey/exploit/rdpgrinder.py index 207564778..606f44f90 100644 --- a/chaos_monkey/exploit/rdpgrinder.py +++ b/chaos_monkey/exploit/rdpgrinder.py @@ -13,7 +13,7 @@ from exploit import HostExploiter from exploit.tools import HTTPTools, get_monkey_depth from exploit.tools import get_target_monkey from model import RDP_CMDLINE_HTTP_BITS, RDP_CMDLINE_HTTP_VBS -from network.tools import check_port_tcp +from network.tools import check_tcp_port from tools import build_monkey_commandline __author__ = 'hoffer' @@ -245,7 +245,7 @@ class RdpExploiter(HostExploiter): return True if not self.host.os.get('type'): - is_open, _ = check_port_tcp(self.host.ip_addr, RDP_PORT) + is_open, _ = check_tcp_port(self.host.ip_addr, RDP_PORT) if is_open: self.host.os['type'] = 'windows' return True @@ -254,7 +254,7 @@ class RdpExploiter(HostExploiter): def exploit_host(self): global g_reactor - is_open, _ = check_port_tcp(self.host.ip_addr, RDP_PORT) + is_open, _ = check_tcp_port(self.host.ip_addr, RDP_PORT) if not is_open: LOG.info("RDP port is closed on %r, skipping", self.host) return False diff --git a/chaos_monkey/exploit/smbexec.py b/chaos_monkey/exploit/smbexec.py index f5fa2b26b..b76a7bce6 100644 --- a/chaos_monkey/exploit/smbexec.py +++ b/chaos_monkey/exploit/smbexec.py @@ -7,7 +7,7 @@ from exploit import HostExploiter from exploit.tools import SmbTools, get_target_monkey, get_monkey_depth from model import MONKEY_CMDLINE_DETACHED_WINDOWS, DROPPER_CMDLINE_DETACHED_WINDOWS from network import SMBFinger -from network.tools import check_port_tcp +from network.tools import check_tcp_port from tools import build_monkey_commandline LOG = getLogger(__name__) @@ -31,12 +31,12 @@ class SmbExploiter(HostExploiter): return True if not self.host.os.get('type'): - is_smb_open, _ = check_port_tcp(self.host.ip_addr, 445) + is_smb_open, _ = check_tcp_port(self.host.ip_addr, 445) if is_smb_open: smb_finger = SMBFinger() smb_finger.get_host_fingerprint(self.host) else: - is_nb_open, _ = check_port_tcp(self.host.ip_addr, 139) + is_nb_open, _ = check_tcp_port(self.host.ip_addr, 139) if is_nb_open: self.host.os['type'] = 'windows' return self.host.os.get('type') in self._TARGET_OS_TYPE diff --git a/chaos_monkey/exploit/sshexec.py b/chaos_monkey/exploit/sshexec.py index f58e5677b..b93970ca9 100644 --- a/chaos_monkey/exploit/sshexec.py +++ b/chaos_monkey/exploit/sshexec.py @@ -7,7 +7,7 @@ import monkeyfs from exploit import HostExploiter from exploit.tools import get_target_monkey, get_monkey_depth from model import MONKEY_ARG -from network.tools import check_port_tcp +from network.tools import check_tcp_port from tools import build_monkey_commandline __author__ = 'hoffer' @@ -41,7 +41,7 @@ class SSHExploiter(HostExploiter): if servdata.get('name') == 'ssh' and servkey.startswith('tcp-'): port = int(servkey.replace('tcp-', '')) - is_open, _ = check_port_tcp(self.host.ip_addr, port) + is_open, _ = check_tcp_port(self.host.ip_addr, port) if not is_open: LOG.info("SSH port is closed on %r, skipping", self.host) return False diff --git a/chaos_monkey/exploit/win_ms08_067.py b/chaos_monkey/exploit/win_ms08_067.py index 3ed553931..51393ea69 100644 --- a/chaos_monkey/exploit/win_ms08_067.py +++ b/chaos_monkey/exploit/win_ms08_067.py @@ -17,7 +17,7 @@ from impacket.dcerpc.v5 import transport from exploit.tools import SmbTools, get_target_monkey, get_monkey_depth from model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS from network import SMBFinger -from network.tools import check_port_tcp +from network.tools import check_tcp_port from tools import build_monkey_commandline from . import HostExploiter @@ -168,7 +168,7 @@ class Ms08_067_Exploiter(HostExploiter): if not self.host.os.get('type') or ( self.host.os.get('type') in self._TARGET_OS_TYPE and not self.host.os.get('version')): - is_smb_open, _ = check_port_tcp(self.host.ip_addr, 445) + is_smb_open, _ = check_tcp_port(self.host.ip_addr, 445) if is_smb_open: smb_finger = SMBFinger() if smb_finger.get_host_fingerprint(self.host): diff --git a/chaos_monkey/network/sshfinger.py b/chaos_monkey/network/sshfinger.py index 75a3380ca..89c3092d7 100644 --- a/chaos_monkey/network/sshfinger.py +++ b/chaos_monkey/network/sshfinger.py @@ -1,7 +1,8 @@ import re -from network import HostFinger -from network.tools import check_port_tcp + from model.host import VictimHost +from network import HostFinger +from network.tools import check_tcp_port SSH_PORT = 22 SSH_SERVICE_DEFAULT = 'tcp-22' @@ -38,7 +39,7 @@ class SSHFinger(HostFinger): self._banner_match(name, host, banner) return - is_open, banner = check_port_tcp(host.ip_addr, SSH_PORT, TIMEOUT, True) + is_open, banner = check_tcp_port(host.ip_addr, SSH_PORT, TIMEOUT, True) if is_open: host.services[SSH_SERVICE_DEFAULT] = {} diff --git a/chaos_monkey/network/tcp_scanner.py b/chaos_monkey/network/tcp_scanner.py index 8ce715f7f..4a6b8c40e 100644 --- a/chaos_monkey/network/tcp_scanner.py +++ b/chaos_monkey/network/tcp_scanner.py @@ -1,8 +1,9 @@ import time from random import shuffle -from network import HostScanner, HostFinger + from model.host import VictimHost -from network.tools import check_port_tcp +from network import HostScanner, HostFinger +from network.tools import check_tcp_port __author__ = 'itamar' @@ -26,7 +27,7 @@ class TcpScanner(HostScanner, HostFinger): for target_port in target_ports: - is_open, banner = check_port_tcp(host.ip_addr, + is_open, banner = check_tcp_port(host.ip_addr, target_port, self._config.tcp_scan_timeout / 1000.0, self._config.tcp_scan_get_banner) diff --git a/chaos_monkey/network/tools.py b/chaos_monkey/network/tools.py index 66f4eef57..b89002802 100644 --- a/chaos_monkey/network/tools.py +++ b/chaos_monkey/network/tools.py @@ -1,6 +1,6 @@ -import socket -import select import logging +import select +import socket import struct DEFAULT_TIMEOUT = 10 @@ -32,10 +32,10 @@ def struct_unpack_tracker_string(data, index): """ ascii_len = data[index:].find('\0') fmt = "%ds" % ascii_len - return struct_unpack_tracker(data,index,fmt) + return struct_unpack_tracker(data, index, fmt) -def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False): +def check_tcp_port(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False): sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(timeout) @@ -43,7 +43,7 @@ def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False): sock.connect((ip, port)) except socket.timeout: return False, None - except socket.error, exc: + except socket.error as exc: LOG.debug("Check port: %s:%s, Exception: %s", ip, port, exc) return False, None @@ -56,23 +56,23 @@ def check_port_tcp(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False): banner = sock.recv(BANNER_READ) except: pass - + sock.close() return True, banner -def check_port_udp(ip, port, timeout=DEFAULT_TIMEOUT): +def check_udp_port(ip, port, timeout=DEFAULT_TIMEOUT): sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.settimeout(timeout) - + data = None is_open = False - + try: sock.sendto("-", (ip, port)) data, _ = sock.recvfrom(BANNER_READ) is_open = True - except: + except socket.error: pass sock.close() diff --git a/chaos_monkey/tunnel.py b/chaos_monkey/tunnel.py index 7f7edec03..9a50679ff 100644 --- a/chaos_monkey/tunnel.py +++ b/chaos_monkey/tunnel.py @@ -8,7 +8,7 @@ from threading import Thread from model import VictimHost from network.firewall import app as firewall from network.info import local_ips, get_free_tcp_port -from network.tools import check_port_tcp +from network.tools import check_tcp_port from transport.base import get_last_serve_time __author__ = 'hoffer' @@ -40,7 +40,7 @@ def _check_tunnel(address, port, existing_sock=None): sock = existing_sock LOG.debug("Checking tunnel %s:%s", address, port) - is_open, _ = check_port_tcp(address, int(port)) + is_open, _ = check_tcp_port(address, int(port)) if not is_open: LOG.debug("Could not connect to %s:%s", address, port) if not existing_sock: From 7c6c153733dc8295b7e081c2ba9c1e9dcdf5d395 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Tue, 6 Feb 2018 19:56:25 +0200 Subject: [PATCH 05/10] Implement async TCP port scanning + banner grabbing --- chaos_monkey/network/network_scanner.py | 13 +++-- chaos_monkey/network/tcp_scanner.py | 40 +++++++-------- chaos_monkey/network/tools.py | 68 ++++++++++++++++++++++++- 3 files changed, 94 insertions(+), 27 deletions(-) diff --git a/chaos_monkey/network/network_scanner.py b/chaos_monkey/network/network_scanner.py index 5a9037184..9c1cf897e 100644 --- a/chaos_monkey/network/network_scanner.py +++ b/chaos_monkey/network/network_scanner.py @@ -1,9 +1,10 @@ -import time import logging -from . import HostScanner +import time + from config import WormConfiguration from info import local_ips, get_ips_from_interfaces from range import * +from . import HostScanner __author__ = 'itamar' @@ -18,6 +19,12 @@ class NetworkScanner(object): self._ranges = None def initialize(self): + """ + Set up scanning based on configuration + FixedRange -> Reads from range_fixed field in configuration + otherwise, takes a range from every IP address the current host has. + :return: + """ # get local ip addresses self._ip_addresses = local_ips() @@ -27,7 +34,7 @@ class NetworkScanner(object): LOG.info("Found local IP addresses of the machine: %r", self._ip_addresses) # for fixed range, only scan once. if WormConfiguration.range_class is FixedRange: - self._ranges = [WormConfiguration.range_class(None)] + self._ranges = [WormConfiguration.range_class(fixed_addresses=WormConfiguration.range_fixed)] else: self._ranges = [WormConfiguration.range_class(ip_address) for ip_address in self._ip_addresses] diff --git a/chaos_monkey/network/tcp_scanner.py b/chaos_monkey/network/tcp_scanner.py index 4a6b8c40e..c258a6397 100644 --- a/chaos_monkey/network/tcp_scanner.py +++ b/chaos_monkey/network/tcp_scanner.py @@ -1,9 +1,8 @@ -import time +from itertools import izip_longest from random import shuffle -from model.host import VictimHost from network import HostScanner, HostFinger -from network.tools import check_tcp_port +from network.tools import check_tcp_ports __author__ = 'itamar' @@ -18,29 +17,24 @@ class TcpScanner(HostScanner, HostFinger): return self.get_host_fingerprint(host, True) def get_host_fingerprint(self, host, only_one_port=False): - assert isinstance(host, VictimHost) + """ + Scans a target host to see if it's alive using the tcp_target_ports specified in the configuration. + :param host: VictimHost structure + :param only_one_port: Currently unused. + :return: T/F if there is at least one open port. In addition, the host object is updated to mark those services as alive. + """ - count = 0 # maybe hide under really bad detection systems target_ports = self._config.tcp_target_ports[:] shuffle(target_ports) - for target_port in target_ports: + ports, banners = check_tcp_ports(host.ip_addr, target_ports, self._config.tcp_scan_timeout / 1000.0) + for target_port, banner in izip_longest(ports, banners, fillvalue=None): + service = 'tcp-' + str(target_port) + host.services[service] = {} + if banner: + host.services[service]['banner'] = banner + if only_one_port: + break - is_open, banner = check_tcp_port(host.ip_addr, - target_port, - self._config.tcp_scan_timeout / 1000.0, - self._config.tcp_scan_get_banner) - - if is_open: - count += 1 - service = 'tcp-' + str(target_port) - host.services[service] = {} - if banner: - host.services[service]['banner'] = banner - if only_one_port: - break - else: - time.sleep(self._config.tcp_scan_interval / 1000.0) - - return count != 0 + return len(ports) != 0 diff --git a/chaos_monkey/network/tools.py b/chaos_monkey/network/tools.py index b89002802..716be15a0 100644 --- a/chaos_monkey/network/tools.py +++ b/chaos_monkey/network/tools.py @@ -2,6 +2,7 @@ import logging import select import socket import struct +import time DEFAULT_TIMEOUT = 10 BANNER_READ = 1024 @@ -36,6 +37,14 @@ def struct_unpack_tracker_string(data, index): def check_tcp_port(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False): + """ + Checks if a given TCP port is open + :param ip: Target IP + :param port: Target Port + :param timeout: Timeout for socket connection + :param get_banner: if true, pulls first BANNER_READ bytes from the socket. + :return: Tuple, T/F + banner if requested. + """ sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(timeout) @@ -54,7 +63,7 @@ def check_tcp_port(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False): read_ready, _, _ = select.select([sock], [], [], timeout) if len(read_ready) > 0: banner = sock.recv(BANNER_READ) - except: + except socket.error: pass sock.close() @@ -62,6 +71,13 @@ def check_tcp_port(ip, port, timeout=DEFAULT_TIMEOUT, get_banner=False): def check_udp_port(ip, port, timeout=DEFAULT_TIMEOUT): + """ + Checks if a given UDP port is open by checking if it replies to an empty message + :param ip: Target IP + :param port: Target port + :param timeout: Timeout to wait + :return: Tuple, T/F + banner + """ sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.settimeout(timeout) @@ -77,3 +93,53 @@ def check_udp_port(ip, port, timeout=DEFAULT_TIMEOUT): sock.close() return is_open, data + + +def check_tcp_ports(ip, ports, timeout=DEFAULT_TIMEOUT, get_banner=False): + """ + Checks whether any of the given ports are open on a target IP. + :param ip: IP of host to attack + :param ports: List of ports to attack. Must not be empty. + :param timeout: Amount of time to wait for connection + :param get_banner: T/F if to get first packets from server + :return: list of open ports. If get_banner=True, then a matching list of banners. + """ + sockets = [socket.socket(socket.AF_INET, socket.SOCK_STREAM) for _ in range(len(ports))] + [s.setblocking(0) for s in sockets] + good_ports = [] + try: + LOG.debug("Connecting to the following ports %s" % ",".join((str(x) for x in ports))) + for sock, port in zip(sockets, ports): + err = sock.connect_ex((ip, port)) + if err == 0: + good_ports.append((port, sock)) + if err == 10035: # WSAEWOULDBLOCK is valid, see https://msdn.microsoft.com/en-us/library/windows/desktop/ms740668%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 + good_ports.append((port, sock)) + + if len(good_ports) != 0: + time.sleep(timeout) + read_sockets, write_sockets, errored_sockets = \ + select.select( + [s[1] for s in good_ports], + [s[1] for s in good_ports], + [s[1] for s in good_ports], + 0) # no timeout because we've already slept + connected_ports_sockets = [x for x in good_ports if x[1] in write_sockets] + LOG.debug( + "On host %s discovered the following ports %s" % + (str(ip), ",".join([str(x[0]) for x in connected_ports_sockets]))) + banners = [] + if get_banner: + # read first X bytes + banners = [sock.recv(BANNER_READ) if sock in read_sockets else "" + for port, sock in connected_ports_sockets] + pass + # try to cleanup + [s[1].close() for s in good_ports] + return [port for port, sock in connected_ports_sockets], banners + else: + return [], [] + + except socket.error as exc: + LOG.warning("Exception when checking ports on host %s, Exception: %s", str(ip), exc) + return [], [] From 41de1a86e0e6898938928f15098783cd2130169a Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Tue, 6 Feb 2018 20:13:27 +0200 Subject: [PATCH 06/10] Fix, forgot to include the configuration of whether we're pulling the banner from victims. --- chaos_monkey/network/tcp_scanner.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/chaos_monkey/network/tcp_scanner.py b/chaos_monkey/network/tcp_scanner.py index c258a6397..e291e8d3e 100644 --- a/chaos_monkey/network/tcp_scanner.py +++ b/chaos_monkey/network/tcp_scanner.py @@ -28,7 +28,8 @@ class TcpScanner(HostScanner, HostFinger): target_ports = self._config.tcp_target_ports[:] shuffle(target_ports) - ports, banners = check_tcp_ports(host.ip_addr, target_ports, self._config.tcp_scan_timeout / 1000.0) + ports, banners = check_tcp_ports(host.ip_addr, target_ports, self._config.tcp_scan_timeout / 1000.0, + self._config.tcp_scan_get_banner) for target_port, banner in izip_longest(ports, banners, fillvalue=None): service = 'tcp-' + str(target_port) host.services[service] = {} From 950e8417085502a27f83da2caded61f010adbcd0 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 7 Feb 2018 14:53:38 +0200 Subject: [PATCH 07/10] add image --- .github/map-full.png | Bin 0 -> 82368 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 .github/map-full.png diff --git a/.github/map-full.png b/.github/map-full.png new file mode 100644 index 0000000000000000000000000000000000000000..5416aa8fb698f2b5964cf49f3ef93730220fc3a7 GIT binary patch literal 82368 zcmeFZbySt#_BV=1NDC5@3P_hocXw^Nqy_e-yBj5>q@_3A(jXwElyt`?73q@B4fnzC zIlm+4zW0wi?znf{KVAn8$A0ixYp&VzGw0gjAY~aWbP{v~1OzNOSxGen1Y`#Ugom7u z5P>Hd#~F>lKS-8hN@55IRWTUXCdj~NGzVE-X9NW7j=R4PKF3<`0uPB@q;y==?JZo~ zO`OaT984f~F06LuF3&kxU$V0EO-xn4K|r{Tl9LqE@G#t2Kzps}dLwdkp>zwexV*Xa zy;45PC@wIl=_MpjwV+q3sdf4;$u!bA!5mTTkn5z)NHaK3i3s6|q7u=z)8mU(M#kXCmI&QozBa5}lL zkAtExF>I(UB-`zZCq3V^?QD_{{N<}*;ep&K{-G2r%@m7aXW^aMi7Kc~r$Ytx z3wai)QvI{DQxH$CGx&R%D21AZ7Dss7oxBl^j>HN^%1UUE&~8;-*;XKxNb6iWzueRHN#o?`Q=iP) z%l=>itHAJShs-QI!R!9f9U4_Aq?w%=FM~HY7HT7W=bsT+;?{UX64vEkJo-5mPG!0= zUzPE3up>@ctI zo@Ge!g}8rgJ=hV(4>sC2P9+ZfLwrQHpO~cQXXd#RfY54ODhubz+I~DQYgZH*L}bT~ zcb^wldMV30ZRm%St`Oh77hkzZ?5<6b&#&OwGH}2XzyY?h7q7QiUrgu_d&l10DIj<> zI+Xvq>#>$Q#`l`~iV@J-j;W%h<-6y9TqyX*4BG)cPV%V_($=YS{Sp~q6r_}61NBxv zehJKCTm=T1+$yy+2`R5cBcaz4*Rt25I4ZmYEH2qX+OuRHm!6*JBIXrEqVOg5x`@?i zhiLYUU_ZU4eFvyxNp~75nyq7C68kM2Evsz=+}Me%uI@V!NT-#MJnb)qGB@jWmRwBF zGncpJWG=S3!51A(N#5QcaY2y}^Xkp_YLOT-&Gn73p*OO3AE$IDuv&dGX(A98i)5FYr#gPHa*#-<;?K;P ziOo%WnX-1kPU}`&S{v-cTF^A&!9C!ikv>^5q;fQ4b;xuWSs1jMzFL%Zkk9xXInfBDu;nhtWC$#T-FHv5ILn)UP9Fu5VpwHE6gO3!0)efEz4xIH*2~p2VJ>mQ|x_4+v;}V=$ z*fq38cj_CY;fC-Nl=T4hk8tvn%^UbIR@UXyR z>+u|{ag--TYamt}{7>e3*Rw{pg|jHK{=e+0DCplFG{o7sm5OZrm=sZ`!`9q$DN4W1 zvJ|vzst)L@?k|^J!66?pJcPE8L4QH{CHz-t2GNKnQ@Zh|s_S{yezQks4J<7&Te4Rs ze!LYE?mwn;8PynHALC9wbVqlD1Wb~z&#hSsmO>H%&7teu#93H9BI!GdEH1D}i`M-5 zu=~kG;5tK=_bQZq(xp}Ur(znNkxq8~@eWn8b%8n#bA?xtR)zcWO1KZVtpjyBd5NMt ziMe1_0U6fj_k^Bu14<`DpTx-)1#I;smOf4kt6(${x-70gnsH*%7Mh)^DmM&%zMo0~ zH?C8*{~|TN9N^{W)o&O3d}QKX{67BC%b$*TX={th@wIefmGR`YJM*>=Ry&-Ql!)sj zp~l-W!%=1;pqCb@Btxv-91tgtbm9S??^_G#GpXfE64~<}k+9LzZVbYxjdzYd8L(!l zgepray|gT@?=XFou*&wuK(*U*l_QGeC``=cNQ;P&b&A~ESh#S3wSsUs$J z(nHRuobo;@A2#%;VjC<%ZK28@XN&4|nwb6M$%)NFubQy8xJ%koZK$0|?mU@1BAKq6 zDiXnXclr-zJY^y&@tg#NEnCPq(=-*(^}vUg%WJt}tH!B&>6EoGYOrDuBaev<%mFs* z)X=D597aMfoUGYf-Nr~Q%M|UHfa(n*_nFQ-s1lx3hPHpYXy6a8>(PKEea!fsRr|4R zQf-Z=?ZMke_^iJlSljFqEd{7f#T;?feb+8&_E~yRwW?(wMxQyce11eU6a71{9X|t< zl7XXUC#Y-y=N+FaX)u6#k~ok=Fz8p^2pRK(c5?90L=uCyqEU8;?oPl-d_{vfxx?6T zE&K>@zN`y!lt8jDMuQnOu3lr|MVYY>z?sdLjEac7Sf=-SW6=d01--BQ0ZR&NO#`g8 znoGZt6mdJy-%_xC#)DG2{N#G{BV=VuIj=&$aFZF0sSxvNRB{8!I3a1oxxl+e_&ar< z>u=(W>;x^WYlz3Y)#Z33myM`N%emUn#3d+(ziZJ?bt~&Y$3mVnkB=Ibw_`V-R3u}a zwxZgQ)5p7vFVK|vx!#f8&Naj4P_(8KFU;AG0VEA3yYNMt20j{j<3%hR38uVB#zHA@ zrluVDVP`iq)ud4X#9L^H{DF4}>{y6MSLsX<_|;EjQxs}!9=FNw@9iqHV6-MBy1Yz| zm4-(jCV&gu$_oEHBGDv3i-T_?i4ye)Kf#(FM(TXg+*B#y?ez9ljOW|ff;DpPHt5vM z6-5yn$YHcx=nrMAr{0t$d`Uns%i#aGaNeG=k(=*K1sW`$$ESa-S0M=dAauT5)OKJ) z<(e?Go*>$>#e!gqjE>E9O>)XcQ#p|!D#mQReuJ^&h1G9Pj*f35sPUE29QUX$gJ;2* zDudkNq#JzOX7nSPi9Tg7TCp<4ToXcY+^bT$o zcL5Tj#JC!q)S>PAAX_10#Rzt--kEOUzxXVMIv#N}g z@PI1EYpugYJ32~_N%84reXDh*wuBxLv&Wox)6Zbx;{n-BG_RO-O)v5c0oG1cY9Buf z1!)J*H$5nH$x881wNThtkvL!Qfre*70WZE5PQ|ytpvnC|m7W6@z=;IwzRKHz+%0Fa zd`Hy&L&EUAH=d-jJrRVR3uFr*iq8zx#gA1so487KBd>$r&Aito19wEfnArV+J|=mPbOK6OX7{{TSW-J+UtzJ*j8J z;!|w*u%xUm#4j!a&gSSFh$sRh#Hm5Lla02Tzmx=Db5U+4*D1wfYU$ubW>;Sn4ylIn zmm|}a5fn~Nb?5>O0RRJ0T8H`(=EEA{*{`Y_jOk(z0RdHT^q zxhO3z8j!=AxtWL0ZQTxs(DCsSZ%8S=rlc!~aEBOTFY0 z5&86`!mb(Z9Wm`E6Go#TWfrUK{2rQ@fG=hpgp}Hpcfi3MWGYBt)C*G*pk#=(kl-s7 zB%}{p9IkF|u3h{%*7cFUEl?%sr4TRFG4QMA35j1x2r_yqD$R=!VukaMLUeOS7vzoe z-z?V4%)Q%mLKV$VzQ>xQPWrXBu+Qbd>z~nc9{<2#magJ&<0a7=#(3Q9ABf{%`dU7h zHC5U3!`k|e-@}B;+#f-ODR)6Pz+kHaOkX&qIM|4$mm$D^JpUF*@peC%I>m@Q%{1b@BXh8oZR>@|t~>XG{H_ zMQ(h;|IW(s0>#&*l3k!?@5S{`#g&wlZb^~B6+EsvxkSP7A|9@zJ~*;AiMr3goPqj| zxb+avV6g~zVDt@(+iB?@etCkvgrelAH&gi65!dr^V%N#0a`FVNWqK zx6+=|F&|+~SX~qRkRwx$GbxF*qJVh(IuSK2tOB3BT$}`R>h&NcB65T}C1!Z{i%Y6Y z-S1j|q|-IS=0Tz>)>xe#%i)c)_R4)b$BRAd~N|z349WAvEg{ zTVX#r_RDV~9k$`h96fHhd|H?F<{62NV8i4`6RR2wyePWPAk#sPC?ZbVw!8vL?J-rsljWt(&<< zk?z<1WGkB^Z3%x$_Dn1fIkAF4|3gVc^$uh(nK`!&5?8!|QOIM^N!ho<`B)t)nz%8{ z6T+wo*UHOv$2~K>Gr8Xgmrk=E*UXnterb%n0K2Cp)2EPhF4A;Uz1+G4w?zIt@xEx76N>;ZKLVpKn9kQ-m zj8suCM}Zv69(i{{O1BTGPzmLrNBT)s0Y7ZPgLbe_>hWc{1>~LXPh;C7W)(8%a0!OG zVj{lH7h~JG^DgW)8aui6tbS(Pw_6i|Sr@~0siMB0KdVqyolM`XrPIEw^{lUd z?OhcdMp4_KF)|e6qy@ylk+dOvUjB)-uB}y1prr3sz`kufSIem?0`YYjsC^=4WaZpv ziE=IX*3CRn%dDF5@no+PD{R+JW*Y9wi)w4nG}XyE6gOiXBr_YBd`)j6SH{gVEa(XB z;z;zJ#@3U@Q-ox)>%*C0+z`t;#=dezg6%hBtGr{dIvsPPuOdBEtBupqq;8aq(1s~lO}lcR<;($yXB#} zFSk`ddv|~b>ZxBs!-`?F8&ZSpZw*RN04acR9MpPzvUE2qxC{%m_My6a!vkdC9OPt4 ze7ZD&Xjd)T91uYwsPhPa8RdheVp7{t6q-Tg`Qn{|fl>07#z1?eDQ5dWd>g+N1s3LW z54H%IOqOfxP+-9dHTc5_P0o0Yw{-zrtrjMYMD}^CqXqz2?H)XScza`5frH z);Gkt->vfx0FWgA#z-%i9$>oG(7Ap~xahE5%v_@?Rn+(diUGio=jBMNL*mdoLJ<%s zUNq3tCr^z6@I>FNpYwV&b_VW9u|zX~SIBQy>4m^~X3-d=u_3F=t7ylL*qP-crE@EH z;F8;Wc|C%@{Ci-pas|MnVG?f@KwG|G*oU<*#;EnMmXG+AryuaNR>~D(?}9<8gMOo- z+&|GDtu3^3r>)NlrXa3%-XrIaBx^|ga*-%2&vM83koo594S6q=w`PjHT)lk&hz-Dg zz61ay9%>dbt2oSXo}GSwwxGfUU{9ep$y(Kb0yA_11q0{CA*$SZbabXppq0ztD04!M zJfxS@RSR+a`}G6#W3NM*vm*#0kk?WRHLK1a#2SKocm`Wqv>SS6UjPg2o-(&832^v= zbBEQ9frLT5SvS!T{&Y2fCqI{2@N7nfMFUB$ylT)Gu#I)^SZ}Q!4j?S+ z&U4&WMYH9EV2<;*-CyIMzt;X6BAq;Tx({Oll%Ud9U4QE}LGQdQt;w}lvd~SS#7aU^PD5_7N#I@5F z9s_H)D3}E}FsN1i5&&hp&{c;R|FKboWih9SAS+W{ER0%9GSGo4DWbOs<60hJMvPUZ zP0)KSYhs=|FqV+We0F{O5zEk&M8t1ZEL?xkB&k&xAJ&z9&frS!nnPUB_&si>s!hB- z+S8Tr8u|)I@i!Vb_{oEVN))j^jIvKk0uKpX4}F3{PVF!>l2X3*0se_Yld61hOX=DF zVxc5>n~S#;V`+A9QvE^w&M%eb+Vc|>bl5m?QCT-xhCu!J zP_UKPJszv~#on|nii$PMt{@^8w=`T!_IvZ_p`cTT)>Z>M`%)!NVv47tPTo`EqJji- zBHLMrehW)b5}X4+4+FK#aOn9$dArqH69D*iqtIi?GBy>N{vgW}4y{fVlRbi_0zTr8 zQU2+SOeXyFtqEDpc(e_-ZaYQ8V6wc9im_r&_o0h;2zb}7Eo#QDpJipj1%ZTbw53Nh z^eCTAjx0)KFUlxejiYL5Ww}uf23wi__fa_Tx3KWTczxTq&>o%Ywwz^`)3MD^<~%Ot zk^Ha&AgAZdTD%e+SoiE&iJ@P#<51;Hi%s+c_{zDTR0w8CYy#rLLkC0D(Ms1zWSK=K zwlwj^1dC{stREupT0&%g0|@=!KQM2jh=w6!J?cJU^Vw_b3M1oHS?KRiYqK8!AEWDw zo~sFHuHeEJwQpOR1b7Uf%2cBft2%%=KqKJ4*K9JW=+d`*S&q9JSxrI+ z&T0c&Qz*dnpMt#YFX&Mf+{Tc!qSJRoZAF?J5SdWT9_>KbIeQ&7DeQJ=oqKqK2OiszgAEY~IpV;U+18*>a%-V_`0{h?C7HLM(CF3)v|E zr2EDFyKOz_ka7$qJm_&J_SJ$DX|JH^n)g)iIA?8k$Q&6iv4S#Sh{ zTRgtgrvANfkZ{=GK64VzkR)H}<39-lLICP_7W6({slmqJGkJ&C6?QS|-|RiBg6qeo zmYis}hGDo~3c)bkV(`0ok)|xIA(3v+544|a@4X!kIJ|gj6)PL0%_>}_V$Eowr`6ej z9$AW&gcHSjec;8yt;c1wS}j(w7uCd%}q)H%~6&^G;}J9Ot>zp}9wIB#Fc zD3RodnrVmo!#Q3jGvrdKx#yYa#RitaBWkq|Obd(hRKyzZ6J*OZFfq*2n}@T{v(pCo z^+D^p#j8X-n4(XX!&*fVsyT`dsk`=-7-5xVl4-2DN1*LpFYODP{UgV;Z;5MX!cVzs zC-1Vbc;=B8seu+N7)4+j8>=TgD66r5s{s930+0Yjd6xv$hYrvB)vTr<*TMjTL4zdT zI0W9d7rM1jZeQ?g=t!fP01USZFCp!o)13!Rd`E3v`<8ZylFD~V(O<{sH!hPJWicg< zRz?EnM2F$_*JaPE|E(vhTY9_~Lqp_q2X0?}?9A5(kX!+w&WLxDH8qqG2;CYxTv%f- z1TsVhzllJ9fZf4`c?3E0_j`k#Fu{Gdty-xl5?G02G9P%9Bu~Xrp3nRn5RG&161Ufn ze~jHbXW_(MXkX<-x=Qy8e^CCR0yewxob$3HsmSZzfl>`8vIOF2fdCW_6m_X>*($d9 zF%}M5ayXHdF+vS-NjXvOzq+wp=+iR;pgQ;bBc^Vt`@; z96Da%<#6qV3X_HC!f;{a!n1jn4Lx5RuG^EZBBn_12>ZGm1}WAi%wd^zVz82Yy&lx)%;_OMX9$Ev;EURC;7kGnV>H3 zjTW%%VYKT}F!K2bKjB1Re;!E{=)bUI&BuOU(cfi87|KwB@_PLM&@fsb=sB;{&og_0iY?f&3Qo5X91l(M?A@n zvFmKa$w{qd?(4WGAPdcCk@48g`KpCqF?&XUCg+ygnb!dh_BaWJT#!i&8k5A0GC6-g zW733V@oZY02!B9aJ-D~pnmQ23xQ=TP>2hMa%`pbQ+>_-+f{S`LkPlZ2yh>m6z)-3_ ziR?znP8=x#zpK^LYdi*rOV20Z-p|X6EY#3S?N)7D`nFi`&X`-Hy!?9X=jlhNIC>V% zE^HoMK4K^|)_qvwd5;lXp*h^bzqy_*j+gF;__G60Gq8vOV3Pu8uRk9DfO9?^w7Bhf zaxCWafWQ{z)jNxOGG09ZOj>zyFzqgH8#F6)s$XKxs1dc_4Sl4hn|Uaj_5w&MuVbxKCUoRvS{NV{jr8 z5+vCO>)EzL#MQOGc}gFnF?5>d*>4xc>D)5eDf;8MTmL+6igRNNEkWU)tqZE%rAKw! zfVt-0WTm?8J|W9b*)FF=LD%q+8?Rx6VEx?0!D*zQkblE}$=akF}n8gvw13b=yF@WdkZ?DK@ZX9A3wMtd*L*_*21ZNCt{! zMjfR?+9!3NKMcEk$bl6XktDG9ZIE-~2Y{Zq?)9>%7;muLbkVp(yzwU=Lo&5QpE25{LZwI<2Ez}H8~H)>^z^bSDuuVJ z`)O4S>IEZbbha%1`@{@2zP>V&n-|TOZ$9lTv2emh8#7Ak>)pPEV5M=}{@k~JD&W4C zM}D^TLirij*J*b*bpLg6U0q$5veUhV{w1EMQl2^6(0o3QoirGWgPc6F|F&RC|HI~} z*|k{zQUKb-=mkQz`d#q-9FI6&Gq-}J^n@A6<47Fiz7{k#D5QL?Z0E)@K3Os-U+i|M=Tf`_2 z{$L<{*5a4Htw+`7=lmuPea^`VdRp^J_@=V{6_$^aIwv#e!<$cgOB?2-ec7Vf{B*B6 zhtJ;qP^hnxz$YSRxBHE1{p#XPg@zH-xVP*oNk_PQy5Y7AJU(}Rj%n!=!%2*YT)L(2 zFC{POFJjbYM_EICR>cNBPSssOQ3)Skt{$}oB`nN2I2myqmz^s;` z0Z>V5jt4g#;dYKwJ*Kbya%ck;CBMp%ikNXH%AST%2=noI_I{xBNk!Sd*kxAW80jt3 zt*PZuOnD_msyH%Gs#R_p?{&7PR3Q^hCRZ`rH%kJ3-7Mq^^yM!`srfIX!p2<4^Bp<( zFR=~FZ!`^c9VA^^Db063cWmj7XIw?6w5ZJG=+r{mI&bS>kGI z=a+u?#RI;SPDpKK0rA`wm-Cki+-(Zyz7MxkRM#thbIFpSbU`S09a=4BXTzL;X9a{zW@Mv|aW2K{MPcA`F5w;LKNDu9ineX~GJBcO z%V&03V}BLBfZ|V(qT5$kB(rEQR-)?f@%>}#7Oq$J(nmf=K8rcsSYobVgGdPxU5=br zC#V)WLd@^qdt5S{UNL^kRCsWF&`(#nFLxs2tzTf_*D6OqHx=ovKbtpXKO8myD$sr- zIRuiKv6x`_deb;U>U=t=<=+HvddD2D9rNy{7w`1QZdFEN5xK_xtCzo9S(#Xkx?jcd zvzkl%Tih0C<7F`RKGnF0($pu*!zw1Unj|tx#SHa?LnR*6ko9iHnfrRx! z^hBu-768Rz-Z_L)1;LDL06gIVrk&&kp z+=;3FtKQ03h!%sXU4}J$vyBhklFS_uax(%6O*kHtyx|y$=m%QFdk2}SGNMk#AO0~7klTtD#nmU@WzL(O-dG1|W)+QwU-6)}4@=>)6VvdqXyug;p8iN; zkw3dJ)8=n{TWmc^%$ir0G8QA;Bk$zsnJ=ZYtYa(GJ8j${6c}W`bOSdcZhbRXoGu=G z^Ljog8)(^BMCh+h3ItbOPT-vg(Cwu!f<=Q182vqKqo`Imv| z=MYIKD7Gnp+jR?u4`aI=E40z)Fr#V9FnFH&v`<_6 z&4RFw>E*2M%g?#?6@0ET^mOlA&(2Xdhr7lbKy9tZ25+cAvZ+cv?%&aFhWKd|k9T>@ zl>`OWRBJY$Tuu7sRLgN_Riuy<41LHV7AkEs>LGS4whlRp8j#a1Nk?K|sf3`dHs{>N z)hTpW`LnX-G2`s+T%D#S_;R2`B)%QzPP+w9kkZeYI>w3O9c9H_Ki>D?chsPo0i#BG&x!JJslW|OYQwKaf(}Vc9ki{k3$?N{$K*Tgor(d#ega~jp>nj`z4X?&TChf89XMX2m z8QOgMfs1&jQ#aLAAZTJy&GcY9B4TQk;dmIYrI`FL>_NUhFL$Hq438xA8LShIQ%atY6)0z?9XV=XU7*zFh zVmKJ?Ga2%NL8gy)#>n@gk@Qrva9|I-h<|YzJzH?$oPUAo`h^Gd0XB^?1oc@zP9?9n z7~-odB09<05g65*D+Xf+236aRb+A{}%|>2mtoDxM^5%ge~VoQN}Q_46eHQxqGAVV|625DYKr z-Z-m173$W$Xvp6?FJi*w5vX+w8)!wFB;JAVe5~l`Q=W}`B_pS-L~3!7VK1B`8Rf@; z4Zfi)8_KqSh>JGaoZ)(x+}1t<(7(e|ylGxA*B)U^k%b`zCjJZ!%J=WzuUi--jTsOG zf<>8iw6vt{(Y&qwb#dt{KL?sH&DU8IwcPv&eYR1@&GvY^!B0L&5-w$AdYbmhDJ6I* zY|=X6cGB<$%F1h3=xOAX${%E?pj^WPGisicR&XIo=Lc`Gr}{#nFVmwl$#XJ0ZoV!P zTdQxe&Vu$TU(Q!qYS4SLxDD#LTTUfR9W06lrkdPDv+Ha6a%|*EOjuKKGA0~dBp$7Y z*VU_!G7o`x1ts_#pKm2}DN&89o~Mtv+Hi!xLgjQMbim`;7HceB|4dSPkma{B`O z?lAmN9dm->vq%gJGtc)voX@joA&LI1%pzSo8@hAKyFAix5rH*pS>2IQ(?S~%p$jj_ zI1A7IhDHn3veF;6wJ^kgS5fI90i)1$0rEPo+dzJFm$c>(d5B6Vu;8GeTanr!yWVgn zo?I{a9ATxUlox7O819tw=MvcH0`1`xVq0;_e1gbR{1C6AwhaXpPg!<Ro>wx!E+SV`GpN;h5s}Uy!_rY7P}2sweIvmo|JV$V&A}%K3fsmsylm0jqOS zzg#R$13H`4UTYu=l4&2}$>aaNM~trJUpweF=oDY(GoI>eUS3v{nW!^|Tq9LBXzYzO z<=*$gs3lbDdE4B(uZwL`7SvO%f!lCIUB1`vtJRyib>1RlYiN8~^Tt3x5LEhS*gT=< z;k#IB88z>UuAx^zR%}czyt&ZKcBBigaAwc5Z@PHa0o!Mxv zS)H_E`dSu(*>ozKp#S0DQrDnATZ3>L$iNUxZ=;i_bzsiI#R~#erN7JAvMIMTW>j07 zFfg(Ot>+tx@8~^D#ZptZi6k#9aRZ=wnQv)&E zF)%0x_My?f(d+2z&^P}z_XnJFJL$56SQrzVgqHNZGOcKVL0*2LyivU*+qbk}_d6c# ze4f>w>f_(m4X-nJsox31te-aaEyO2~tGT+kJn-(Qe5R^5@^3zolG1#{+iQvX2okTKXy_RvY=!r?`|Awq4jI1aeeHRvVite({8zBmC{1P2m@=Knjbc-X!t|rszdee zz`O_r)`dV}blt-ZyeJ%eMJMja$7d@OcBjSpeK=9GEO_-+?tQS>>EqI^Gm16@$==zQ z^J^xmZFF^KF15zHTL=*f6u<~tUv!$Uc?KT62K|`~e#FF8jTyIutDtXsodN|Wd)C!u zh;$k}Oqz3<0(~b!bBPA$wEhWTS5NOH8o&sy*T1KzoCG8?qk7N*@fT4 zSrFNWzPpex+JTXo_9-?n$nDB@AwgA0-h#(Qpej#WB9$uHNgOI#KHa_wBVDLE(oH9# zublI=+C#A#f<15vF93Gn2|lcq%2}{keT4Zs_hL%b-cqMQeJc73Hwg3)@rZb0u+mpY znPqoi#Fjg@l84%)xQFJ6{vc!vzA7oD{?S*(Yp^^z#<8$d8C^05S|D zy&Ggt7C*S%vbuR0BQ#raS88s> zCf_62pw|Av29IfRd8n|Sz#&XD5E+U5YFdcpcr^kX>|IwKVd+-o#)L z;vU;`Lj-C^>@6+!C@<*D{3mh$e29B~&5s%+c@L^r2Ey*skzCBbFOyL-VB3?0z zY4eQ?4WF65?WQD|&{|pU`3{@?PK9Tg1aD5vt>?V)iCZvGZs|Jd%u(oYVoqM3OPO7^ zKz#z1n1XxYWJYHRNX78ym*+G)p6KMwEULFf+x)=9I6>ibX{33-xhrgLTz9z7OM3^@ zR&l-zVd6jXUH{lRnDFhq<1?}VhwbgfGz|$ZebEv}!4-4si2eCnE{1|5&jFrhDh?}@ zIf2W@kGQUVAD#*2*p<{#+f&f%lu_1*H~#M2Gcj>@dz>aCTB~xIjvSm8VUV~p}FMHvIuBvINGpLP>fk^e>ggk_;4jzWmzEq`bn+Q zg3(}`!u7MN31q+18~ycl4|Hw=6rq} zv{+(^CP^;n@nNk{%xYybS<&h+K0banom0Fb(MU*1CHjR{GQo-(p(qf31|&AP%HxyF zv%YdC`jWx-Sqaj{A!RO)7E7wmK)=1P(D3bCqLJ?gAslk!|G5=4DR@O?b?EEsYYCJ} zOQl8MEdvp^FIw;rk@o=%#PJVM+l~ulWa8Oh@>4C1I+dk27Mjn1>SOs55bC zX$n1zl$3#OsK7xgrT=vu>}KT8fX6?h2Y^c7!&iY#?)A^^4)ZsVdgsXghQ|i;hgxh0 zvTQkb*th&S*A!o6?!6ce5a%jl_4(Si$~45Vq$k(#ox{WAZ$NsO$khwQ8iyk{1O!}F z+2UW&4R?~1Q?E<(YMV_5;Jl8NM1d54>N{kw1LJR;aY8+$MZUp*&(?E3JpWd1_S2Si zUm-n~t>r2*me*!hg02cH7Wb{Zb)lcPPGu@SzVu|G9vP&a+1aGuYXg1g1^#a zsCryA5vmZMs-NLK=kdeL6U0au{o&evRc`Rh#<{*ZmqJNvccB#^2j9QwPw;y0Xi(96 zsbdAoKUmYsSxV~8&-s*i&~!Sf1%=+qWsXlZVh-9SgR(I)JrBwv#}L)JC(5&r`W71`i4S6Wd?COEnetPZ;<*?s};&Vt5*yUV?rv z#=-1aHo4KY09W&v{&VYJf{_>M`pgOpYN{c|Oh=K?%UbH|v;-m+vvQ^luKXJfZ7=>s zn4f71Sa|y0&PXm2DK33pow{8#c;*|Ee?5C{gJ29i2P>Bg-_E9;B%PH0#X^A~T2Q^% zZEp1gzWB&>6oxCB!8O?`O)hx&(~G4;@;99eG~uV*=ws!Cc?AXo7P__XZ2T4C&j+r1 z+h~Uw-qTjGJ!X;0>PLYH9d`kJiuBeXH@kR<2nf3WfPbx)g8y8@6s~4)o@bXv4hcP5nrG-+Fip^m_t<8|9X5qxDFEJ>-!I07G|1;gi&QpZek`NTD zESr<>TFqQn%ny+vaP#kdMnjw9byy-NGh=G7oO-RYz@!}Wqc%-ol7>cyyP$B2AhTERQ)L-iGRS(t*sRdD&Yh8txF{?a` zwI~8^;QeXM-}Qw7wbHSj(W$~#=iHj0Ruvh5=~?0G^4QIo)rV(Y|SI}mjxEQ z&zzsiYL=o9OM7!sXtwpXs|BUJ059iT0$>_3Yt1&h?|lz&YwOh5RRP@e`h zsk5i)Obu!G`9UPG#HnFz4H4Acr_tFe$t3pugGo2E_Ncqb2{OE6lN_~Wt3(ERuYIIy zmlPt88*6K@OL#3$8Xsb*`n1fc&Onm>X=6CmAw-~yW(-^&8lqyw&x5~IL%Km7L zcUeUJC2me870P1p5DrSE%^Y&&@pqAnPReiVP5XJp0~=pwPC zr8S+BaTj;@;r?V(vFAQiwPjz|Z^cp7u73eTzpDEF>7^db4QiwO<2Cu5A zwVSx6?fTTNhQd7;a*c_H;jHs_=$(Ghoqvg-(QoKi^kR3c)f^c3-hQ6Z=smePIo6jc7bhsV3&-h zc!okwiP!8_6c;id8%F}EI)JI;<*CEVS&J6LHYXkmEFqZo6ORTetc+2b_vlsvBh5dP zn4iIQ_NnT@+El(g@0UeMh>m#j{ueSfvb03$Ru+NyqfD(#CX{f@Y8t%x;@7Q{l=r3J zBL1ew21`uDR z;^RNs7%TiKB`f9j`}i{ZRGG>^V^dHBfL&{K+vLqqK+z)O`h0W1FG9}IH6oXlpe~q$;mmDSP+G@nn7}Jtt zvh2|vvEyJWjTrBNRIC_x@`RjgnSj56-^yQ+g?jbBdY3J>DM4B*u5{mtRP9VjR<#Zd zVMdm7f9$)#%n^#edA;w!<%^|}Baqn55<&jB_{uy&UwC-TD*OmJ&#`+d(8&jbMd1%Y zNxM9_>cuZ$a%xXaPRR}Qr)rVr4Yco1T-_{;NyzCzRhdbtJXQmFa%!pqsT|+s z$62R9_97|*rmk53A(0??WbRU;g&rm|RiKwS)c%hLrpmc~4X<(N7zA%9*JTt={vl8|oZ@4XdjH9YUzPKduvK9- z_Im7u8F9cf;E{IE-0I2F#O`5>qG~m@wiEWZ&CSUn73JC13of4$CD+T_dsQM6*w!R4 z%;XrzGYV|M39Ak6Giv7-@*e{BQ;cxSKRyvNecbmYMdv&j}tmsqlh~^?r`*c8EBo z0!s-jc1Mv(or#?Ob*fo89%^06U|qTMvfPeCzipz`Dnhtx>e()YLBPM&0=Q>K(jXF? z5yuI}8at@1W3F4$I!lc%DVL#`Q9;@eg=oue$6{x|yW$5_GDdD+tm7UhwW?`7a}p~p zIeR?&{>4uE#Iopp18jQ5D6sp4>;0)El%n+UaH^)}byo;@`mC8t9OX@39NnU&w47R9O)=Fx8$fBI3U?h;rsFdUM#!)Y6%J?>H zwAv=Pcq>DfF;$mevty{3AN$@+T{ei7xn(UJZ!!v)fnxfLn?ULMT2roJaseFAx$A{` zZ^~FaJ6#>J3lsswfb|*DEm#a}3_e5b(=f80S;d?BuNrba0UoOR3)ae3{O#}f2Yefe zb6<4z8_zZAznv)Xr6kHlwQkpR18O%7CxXLYfBapi0jLXFSEk8#3K_lF{Oh98h->?_ z^K{wbzarKjc;*`TsQF7(p_O5Caw zww223UqvaDHwF`l?g!6KFW#T~xXyndzcO%`#^!`Efc0EL#Kyfu32r>`f{q{I* zdMV(kTWORP_NE`Z4R>fONWg{U)W9ah(6@A0b}_lT>E^4iiC+g(0$Ilgv1iW+)r+vx zHdek}og*tw(O8zQyqkqw{mdVs6!FS2%KELt9h_+)>t>3HxG3+Rvo#-%e$m_@s{BNa zTZ4O7fb5?yLRkU6pu_>42nBtXlvX*i4-^*^f`Z=pm~@Y{tUpJ4w(qTkjRvmBIFAR5 zzLC#odk-5gmzm{He!$=c8|pjT@1UN#!(8br6c&Y*{Q-jRw-?H04B{pONJ}Fu7M4UW z{HMobRO;kv*w+Szd`I%Dm?dVDjTdGkHy~meKEA=zJLvn5D}TO7%ahe7T;@?1Lb>G3 z;E%Bn{nWA4Wl>Xq1p2%`aQ-z{Avo~~6=x56Dgk^iwX==MQ*5guRk7m&f+z;Pv$zpn zK-TGBPtHINw$SBi$npC(Ne}ZX9-U%EC4J)UjYdDk3h!IpfAj9Z`SLup$NWVF<|elT&pXS^nIY>(CcnNU4G%z# zOZHCHsvOjMi~6eh(M-f{{h!wE3MjvF_Nt6$uez&z8>|uhxk(IcvO0e!D1YymH6|*^ zWh)I)uvxOSzvalfREciGgp@ONY?8~QoajLOOT@YQih?KarpO{^;;K(dGZdz;GEPaq zJ^OIox~Q^)`T{0P*kI05t_P3v1RcqV?~$eD4#te6uS>Rt)oC1=nS{u@;dOnIcX9NR zEw||>1ZoGCFtP0+-*Qw}9IRP@GH$Wv&EFUPaeja)Iz%KgNaHy%oCiLUUC(r{RPucv zdnsfeXGGYVO!bNCLX1*Y=B2x$x7hCguzCZABgc7I+X z!YAT2iDOU8a{^PUf7IVslq%*M|M*)9-LqwsCeCLI3&o;$k`PYFWk@>%vZ@+#g)%*0T$AV(eDGEy49Q`~=A+ErO3)DbTx+uSU+vES0 z%uKBIQ`HT|2?cpH9FG!@OPt!G(H=N-w{+sxO$^4skABMwm0g29Tp&0u_ulZ!Op02{ z9D6&X_Qp)v%g0^cKJF}Kl!sD_;a4tH<$3$*`cOIWCJM7yDJI$DFEE@*SLh|$eUPo~ z#9H}a-_A!R>B4IHe;T<5n$Y0FTiSO!@o!SHv6YxG%is?NJ>uY`6%>tL#7FHa$)2)t z9&Ppt+`fBf>9voQkF6V{az;2TFG27(BDfm!PIqI)6B&-aYq_#zE{+Nt^d3V;y>mH7O$c`~+qX z<70!<^-7;^Aj{W>Xyv2&;b)&axpSqHAVQas#3YcJn|};ULt@?q5_0i@^sZ9gvFxBE z_eS}{nSq{iySK|}_2eIK84vpo&z_C{zG5xvsWx6nEQWE$X&Tj|X5Ok|&ZbzshLjgc zw}c%}v>Tljw~`%8imo54L5c|e2_&~(3#hrV?`(dAX`NMhBj2>swoXP`D=ajBE6v z#!KUcv@YYb%=%q5w^zBxQ(jE0LP5N?pq32W+CQOcRir3Ez}nhcZEfud^KJq&vO7We zaQ|!bg}TGm-pc8CvE6;=^w0XFuhSEDLj^equCr5DP44o8Ux1_nkm|G4IV z?;)2UAU;0+_wP~ye2fwLnBJ(ay%}Fq9E+-St;WdKCXOs)k87qTcZ?t;*wYEdk5xJ%#qUM)C2~ zWkyys^T;E=*_1BxN{$loFtmOx(xP6&B6e)suU(qHP+pl@J%2draGtdu%hn~idl=+g zJ#>)#f0q4O%Fib~?xD|MX5kd8451x2dS~?~APp>su6#!A-`+?1RBxnaS_J|rA>TUf zT|7M0-*dEYiS3>0h@zZFi|y?9Up$@In9I3@Fjz(KRjy}jK-U)3q|TFV^gp@Pj7q^p z%DK6tu$4*8yBA+1q8?}qS3o#mP%Q1z|c;h|f7|S@fN6Bd9L_pNr zAn`9jQm6PMNFP2h8$G)s41(~@O01XXxCOu3`P4qi zKl$WDHan>2?c{3V9#)|v=M8J1z;aF34vB0W5>KytsBYsh?+r`sjr69kc(ECGH*nIi zgsh+^wsf|2rtZyds51KCx=s0)(FWU7kDTE*rl};@yc(MMvB2C>7(w}0gTkP+$EPt4 zJ3(qHE9l;wsLm5X;k=wyZ8gJ0vn(-9$Fo<4ItQqTbk;&;rCtPLyWgfy7^h?8sz88G zRMq!yLlu9W?UtyIt>t!gCSTFb!PSD%W)XdT0T#2y@F>_x7uk!XjbGO7J4d6Oib>iJ z_o8v9gtivxU0?<VFx2}#=S1a?EmgO64u14mJik-a_7G|Tu?rOs-iTJBA&V?5cD*O2=lT>m>m^%WHmQLFMf^MI+4 z_uPb+9ZX-g6z{|N?MS7!OF#|ArRN**wnRm9?)0!Yac1@Yq;>clgdD_(r8@TQFW1GeyNoJlk`pe)2 z5~Eli7dXkP&-P$;kOLTk>T*!_|B ziU>xge!}LA_JlU)bSjktDExQ;3Iq12$3t>wb$xTmtJiMNH`9V}k5F3AsCM^N7*G9$ z_kIqM=NRj)e<3!m*6-l=&DOs446W0flUdfSl_E#730EbO zdbsVjOxH89+t+#Qm6}9otYdWSAh0l$dFAKkGTlo?a70)Bfs6iJog1#1JZoRe1MNq? zjj7(c@R?V_8Ru6x4X0^I$n+7;Lw7+>_l>Zph&mAoouW4>v2B`Ewl`pv=C&J1yj%%) z^Cie)+_m#~Z*3OwY>QL!!(OKl!$$8`66gaQ9(?3c2)Y3O&#&H~5HU|d^e;oHMwTA` zRJ^B`VW_{4Y7}k;M=hDc>TH20-9ZjJ*gSZ>d}LS8I4b1QjYgZ3OIAMord*;C*rh(T zIpE&%vyu|g$WB9bo2 zbGEYR`7M$Nf9!5nrHnTJ-cZkJna^xH0=v@)B@qm)DBllW;KjpPs zocc)-)h2Y_V)QR8t057TYrD0QiWPOA5Vkt{n}-&gG^!Rp%>rjZ6vT=)GE-Y#rZ&87~2Mdr$Ier zWYX=!M* zAnp0>M=5{o2D@737!NEY4tRL;!4LHe7@nz0cCiYbAM}4V4o`lXYaK?VA10=SQQjMx zIYSY+EU_5==ssul9n1ujXquYCI}J3z=%i1??{;Z6*G!3G(upNjJSuTeti)Tj8cv(2 zNK!e&BDaI}x%`*zHf=$~$LP7-!lwF@IS?LsZ7QT18r}E#DGCl~Kul}cTf(828HRAd zWx~G9Mbe!g#CvceRWVGJYbS`%OT0s`sdm1$0*#E&O)bvL(KIrAn_RW_&RBjfYHyR~ zDRm~5@@FLZl=o_j^62I}9o2&DT!6zpdYAp37jO%y!7>O*%FD~YKBq&Ad-8TtY7>dO zB8ev%CH7PICW!60Zw{&6G>$4+iOgoaGE(hMk#C1Ahz$s)-Yw6K<~e(#J~D3G9h%$& z<%5^Qwwb?3a=ZZbz4ImV4<|cLzcLVn63pC4V!^27$5?j@v8#iq4Vi1*O~*lQ!~u>m z!Y6<4h0bASP{HLX?{=tOH)%o%u6&qFqKFHqJf!zFsBc|7Jj&H7yu9LeoQL-`{{GPr zx>^i{WPa=aSxEKTSG-(CF8qKL-pH%J5U;*9P!#ggs`;ArLB3w!P3EStg`>J1QzFwe5?z=Mfjwfxn)ff2N7IV~8Sq znk?>2b3JAZSLl*6|MY2Rb)E3zF?Dcm(fZVEH~KZ7B~f@*sCg&SAO3*h=J=ic$)3Wm zGV~bIn6vVd9<5V+wUvDD__%_{P5akMk~AmZ2_&-q&PNc;X!XLfL|jv3uv^^W10TMT zMJc1ND8e1*FRE6Lx$3C|g^s?s1Lr=!pc!k>-}@NEAx(WB`WVUFGi`DwhD_xh;ra5Z zr&JC}x@A@!8AXk-x&epL2*$Z9w_=6Y6V{Q7dbsam?t3*KFJ9x9tgD=&X7&EFSiRt+OaZ;+mWuSiJ1dWyPrj`5@!io$ z%<0gkT{t$&TV;lu^=%hC!PG?1q+xT~DZj&5t`d?6eUYx&OXF%NIR|!pbA|7zy{eBF zu^-K{5A5m?r%Zonn^a=jDyr00KU%s!Fl*Gq#k0gYeS`ML>-LB--BM!8zH#^cC016} z(#nL?JC$A!Vl|x{ml8^+ttacdjOdOR9_#M`c?AO=sOLy!I7oarmvT0g^+t|_9z$7X|CDEsF!KrSazrgY!vxpBPx2csS9Xl1rwG|`8)qR~Cm zW_kWsB$Om!3WUy=h7&c2m6RfBPSHIfU73b`;V_J85v*FCmh-)b59@WJ{ZK#ZMLFk) zc$OlOdc7`6{fIw%zVb&&Z$08vW8>xB9$MX9Ad)Q;mH{!5MRaH=i6^>7b@~c=Ba#t% zirS0f^up5siuvIa#qri;+jIh@ex1nc6;Tulb>NX`e^{|9Yi0Kp=8RhF(!>@zTkP|n z=Sajq?y0ebzy{ik(5xPuWq$bObDjR8p&wtEz6Z!;*IjoND#k&Un*r!15%xmRJ-PVJ zFV5LYVYQtKPkiKvBRD}q<@xcdH9Y){Ce1{nBqp4lHvN(wB#c01KZWDT0!*UMM+TQ{a2!RVbYQnF&-nO@_9H!Cy^7?sG%Mh&a77}+> zZ_pZsc{Nl5t4Eo;Jb!)-Hl+XL$&(QpqlKlVy>0W(RptQzx1AGlgP zBYlUShewOb)hs>zQWb?~C1c5GRNp ztxF_y6Ogrc&T;pLb1$a@tg|T;AUA;NmKbnjF8xm2Z}DXX;R)~PLxFcQoXvq(bSmw= zjg6U(B;coPO*=uh}XI)fj$Foawe@@@hT7dF}#``~@LpOq`MZs;LD(hZ-Aq$XP${T@D1l5XT3Y zckhB!vTPBLu!{-|PQ^N8CFhwG@B>se))vXzuZjC>rtM2x#@U*Ys3=oh#1EhY+`C{t z=E`>}wve-Twm)m?1C=|-D5I6VadNshVQ}3tx83Z4OcWjI;^N|f#Rr&}djvvA*lk5^ zB@-5aK<@92^+bCg90262JN791;N``(^FS(`lYmG-`Jy3L+sNV2eVsXkPb~`-(#z&e)imu=} zqx_?t<^y|IVm~Ii3H}Uic&PqZXK~^j=F8GjR#sj@Z5W`*H%91|)1CKzkB*J${#Su6 z(o*d;J2J4@l0sdNyEnc3*M5GYm~RbRcF6nTB#*P+MyAzpFD)*Tk*uf}z3F$DK7dgS zE^Th9{$%{LJaF^Mxz`0|zlh&&dQ6Q|(nD8@tw!8G8Z~`HN*-{$ag8BY%doBIV7^i~ z4J#q?8zE~-K$M<-yuW_+dQ@)x5Kj^v{TP#5_EJWOG$!Z6DFM;F7qP3`l97re?WAXC z3VDys8K1|(-aM3DU~eb&Jlg0}7goZzCmeg$IJ(So|03mDx#eQKBFyv2sa->j^_tLr zj*T@KZx{w=41v(R)r9X19jwk0z^VY!6Tz*nihX2_4SC|_510;)LWKxMl&S4TYt1^x zoY%`#y+*3+y8?Lw4fF-9cRe>HJQk;lir57N1iW;c|J+$8KG9kwcUGc%;1<0ku7z6Y zS~xE?TS(l}vZU5#|Dn06U5F8N?=LCoI#kM%^wp){OvO)a3V{WbNXtjp*?Os4gN`3e z#`lFYA|CQ*1y?thHImM+@4W|AlRU8?d|e({`@`L-@@$?bK=6pr!*-KLpg8duLE>g0 z%)pi>4+mS~S;~`Q@))m}hkuUiQ%wvn_e^mmv@`BaA$SC0^>i3izS3^70NC zPyG%&eTDw8TUbf}x&IauBZ=$rB>#Px?Ky1kDqtEd&vnPIc%?IL&7oupGF* zQiCl65*R|fzrw^S=~^e0Vhp^9`%qkz0?u@mZKSUWKY$O(5qXH*)RK00cGu{75d22e zxfb4})_1b5ga@j)^XD`ptLob*oakOD4Ov3wH`_Q5<3kH0ACbAWp!s?gI{IXO9&UVW}_CCNPQ%`bl?uJ@Tw@C)XYPN>&I0h9s)C-xc{OYOA(zKh9LpYIr&c-p2JYRn5NDgeF zV|K_PT^g?9g#eG*?R)p`4IsYnO?Bp{wmNsB%*u=hzJ;n2dq1#$>Eu*W1;`m*^yleJ z7xB?>aBy5#DGf9By(ZVUpw^)6FI)E=99Fs+%RKunSb^2lWv^|5EckgM$2 z7Hn#Jt@RRZr>yLI4?<#MMiH;7l#~>}ZUVL4m|>E&=#D>B*w$L|*;D8sXH-yKyY?V$ z^BYpn*=KHBJ@eVG9>m?r-s07NUl4Euihp`eMzrF?!^N#%u1R9Q?$k^_7Zz8$El@6i zKH8?+(}Z0s6qi^G4MIXs=e{~jkD)Yh>;y2nJtwquq1fS(lB&;XE7a#E%IRPsN$EXK zyuRmss-fq?nGg(iUxJ^R`F&x_=>Pv$UqpZR@;TZ0fZK;^f19b6@?&Rb{}ehYgi9zg z#+y79d%Hcua~!gH*85G!D}zW(q#iuiV(5N*XH*pZ&h}7Rtp`=w|Vwl=BUij74c(C*Q&)YG?KdQH)GHf6C$tw} zCnmVpdOkE14NmosMBP?%{L@f8;k%ci8uNlc&v|$n#%t;?<;QsOzv$pdA86!Vvo&x3 zY{a3Oj*O1lWeOt^cl$A(v2lft=j1;?I>b>8TkHP9<(1ATv*O+lfvapg1b7gZ|7KdzQhw0IvrpE3ih6pWP=e!vYeZ$e=ya+~BYH#PVS8}%4_3^i` zaku0|c6yK`f~UT6s@xu=YVop5_YR|Gn^Ad7|LX_7Ut>ElsI4T+RpLEj3lq1@%U_I4 zARB}G@2$zYFG|9AL^RdDT4ilqkK#_h;Bqd#4PFSTJ@(_%c4dRh7eP$W){j94Py5QQQJkS`ed1EerA$H+WT6o+2S-OwPfvGu_pe`%d@v`)rfo0O z)gv`Nefp#r#vq<@x>-3541$*$6%7py9bJuTx$E{60r8c)cklN4XR5-wJ32bLy12od zHamNEUfu#Dc-TT&GdkX5c-rVQd78*Tou~4XOGbd9fyn1JqyZGwrTChl{kH&(&6QYtL-;%3PRAmRRDHmx}gd;WyUP$tPz)>uaxMOrF1apq!#yYiQtk=+V^@k#k@Z z^+c1DE>ahElMWo2cptgL`k{g#;9&PrcuTNtC{n>oV#1rR*1uC7{ie{To3 z0OF?~Zek%QwXU~5B z{>{b3wa`fbnHb?wluN^$ZQl`qKea&?IL<2wmY^n-C;W0t?Pquy#EF;hrOy$bat4vpzOh zxL0%Z+kNE$yZWmrw5nut?Z=MD%n3~F6Fol}Y3asn^~|}sxeEKqjs)9KGCIMZKYywr z5|fgAPantt+CL<6%JM=OiT)Vte{O*a+(Jginv9Fi!jix1`?m}p`XrR!s<&rr zEs_ewzP2vAl6FcZPm+ow;wpVz`*VOaZ;ces@60x{swVwzZ%^K4tal97eE$3^3=N~iT&{(dX@H}VPTT4TelcKN&)qM z`0ydPj-OH2){%u^&igjm+zCV~I2pIwHt4xMq;RQ1<(Z{D$b`&)8?l`&=Up4>*lroG z4#OGv+K*zn>a8J;;Dt9x*G1fux0iwYpSa34sQL2c-E@8W{U3{URALNlCoZ0cue|VK zmzQ#KbKkyw8yOLilA5YhA_X)t3UmO(#I#x9Lw00FVO}Yr*RwXh$M#Nqi;6*@rY^2Z zT7>2z5GPYO_qRh;0&OQbcnwkiL+b3{Y8o0x>qngL0~gQGKZ40m9$Vo@0d|g7alyR{ zKkfO7p*Wu;&XspHuGNdO-+6MTftO{Gqh3RN&GWc~h4Z~V z?c!(TSy?W24%>gj>J6`0A3j4$9>$?ZVmG~pATv)5Y1qn)N>6!PKTJQDjK1Cxbkn#M znSY0P7YW&F9w0oupjjWJs{Dy;;ypI5ve%Z2C;T3V|Z>a*A;~*s!74I3Uf1h{xq%2Z~(C}E&$*flt2^D=| z%4Qy1#fVRo$;rX-R9TsdJZYlBZu}Dk>*rwcqk9)1MH~*N@9e%g9xNr0M)NKY)OG{} z3-?2R#cLl+Adg+~Y`T|Xb^uRv%o`o}&M9-Ipm@Qsy>+VWw$B+oztLL6!qTq};i^-7Jw|7auUq==9>XGTOT%aG08f>v zk~ju@XE4=pp%Eh^V;G$fh)3S|oH*LWhdUt+%eSry4_I%VYD)ZB@^U8$oo0%zrdexuXX9i2}BudTiLGwoT z8k~Gsh`QeDVccNqHA5`-v53pL-U>zRx*a}~F?;LVPUbe<28A&@kNZ4$#hJW(d8z-@v#+s#}~MdJ_2VzVhwAeTty2UNx z=mWK>5cFxm=MT70x;zy;heK_Q;XUPAiM?-@OXA5!Uhyh$us(_#c7ghRr zb7V6dpJ;RSay(ZHd#m5Is^h~2}pJ)YE4m&QF@hI?AV&5_HL3R7CrFuh8KhFPHf@8d_yrL|mXExUVYqH5bvix;K%YONwMFTN& zy0|=iM#Q5I3-~9*UiPj=L`19veN`oZI2L!**8bG92m7~}c6+b7&k%D+WSZe~xCVFi zBqB>)qrSh=w`>@Jl^s3+Hd+g2kGH{WNGIk6fI?1AP82o7cfV@>asU<^#;(P=VZV5C zkK8=JDqqU4Rlqx5x8vr9GZqudqIRE7E0!AhJGBHcwpgvl5iOY!@~k!?F&{oTh;1JK zKIWs>l8k#%@Z%%yJ&Rfuw}iHLwrH0Vd_E|1tQSYH%EP zyhQ2V$)~Z1)`^jJaXshbs`UeDg>e;0fT@1Pa>qPov9 zezXDI3rOmR{?IoFb6xepP-62hI7+xq$|lb<3txhMg2o_9QvipQJ9UHGT{X4tcaPqI z39@>dca=q@m)8U}eh|)As8d8K-T&QsjjimZ;KKlq0m8o%r!Rmk^a(pk{FKsLyk_Zh z61hOfP!G$}NtuJbfuz&7!gPs?lwyk$Ki{v~i zuNR1iNlqJ_^2X$@?=BlXkw|K-gh0Nx8TiQ*3U-rIe#@o8GB6vB!z&iQ80|GkAU7g{ zBwzbH;RRf;Z2LH-w=N0a-LOA{s+9$LxT4qX`v^%8ohV)JY)hI-iWspnO7O5lx8@;u zUKW=oe8JD3UimVmwbD~-l7c-UWi|IZ`L@WdRt;riCL<+pKxhIYjUnJw?l3d!fMSE>ZyQT0Q|NHX&LrsDiG*MXk<5ESXiUhU#>Z&0Sy<5A9- z`Ss({<$sKV8x0`|gT?(D*RNmK&M0~_-&$5y79W2TEFa$f0;KQ>EIZE&%T0~+YiK;5 z;1->n#rx6~bv;Ni^pJ*mu$>Uw^l6(@Qaen3;Gvy)?JpL#%Em(N$>_T5fmo?VAs9TT*bZrETt~DRbp?rbJ2vKcF@1Y0C1v{=r;* zyili0@P)Ve0@Bq6KVV#?D_yz8lvyteNV(vY`N*7QywrKF2M|?1DLg-a^y2bzTWf2H zw()XzBB+wj04lEdnZdU`Rs$b$a#bGrb(iuO)IW6EqcJ$GTTI#8#I}0V8<`HZLm{EP zg@gmKq1U_3b z<*t~(^76I$-X+5V%;{muoC(cPgaIoQ*XpFH*#9<4TJ{0ME@b8o5NCkE{`&WVi8Zve zGSk!TMv9~}2R6sbIVB}ws-Ob&al&e#%t~hUxuV0c=lfulZnS~#m!ZZ3mPvhD$Ql5o zK=*-f$lo$~krIgBcf-Q4PoIo4IlhZHe-6WkJYs=PiP^=!8YvG}^*zNzKfjG1kpILD zd&Sr0Tmt{3$bTQ3%v&`BgT&a_Uk?KSz8&@L+s-8j#AP*x7nyNM3t6y8(ST>cLlrD# zEI;86o+>T?M-8W)m9zrQLazW)Nl4PwHd<;SWIvHLuDLQ6P~_GUYNfU1wmoa|ri=oft_eMV^gy1%Y=l|DETY%V#pGv!g?|#wA}R zbG*jY0r+1=B44`x)nyn>CM#v0cB5i)G5!*Rxu48<-}uSZ|8)_X1OXL^hK4)yd!c=z zy4rQO9%-LTKHA%J0w*gJl43V57w-uEn}hL^ zz>9x15pT++cJj8@LxS*+h@Fpap7-IOe?B3h=FPkU_`LJF=4szjD#Vc>i-$)AjYP=7 z9i1mdz~{~T$L7K3y=Qd)&*!&Okn7CM%+71`cgZdgfFp_K5xpyyc8Nv;8yhAQ`AKSa zsWQ9|axPW>0ede})_!Sx_3`uP{?&H?#{p@>Tq>m3$-tmeCG8Tcw|DOD`)#p1Y7OA= zmV!Wl6aROu4lfN2>j6@im{U{~9)>Ta^fE5Sb*@iQ9`0z@NiEU%V1KELPSU4#F;vSo z6bZgJ=MAZ@JkG!F>}b491v@2ov*-8kjiFqmItu_U&E_v}lEQWd)uYE1IA;fvJU$O+ zp9w{>)X|E4B_gT3GS#4{Y$;wQxLSHkPU(r>9l;l47yP_$B?Or-r7l^P+g=d4`R>_C zmhi6h7@6bi#s9TdUJX6H8naI7Xm(0U%AMyB%Qq!~WE561E|zSJ&NrOH-d`Zot$xQ2 zEi@6Y7~B>47;QJ65fenMvLi6|<_L>4HuGxH>?j zpwglv6h5v9>O?*fzi({En%sIgA0}xC7Eeb5SWk@ObuiiAo%=4^G^J-Ct(le8t&)s< zQ1W!{y(CsDr|*W3b$QqnM&>r=Z)|=XQXRa~Z*z?eY z=joOnx5~YFQ`8c_ZYYq2zjQHrppV*!K3_ z03?%J26Qy*qL1#Vv5f)CY|6p$|N}L^O0S z)lriPD_{3!&;Jfykr?sM^By{?wCysXBNS8xkU@SZx5^6h$WpOtTDsh0Cga?DwtQt9 z&^vUQhrv>_UuF|VE`O*9G9Tz(y{-EpI-O>Yt@sW18?O^jD(}yae1AGIRETc)-hcP= zA~ZFnrTlq-cG?u!zFb;-;4gz(UF6^fZ#136;csD)|JvdrS;)z zNGP^p6tv4hlhQ%l%Gc)R<|QP6VFj>xN3EDdvftpAGlM|n0b=k;KdCh`JC2gRaPaiA zedGv$i`ToSt`EDFO8Y5O<#W|t-M1+=v*Pf+8Z5R#WXBXb;D4ZFE9j@$H0&V!iFzY_ zs_LuewduG!&Ed$rO$+)$?Px)%yYwHX`ZfDV zD;O?yIh1p=nn)itIpvn=DV2VbN*-!Ml+Y52qBVGROOLW1mLVzx^~RW2XDB)eQoO|T z%=rBu;U5;{RrH`S$9yujWm}O{6^YVdPoM}6^@We9pBhR;T_+0YklzFrHG4~Oh zY*Gy^)8TX*iwp*hytvQ-+YXbpyDks$JvsXXH_IO7%KlGIS$y4o>CNGrAkKElf zS5hDKD9cR&N}Rm8vT3X4Xabkg%k{R2DpQ|>kc=6m=9fHs@v-ds(U{YO)8Ct@yZl3= z4QKbvEt@6RH;f;+Gu8HABDipQk=~CtAJp%%)-;8(aB>Elk^K1a1B4;9PZwK)*uKqso9pN0Sf7*`6dVcIJk%-WHXp7il*?1Bxvji8luKjt!|Hp!pCwuYZTG_^ zrvf=t&$99UWQ^M$E=AYM8fy=4V9hF{W6`$fYd-o~T)KGV`nfkAG+;|Me29)Z`dVkE z-eUfkQI2=y@|}97v7Y_{xyw)I$Giz0GwJx%etil4+_PASHxZP138B889>1^LaURxo zAg8$_Qv6zn5H-i#wVFS*NYr2ytSUv%X3u*dz#bI4tKK+gvU;5fFdpg-URUSj6hI}( z(={_}J!Z)l@9tJRS+)=z1yzBMqWA$#C&JkJ#%eC?a9~qexv?}a8WnNHfI#NX+&+qs z=GT{-vqFH;TWahx-t6ugr{d3^mxAG|gBIE&V`VZDEm0(_rEYm!M32NdazExkdR-oe7aHQ-EO}ID@~R0 zq64{O;bMYjECa=G8}GYd(nxY19~D(X5<|Ja#@-2_7B6mRUSg-?SaiP$l2*mEw8RJ} zKLxD>3!@X4zA(@W4S?gr?Ck8(I?qZFD}s<2R2)EHWX|h3$o9sgDSfmQmE~%ZIjU#) zzBliqRHK8;<@1==(HX9GLz3^dn`|vlRg#qScvixL*KIyD6XoxnWTble4dRo?bLRnf zz(^ea?1RBUMv~(pmr0%KSL!dq>jWRU*(tO}7u}9GieuG_bIB^>cbDJs1;h1;7-B-g z%dt1=SW_&*KE8IorqTNOHloPeJoEPB@wj4-*zITPw~|!{lu6g*=mwK*c3g``^R&|P z<7pGFrTdhXk#j#g$x@UnaYtH+s{IPPvPoGhBI|DT*Wi8fP32xq)G1M+3g=5#CYKDv zNI?I>MVy53gN>qv*1%)X+LyUS&V8Md-P?A)TFu2x0QVtls1nM7FIGKSt{4i@WQX^?=;%9 z@M{X+4%<239+HS8pqLM%d`#nbTkVz8fC*r`aNZ@2y_G1f9Miw4GGPbHs1aT(-UpcS0$g$qVHxP6)Q~?z&vl=)r ziC=~AOP;4*0~DZ=yz|_#SW!WtRLXd6Z2mm0Y}W9TG1jj_JgS`DmGbLjRV+%N(I&g{ zk=d_FXY&4l7}-V2K?>q;x9$q3SoD${;$Pr%wqRQ^Z4x0Ix_70*!v}PD-`0!sS0DHz zAsIbJY%O@og+~US8puIV{;>QA(zn%j)u3-;=NQt9Nh^2g>HjcKF8MpC;SkI3C{9XA zz13u;4=Gs8k!sxFMfvM!IgoFUM=8- ze|X&j6I3b7s7OUP(jU-Rn8cVqw#@ZvHkGG~qoZo#wS{Zw=NYb zY`2+25G32&B+C*|>~Sx-pXLyw^76< zWOgv`_rc67{8nG7qFY`IJ!i7cfH_IGgb*0!o3TzeGxH9ti|tU2kkFH;zLQ9m_WYqC3rq{#w4i!@Q&K!ZtMD<3PMZT2}ZWpD^t7sM*6O3 z84VvyQ#fRi{Zm>b&eK@rjRU@{52i!yFfO>h-T)&@-MW9tJS_CGIs@I4+^Or-X?Z^j z*Jp}W<{uaXPVV#ot6bTrwihlJudyovHi`i&!iW2Sjp1P7GyF>9b6ezP+6R226g=K% zhF3^JU%bC?k6!y`>F}v3^ZtCyXVAF1ec#}f@uJrU%t+iC0eg*HY~nM#uJ25hr*7M0 zFJsa`bGLskV3Ke-+U6C&*k}D(q4y$%+;Rk6DF7D$`0(1AHOQ~Jr0q6~gBVP#nzAim zi|=PV5Vs!j;s;W%LK z`5f&ASl)QZOoh;TQR;8!{)*&MJ{f2@Jl8VdQMn{}CJ?G}C8gLj(AswXH|I-}n0ECY z+^k6!-26DJ2bqb@%i~I11059LLt>kln(fb0$(TWQ36cUKuifX=Y-OizoWQBZNW{i-*eQ|p8p@@NC}-2mq# zA`*{%GXu~pVS$zwcGt<4{ttYG^&N_h+=f_dNq`h7k2Zt20+4P0X-KnoOrKe6WL7+; zKkX8yLXUqfUEZZJw+#9G`7`MKSb0}H?Sl>lN#3&l*&+>y1ETIJov>B4Ff*s>z1;=Te4OQ&Y8oy@qX%!u+ zKY{m`+P*BN&hQw?CsFz}wfH{-5Y|5@p$8bpQwLVBQ&6BhA&xX>{pnzB0KEhH#^cZ} zd>5Yx99+SFhgft%kW&Z|ycB~Wch)E7QxmwkC#%O13B@^`IPgL=D^C2E& z;}M|OSIHFhs@i(6aghcxak~o{Lqu|3g(CN>v1Hu6T20auLg+~RS1ySU8A(R2k3KmM z^A7|iB(Pw_%Jw>>>am$Uj}k@JUj6CkF#j4`iFi(YB9AV`zZxd~@SnXhGBHU3-lo#Q z2y_Y6eQaKw_hN{TcHNTUcyOEa`|kAR4Zgmg1ViImjP zjDU1E!_eJbLw*OJ`?;TYt?xh9atXh4&OZC>eeG*s8^Y!4a_&jSLSc(;maErqE)-(I z3OxJ%_c{^$cdHKptxirxCMTPf1=Kz;H~<9y*0(jgMAQIqNDV-~04f_QO3FF_ z?Ex%rVXL-Y&r++q_tSZPAfAxRDn-vNrDL$oh#N3i4AaBQ1#V!{%Z78V zV4Du?Nq2$mie4GR&qv8=y~bF$f^YNd1fIgXZf?}JQjda3cUAer$wp3xt3!%7gkWMo zF?Z0RqO|o*`samZXn2!Ys6hV(Rn)M=-V5C(JWR{Mf~D;4rK7J z(qEM7vve`yW%B=ecS!b1oMTw25Xx4Yb!jI0SXZGlr%AvBY_tuXm3GquW4Y@gC3im| z@^8->n^PMBqzKhK@UV!H4|}7G51Z^y{Sg?AhfXno(J| zJgpB(Mt%DT@rkLQ<3GP~>rh8gxH~la4f1!L>%O+8nG-k<&jDN~3kene6*x2aFP z5Pi6IBgZUrGpbnz-9s%i{GfOA)T1 zE=5ZR%o0gv91xAkl!8)}d_ZZ%b&AsJ`($4A2D=v`3i?HFi~LVr9&*YKvogoOpoMRVYKG%%YSUA zeJ)l+ZKS12^2BhJl)zdUMbzhDm8gNBNPB0?%X*@kLw38QZ+3la=7a1f%Q4Q_Vuk9v z;Lj21ka}@`av9U9tfKd3EppuG)U<%h@As8nvq@SUX}(5st0ks3Q{V*Y(GEL+2>p-J5X5*2(;>*u`D#40|xROFv*D3VU^YU!|mLLiq=|9HpRZ1cy zq4bklSm^Mk7|+}i#0Revw4LtCor2obZ(Wa?M{j+emIVSrU^eBq1ZgWqXn5JDePmw8 zkU;K-vfx*ZZJvsr>|IKh<~q069HB`E-&ccJ0@kIW0-n~$zM%qb?|X^QJFH@Fsx3z zLT&xqvEIq`Ct;5^-i7x*Jk&5r%%6BIJAv(`OQifQA>rr13K&oEXA1j$WYYeg3A6#! zsW8B0Z4MP*(iH;>OplqvP($n%K+N#iL(T?~Ryr7-iZFpLUy0FO#a+Fb!u`9@dyu61 zInXbdFgTwo>=t?u1O)%FE1g$f4aa`T(n9Cm8s<_UW?ti5$>-xui`VXHGkDC`=zNgm zaq?7vM%wzV4}W6NGo!U9H z3o)^H)L&4vL6&F~JSyU;9Q=Y=`4?^9Cbbd$bKQnXg^c(zOAVXxVd~MA9l>cEyZ|Hc z0zVs1Ap4DarQ~MX>3*OghO@bQUQhxa$gvcE-d~XMc0iKzt|%k zao{cH6bQ9$^f%C?TKTI|C1yw)LO^7YnBU!dAIgsRp=ED`ayK&F{Nu6POTiz(u-48W zd~1m~y?GuYYVeQYRVM)84=jTX-hJhzTBx1Qo?u{GqA+MzR1b#0TT^F*F_y9=gfy?r zEjHvvm`!N0pBx$aVEQ2R#` zAzdBieD6A%Y~|@MluiElu%yWx#{$`(m&Sirj;3ePL)W^G~m;3GdRR< z@)~O=Y+v#Au0zI~H2kpU1l?6S+t#HPYyunBBcE^>Z_}i8{CcYTkD}oy_?HkdVOv8U zMY7qYLmMS{IPL9OYeu!!FN7=o&{4OdyByDZE&g;9e-8_l%Ysa13F+Y~htTtX$ji;( zlBr?(z5)#Xd1){o(lQ_A`Q}od=*zne>tVW*^1Q^`k;||Ze%*1+bn9%3tavDPDN*qV z(1|YRdr{bAo_pFiE#a51{WZ9(sGOwVj+Bf(LthAet7GnM^r*<8X0-<2^0*=$4x%hZ z_s1r&xY#tIXRSf@0H|bxSUL`b&;zd*7mNA)*p7m^uVTm|qLDu<1gRGh?I7UL*P~%M zhTToqJH3C0$GM(wovKPk^jw0`H>*&_A)J=iBo0Pph>XR?!o$Jg(A@QF*k9hhd8yJ~ zC5)>)5Z}!KSG^H7!pu#Zre{D_=PI)e@$73$jiG-0WXvW%u*mS_An9)5A|()J0`V{_`{REgtBD@bKX}*1GlXym2cNtuZ=-&h6GWk0IGAUJmPrUo za4mlAQ}f+bTcE&JyKI7oY|X+Rs*Si#wr2?y49HhFeP=_Kz*Z3PDL8n*_g*c)s$tOQ zO1IfZ=x~71SPPKqCc5I|uDsBRI7|kT#c6k_TEGZCGna+2E|bz0bz$BOG8&2&Kc8oy zUg!5stZ6k!M?c&$jHaS>rZMQBpw$avnGkX8PR6nfyND0-*Zp8S-Qx!TBJ2_vhV{O> z;-OkxI^U$;izp8z2fpvjA)(>2ihJc(*i%`}z61%i<3L2uPhup4xOqY<^cMf2q~uoM zvPwendm#9Ez)N9?#?nlhw_m+Sc(g|LO(~J=_N=h-L&Cr(1D2=J>x>?0$ji<*3wSp_ zp3Tz-oJ*w-J^wT7bZz_x*e}R*$nNg0^XeXBp&_z62m&V{6ttrNZN5w&!Doty+EFQz zUx@lrfe2sFQ3n1tmO)b#R{tF>Xxh?weS58!-#v>fMFx+}+JeggWgXySQ9Q)5^jv8? zZDrLKfJ5%T?wQ|w0<(Ml>8YHgkT}CbwpawGSWUppoKWm!8mLQ++Nd!;yF6fYDshCV5$AAI~+SOZ!|NN zlxTUbP!DGZ5T?|w51Zw1$Ab>9OiW*z2&dXEjw_Qtk4A%7_tnAyc>}^X28ie2bO6oY z+S(dq6@0@@s^Y+fDMMN5aYu->V}Mdah7)l$0~zFLAQ~H&CRQX4ATcX1 zSecT!^{wWYMI$!u0hk?kPE|%|VzIw(Xi3fSm3ZwYWh9OCB~3?xxteTV6KKi&oemO3 z33XFbQ;-XSs^1=fdER8F!cuSv0aMbS)Nd{SbmRL|QKQ4c6%ZhecL2btdCbU{*xkm| z*HOt^mJ4}T@}lo{JuT>LW-pASI$ReDI6BB=*1}QCEi@;?w6RN7jn>UeRyr`eaf?Cn zM$(8DDQ1T^0Y&#rO*)#K4~M1e;~{OF=IxWmZ0k z#^U;YaWg4^0`c?yK?a{d0Tf~`+ol@(lwxyf&EoLRiz}3*_kK}pgS!h*JA2OzvViwY z&pdWBK%yHQJhycX{_>W6Wgsr$(v(jusbBDd0q5x!1I=GL$g$jw-zItEEkRHJ3MjP!OSMOyH-o!@9i5r=MPjBs;t>Ee@=m|LiD4Q) zIs7=@aFxp11^tuMzt7^ma|7`FM^>BxBWD4W+;5Kfo@?L`%Am{lUOHs9GP;zT+(`2J z1pE*4KZSb8Z`M#cQ4rBwmG*$g`otbg35tsAe+U57vET0O>xnfK^G6T-nUsG@Z4gLy zYflgO8-0C!XQB|k=iM3d57d5e0g}Zu&zf%sB~)t4o&*G<+dy>Uuln}y5P06%iJ4FR z0=sAI@W<94kHjyc9M>!OHW%BG-;tW8phGizrFs^(Xse-m!AjCr=A}4 z6chp(%ebrmy3rs0=ozz^|N+Ps!7ZwxMWsyo42{bI>N3R7OsTQOW$UiE!dOL zGh7wQ%eKa>d#;J-($zF#j;1X9q;@YaxaqN|j-gXR00_cY481xIzJHEGf(VdafR_s1 z+p6op4iw&;mY&A)B{zPPu)PF7XyMYE151SdyTndScrRkF128owSP%XL1L|ghVOVc= z%H6~LNYRwotf~^a&0dW$WgNn3nc|N(jQph9C*1ZJ91u;_yiF?vjIqq%1TFFY0kI&Q zarqJqJEQN!brawDjTH!LrQq9s+9OgZLEW+Ll)H!9xr7tE^LSYTmD*kre!b6zP={UH{<{zAKhSF;P26=Pl{}w?swk zz_p=A9j_*RVH@c_NH0Fq18a+2b?C33S>KmECo^Z&Q8H~pA5C!0mU68MN-+9YuSVI| zIv?QnYixDJaJu(qsZK%2<@EiEbH_*XzthO{lQP)J`E?#fd@3U(I&-i^FYfNTW>2M6 zpnU57QVO}Pug`4jY3De&XSn6=($q()YJk$#SFfik$;v`79n9JzlhGdeB0ZLQ3+coF z)v6hbpR5IccD9WfbMt8%&cu^%Of@^47s?RJ(ElyS2|G~7#MVVw!|dST%g^1P3GH9~ z1JsW&H*_}!w!Bi0Mno_ZGlE&`hZu)=)!)vkfIB`MTrT?37aBErUPCFsze z>?X_?4$~D?)llkT3%{NU!_*Eokp{Ud*(moiUQw@N2?l_Uk^1pIXI}cuH$zWvBNlA} zh@fzx|AKs_Z-F|90{abUWsqCa@k%VC`h!E{rEO=p2GZw=QwyBc%UkyO$=C6DUg%MJ zIwL*pezNMcpcuBfXdQ>S=V~Q3N~@b9nlefQwCYgZj$XC4_JB)p|FM=eOoH(U<{Wva zN_KeHi5@%3xR`L+%K~_r^L!!J1HQdK;C($I??+zyQAzRxwKv7gk*c7}=f8kuufNbE zwWrZEm&%>GhU8MvnQ>r#MBSPsOi=OJ$lk3kB*hbHuj*UJr2n|y&7VvTl*O2*q%6B@Y8O51=^y4F15$R zyV=HGcyZ*?yG(fd&F00IRYwFO*9;}zgcMwQJF@*02|cAttr}tGE8ZA%DQwEL<%!at zaANz}{@qFSBKQ&yRdD@*@@t z7NxAqi8J%~#S{r0@o1U4OA7iBYTjhB)rOlNM;EEk8i zoAF?&kE+s_ox3G<8%OBovzp7b$vvM*gH2wjn=Y6afZe`46r7s2y#?E2u=LMk&&(IQ z0B@-^3IAdZGsJ=BUvD}bB{B1=4^?<5O77z5Er|+jPgvtG8!Bto@sXd*ra3{@ZTE#e z@X2c0y=Sy*msvM{`Fb29qkbf&!f4ncTFo+}?D@n6*)wWer`u1d5G&sM^QRRXA~{~n zOjS3*cD7KJBmrG;s6MU&Ys7dZfc({ z-Grm30@Tciktfhi)`w|>2@7}o!4*3bmr%ZZsyhf?REPe?(EkDEi^718E|fq z&f4^`X|H1@Nf{}6m#<@@Y`j^;>J=SHk+pt+v8?PlrWG@!_cq5Al?$e(gqy%aN--Jo zKt|wq?t)TECstrO5}?KYvhv+kuBX3P$XINY+ZTX~x%*#`x%91aO_0B)hZ$-FEj2k* zB+Ml8Or}zJERJSoQ#7r= zkqi#MHmpwC+e`Qj?Q0LbWg>Wr)497+{d=iPMr>;(szvlqQnJ2*#-F7EQZ5fjp{vIx zpy8`&P*Lu_w1ltw_h*Y0da2AW<%aDLKzeKby%~?eTwl|c7Ew5CNy(ByKX$&B*E6DYV!6|T zodvr{Z9~%&pAT7l=w8aV_g<6@N~!gpecODfEi5&ub23UQ=ikm&xYJ~FRS4V|i{S*d zQso!Z>Ag1#VO}pXuE2fPnRN}o^-uVVse|}Sg6K*a=V%NQ=DQ*!?;|oFCED&oZf%u| zdU)QHmp`SVbFu^Ej9n82Gc4vi2{fW_+e8qTMK72wMUrgAiC!%AN&DUtS`H$`Ht&R) zj}0?R!wxW}0X;$D<>&8OsG>F6724SqN0^>_Z+AEqE%_p9vIBtTfP2|2HvV(CTB!*> zJ#G;3DT8DN0g_a&`Vm>V3S|4gQV@T4upvjWEj4fJ&t}uHdOy6sy$X4%5fz*A1%3Or zfFtODL()&$UxXWElWxroOYVS4BRd&7mhH$l#R_wL;l zUc20$PoM0l3Qd1utgWnX^=uhNKh7_$iv%RC_gd`Y9so?n&D8=qLT6kw>jP!DPK_{l z-5}h50a?fRV>?(KPz*GvGtG=N->HbcN4Ws7Gm`|u3 z_*xRiY==21(U=oIem95)Cw=Ql%~atYQZIggGOAXLaai<3d*8(9)aPTD&*Erh)qVKz zn?xthInQXvz(Crod#a&d^$^s3$;iAZ?rnDs4~+3K*qBg*wtz{%DgP%_0}4M+J$)}f z&|W4~9TiQ)JLOvE9{-TnemRq}RriMfB7k1ZeJ^NQP?3=67)Lu_Y^}47-kjsy{da#j zJdnPoh+{uFX@4&8kx+;FM`hIM^5{X2Pvw@l;UA25@ef5=yMV1OFlnJi2PleMr`WAK z_79WtK|EZv8u&1sDF>=#+id@O*(;-WJiL&vP9Z^$aIxAm()Y9Q>Y?|}_a8By^w9OX zbpMV$&%j_c-5%4L#d;k;SW{D6{W%7@m4Z-$`;0*A>m z^mrV^1kWlCvwyaK8C2BGUbhv7miLqzdeI^&y08Mt#6`k*DW>tF9FHbA)Se2uKc>g3 zzIf`8{DM3sxik@El~n&rPe7E`y{g_|B3$^wqh~ms(ovPEr89ANAdW#C2Pp)cI#Q+} zFQ4D*%&SOD-29?6lR+|A?#8jN`_%CdL#v;;+?1JI$N3{sK4Jr|&hjEi_VoL9e_x&* z%z8_mOeUfr@fRpzx>u8{iqvBTejPEGlP=IYzbtp7a?minocev)vj@|w*D>iTb8>N; z=p_a}G?A>UtZ)9ItfnG5WxI|C|HNX}``|@TlymOyz|$nJo_F`~)MgvZHqUD=mlj}) zo$U;EJf3v=dT%f8|dq zOyV3;(=@#IiD<{|@wgXs<6dJEd8pFeoAZZBwrZ{Io$e;K=EW{E^#nelDm31n7o*49 zy&0rr%t;?@%An<)$8JH80S;($_3NpC&|0m;vf8(0d%1?U;;FE3ZwgOsPC(()1Nk&- zY|4NGNX2DvPt4f#hzs$H}` zR-3IiNtg20zgm3D<~(y9!%V&Kq*n|Q_3|4M4^c2j=)zuLId&h zKUE6Kva-#i@8*zw{RL_-gRKv!y|>n1O&VIUbag|kw#8zZ!YQMV{cN!zec}aY&5#q^B#3oMsY?Q3eh%rV_EGCZ;g(xfESvDXY*Ptqk*IMX;Y?~iume5dsu{!DJ_wRTPhs@qWcnc9z z=#`aeYpsMUWOnJ4QamTnLzlSG(`a>z?0%)pAfQY8Y(oS2bR}T?&oSL$@zy}_bqqU9 zb#VrFbH+P69y*-TSS%!KYx}yAZf$A1*qnq1kYDhlkxzE?acH@3#?O}RwM}i>(^H<3 zZQkt|CgdXb!}_E+m?FxjcAt|S5!a?;^ryLL=*Pi?o6G9(PyK8unS84u>$8a*r!{(C zI3Uj%HHv$)xRH|G5hIzEBbe$zCSE)V2B)(FUe^EY%o}YyLLnic9&TFxKEuPQhIc_s z2TnCE-<)gr_8cFNyP51sU75P_2*IACN&4O|Qhskr??;L!m@XojKsh>z^@z^S3JHdx z?$Co6{~vB!R)Z%6P9w19P#UeY@0v#`qFRO8)vgm&c*Hc{hPd=EKYwN04rFC3y7bUUNg^Z~3J*`-*y-JGZ-?SliIOU>TbFujB3>ulBRBK4>}b;9 z?OqNM6)<_>`RYPd*uo6vow(kv`31=Tewx6ir{_}p#Ls71n|WVID09)R44A1Ms!BQV zi;i*vf1yFiFxV$P+e!bti^(DrHMN^GKdt0f;!Q}!=duZC?A(iOA#hpXaz92N6j+WLJrs^~Y;=Nfn^zv>FHyOY;G!PWjWiyjj1RW-7*n04r z2xHteHe3`61+Io6*nw!a=nE_LT8+k^I%B&*v}{&d50DpU9ffsubv8c~DuW(g)D3@0 zWzut}?nGRB?+G&Ef6nDDKB4?p1AS_*pbqaTGH@=e>yD!lhA%aHF-tgxHnG6T(s;@t zwg22r28R%iXHX86#>Ty@4*(`x=A+er2F+aeJnCQC(!# zhk6tV_8$|T(9j$W6u97e(3O?2jnoa{ovBU6?Do9;l_8k?TucV1{nX1}Id?*m&in?J za5jpI;$J6B9JZt;2>$SdDev`~+G6$l1s%MZNy#M<$5BNRp=Xl*zmQPC=J~dFS|U>9Qxj*Xk%;3 ztdz7L65|Rig@}^VnErV@QK)>P=k6n5qopleJVoO^Yd8=V;I03;&h1=kt!)uzkIZ1# zk7{5u{l)S@Oh>{zw&9qx%uv~r?4_`0Ppn5Pn;3Z`yv>B}+IX`9U!+jlH2rBhEYhN#63_oU62&-sY3bjghA)>h7M;&mIPgu_;zO^4emEWNJ56;JO7O$71i}<9EM5toVzo zEPOwoDA8^y=z?A54%s8iFAlVJt%Ij7t;W(6gOQ%swiESK z*sFQS&&#_PCVu(d{?!j%q+hlL$|qH7l7{?+t{bi4G6c?g(Q@}cFDx~ClLUjX^x;Jr z2TCVqU*f|0XFkW!6ZWy)vK6uceRfN@gX7^ZFE34?$hkLI)8}e&;P{=S^?_S!!$?Pi zX2as1CJKUDyX9FY4iyIZk#|E{Rwqto7l2dbUcc!lqQ`GhKr#yuMoh=@; zTEgyRT(9pCc4X{~4KKtJGM@I|I|{`m>^Ie(_0dlH#&PkHqwjT$DVHK5A~40r9@)9j zFr0{v?U$HY-mljh>3W7VUTqU%q~Ev~F^ANltkj^alRb1T;&4u>X-bNaj~q>U1R&g~ z%zJo*oENKo8PI@C?8G}tmL3kq1+H(UIwq<(@m%wO=vW6OjLJP%D!V@YRe!%`zP5VW z_u+Amy^`YHus!g>7iZPvT@1-<|4utEjbk(7fqDg}VihCNWA{s&rbHTRI$E8#RkjIj%|$UMjfTm|)6Q1@ z8y94gOF@h7-I0OzQGxm4fvZIlejI<2qRfyMys?14sTSjp6)2#8dZy;UsH^LSDR)_# zRIul~SRelBGRH5S;K1Nt{~<KWp z$%?`0fZ;}~cdhnf$&(ffAH>v2(ll}LFXc)*)oGrL%P-t zp57i!5f=41e6`ZmJcF6d45lPGPGVZ8MjMYrAya7M7kun;rkbKtJ_c{u(w8e`A6)Ek zE*{tpR>~d8AxNAJ(M#*&>xNI6A2R9Jd1vYzP>YwIK6&`?gT9q-3evr=0;*2U5-wn0 zXW;58fYx*l^?j$29e);9@Q~$Mh|6sUlZKiSuD-TiH)*W*c>kVk+%7gQ^b3boA%}4; zhgG?V`X@1_U{S_kQRcAQvs@jKxE|GcZ$!DLD17w9IIO}rj1xJ$lh-$RCN~IDb^cIl ztL${#1~VenV!W{f4{Px}FegQ1nfHNCIMAp(a}&~-IX^wx&-no0Rv{CwP1+IvEP~UP z@^RsG>kLz$v0B?RN?((W)o&K5WrxC7UjrXIY zqrho6_(|=>5l(d?b|qp&YHjc zYO!zkd;lkafO9wu!++dvC7B?RxJMv*{!V;@X3Dre;~FTM*&M0@o@HX0rFQ06xrZRZ z{QUgaySW{>ghSTD5#u#Yh}$x6opshS7xk=uT~uZ3Iv4|&XrBBo^o3ftlPcuC0f?0U zT-A}N*`wW9Okv?jX$J3F4&xGzSBAbvl2LxMc7cqk=xXUNEJk785`QS0Y6&oz1ol+z zNSRmiQwN}q7nNy)h5M=;xx1f)e0ve+i!8j;XSdh7c#@vDb!Xr#n`ww@-?r53c}b-Y z^@_9AiQH+{-bt~9(ZqJl{A9E@tfYFo6$vVhXzxv62PZskPOdpXC#HS3cNo>i@k& zgq7Mw;4PruXO1hDO21qx&^u=ePYv*9o0)I2nOow%tp^ZEmXv-H3ZR8nQ)5u5E#T(9 z)QpxBOgFk_Yw~Pp?a12J&ZQ-8F;R|h2$SAjEE#eXV(;M!Ma~QB;s{|OG5UH%&T5gs ztICqDFhnb$b|_9r@4NxNvXa0I>X2ddfn6YuokYT!g;x%AD^gv_GSVRU%t%9;Jj(zITSy`Cy0E7u z*v->b6|!#4V%b&Edb0;=?`K(uBxdGX!sJLdk~8<#KF%nUZhyz=KMb|rk#1bI*uQw9 zJu$bRcc_QFSYGsj<<^?NS+kH^yngFLjcuBWaB;^ra;@5{qC~pg6!=MyiTqG|nd>-Y zrJ6ccJc(t4s>;`P!n_@`8Y-}LT_QniK7Ho3fxB}Jd5&0|3Cyl|at-46zmQYX&;KJR zD5{BMQn8qto2$eXLSRRGXGQBy0>S2Oa3^1Q##!IVf9)<5DB_}Z-g`uQn>adEeg;$GBSvBDLLo| zR~Xt^wX_-G$i7C%{S2jV?q8bKl0MZ@V4MYU-c*IjRP)zd9=c6Q4qC&H{q6r;>Ly0BN`${Ka_(2qlr{Pw|hWk#;_lyAP?8MNJr$OIdb znlLfn*St8xJXRw-)QpA?k%l0nnQ^By#hvG`3-i*6i;EY#bbZ=#xy%tpSZ`b|3Wy2i zwjG5~qd?#+OJUPXCoJizre=*?O}ngqji7;Cl~Q;9q69Zt?yJ2wR#Sk7fBW_=Dk&;F zJUl5WDLx)^(RljA#}_4Dhns(h+33yC>>>Rc9F>>Ko8dHiQ0D*jez*I?4%D{oS4d+b zogv@TgH6pbRmw9iuA?*im;3n#|J0 zq@4RY=QX%igU|t7ZcFdWi`q&5z}sb|+?Hv+T%QsF<&{Lopaon#MV<*~vz;l^ z(cza}huxc9X81+TG@3W8t6ePzx=ehdZ0^XP%qa=bCQXDSy3WHlh21tmp3=T{UWpa> zzA>NqC{O*R;@aTKfF3+NK7QqR9R+?aW7D`OkTolbR<7JJYSA^+9WS-ZXRE#3Ag7^G zY*F9Ixyzi7IpXEYMy%+!eZYGeMmTy-~F_s*=n{WHE?BEhx@qYcvTRfO9; zuMFdbX(lwnUbn*XU6;-j|4*&_sjaDe>cjKep{^QY9hqbs=>)s-XSdxA7k=9#%g%<) zv^qYK+je)^ze2i3$K<1J#!H1bIYadHSA+6O1SHR0$H0?0wwUbVaUk&7mjnWl`TzXE zEtVuvH!x>HRxeo|$T(bqMDt_w+g|f2dPDwlO-Wn_ER6-`{LGllnO;5uvgs z$A$s<>3Ef`*CiK{Db8*YEAS7RhIr{hfk|6DZzT;kpu&yiVZ5zSdB#?qDz{nhd3N7n zU#ekmFVY125^@O$YU;ct=XiJ^k6lIOx;36mxm;E@f0sNE_87#Df9(7Fw`9KW zNv3A{Vi|S$57aMc*)w7`&4OM15QW^J5krv*-?c0kN)A0RQiLg5AvxfdroP9JX}zfA zCkdU7M~iEPUY-vWAn$Mei?59ah0(Y47_$8c=F4_j7T#YeiCr&&u#_6(6UN8K!`v*L zBz7{eq2PTUpy!0i%vQiw?Ng7nB2Y0jiA(}Nk0wInvB7Q297o;qb@8Za`v~vIl{-2P znWR;FS^X;Zkh21P^M#k2$xxbne(S?vd_KBEw{)Uhxo;jXVBc33BZ)kzmEJNm)a|Up zGxF(&or@-KxT^4ItEhy&X6tHgy?*`rn_6?_+7n_nt2X4q%#1XV z$Y#f_=cBmmv8-a^jURettM$@B{o>v=HdN0{Q)}-(hv!dqXD_AVz*?h<8LvSo{)GW1 z4^#Q(sbr{!PC^o?Z&7xOU4Jjd?h2n?UHplzWzAm|472i(gY`#ZJB41j3De;9 zzQ4cS{}bkGJG7N5&Sjr$RtrOPo}k043CQu3x-%$dAcW_^H$&KT(5H3U%KgM4Fc~tv5Ywydu~@14?q+Ig7?`O8NEaD zL@`7KrTVc3rzCU&MV^S6j}~j0l>RsUN_BXZ54tPIF!P?0j1UR=|GLyw&L=`X|Otu%W!x?8dJ<6^4g%Emm_VN5iCV z_R)#10CmB=E+19X{e0qrY$|*M9T_dCVr})1sY{QEI+|L^veNYJoOUe@$?6-6`Kbff zuSQeEtd{sphMkkX>C*s$;T;_g+k;VGkQpeYjqFUN+Mw>4g08ht$Rb0(tar zurk^5^=n7DQmoCm7;J-S0b%GxN*VQ_$+9u4>$Z}v8jZMHU#~o`B@M5l>aS>PPisMY zVTVEH`{DZH5@ff9)hfIX+CP5F`z2m$^E8%dJ!Rr(tk}*O1sqJ-PYw3hgH~hk(DNC+ zEklkUz$j$M`zo28z=m(0)df& zYL>%h@ZoL7vwJhJmZ>C%b&P)O3j`_TeK9C0{C&LCL;!AvJkMohk@?amuqo7P&VeH= zEZoKnbgT2IByzscvc!!GXp22JnBSsCpLK`kK#veI3d7=~{2tBk4}-EVo=;`RnIaZi z8;s^IH-1?h-k-~l?8&D#ae7N~$@$fT2K8>?xGr%q?C5F9@0IO8?7_ktv?Gq*BPUh* ztC83ncLuz7-piKYUDkM%r9`TKGo;>KkVxy|3GNcCt!a!zSwi0TgF4~g@J3=MPDh7e zHGG!;RkoSAd9gh56ShZLz|6ascF{)u@5P*nP0HMCGr+)1)17an|AA(*;Shr zlC;;Tv`*e>KjUh{dQ^OqS353~W435LIe=qWJ7$_yaW^vaLu-G!DLuKV_Db=+nl&d^?Is1|i&ZK%Zqa0?R?6UWQ&7Yz*!qj-=Uh!@$%BH z-t++(YEOe_ji9(%)U^CEO5Qg@-x9@(ItCoxh zc6zfThFf3wwQpoY0+~3TzJao|pPQhd^J(Tx&Rua)!8=qIHKF@&HsdiS!CPgeWi-R5 zcBnWy2Cd=VZysnEJ80ghdSO_6d~tqyTaijslrMIld3@5cxT?kPGiNsOMORntaoFWN zF~!9?P(ePl4=nSkw4y>r#ydxe-h1R#_iE8akJ8gHW|_0YvxkcS^89L|%2nF=-ninl zx5_1U(*Ie;sO?GrP{s!nb*gT_q}Bd@|65#K+_c?6c&No;^YeAihnf;unq(ooBBT6UJnKAf*zfeS7U0orM2ycDP$$>gM^PwSXJdX${K1rV< z@~PP_bz08nbo1_vn}X}5h$nD&yr_G1#`e5tWoOU71+Rph$eq^YY@>^6SXIdJ?Noxx zT8cOoBvYi%ZxNv+RQLm=xnxA?04L{hg zIEc|KjJeHbsWny7z0zRuC%2c2#G(&SPk2aF^$4kczd@GrT#9mwRgoYnQ?8vS!W0$1 zTh3sb*)jDsobHh#@wZ2q_Ef!3?;>PS9aCxB!%~#SY(zB-sqam(T&7tebsBcEM`0k z+snv!j;Q>!OF(h4vE*nG#Ic{k(XD^@Bs4_5GHhpekD!*_%SZ3fIOMF1#I35WKp^t` z=<4B9 z@2gdSo3J%CCuGHv15%q0vE^Fj;ySBg-z*4EOcF>>b0_EY87phvTMv6+1simAz!AYJnL{T@*(1CyKm_Q?TzRoM@)3cRll9tR1w zl!5y%FzgSp?c42R-Jhwumef90Xf2OFV<<^}1jEHfQ9)h<{_20O()TKlks1w)%vuRQ zgh4u!`JUY>R|M!0{`Fk)!4pA2?!(4;$m=$2+}SRgtp%r+uB|B>g(JKZa$%TV1oy>bCyQpWoOEQ(+ewL8Kx z+j6Bp{IGyqa7Qic#ip)4rH@xo$CmW6c`ST!xENKfn}5_pcd%vnF*`IUFfdufWvsh9 zMR`XaRKpP)=&2ebZtBuvPiNN!OCIUtp#^+qL{fikJ$sn3Z(o2X9w8QM{jQcsjUF>B zvjM|hXa8z9avkNUJt~c0ghbu`CnbW^S)mqb{Ug##(cHE8r?_|}jZ{+R=2?}MLW&d* zZvnw##5F#R@PY!}5b8pE$?MFO0iS_2jLzrA_0~2gY(-fIhxWOacT3$eHe(cg z(1;#D&9ooSKo`P@E|e%4)$XgL3e_5Q_B;_B*>%Dhi|9m%2*f#=FH}VHwg72PMuu;- zIDTht9!Nh)D=Rkr1soild*Z%QY|#;BR8+B|CHUXuCzIlR9E>}PCa9So{uwZm$s`FA zp^$ftIV<~Sz`W2SeCLwu21SKyZFHxv-&r&UOu( zI?D|;L&OO*E1C!h1q1|auq`vn_m+qv{G|lUa0z`cdl=o z%0yNtE|KQWz3sgYSOdUiICaa#+R49s6Q4Q9zY(R738uSwRJfS~3@JSjW=A_@bF^p% zf@K>uGN>o~w>&}26k_}BkIrA;AFIQ=eiU??7k6F~ZfZkVh-FAAUNx-W&{Ex;%E9g{ z3)_6}6;COdS)M+9`imG2lphIL!|0K`j~((~%ipB*uB_C^nLXI+ zp$l;FJiK@R7+d?R#7xe{fEgpqmsvZ~)gIj!*m$tm4R$6pH1wi$Xt<$2f@=wMLYJAL z5jB?~0zfsk%GqP$r`b-qASNZ*&A2(NBdF{NFRxKzFo~bP+Ny5+(Op#Iw_>O0z<4ZM z!Ljyn*S7u!lsiQ2;{!axcicxLTN%|dvvgU~_E+r*q9YblF*i6spTM`%k0GNrk=1zR_EAsHnlqKLw0+dUI96)-XQvzxWmYb|GSHcXdv_@|9~-FK*qi3tH7 zOBM39ZaecK0)YT+>~GmqP0h@@l0+?*{NJ&P>Cb$=_RIKd!lJZFqr{4NbwgYUnH z?-7b0x`V2;YEbek4W4QPA=>O043`q*CW{Vy+Sk}2dt(?Q{^;fsCrV8F;!G-NGqPN< zX6}s}SfTdF!~}6{=<=f}KI0W3H%yjgb%66Pe-Tah%JP7ehtG?`jDM0fy13jvl5}P! z`dEqI8YsX2Y~3g8jW;5;Gkn=mMODnVP~`iI8^15$=%blm>BL_JXsrD?I3wU*t|M~ zD_^gbcw~=kGOX)lntiDWcUam?CN}X^s;Ko7+x_L5W5Bdk|6y=&P&$YdHZy?_K!#k+ z!q70PI@_J!bmuL2PEy?5qCA;hA2x|Yl)u2du>2%u)+XgT&c2!s&zVtK5t`uk)2T)U z&Lo;a6n?(&Yv^dy$4_-OVy~3Z&D$)nn5W}}`7-pKRv9ph64W|L`qD^gP1KU!KElm- zj^4N{a$H*Nt?eGvu(UgQzCYczRC_ylWparbMt#{NVYEB1&Hk{4>cMlbYMh5`D)&#) z#Dwm8>Na$o(;kP3c&9w>H+JE!?bz(wU3hNa_Fctu1nMBs?7Uj%Z!3RPoi}1shO3XK z#t+^FHIbJuUuI}>mrwQGp`ZX&sP>78WLrpC_+2_WYs)*2t)g^?e)`8r^zQobr|Xtk zkS!zSF*CJx$o|;?0yr+r{VnW*ATDlTsXc(43&R)Wss*nX1=kbk0C5o z-*E^TGCnND?u+=wGP_Nj?(UV4PR26d5X))3HlI_U?P(B7aha+~be+Oo{@RYm85MRQ zNn)P(1UbV)aoZ+aB3yjJYg$Zhv*O-6i^ZGwJx_KeX7<{ycN0rw0)Hy86Mm~UiE7o? z*OyNj4yH5L3%s}Vxk2z*)aTjT<85y5fW}-rVk~Fp2jw>MRbGO;JpHwrob~VFMJ5Av z$3c>SyD1^@d$68%{U|gGwD+7lZN^iV*b;&yjZrS-Vz=w*61U!T9o|7^vY*rKPSlNG#81IBxIe8U(-O`K}Qv4*>@X`ynli%FYcShx}1~WRR(8Qs$K|r^Lz6OvjX!YpWe<#C1&*KNl;=zbVEw%w zEOd&Bimx)A?Bm!|LD>^XrUMAOi1fjV?o2V4-g8*)kb= zDN@hmnd{eT_iwf=SCqQEyu2L~=kBgc-umYkgVM(bE{T-N=i4*b=sbtz?HTTxgl{k8 zl|>!4dryzHl9Q7J)|5Zh6g68VcH2!*R{4yHm-)2gMMJOxXT7W$U?fuEV38OvR4{+> zb9;ds5W=+OFp*zNw;k2N6l1!h-CqT>Lj+Y-k>$GHo-65a1Zj9D2aDP##G48Et(sX3 z(f6Bfpu_-q0%G<5$JJZMRe?6|!-p1-5KvUQK?D>Kq!ExVF=$X4rKGzA5fEt*kWdMg z?glC8knWH}dFXE5!F}BQ{@%ZK_p_XHpF3yfnrp5>G>NxSs3lWSEF3NjZnE9I`#v4F z|FcY}{H7x|tAZvj?rj$3eIm+5Fz;MqE*2hA z(JxfkJ}o0u9IcJ({Hk8Go~mJLD%Uuz69W+_m@?$ZvCiZ#&M8#{D+~u+&b`iuEWq$| z8_3dZ>4@7<&o%K_!H(0nnv=zk^@;_7 z$y-m#9_jD4d555R`(9>Kl~p0Stv#CAhh!L>TzM~pu5wxq1U#*6o(JVL(f0K_xk!eZFKpY8WB2hg;_$BCH}b@v9h_QAB7r)6o#KisDZrqwY}nS6eoKPg<4LF zkHm*W&$9s&9fD*M%lzudq(FmE@zWuGS8Z!9R#n-v?aL9{LJTX)ga$qmuBj7~trK%6 zEV44IdEdL=9*wpPsE=>qQXz?1#RVWKfC!oay{pulL_|cUCY}t_{PRY0-v?Z=C=7CwA#>Sq7QfWWAP$tU0hfjzQ zhYrsOGK}nw)^6ewPLgZau5If^P*PAN!2XhWZcs-_eap67ta4es^ZbG>X0Pv$P?ZX& z&=7V>=#l-Ur}Se3j=io>R?|S5E(X_4#j5I!-qDwl(gZc0JGN%BHWCu~&49{AOSPeOvfgZ}1|M2c#V@NVnd-^ezyt|t)! z))B_jyR3+ho8+ujqWlK?dO}SNIJR_yhYd2wGiF&tC*;r&K|yXzK37pTwq4u1cr_qO zS6*4!+}N0RPxY{Xhx-?&-ZpAVpO`*u_uI?a^*b*nYh9aO$CN{D`_NZOmq$oJ?zB%x_j)y$zsWpQ*<1Qw6m=}%jm<_aD+em%ajgKr->Vo8`f;6NsuIoJ20*PI zvOS3V5%1r(1X%|%a&t%Q1cgCtTKV>Pcy#pe=m-?V^M9r==Ci2GQ!st`z4Y3Bj)L`g zT_qU{Rbnx0mpASB^n~-3L**`cLH6L(XQ3CK&3YbCQ>j|psS@G^{XkdG2orfd4q~W$ z!~HE>x-wL=+rw`AvV*dhmL64i`ux&T(>tY767p7q z>=Muwx72FFKwS-CXgCWE2%#$oWJK~NQp!k_6x}NvNRbzAcvaBpA7JCf_Yt#3eTt%u zn-G4MZj^IeS@oc|O4}GGgNIIjK(}&HVK9$Fg2ZN_3gf zD^j?6Vy7C^Nmeb85CXkLRCe03p7pb=>8fZ;tRC6FAum}{b~Z<5;pLVaW3*a?goMim zo44-VxxB+eHCNZ{?cIZgkNLpYZRhtT?GoAc4g9<3sd`rYBpIVvin%tjEa_G?$>Apm zg1QyN}#Us7*gsZA_1cnjO>xDKltDp^UfjQ&R&!rpUweCd9UYzFLl&$ZJJ9cH z`(~L0OeSde2pu3jpEc(m{=R5pVnV@Zu@8=hHrEwfpNHv+bhQOLDtNBzGp&&<$i`t> z)}Ub?Q@ykO&$ROEGJXo_fk+*Bj1Dm?AR%vYhIGr^mR0JTYJz z2hZs0gnW;q?Vzxj>7vkL^(b0XP&m`egZ@ z)wJ?9nUC4k^u>fk5<`fA@P2{p5$)P65x-Yd^&L}fw0^4pmLo;H%~s94k0g<{{k#p~ zV--AG&+IM^8bSLnz}<#cbM) z%g!zQHjP&RVu#-LAhd; zW;+=qO>pS;y6J4o!ysV+EdGRPiT!}C*jKL_CMuKl1LkLD>V9Ej6|mjB`PLF6={=9> z_=^FkWB`9Lb$B?hlRhdYY0~<`JT{&e0p-l^r6y5)RyP+KFK6KgG1N^Z=wI0W2d;_t z**M(!T4cVYd_`8XD|*TW-?||BUH{O~P+y;&y**?5_^k>EjkvfesCNCueJ;-GUs%fch^^Zhe396K02lX?@ago@ zQfrBiBD0e0g+!hJC`GwaY{xQoQw#i+bJkkaNPOQZl}M}Dg;1c#< z`giloxD)!jQ!lX8M#O)Jn!*~G!6at|rM1T@D%}H*PxrJ=g^gsmz4ZsSVzFA7x#>n; z!U6WZ;7v%|^5pup3!CUU$%M?>SQss~_sAs~P57)d9+tMIp9==YCJ6B#vj) z^hEw=jhg0}Ov*&vGs;^Ms^%{wUQCqlB^hS$aC48~pxt0}KAw60P&0~S3^T>?@2jZP zz*Q)B$I96Fz9Ci);lhcrE5xx+zayu3=d0GzpNnvv}lChh% z=H})|C--ij21%CA#bGD2fEvNnlS!F{ZnTEVi`V)b%mS~+eOwXqz%q8fJ(>(yx(Vkq z6rZBgb`};8b0gH$hG7;gFpFPKkOj0L{ja!!m!LL>xrxt-98r7Byd#i}#A=7$zXN@J zpQln=Ivb|KkK4S8e7Y2m%HaiDnM?ODc#w~kHkPr5Ptb$nx&pB#0^)oWU6PAiq*iiiA7!NtGEM{nV--JRzmEz)5rqxIG( zejc5aM14|T*U2y({%F7Gb;gMc3*G*XSY5J@qAbmG+OpfeI^I@HIP@p>CZ~Qb-2v}v z9apsS*HlyBhl-a~RMdE#C55OuLG)4cyw@+88FO*5NDWiVe##%BDR_}2xJPNa{T1r5aC>^Zm6Q<110>0C`XhbaZNA=kK0E5TI?F zOG#l;qzWtWE#ZIi`Bgl1xajBSUnqBP1#(MPXL0Ng*G0Pd(7u3~{X-u@;B^CROr{kV z$K?8K3}}5Ynip*oNBIu@*)=(7d}4zuJ(Q_ zgrbXfBJ!~@NvC$*Xuf7C&e@iwHR&z9*t;_6X`Sv2AhGyGG2#F`4f zS?y(9LPDW~>Nv;R+#J&vg@I+<3$;EN2j&v}AjtXZuK(-TqktSt-Jpj4&GVfJB$FOn zj}!K&NRa4E<`s72&0Bg(=<&a-y5Z|HG2rVv{`>mjVGT8>5qLx$_8D*A-hh5#MVxbA znn{VR1)b(IaDU3Y%Ofz@nrVQls^kD7nu00nBpf2@FeMr>Pa{bMB?*JxVS!-GkK%G# z0iKc`8267CiOHr;M9aCcN+)2XqW?xJwVsOjjRKV}3o2WD0)oyX12Gns3>cqJ;!%N^ z`}*^tcgf6+iR5z%)6nZ~d}3k=C58#@%}FRJJAOoq5?Rxvxj$p9)vfdh=p>B)Vem9Z zvF<+AWEfujzh0ok=GGR&o%aa|6xsp8+&nz`)vgX(^GaH|wv?2V^0P?`$~{We&0WL2 z({9~~rQ=+WV-k|c;rx4&cW<^uvoSgsdLr`wGGJ1|Anz$BU(nN|T0*D~{i3!Pe==w_ zZ$^)h9yM)E_C*Gh$ZlCo3TI}utwjU}2EMejgMP}?M_DebQ?+oM?w@8hzmBN^7^%9s z+kWucg!ww_=%@pVL?Mu7l$Vo(6$vOZ?cO){-Q%jw zBbd`RF!%+D_$^O=7Gq0GDq><<;9oBmM1UC!A z@#!zSPMl7}Wz#Rp6rf2uAb(E<9Kaoen>PFF*YMqF*R|Cy6;k&~CsT^HOt?WnnLTXg z)`u;6_UxI3eVl@l!rELl!V=NUqF!)_n&Oq%X|i}bv$CjOC=@HVcisan zQ2XDxPQ9mFh~8X&cfVD?OPiLuM~lkCMm~4Z#pU31i__7mvVH`<9USJWTnok|5x4Zw zQa<^}NVuQtQEV2H2a)07mqANS}GTJC7UCVp1XyVuYH@IpL z6fg7hmqPNl?{{oBB+QQA?ARmdFhixw=q$-)-D9EQkGqg;!HLc3WxYr1P)%Hqma;s5NY;~ zP|xD@$Rwd_gbGDHqbt>}s3AK-)fVnVN*FOK>jNzh>qt#wKtxjbMP^<29*t-o z4}yTq=8k%L*mTn&T3a>z2$u+7VwYxx0%G%$qRbkH51)9tv}%W#p%5!Y>hCY0`sxD+ zH;u5f_>0*pY7tlD++1{6*mp-(tdFj)I`QlCp<)`j->SXNL~q{g=g!Hc0Szxnw$(8 z;Phh|n7?v$W_mGuMX|B+35?(1UxI~h$+;!gatRSMEvcBp<>8zkvx5<3DDTQPOY0Hb z&1JltYOQ1~E$i-LBo&|{xHHtCgols^eJBJTu8)K!z1Rm4Vc{B8lZ3c95s$p{Ewl_zGcMAYkjeq=9RlziL{Kih^&Ehr?Ut)*2E%;xRy?;jaSYK!SjA6#%o$r?8A z;0wd5-zOxqH4NpGsugbbutZJ~udx@JBsyP9lo;wIo#<9tb$$O1$2$Uwj}iWU z;`f-Kd%0e%=gIztp_U(XaGt=v*At_n%ku2=2Crpe7 zf;4zjZ0+rJbaE8wHrY@(tg%5?Sjq0cm$Hsw49jjw z8(ujf6Gw=*o`aLHk11NI-*-1Q@{5bp{P$wx-oJ-RB#89Eo-#8sh9&O;a?=%g>H6;- zR4!a4@LX27%Ax)0moKbdUS3d+@8;&FpwO;eYL!oVNYBFq_9H2rDteO@2XTvQ(4CNM zb;Mm0<-@$O6O3BfHad}_s{^78W1($ashJ|=u5D|pGRt*yAY zxX=5@Oq{;=~xV{tyP!BQ>MB9BP`&-EuEgRCrYE4e7epb1wJI68(4Aqf`K8f#5MU z&+B+UKQIuNW2ij?khO5J`+9nMU=Np<(V!Rn-S)1>&wT3r;|rWs28mR=qD)}d(?D6_ z{Fq}skd>7MR<4b$?cr~BB8Bd3?b4Q?E6dB{chhhzE$q>O7;~_Uj3^5)gK}0ZhP@;ZJt_Zv5f#cXJ=)> z+dRLtbPZBygfge?^@K!-xyBPw@L`kf;9G_N`_@Gi0&d^1;2ZfKKiu))s|`=GQlLU# z6T&B$8PrZdRu__wP_i0dC-?kn*X*B>+a@Kck|ge$;xMokCfU(bR_z zl!8Qvs2AZX#u;az(4JEqmNwgbH%jPVZvuL8MoQ7+UbyfSMN6G;+GS&2pHO?&<$0E5 zi9is{R4r{O;q7i|vWS=e%gCgw_B_#|4|jI`m8eI*RoC47+0%nlRW`rCfC3?Ihcs$c z6!PjK^HtIm6F-2X_79Dd4htJwo-u-)OE1rXIFMFXms9D@a8=w6x_7$EiwyzQTL+Rc z{zB0yl>e>9r%#_4NdVPRfd#n-5F2DcCSXuCnNCF#&hu>#Q zmXqIoPUhrRU+HnAVSV5TUJYPE6=h|4JLCTVR4oXDhSvl%qV7*A+6Y`<-xuUxjR3zq z<3<=(2}h_whkh8B;(g`Uo-Ia*Yd>6r>pME$>XB)4HGV+ywzT%#M)EwXF8^tlZdh{| z;O9kqifpQ3y>rPPWtU=8%Z0-HlXg9?P=F8vTvYmSD1<6-U~T>sN(oPq_p=5K>+(H_ z{s+g3m{X(F)Y-|iO@i$W<~UTRZ+QJ~Ux*~HwO{b0sTE}L;%bATEsq%2XuPYulo#*k zcUEEiB#L|3AFRe-Vkc&bmwQoz#asU0RdAl4pC<`qgaFJ-pNi>EWGsBgc5Yfz9DTzF8Den`ddwn z=rt857RDc8G4>_9(xM%taR^@rU>;) z+AT=_SdTrx`@KL|1d!aRcWzg!*tJvcu`F>%I-!V(R_+tVgCW_Ut>$7*wA@5-A)fR0 z0&BQtG20hLcAnf+z4eV{N_(lbN`C8$MgTXrM>|{j@D+~HhCq3@GTWjj(XA{Jj%vz=5d;ik)9?D-15ra1eCCLt1I zC?vzMIB8RA1Zz`Z@(IbicKhVYS6Xf?k?GtS3ARXE&}1C{*=qZ2K6Q4<*prTXx+juc zQG!Tne&+LnI8hthkIP>__8cW!tK}uM!_I)y{1571kALApm@K2RvNB90xh$Bxe2kR7 z)Y`P#_+6&8oR3TpzZz@A03eZ(TJNG953YC?U1fgN%FTg}TX!QM!Kb5x>#cy1%sncF z9{K3)4}fF7{n!T^$X1wwItLO2EFBU0&V%MURBnFZ1b?+46KB3J#^>s49KAf4-)X$#`JBo{dsF@8!x zFw;dgDNvw{c>EWgPFV*BoslFEG6dQIn+uTc|H)fd=(3enc6U&F-ppL4jnB8=L1#ri zxWe~_wC@$SqOvrHloU}U-UF*>LI%UDD&vJ=GU-YGo@Ig7uqw+2>3?2QU<) z)Vbo`vMs*xPfq5H^c1{2;s5SqWzRF;uPsk=BA459OM`XY>{z7L;i+=sMqWH#*Pc75y@6IE34d50r=bzl2ne}I`rowv6jZ0Cke+UKWSr}xUaBih`U zrDmKKdJLkurVQTet9uX#y_Za>(c70&a9=(R#E`9$NXQbf)7^plPFz+4z zo_|I_<-=te!DoVF6SBOwR_%Ehn2wt}R?_)oXYEopojIHA6Z0k6Owpi0AF?5pfVrdM zaLigAvVK2%nV`Y^qEoUCaisP|a!)71YVjb7AGy7)H>#yqHT27jxTS3x4LZ7~{1cK> zc=|l8^y?lWdCNkh5@got>^4s>9$>OaBZXMJs69ti4wn#hruDVNtLRJlWsg_IF`dwl zTk$Jc2`-;5+NC`G+5nNlU+Eyk{a@45wBfQ65)#9LQ4|l3c3+mVNYMz?yP_d#mcv&U z6zSHPQJAdS|85DmcA--AGiMD9Q8=3U`AMDeaHx(-r)&!fpf16iD>(0fl68Eg4hH!v zBZasRt&$kRWdRLvfS(;G^=oCNbMRi8sIyD?lN`l9%qeQ;(`$&Jxx`sG zi>~Y=&6wa^GXD!UeFHcoP|CpCx*I+uvCzF>r6ODQ^3@J_odc0e;PAz+z==@&3$dy` z0_T||(C>_6FXhIXe(iiOCd4BeFo)ZXRmYU9I+i!uAkx+a_5@U&%ag#vFF1RNjd=NoqGM=o&K53P z-_S537?lm7*6OZbPr2Rs?%^7zwddS{){7y01(a+kul(1*Tu1*adXnM{0NqCaD?I;P zy-qAV;2!7eL4531z6x$C+R&UxC`;R0A=VPKD7?Q|Z4ir~pw_4T&6bW1#X&4%CLxZM z$9?I%O6yCb(J(32`^TBxKE4NtkqPQe|IE&jC*ErRx|I1M?)$3r;Shg<6UGk2=0AsD zun|s8RMYd01x23{{5vDe|MwFvuCCzbLPQ1*2RpFo`(Q0xcP>`_Ku5@Pj>}(hez-d? z7I!3iz(BNjdKnup<1BR95S`*;3S{d4_o!*RyH`ok158IJrl>(4Rl_SI1M3qO$Ma`> zMmjr5>5*2gXcmnBr=*J{lv*T0mJtnYU)yBFrPBE}IV+>KR>Aq=@X*j+ytL0T&qRTp z!g+5M>ay>p%1PaO^zVRCex;?QQuGjx8lzO(3VzLs{2t2q69$;TDUqi;VXgf6=l*IL9aCE8A7iZQ(ZRxe7`*0$i+M;tkKcVU!oFE}?W zuoM%u-S7$dS7V&dQr4edg{0Ddv;Rf_*30Mz$sE0qgL-2Uemgc{)cv@UoW+#mnnkFff`dWB)7 z#`^eY^ExslOR~^g}4PqfwV{T&Si`Qkb zqtH~T{~nwu6hJ0ra`(#Bva-Q(svpXF25W8HxjS>DsWLs)1QQs$q-iMdi-vDh5p;`ef_g~CdOs*3Z zca%tl6Zkq?yUvflaYq(AKH2KdGZBQmulPNsw6t^u0dW7UcM z@g;e2wNg1Wl-8cyciMP31O!Dm{8zBffn!7zG!3TaXJc*0;o^duJiXL+{#!@vCN}|D zF!BPA<|1@rePm$pEkR*3r!)WI(fzkaODm~-I`OpDk=g-VW?QS`mHW*Nkr-TQOfm)4 z;*VhC#m#LT9b;q}A-!rr6~z90h!gbZYHj}<#A+wPWDKm_*(}m?y!K0CYAP?y8j`0u zk~vh4a+KwxSL}Wb)#rfI>!LX;V}X{F%H~vjm5-4zS8m6~H^%b?7Ftl9?RQIMn6o{L zF>ig~obOw9jzRW@#mBqut?C9!kzBpnQjwzJF6aayw)R|G+R)T|kX6 z7EejBQnQ+n)v9KEiTvKE=T$hk)$KRw)kt_cJJGKkPI2bxROPVT$^6oZqDhlCiogBG z#uH1@~5l~D%BfBwz`Yy zMMZV~=G=IvpqcXY3zGuAX<`~+Q2mX_-JA)x63d}lo0(4;85xgm7>|kT(yFQk=CPzX@5bf%-guCs` zH&ye@$V^9gyS`aQpnUtUs;kWw29gbU0wkuUruIn!)VkPCNBEe)I1^pG$XFYJ@ze0- z47w(*Olko0iM&|R^*^&{uB*G}Tgnq74y7_WDeG2ZdYOcXZ&zHC;Q}6fFicEq?O*P) zrV@OVsrOmpK1XlSjmK7deckFgy6rzGo(}|TVdHJqe=u}jn#U;J+o@Ue zj>n^bsb6OY4EYQCfz?7xgln-?b_&0F0*c<`75TLkY2+FuOXBWgAO(EyHJZ380LxYwSOnirE)rEW%6`bw8Aa6k!kB8$6Cfgja+E(V|O_tEmtjDEeTcm z##zkJke9m+5$-Cf(zS{TLB#Gu7;MX}`b^{;T8em{9v&yqJ()uzZ~eQ^tGc>63qNjQ zuT%HQssr^L9lAcfGMkqhznB1N1OE)UmfIYftWjXp8pEOOv^EK3p-&E|!CLnvzW|2) z^SOR?-I@=PqIX%JzGq^>jPjMhzb+J$j++yG!#E=qo>#Q#0hVNJlsyp zV8Ia_f3ocLdb>ij{DC+W(xY6@f@ZF9cdWO049TjAX1Hj6IB|ECN-6%iG?uJHZ`adbK?MW|26iV3 zIYC=DC^G?E5=zL2a&#*_PXzxlk(K(iaz6GE#=UZUO*g`f)y_zb*gZbc!P4Ho9ey*c z&L}RgurNW$X%bpNqNAfj?!WaCxP_2TyUD=;U+(p*Q4WxJI3oJxw#M~-fshPlj_kv2 zJ%;0F#K(PkiLN%H;Zl&&%WYyK0coF$42Fv%-$=pMsEz`s5Q1AEL1_m_Y+3yD#l{oW ztt{X~AO`Tt+R(9j>uK`4)WV?n$Kn9b^9@KnkeJ&aj9tIeI%PPbN-PFdW5|!+FALqr zoVI*FS;GB*dl*xuR{i-XWL$)Gd%B&4sl8v{v!ZbBI&tkWUWP@ZDz@FOLW0FX2 zLYn-70(se%9o_)fKQCv<@rQ8MX&mKnBPK?mofVY^UjgqQF(8k7O37NbVvv|d%fMh* zGwJ&z8%R%8sd^{aAZtV;;M%|4m3TPCpBm>INvhZLS+rk7RrVde%QM^4j>}`EMod2s zb{DiSzmZ~z?Bl1DUFqfsqhmH*t+uJM`tk+YhmqB-pGWwp!};{m!P(oPlRk@qhUM+0 z1TJSMg!8z7<*&vx{O}U>%b7-6wnhg6s@6BVt`M`XcZX7*WceQpPl}e?&i5&i1}W$I zo|TK_typi0e{3Z}szU>i#oJ>kZ%F7FK2uUAPgPsLY;SzayT)IWs$-hqGFjsR*XVUq zaBPol;?9jQ*U7Olx2_N6Q08wGXCdP7JF4dNowqka?d%+b9V@Xs+M~$QEOZu`}yn6 zi@`7|ev9G7`FSf7lM>iw2AOx1g7#+6ZyXHDGx8Ma^*uKPD+V<+HGu3te!PY(eX52g z_`$%S1TbHG&dT#}vn7B*LxruStxc=K!liTVd8yez#mhbu*uTBSflTwQD3a6&9apbvWJ(W-BYRDzWOv% z@lBa-8{<%$l+z zgzZ_@m{5r2?8^ow6HB!467nVo@AmCD5x1^DQWjvDSWQ+57`OF<8PV3% z46l8E{dy8p=1}ewB&2FQPYxRcBj3J#3z?|5At5qvuO3J}J3T(Y#>Q#!TmC@CuN3wb zlI<~E`uPqhK3g&s6%}rirCwtrfxCB|=Q}i^$tjB$iYa3nNESb`bSnoZCSHB$sCyOA z@`Nw^I-ns4WAEeY^}1I$$P5(Rb`5fOrT!dUa7ECPDG*UKd=H^}S~(qx4GU<438fYv zN6>0PBsZEj!Y<<#%G%(}n750Y#V zBv5xaF?zTGNj#Iz_-d$w0q!(DelSpeBIQ~-ATxQiyOJ#GA#G;H8mF_NCVe181}Q!o zXvJmHaTStg&7qdSUhb(P#DZmeQ>A+d4spfHS!@p;^bzBk`uj-5mK$-VVA+hc zxO?HEzGk%^chtQbC~1resey;MwQR#SkE|V zYiVY_ad_1JqEKjHcjUU+Re-KnbJ*yk9bJp_^KR`PEglBe!Nbc33Mt;^4Z>dVl6$-p)X#ZE6wO`R5d=z1Y_n{1sjy|O}e^=gqv<>}^J zI}zpGl-yjEA2vSdY)2p)(b{odGPn%QXF1tkx7NVdL8Yxi%*~0im!wNZ3#p*{w*33I zp#5SV@J1pPXl3Ab(DEb;Y|#*qwahGXA{k9P<3)_yqTpR2fxC20i;Vp8$DW&fNKCw3 z>OE5Eu>VP2DZWRX?&}2h1uh8RgX)bAp`l=l#2yKDqnuCNXGDgoT*+IifB|RM8`UyAno4NZ*v}P zTVYymzx-wJba<7C?EC8apkXcHe*O{m5!&i_;PMSmq&l*y^VYQf~ zoSd9N><`%i)k^6IOBVQ(UGzKlGu2h~&KlN;2dVyYk8?m_I^4umdvv&D?amkD487-r zf~dD`Egj=Ex@X{uQS@i$yUU)SdG%Y37mYY>s&7#V{iFV$X*ZPfa$^H@zQX(RfR!aO zx`hTMR3^&FYuKt)(mv#bEwxiKyl!_sOUU=&7iMmc(W+2fpRiBqrUE?|WI$exTv_<-RFCx;s^@cciXDemJ@~D!xw+MT)UT6e zp({SDcH3iCinn-b<9(437niR11gf%PZ)zI6ctJr-e9OEy6)bT??URTIPcZWBF&qqc zggrWZJd2UQA%Gw&A2<$xcyOxH@~|*6Lej|dcpsODMwD?&r^<}ixQ$G*p>SqqMkhs_ z5KPjVKGuL0A;*4fzNN&6coL?OXw?J*WGOm zk0jDUL_`GQHDJZ8%slu`bK&+mSH_r)n_KM@&^g*GXvJEuTmi|!<1b{j?+Fl%?S0LA z$hJme%Y)A#z(2dX8V=%or$W7_L;CEjH3FN{ zA0^K>?qR$5JrOXzv9-4%vM;yf8y~eh#3z24T<j-@Jg`{A8`yRBNmGVAcpY%k+0Z znQ9A)9I9;R+5plAN)v( zx}9CgrRydy^w(`?cV8sB(&UT`r)Xik`b|Le$l7duWe?{$@95UU<{e3CXbo&OQV^{W zo2^siJW_vO!Cbq*zA3$POtEwIwO`AWnQT*YGY%G3IQ<#K2jKCQznuL65uuK*E;yKx z5fQ+tu>u=stkucU_Q20;pE89!S9Pkf@MCZ46xkmH4IJ%K zigvF!^n-Q-D7liAeN*ct{`4vEvM||(S`ofC!yc=RH8(d$8YE?r7?E>} zp7XFI1Y0d&Y5k7n4_kA`i(uX0YJi6n^6s6oygYp-;2ZYJ1@hfK7lYrvy{JZuZ-kgg zOp&4E37aq%yGD8W^8I(RR~FxsH8oHfU7Sc%R5%(qcXCv5fn69VwK-jfQ9@W={d_nK z8}H-ReE#`T^>eB2e|(X=kh2ONKd6c4d%jxJuX1nYyi*EJtv8p@e) zJ{b+}KP!5RbLrfly>U)s19w7!kpwQpgiAYL+6d^=ggcmu{^=fcQNEKzEs&o0_n(a0EqbJ$~4vua-?t zxNRRtF^3HnLLA&6bM-1EcIqV{z=wD$Cy>Vx*hUM9!HgVwID)2}C7I_b9@$IG}< ziBwOaa#$PQu)zF$Pf<|_<$xQXo0GFzd$zkYQaF@y?^P^^wj*38NKmSU_pTXZ{;7Ju z0gTi8JpS-n4PtR?HqLkQD%s@fCODuWkm1%THr>B(kKI)6*01Wx(V1K8(rwXysHu*| zXEoV@g%_Rqq_DWykV4!KpyG3)A%x%%RWLAo2EB%*-|v8+z6LC;mZ`Jh3+Lw=k)j2R zX5NRiXW7qmuX8!~GG1rh-&yOfKp-|%YoV!vkQ;LGCxmX1pI$j!?&$3;_~gjM`S88K z3%)S~JrF?u$y>BRbpdRdp`l?(&W3x1{YRgAZ4r@khb{niEGH*tG&-~Yn{G3x=fJm2 z)_nwZdYzP>xnwH~j5p`~u=CGTiF0Vxax*_a%UI|Zy7XttVE8*>V}qwnOSA(`dMO38 zK>HUYirt*640N$zmf1SR*U4G!Q9mOs5tsf|_7awrm;V%3522H0YfBG#ZafYNQPQwR1L1^Hi-{j;xT#8Uf+3a||9#g7@YB-cd=nF; zYc)_Ond)GXW6t4z>gQKjhlhpDe-;e*tvWm($~u;;q*)}S-0dX83SwVcmQcPKIi zeGbrLKR-kJs}2XV7=)!sBN;g{B_+@XmWqfTay$Q!8xI zJs-~IVDqx2z|ZM;(li6W&e)WE_!ZhVGsd1-Fd7B{}LyJXSuOJJzy|xkXu3m&Mh=Xr0DXTy)^%%Lou&rjxl z7Z+td&eixT5BlfquLlc9dw?o23O$mhs*Dx1w5}&y`cFsE_FX%fu!x9e?4i8N@q4(6 zpFf@RBRt{gr$C{(z5UzDfM$X~qumeX99l(Y8X3=vpFd_+iTgdhSmqFVukf92!pVk8 z;kz^5gY1VVd@JmrGYpdOJ1^8v=1Qk5R+d4cYgmd_`QNMN6>pa;vFvpQq?KYdrt=&o z!U2zLA9OKN)xJWWJU5r?iXe<>0lZo5PN}nI^N!kCQk6>1<1@z ziu)8%1-vWlr1gYK_;Po6~>!dINL=!0ht!@`}^QN7L_b^QvCBDj4Mu{XRB! zC@_*GmP5bBxizBtXt&zlwq9%z?F$Y85m^b1@DILM`%o#e0NQ&J90V6{N|w(RU!?ef zDsQnew5c|Gy0rOJ40Yn}^a^!O8E@{hmu#(q-o&*?96306?gnSKI|tGva1EU}@(mui>CZPhRq z^kg-Rpdkj8D`t+gYe?po;h{EZ_~m?=mylJIR2IrV(3VllkBk zHr~(XsCDwW1ui{EgT0c*JsvER>r0t_%69=FrO<$ZNp0|7Yk=If!vmKvK}#a?yD2CZO#UpoZGD|1tj-m%^bSFy{RdT0J0T4CSAV*F2GH& zJCFbq(&~ji3|hR|ClTmk?WQPGP2a$vyV8XW~9*-VF;KzWj7+N3?(B zH4)Ff-INTUKBYyGeDtH>FB88Pli2AR%+A7Mx>PWC`NngPhYwI=&qwckd;IMSQ}-oE ziGr*Whao8+P-fr&ja~c|@Ykzwb%r9~PBNegrKz!@E=L0`5NM`Pvah3V#O+YL<)vk37I#H@LLZr?vtoG&3@cK>*m5s-_5g(;lO zbs;A;H8}mgIBywUYRI#&`ei7rXu{I#ip8NsrG4La#ZooOWDiT}Mzqyv)f@=xzG4gc ztXvX!_ovBPs`S*r(^8f&h&fGmFCo0|(y2a8xOe>5QmL{)A%#k^XtXRN)UIyt?wV9% z0c)wk^{A^`1pC5i#5e5h+|_>YqK(^Qhq9+qo_PL3wo(Z>{akZh z1mSf>iQ9(C4 zLh6Fk|GR8yU%q^SL>&;JAZvg;N|#pCN-nd}TpxOP$IP3_X1b3=LXJn(@$m{3<@Gz}qgBS4Lwb74&+Xb7&;W)1H@7fWiO2htcc;)JOx~Ajf#FehQhC zD`c!U$Mbf2yvQ4e2`Th!>>ZVql~0!zcHzdv#mD8dcdIx$?sC1ce}o_y@8cZf<6o60ht15fgHS#ST9>Xf)b&Z|P_tnC-8sH{B>4g;bU;-3uCf~|G)OGG#<+D?cdf!mY9B8P1z-seK%9tmjOGXAsC>U@Nx{tiZPt!x^3v?a@=yQL)>oC7{I<^uEO4I;VQ$ComUw0{p{4R54% zPWwxf-_;LIww?!O`;W95YHFJECS~Bl222YhQPf^Vv|u{~ac>(li9K@$YSZ+Lz^qA1 zPp5E50(GscbNy8pwW9k9rnbY~JPr{DC`2gqn%k=;c=>*CFeC!5NkCJZqgPV}^rWQp ziDb*rSQC&m1z4t*fTmIMSkThYKm+LeUEBIF4dfci!6ndiXUD9D0eshBZQ^LxD-#fW zv9f9`3=I2DjswQo&o7i%XI&`|8T@&H73d2oyE`VC0|nnB^8jxAikfz&OU=>XcxfjP z&h|f4p{cMyxKPT^4B()Sf-ujsfMDoHaZ{U2Msjs_6!42rOWQP!r^kUwWCS*oD2Mh| z*~b8}8gM19HRrB8t#y{qd#0SBKF-7x*RqnmFf2i~x_b2$5<*REn^`)1tgt6Lf*;t- zJDnYTtf{bQT@G?F#Rr#H<^dC?>2n-lPkr^h^+|Z&#N8X$zI~0~-SN)*9iR_7wf?-{ z^~L zV~r($Af1M=e9%61Rz2%}@PWziC4;04!=J1N&%Jc)e~-KiOkgAA^gmxt5%)KQA=OQj zV%nCvEw44_EOui39yT^sO^~SYyfe(O=CRf*n9=;W*Kaaq7)5b_7-?iP{{X5XtRj4` z)qGcT9>rbvkP#4m$Sk4@e8kIO_>qZrr^wl_oIH6#N|JDX9Iy79JR@8Hu?-I0HkEK} zPh8tGYqU;9Lo;|PD>bWWJ=zi=s1OW<;yIzJ5>Fbs8e0&Hwh7Av#buCuKm7a|b?eoD z`dWk3Tg?NP(h#ON>4rPb2F!I=OQ$OEp)61m5Zrp>^QYBSNd}dCe-&DOjVqw{sr~cDag*-Fb zaHYHpWJCE&L3rSjc)>~y46)y8y5{T*!nZrXkmAJPvp{GK)Z@huDotk=rbiS1cFqkLndV*aZqwA>M8m ziO_-YtrtX2&-jd#t^Kj~bRBSMp`qY5pxC|(>I2jN z4jbi+@XJcENdt&sPZL7mslB^121V7J$3+-mHV?tF`yP1!WSv*YppMHrM>%W+U%yvo zpxA-Gr?Vl*5lu+Q%fkfR`dWVi)X9!!%(&0liWdh?qZeetk^fj-E(36hsFdE+I#+V! zN#|t$an#}HI%%2>dj?JmEZX1dJT3!6RZ}K>Hy{iLbtaL}Zh>SvF5oV_|lTvnsXmq)v_V4?=AjAQr{}xVq z(c{-WIleqzqbVsJ3m*YOjEZDn0|nY3CZ9B3N5z8~6m@YM z22`^s08hF(f7o(Oh|rx=^(Rwqi&QUOUpqa; zk>Zx68|}Sz7u!aF=)m89w?;??^=abX{m2>SRLh8#JKb%J|yNss3Szl3&oF5a6 zWzE&%W-NiyHqU+%$-c`~1AML3p{2pl-ogjF6(t=T@sFV7jp#fF6Bkd#Sb$0zn7b1; zRY3#6EX+^#6}oHFs+LqPZ`aP!RIWgbCzJ<{!rL-&}u>RRUC&sV;}&*Wt+ zn93X{iBtGg>(}$)s|WYUR@v& z+ZAgu*y>HeyZJ7I$}Vou7GRDf2L+=JLI4`L8EE@UKL$j0Z@hFpno2>@2N0|Ma_z=} zqaFDD@UiDf3;Pt_5b^p}%_~8PPoh+8lY#yDck93n<005eb9KwRucjA=+Jl00{zLr` zO7G9)reMNBkdNagf)G^mO9&`}qFX3*m>^{suqyVOxgvckzatPb$|n%3X<6}Xu%Lb8`)}i6|sOL>HL=# zWv?+q$mfZ+j*j_Tw_AYw+|1;-ghcy`OMngmu0f6vGNd(o=&R#4H>96$03#i&hz;#* z^YE(R(@B(X`uy21i<2|f*Fwsyj#bH6-A~L?zZ7nNq<^h&Xb@E|HBq(bxV ztMizxxDC>(`N*MCfE4{#-|rWdlaf*#>1?0U=+CF(NMmaBy_{zi@5+!S;?Bbv9~V_C z$^`}Tbr(g$lKOd3c&nR8RdH3}E^!9fknd1s{fA;aM+%QK1`{~l(4alwZ9aF7u4#5v zLTD%jq~Ipm^HrnK$mrNb#HzM&Go1eQrZWN(>@1FHHFl>|xBerIVkT=+;X4lR`C&ri zM@bLm#`Qci_tLKtyIkqxG*}yEB>&hYybKdLc5*%cOOD$+R0lh02rVq9WLnRT_L?|Y zxB{{vhX)^>6d=*pPj{3O{J(0};#3|duwURa4BPpp45OInACzont8%_(kyQBz%{7y} z=d2ggKyPRnIEtbVrhTB)j9%0|V ze*SS#ubqCbjw^{ZZLLF*nt=O80x?}6A6`wNk{82;J?IA)yjjjoGnCK)$vyRE0SU@zP%SqpzzVa>UxJ=q<`aC! zJ}{~Mh3JJWIVyO6xnghbL;Q-7j#z@_aeM$eNG6#f1X)|;BP;0AIH%?Y|i@8t2vc>f-HfT(BTSFR%e`2x&ruvghE@Sy&%FSYtD z3(F$A!<(uF>i6g!=}PWKAw^MR3r;z{6FL2^v($*?u!8Trh4PlD#Bd{1-r2j5*Ul<2 z**72xTiAnc{-_LV+jo6mA1$XIBh)TK%&r9PL69G)Z>E-B2SaPzE9lMqB&KLvjoeI@!6MU zT6H1z^#-9bsTq*{9Iy+Y*`Z#uo0kEN?qUewkqzyU(YSexf`qy`01{DIyYEr+*;h+X zzBdGb8_YucmyNiyVr?}wqiub)v~^9R!?Wg$sR2x&M%kHiVa8t1k(=W87l?gPqQsrE z^o*X^%Q4>1(Ci*8tL{T?>#G>cb-$@IL5CCblFX@H#Vuvozz=>|t+1QvpOXF4;JHu< z+QXQRnMbLkKQyevYJe}s_nlTWll$@(P#A>bo@uE`y3GRP1ueVFU;7~N(WM<=3%YwY zXig2nYBMtAzKB_5ezZz}o{S0ZHTgy|5f{m_9Tsm3dv1FE{GH@N zzNIGd0<943g;a8*-T*HXNzz8e`{YEChQK~VU9k6MTG!gVi)qnGlfD(U^;|3^++~^u z*p#WTS5Fjj=M@VL`v8h4+!2{M7g0!LJLsq2o-NT${O7Aqs5btc<-Lo?N#F`#BkdFt z3;^yOKyMRM==L2Dad3R1;=AEcJpcMm@25lDa#E28BMxyv&>y@ypYWUWb8#;*H8FAz zZARrW&kwVpv_>Ud7+oK@XUcdiue|z513`Zd3Mh6QXEqy*Y*oK-P@x9kqd`$wD7cRNV?GK+*dJUJfwJx|+WYv6M zH~weG=iu$_27uQA0S`mmI4@X>NGl`b61TMm)CN7>x_qXTj&5FPQwlzen+7VSgx>;f zqm=$1zJ{*^*j&=~ty2JK43O zv#ri5$oTXuq?VO|yq%$orb$GP_=V6;CV4ivoK2|^eVewry8lOM0PoVs7~4FX2OFfX_Yy_no0Ky$ zZEbbSL)SkiO`v+{g_Qb`m(fTnCb^EtxzWB0>iL!a!K5Y+~RuYxc(;T&=Y zU%b3mQ32MuU;Sn(?Rf78PS8-k%`FYV0XsX$WOqZ9r-vSV3M(Fe;H%gSlRPSHYSG|2 z9FV}QkucJ$iUC5KA3d;GyKd)>Iq(GRIooZ`SUmVxU_%3uT2sr|Hw<~XQV}l55*xZE7JWUl&K^O+l z9ac{BwxqC0jF!rL2!$#GfFl=b74CZvc;+QpI3uqB;kC9#i5aQY_lS{@UFtHvU!+0P z;qC3k>y4*mZe5}h>9kFcjNDVhw3I4UCe{GroOrYHW|i3B-sPT^vou{6tGM13I)RUe zBC1c@2<$th)@YO~cIcyXW9+ak&T`n8MJ9-!ClAL$55(Z!6a&-^o!unyqZFV$o8v$! zApAB*m{LM*sU1q`-`D=_5*TG7{5wlFdg0%N1G?e=sua}tf0A!?c|6go8-7peO-)t3 K)7d94V*d+1dZ_gP literal 0 HcmV?d00001 From 20b4b4e66a6ca7b159be4d79e613843839f24907 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 7 Feb 2018 15:01:59 +0200 Subject: [PATCH 08/10] Updated README to contain up to date imgae --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 01ce5fcf7..dfe501470 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,8 @@ Welcome to the Infection Monkey! The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Command and Control(C&C) server. +![Infection Monkey map](.github/map-full.png) + The Infection Monkey is comprised of two parts: * Monkey - A tool which infects other machines and propagates to them * Monkey Island - A C&C server with a dedicated UI to visualize the Chaos Monkey's progress inside the data center From 8b5e6c30e6f1faee72b181bb0cfcd4b51b8fd1b2 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Sun, 11 Feb 2018 09:11:32 +0200 Subject: [PATCH 09/10] add missing run.sh file --- monkey_island/linux/run.sh | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 monkey_island/linux/run.sh diff --git a/monkey_island/linux/run.sh b/monkey_island/linux/run.sh new file mode 100644 index 000000000..485d6eff1 --- /dev/null +++ b/monkey_island/linux/run.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +cd /var/monkey_island/cc +/var/monkey_island/bin/mongodb/bin/mongod --quiet --dbpath /var/monkey_island/db & +/var/monkey_island/bin/python/bin/python main.py \ No newline at end of file From 02d89ce5ddf35d87a3f98b3a34aafb71105f4304 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Tue, 13 Feb 2018 16:24:13 +0200 Subject: [PATCH 10/10] Rewrite actual check for sockets to be cross platform and notify when we fail to open a socket for unknown reasons. --- chaos_monkey/network/tools.py | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/chaos_monkey/network/tools.py b/chaos_monkey/network/tools.py index 716be15a0..eac020dc0 100644 --- a/chaos_monkey/network/tools.py +++ b/chaos_monkey/network/tools.py @@ -113,25 +113,30 @@ def check_tcp_ports(ip, ports, timeout=DEFAULT_TIMEOUT, get_banner=False): err = sock.connect_ex((ip, port)) if err == 0: good_ports.append((port, sock)) + continue if err == 10035: # WSAEWOULDBLOCK is valid, see https://msdn.microsoft.com/en-us/library/windows/desktop/ms740668%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 good_ports.append((port, sock)) + continue + if err == 115: # EINPROGRESS 115 /* Operation now in progress */ + good_ports.append((port, sock)) + continue + LOG.warning("Failed to connect to port %s, error code is %d", port, err) if len(good_ports) != 0: time.sleep(timeout) - read_sockets, write_sockets, errored_sockets = \ - select.select( - [s[1] for s in good_ports], - [s[1] for s in good_ports], - [s[1] for s in good_ports], - 0) # no timeout because we've already slept - connected_ports_sockets = [x for x in good_ports if x[1] in write_sockets] + # this is possibly connected. meaning after timeout wait, we expect to see a connection up + # Possible valid errors codes if we chose to check for actually closed are + # ECONNREFUSED (111) or WSAECONNREFUSED (10061) or WSAETIMEDOUT(10060) + connected_ports_sockets = [s for s in good_ports if + s[1].getsockopt(socket.SOL_SOCKET, socket.SO_ERROR) == 0] LOG.debug( "On host %s discovered the following ports %s" % (str(ip), ",".join([str(x[0]) for x in connected_ports_sockets]))) banners = [] if get_banner: - # read first X bytes - banners = [sock.recv(BANNER_READ) if sock in read_sockets else "" + readable_sockets, _, _ = select.select([s[1] for s in connected_ports_sockets], [], [], 0) + # read first BANNER_READ bytes + banners = [sock.recv(BANNER_READ) if sock in readable_sockets else "" for port, sock in connected_ports_sockets] pass # try to cleanup