From ec16b161010e98c6b033083516a0bf6af0ab73bb Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Tue, 5 Oct 2021 12:13:48 +0200 Subject: [PATCH 01/46] update skynet-js to new beta release --- packages/website/package.json | 2 +- packages/website/yarn.lock | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/packages/website/package.json b/packages/website/package.json index 69e0be64..21b5dfb9 100644 --- a/packages/website/package.json +++ b/packages/website/package.json @@ -59,7 +59,7 @@ "react-svg-loader": "^3.0.3", "react-syntax-highlighter": "^15.4.4", "react-use": "^17.3.1", - "skynet-js": "^4.0.11-beta", + "skynet-js": "4.0.17-beta", "stream-browserify": "^3.0.0", "swr": "^1.0.1", "tailwindcss": "^2.2.19" diff --git a/packages/website/yarn.lock b/packages/website/yarn.lock index a1611d7b..a8479e61 100644 --- a/packages/website/yarn.lock +++ b/packages/website/yarn.lock @@ -2844,7 +2844,7 @@ axe-core@^4.0.2: resolved "https://registry.yarnpkg.com/axe-core/-/axe-core-4.3.3.tgz#b55cd8e8ddf659fe89b064680e1c6a4dceab0325" integrity sha512-/lqqLAmuIPi79WYfRpy2i8z+x+vxU3zX2uAm0gs1q52qTuKwolOj1P8XbufpXcsydrpKx2yGn2wzAnxCMV86QA== -axios@^0.21.0, axios@^0.21.1, axios@^0.21.4: +axios@^0.21.1, axios@^0.21.4: version "0.21.4" resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575" integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg== @@ -12064,12 +12064,12 @@ sjcl@^1.0.8: resolved "https://registry.yarnpkg.com/sjcl/-/sjcl-1.0.8.tgz#f2ec8d7dc1f0f21b069b8914a41a8f236b0e252a" integrity sha512-LzIjEQ0S0DpIgnxMEayM1rq9aGwGRG4OnZhCdjx7glTaJtf4zRfpg87ImfjSJjoW9vKpagd82McDOwbRT5kQKQ== -skynet-js@^4.0.11-beta: - version "4.0.11-beta" - resolved "https://registry.yarnpkg.com/skynet-js/-/skynet-js-4.0.11-beta.tgz#ec313d586f8e026e0b3b4b608f2f3b4a449e8a71" - integrity sha512-/fpxBeegGJeK+VWE8svUhBc2tVX0kJAZod5K172kKPO1g/GECeQLLSuWL2yvCMbSSTyH0dIFr5gemwGNsZHlMQ== +skynet-js@4.0.17-beta: + version "4.0.17-beta" + resolved "https://registry.yarnpkg.com/skynet-js/-/skynet-js-4.0.17-beta.tgz#0e0f07799e3635bef9c8f3387e2393a1255aafd2" + integrity sha512-Yl5qGdasrVf6ZQzz/huAkmNHxyNv1UsgfoX7OE6Yg1q8SxZXmQnTsPK9oupgow6xjN/VINenXuY5ZVjoEmhZyw== dependencies: - axios "^0.21.0" + axios "^0.21.1" base32-decode "^1.0.0" base32-encode "^1.1.1" base64-js "^1.3.1" @@ -12080,16 +12080,16 @@ skynet-js@^4.0.11-beta: post-me "^0.4.5" randombytes "^2.1.0" sjcl "^1.0.8" - skynet-mysky-utils "^0.2.2" + skynet-mysky-utils "^0.3.0" tus-js-client "^2.2.0" tweetnacl "^1.0.3" url-join "^4.0.1" url-parse "^1.5.1" -skynet-mysky-utils@^0.2.2: - version "0.2.3" - resolved "https://registry.yarnpkg.com/skynet-mysky-utils/-/skynet-mysky-utils-0.2.3.tgz#5007cf8f7599b665ccf016003b37a4ed0fb19abf" - integrity sha512-wRrAASn4haux2fu+2pJLv+uV/TGbBecXT1jaqD3/IQgqbEwZUpDNJJrYnYAfp/0cY5Xmuc2ZX90NNr34neAcWg== +skynet-mysky-utils@^0.3.0: + version "0.3.0" + resolved "https://registry.yarnpkg.com/skynet-mysky-utils/-/skynet-mysky-utils-0.3.0.tgz#87fdc0a5f8547cf660280ef86b7a762269919bad" + integrity sha512-X9L6SrVTdwTUFook/E6zUWCOpXHdyspLAu0elQbbPkZCWeFpr/XXTMbiyPV3m1liYsesngAKxzaSqylaTWOGUA== dependencies: post-me "^0.4.5" From e0f75df542273891f0ffc72dfc37ef4bb9a9ee2a Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Fri, 29 Oct 2021 09:38:25 +0200 Subject: [PATCH 02/46] update to 4.0.18 --- packages/website/package.json | 2 +- packages/website/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/website/package.json b/packages/website/package.json index 21b5dfb9..e64ad847 100644 --- a/packages/website/package.json +++ b/packages/website/package.json @@ -59,7 +59,7 @@ "react-svg-loader": "^3.0.3", "react-syntax-highlighter": "^15.4.4", "react-use": "^17.3.1", - "skynet-js": "4.0.17-beta", + "skynet-js": "^4.0.18-beta", "stream-browserify": "^3.0.0", "swr": "^1.0.1", "tailwindcss": "^2.2.19" diff --git a/packages/website/yarn.lock b/packages/website/yarn.lock index a8479e61..b213208b 100644 --- a/packages/website/yarn.lock +++ b/packages/website/yarn.lock @@ -12064,10 +12064,10 @@ sjcl@^1.0.8: resolved "https://registry.yarnpkg.com/sjcl/-/sjcl-1.0.8.tgz#f2ec8d7dc1f0f21b069b8914a41a8f236b0e252a" integrity sha512-LzIjEQ0S0DpIgnxMEayM1rq9aGwGRG4OnZhCdjx7glTaJtf4zRfpg87ImfjSJjoW9vKpagd82McDOwbRT5kQKQ== -skynet-js@4.0.17-beta: - version "4.0.17-beta" - resolved "https://registry.yarnpkg.com/skynet-js/-/skynet-js-4.0.17-beta.tgz#0e0f07799e3635bef9c8f3387e2393a1255aafd2" - integrity sha512-Yl5qGdasrVf6ZQzz/huAkmNHxyNv1UsgfoX7OE6Yg1q8SxZXmQnTsPK9oupgow6xjN/VINenXuY5ZVjoEmhZyw== +skynet-js@^4.0.18-beta: + version "4.0.18-beta" + resolved "https://registry.yarnpkg.com/skynet-js/-/skynet-js-4.0.18-beta.tgz#4683f0837ae552802f39c0e7081a1b978b79ef4a" + integrity sha512-7mE9xrejTpRacZfhhCqx+dm7k1y6ITLZMWZnsPp13D2N9CNroyzB75Yi7033qwPtdo9i6BEzIDolZl66j+uALw== dependencies: axios "^0.21.1" base32-decode "^1.0.0" From de16b33ed89c508d9ee7be253ed6044746c43d14 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Mon, 8 Nov 2021 15:20:26 +0100 Subject: [PATCH 03/46] update skynet-js --- packages/health-check/package.json | 2 +- packages/health-check/yarn.lock | 28 ++++++++++++------------ packages/website/package.json | 2 +- packages/website/yarn.lock | 34 ++++++++++++++++-------------- 4 files changed, 34 insertions(+), 32 deletions(-) diff --git a/packages/health-check/package.json b/packages/health-check/package.json index c7020969..77a21543 100644 --- a/packages/health-check/package.json +++ b/packages/health-check/package.json @@ -13,7 +13,7 @@ "http-status-codes": "^2.1.2", "lodash": "^4.17.21", "lowdb": "^1.0.0", - "skynet-js": "^4.0.18-beta", + "skynet-js": "^4.0.19-beta", "write-file-atomic": "^3.0.3", "yargs": "^17.2.1" }, diff --git a/packages/health-check/yarn.lock b/packages/health-check/yarn.lock index ca7aeabf..d19d2be0 100644 --- a/packages/health-check/yarn.lock +++ b/packages/health-check/yarn.lock @@ -78,12 +78,12 @@ asynckit@^0.4.0: resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" integrity sha1-x57Zf380y48robyXkLzDZkdLS3k= -axios@^0.21.1: - version "0.21.4" - resolved "https://registry.yarnpkg.com/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575" - integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg== +axios@^0.24.0: + version "0.24.0" + resolved "https://registry.yarnpkg.com/axios/-/axios-0.24.0.tgz#804e6fa1e4b9c5288501dd9dff56a7a0940d20d6" + integrity sha512-Q6cWsys88HoPgAaFAVUb0WpPk0O8iTeisR9IMqy9G8AbO4NlpVknrnQS03zzF9PGAWgO3cgletO3VjV/P7VztA== dependencies: - follow-redirects "^1.14.0" + follow-redirects "^1.14.4" base32-decode@^1.0.0: version "1.0.0" @@ -354,10 +354,10 @@ finalhandler@~1.1.2: statuses "~1.5.0" unpipe "~1.0.0" -follow-redirects@^1.14.0: - version "1.14.4" - resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.4.tgz#838fdf48a8bbdd79e52ee51fb1c94e3ed98b9379" - integrity sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g== +follow-redirects@^1.14.4: + version "1.14.5" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.5.tgz#f09a5848981d3c772b5392309778523f8d85c381" + integrity sha512-wtphSXy7d4/OR+MvIFbCVBDzZ5520qV8XfPklSN5QtxuMUJZ+b0Wnst1e1lCDocfzuCkHqj8k0FpZqO+UIaKNA== form-data@^4.0.0: version "4.0.0" @@ -863,12 +863,12 @@ sjcl@^1.0.8: resolved "https://registry.yarnpkg.com/sjcl/-/sjcl-1.0.8.tgz#f2ec8d7dc1f0f21b069b8914a41a8f236b0e252a" integrity sha512-LzIjEQ0S0DpIgnxMEayM1rq9aGwGRG4OnZhCdjx7glTaJtf4zRfpg87ImfjSJjoW9vKpagd82McDOwbRT5kQKQ== -skynet-js@^4.0.18-beta: - version "4.0.18-beta" - resolved "https://registry.yarnpkg.com/skynet-js/-/skynet-js-4.0.18-beta.tgz#4683f0837ae552802f39c0e7081a1b978b79ef4a" - integrity sha512-7mE9xrejTpRacZfhhCqx+dm7k1y6ITLZMWZnsPp13D2N9CNroyzB75Yi7033qwPtdo9i6BEzIDolZl66j+uALw== +skynet-js@^4.0.19-beta: + version "4.0.19-beta" + resolved "https://registry.yarnpkg.com/skynet-js/-/skynet-js-4.0.19-beta.tgz#d4c640898c79cf69e45aa1c3c1ed5c80aa1aeced" + integrity sha512-d8/q3E3OjUxgCCAW28gNFvbahj0ks8ym122XTopbRyvAZKk9+/Z4ians9v8Tov36Z4k/un+Ilw/0i6DtM8c8Dw== dependencies: - axios "^0.21.1" + axios "^0.24.0" base32-decode "^1.0.0" base32-encode "^1.1.1" base64-js "^1.3.1" diff --git a/packages/website/package.json b/packages/website/package.json index e64ad847..fe6cd49d 100644 --- a/packages/website/package.json +++ b/packages/website/package.json @@ -59,7 +59,7 @@ "react-svg-loader": "^3.0.3", "react-syntax-highlighter": "^15.4.4", "react-use": "^17.3.1", - "skynet-js": "^4.0.18-beta", + "skynet-js": "^4.0.19-beta", "stream-browserify": "^3.0.0", "swr": "^1.0.1", "tailwindcss": "^2.2.19" diff --git a/packages/website/yarn.lock b/packages/website/yarn.lock index b213208b..ae0038f0 100644 --- a/packages/website/yarn.lock +++ b/packages/website/yarn.lock @@ -2851,6 +2851,13 @@ axios@^0.21.1, axios@^0.21.4: dependencies: follow-redirects "^1.14.0" +axios@^0.24.0: + version "0.24.0" + resolved "https://registry.yarnpkg.com/axios/-/axios-0.24.0.tgz#804e6fa1e4b9c5288501dd9dff56a7a0940d20d6" + integrity sha512-Q6cWsys88HoPgAaFAVUb0WpPk0O8iTeisR9IMqy9G8AbO4NlpVknrnQS03zzF9PGAWgO3cgletO3VjV/P7VztA== + dependencies: + follow-redirects "^1.14.4" + axobject-query@^2.2.0: version "2.2.0" resolved "https://registry.yarnpkg.com/axobject-query/-/axobject-query-2.2.0.tgz#943d47e10c0b704aa42275e20edf3722648989be" @@ -5783,6 +5790,11 @@ follow-redirects@^1.0.0, follow-redirects@^1.14.0: resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.4.tgz#838fdf48a8bbdd79e52ee51fb1c94e3ed98b9379" integrity sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g== +follow-redirects@^1.14.4: + version "1.14.5" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.14.5.tgz#f09a5848981d3c772b5392309778523f8d85c381" + integrity sha512-wtphSXy7d4/OR+MvIFbCVBDzZ5520qV8XfPklSN5QtxuMUJZ+b0Wnst1e1lCDocfzuCkHqj8k0FpZqO+UIaKNA== + for-in@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80" @@ -10318,17 +10330,7 @@ polished@^4.1.3: dependencies: "@babel/runtime" "^7.14.0" -popmotion@11.0.0: - version "11.0.0" - resolved "https://registry.yarnpkg.com/popmotion/-/popmotion-11.0.0.tgz#910e2e7077d9aeba520db8744d40bb5354992212" - integrity sha512-kJDyaG00TtcANP5JZ51od+DCqopxBm2a/Txh3Usu23L9qntjY5wumvcVf578N8qXEHR1a+jx9XCv8zOntdYalQ== - dependencies: - framesync "^6.0.1" - hey-listen "^1.0.8" - style-value-types "5.0.0" - tslib "^2.1.0" - -popmotion@^11.0.0: +popmotion@11.0.0, popmotion@^11.0.0: version "11.0.0" resolved "https://registry.yarnpkg.com/popmotion/-/popmotion-11.0.0.tgz#910e2e7077d9aeba520db8744d40bb5354992212" integrity sha512-kJDyaG00TtcANP5JZ51od+DCqopxBm2a/Txh3Usu23L9qntjY5wumvcVf578N8qXEHR1a+jx9XCv8zOntdYalQ== @@ -12064,12 +12066,12 @@ sjcl@^1.0.8: resolved "https://registry.yarnpkg.com/sjcl/-/sjcl-1.0.8.tgz#f2ec8d7dc1f0f21b069b8914a41a8f236b0e252a" integrity sha512-LzIjEQ0S0DpIgnxMEayM1rq9aGwGRG4OnZhCdjx7glTaJtf4zRfpg87ImfjSJjoW9vKpagd82McDOwbRT5kQKQ== -skynet-js@^4.0.18-beta: - version "4.0.18-beta" - resolved "https://registry.yarnpkg.com/skynet-js/-/skynet-js-4.0.18-beta.tgz#4683f0837ae552802f39c0e7081a1b978b79ef4a" - integrity sha512-7mE9xrejTpRacZfhhCqx+dm7k1y6ITLZMWZnsPp13D2N9CNroyzB75Yi7033qwPtdo9i6BEzIDolZl66j+uALw== +skynet-js@^4.0.19-beta: + version "4.0.19-beta" + resolved "https://registry.yarnpkg.com/skynet-js/-/skynet-js-4.0.19-beta.tgz#d4c640898c79cf69e45aa1c3c1ed5c80aa1aeced" + integrity sha512-d8/q3E3OjUxgCCAW28gNFvbahj0ks8ym122XTopbRyvAZKk9+/Z4ians9v8Tov36Z4k/un+Ilw/0i6DtM8c8Dw== dependencies: - axios "^0.21.1" + axios "^0.24.0" base32-decode "^1.0.0" base32-encode "^1.1.1" base64-js "^1.3.1" From 2f0f7d64e067ac72e32d61e98a9476c2da5ceb5b Mon Sep 17 00:00:00 2001 From: Matthew Sevey Date: Tue, 9 Nov 2021 18:19:49 -0500 Subject: [PATCH 04/46] Update handshake to use v3.0.1 --- changelog/items/other/update-handshake.md | 1 + docker-compose.yml | 2 +- docker/handshake/Dockerfile | 7 +------ 3 files changed, 3 insertions(+), 7 deletions(-) create mode 100644 changelog/items/other/update-handshake.md diff --git a/changelog/items/other/update-handshake.md b/changelog/items/other/update-handshake.md new file mode 100644 index 00000000..f9296fa4 --- /dev/null +++ b/changelog/items/other/update-handshake.md @@ -0,0 +1 @@ +- Update handshake to use v3.0.1 diff --git a/docker-compose.yml b/docker-compose.yml index 3f94c3ff..ca4dc51a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -103,7 +103,7 @@ services: build: context: ./docker/handshake dockerfile: Dockerfile - command: --chain-migrate=1 --wallet-migrate=1 + command: --chain-migrate=2 --wallet-migrate=1 container_name: handshake restart: unless-stopped logging: *default-logging diff --git a/docker/handshake/Dockerfile b/docker/handshake/Dockerfile index 3aa6e50b..d7a0a6a1 100644 --- a/docker/handshake/Dockerfile +++ b/docker/handshake/Dockerfile @@ -3,13 +3,8 @@ FROM node:16.13.0-alpine WORKDIR /opt/hsd RUN apk update && apk add bash unbound-dev gmp-dev g++ gcc make python2 git -# Checkout a specific commit until Handshake releases the next release after -# 2.4.0 then we should switch to that tag. -# -# The commit we are targetting right now contains a fix for handling the chain -# migration code for new portals. RUN git clone https://github.com/handshake-org/hsd.git /opt/hsd && \ - cd /opt/hsd && git checkout 6f0927db32723d6320c8bff255a6ccf70b2ccd32 && cd - + cd /opt/hsd && git checkout v3.0.1 && cd - RUN npm install --production ENV PATH="${PATH}:/opt/hsd/bin:/opt/hsd/node_modules/.bin" From 2e15826f58d570790c6f535140cba09b623397ef Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 10 Nov 2021 11:49:16 +0100 Subject: [PATCH 05/46] Remove Airtable hardcoded default values --- changelog/items/other/airtable-env-vars.md | 2 ++ setup-scripts/blocklist-airtable.py | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) create mode 100644 changelog/items/other/airtable-env-vars.md diff --git a/changelog/items/other/airtable-env-vars.md b/changelog/items/other/airtable-env-vars.md new file mode 100644 index 00000000..dc287984 --- /dev/null +++ b/changelog/items/other/airtable-env-vars.md @@ -0,0 +1,2 @@ +- Remove hardcoded Airtable default values from blocklist script. Portal + operators need to define their own values in portal common config (LastPass). \ No newline at end of file diff --git a/setup-scripts/blocklist-airtable.py b/setup-scripts/blocklist-airtable.py index 3dbce3ed..e6563901 100755 --- a/setup-scripts/blocklist-airtable.py +++ b/setup-scripts/blocklist-airtable.py @@ -14,9 +14,9 @@ import json setup() AIRTABLE_API_KEY = os.getenv("AIRTABLE_API_KEY") -AIRTABLE_BASE = os.getenv("AIRTABLE_BASE", "app89plJvA9EqTJEc") -AIRTABLE_TABLE = os.getenv("AIRTABLE_TABLE", "Table%201") -AIRTABLE_FIELD = os.getenv("AIRTABLE_FIELD", "Link") +AIRTABLE_BASE = os.getenv("AIRTABLE_BASE") +AIRTABLE_TABLE = os.getenv("AIRTABLE_TABLE") +AIRTABLE_FIELD = os.getenv("AIRTABLE_FIELD") async def run_checks(): From d68f8969886e5929242e2c31aa2fabbd42c3f2cd Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 10 Nov 2021 13:46:43 +0100 Subject: [PATCH 06/46] Add check if Airtable vars are defined --- setup-scripts/blocklist-airtable.py | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/setup-scripts/blocklist-airtable.py b/setup-scripts/blocklist-airtable.py index e6563901..1173a90f 100755 --- a/setup-scripts/blocklist-airtable.py +++ b/setup-scripts/blocklist-airtable.py @@ -6,6 +6,7 @@ from time import sleep import traceback import os +import sys import re import asyncio import requests @@ -13,10 +14,17 @@ import json setup() -AIRTABLE_API_KEY = os.getenv("AIRTABLE_API_KEY") -AIRTABLE_BASE = os.getenv("AIRTABLE_BASE") -AIRTABLE_TABLE = os.getenv("AIRTABLE_TABLE") -AIRTABLE_FIELD = os.getenv("AIRTABLE_FIELD") + +# Check and load Airtable environment variables +airtable_env_vars = ["AIRTABLE_API_KEY", "AIRTABLE_BASE", "AIRTABLE_TABLE", "AIRTABLE_FIELD"] + +for e in airtable_env_vars: + # Check environment variable is defined + gete = os.getenv(e) + if not gete: + sys.exit("Configuration error: Environment variable " + e + " is not defined") + # Set variable + exec(e + " = \"" +gete + "\"") async def run_checks(): From 07b99b8192f9afee949d28b82a23890b8411b0e4 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 10 Nov 2021 13:52:32 +0100 Subject: [PATCH 07/46] Add check if Airtable vars are defined --- setup-scripts/blocklist-airtable.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup-scripts/blocklist-airtable.py b/setup-scripts/blocklist-airtable.py index 1173a90f..d5bd360e 100755 --- a/setup-scripts/blocklist-airtable.py +++ b/setup-scripts/blocklist-airtable.py @@ -24,7 +24,7 @@ for e in airtable_env_vars: if not gete: sys.exit("Configuration error: Environment variable " + e + " is not defined") # Set variable - exec(e + " = \"" +gete + "\"") + exec(e + " = \"" + gete + "\"") async def run_checks(): From efeddd6c70e9de9d0b4204fd2d70d70f778829f2 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 10 Nov 2021 14:22:00 +0100 Subject: [PATCH 08/46] Add check if Airtable vars are defined --- setup-scripts/blocklist-airtable.py | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/setup-scripts/blocklist-airtable.py b/setup-scripts/blocklist-airtable.py index d5bd360e..d0279e5f 100755 --- a/setup-scripts/blocklist-airtable.py +++ b/setup-scripts/blocklist-airtable.py @@ -15,16 +15,15 @@ import json setup() -# Check and load Airtable environment variables -airtable_env_vars = ["AIRTABLE_API_KEY", "AIRTABLE_BASE", "AIRTABLE_TABLE", "AIRTABLE_FIELD"] +AIRTABLE_API_KEY = os.getenv("AIRTABLE_API_KEY") +AIRTABLE_BASE = os.getenv("AIRTABLE_BASE") +AIRTABLE_TABLE = os.getenv("AIRTABLE_TABLE") +AIRTABLE_FIELD = os.getenv("AIRTABLE_FIELD") -for e in airtable_env_vars: - # Check environment variable is defined - gete = os.getenv(e) - if not gete: - sys.exit("Configuration error: Environment variable " + e + " is not defined") - # Set variable - exec(e + " = \"" + gete + "\"") +# Check environment variables are defined +for e in [AIRTABLE_API_KEY, AIRTABLE_BASE, AIRTABLE_TABLE, AIRTABLE_FIELD] + if not e: + sys.exit("Configuration error: Missing AirTable environment variable.") async def run_checks(): From c3d3f2b0e53d9fa7a103ec6a68cc00d643420352 Mon Sep 17 00:00:00 2001 From: firyx <29089732+firyx@users.noreply.github.com> Date: Wed, 10 Nov 2021 14:32:08 +0100 Subject: [PATCH 09/46] Update setup-scripts/blocklist-airtable.py MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Karol Wypchło --- setup-scripts/blocklist-airtable.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup-scripts/blocklist-airtable.py b/setup-scripts/blocklist-airtable.py index d0279e5f..43858483 100755 --- a/setup-scripts/blocklist-airtable.py +++ b/setup-scripts/blocklist-airtable.py @@ -21,8 +21,8 @@ AIRTABLE_TABLE = os.getenv("AIRTABLE_TABLE") AIRTABLE_FIELD = os.getenv("AIRTABLE_FIELD") # Check environment variables are defined -for e in [AIRTABLE_API_KEY, AIRTABLE_BASE, AIRTABLE_TABLE, AIRTABLE_FIELD] - if not e: +for value in [AIRTABLE_API_KEY, AIRTABLE_BASE, AIRTABLE_TABLE, AIRTABLE_FIELD] + if not value: sys.exit("Configuration error: Missing AirTable environment variable.") From e99fdfe4601c16aae18e5cf39d8531dbbc5ce658 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 10 Nov 2021 15:10:28 +0100 Subject: [PATCH 10/46] Fix missing colon --- setup-scripts/blocklist-airtable.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup-scripts/blocklist-airtable.py b/setup-scripts/blocklist-airtable.py index d0279e5f..028b18ee 100755 --- a/setup-scripts/blocklist-airtable.py +++ b/setup-scripts/blocklist-airtable.py @@ -21,7 +21,7 @@ AIRTABLE_TABLE = os.getenv("AIRTABLE_TABLE") AIRTABLE_FIELD = os.getenv("AIRTABLE_FIELD") # Check environment variables are defined -for e in [AIRTABLE_API_KEY, AIRTABLE_BASE, AIRTABLE_TABLE, AIRTABLE_FIELD] +for e in [AIRTABLE_API_KEY, AIRTABLE_BASE, AIRTABLE_TABLE, AIRTABLE_FIELD]: if not e: sys.exit("Configuration error: Missing AirTable environment variable.") From e0520de05e3edcb2a1abc6d613f87f2cb7a0da68 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 11 Nov 2021 16:59:51 +0100 Subject: [PATCH 11/46] introduce hard upload limits --- docker/nginx/conf.d/server/server.api | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 389a2d7f..34dca82e 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -139,7 +139,7 @@ location /skynet/skyfile { limit_req zone=uploads_by_ip burst=100 nodelay; limit_req zone=uploads_by_ip_throttled; - limit_conn upload_conn 10; + limit_conn upload_conn 2; limit_conn upload_conn_rl 1; client_max_body_size 1000M; # make sure to limit the size of upload to a sane value @@ -174,6 +174,12 @@ location /skynet/tus { include /etc/nginx/conf.d/include/cors-headers; # include cors headers but do not overwrite OPTIONS response include /etc/nginx/conf.d/include/track-upload; + limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip_throttled; + + limit_conn upload_conn 2; + limit_conn upload_conn_rl 1; + # TUS chunks size is 40M + leaving 10M of breathing room client_max_body_size 50M; @@ -239,6 +245,12 @@ location /skynet/pin { include /etc/nginx/conf.d/include/track-upload; include /etc/nginx/conf.d/include/generate-siapath; + limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip_throttled; + + limit_conn upload_conn 2; + limit_conn upload_conn_rl 1; + proxy_set_header User-Agent: Sia-Agent; proxy_pass http://sia:9980$uri?siapath=$dir1/$dir2/$dir3&$args; } From c0eb41d10d77e8a151f5c36a1b009e4c2a085661 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 11 Nov 2021 17:17:53 +0100 Subject: [PATCH 12/46] Set burst to 2. --- docker/nginx/conf.d/server/server.api | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 34dca82e..01de2ad5 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -136,7 +136,7 @@ location /skynet/skyfile { include /etc/nginx/conf.d/include/track-upload; include /etc/nginx/conf.d/include/generate-siapath; - limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip burst=2 nodelay; limit_req zone=uploads_by_ip_throttled; limit_conn upload_conn 2; @@ -174,7 +174,7 @@ location /skynet/tus { include /etc/nginx/conf.d/include/cors-headers; # include cors headers but do not overwrite OPTIONS response include /etc/nginx/conf.d/include/track-upload; - limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip burst=2 nodelay; limit_req zone=uploads_by_ip_throttled; limit_conn upload_conn 2; @@ -245,7 +245,7 @@ location /skynet/pin { include /etc/nginx/conf.d/include/track-upload; include /etc/nginx/conf.d/include/generate-siapath; - limit_req zone=uploads_by_ip burst=100 nodelay; + limit_req zone=uploads_by_ip burst=2 nodelay; limit_req zone=uploads_by_ip_throttled; limit_conn upload_conn 2; From 030b8b94198728537a5ad2cf39d5a8e45e937e13 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Fri, 12 Nov 2021 18:10:38 +0100 Subject: [PATCH 13/46] Set burst to 10, parallel to 5. --- docker/nginx/conf.d/server/server.api | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 01de2ad5..07be6fcb 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -136,10 +136,10 @@ location /skynet/skyfile { include /etc/nginx/conf.d/include/track-upload; include /etc/nginx/conf.d/include/generate-siapath; - limit_req zone=uploads_by_ip burst=2 nodelay; + limit_req zone=uploads_by_ip burst=10 nodelay; limit_req zone=uploads_by_ip_throttled; - limit_conn upload_conn 2; + limit_conn upload_conn 5; limit_conn upload_conn_rl 1; client_max_body_size 1000M; # make sure to limit the size of upload to a sane value @@ -174,10 +174,10 @@ location /skynet/tus { include /etc/nginx/conf.d/include/cors-headers; # include cors headers but do not overwrite OPTIONS response include /etc/nginx/conf.d/include/track-upload; - limit_req zone=uploads_by_ip burst=2 nodelay; + limit_req zone=uploads_by_ip burst=10 nodelay; limit_req zone=uploads_by_ip_throttled; - limit_conn upload_conn 2; + limit_conn upload_conn 5; limit_conn upload_conn_rl 1; # TUS chunks size is 40M + leaving 10M of breathing room @@ -245,10 +245,10 @@ location /skynet/pin { include /etc/nginx/conf.d/include/track-upload; include /etc/nginx/conf.d/include/generate-siapath; - limit_req zone=uploads_by_ip burst=2 nodelay; + limit_req zone=uploads_by_ip burst=10 nodelay; limit_req zone=uploads_by_ip_throttled; - limit_conn upload_conn 2; + limit_conn upload_conn 5; limit_conn upload_conn_rl 1; proxy_set_header User-Agent: Sia-Agent; From bf2e7cb7cf6c368327f16abdc43cc0b608868812 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Thu, 18 Nov 2021 13:04:20 +0100 Subject: [PATCH 14/46] Add Airtable skylinks whitespace trimming --- changelog/items/other/trim-airtable-skylinks.md | 1 + setup-scripts/blocklist-airtable.py | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 changelog/items/other/trim-airtable-skylinks.md diff --git a/changelog/items/other/trim-airtable-skylinks.md b/changelog/items/other/trim-airtable-skylinks.md new file mode 100644 index 00000000..a63a90d0 --- /dev/null +++ b/changelog/items/other/trim-airtable-skylinks.md @@ -0,0 +1 @@ +- Add trimming Airtable skylinks from Takedown Request table. \ No newline at end of file diff --git a/setup-scripts/blocklist-airtable.py b/setup-scripts/blocklist-airtable.py index e3aecd05..31d8ee19 100755 --- a/setup-scripts/blocklist-airtable.py +++ b/setup-scripts/blocklist-airtable.py @@ -100,8 +100,8 @@ async def block_skylinks_from_airtable(): entry["fields"].get(AIRTABLE_FIELD, "") for entry in data["records"] ] skylinks = [ - skylink for skylink in skylinks if skylink - ] # filter empty skylinks, most likely empty rows + skylink.strip() for skylink in skylinks if skylink + ] # filter empty skylinks, most likely empty rows, trim whitespace offset = data.get("offset") From 31cf9fb59e2237d522cb521368de4e2aee757f9b Mon Sep 17 00:00:00 2001 From: Matthew Sevey Date: Wed, 24 Nov 2021 14:13:26 -0500 Subject: [PATCH 15/46] Disable load check until we have a process of actively addressing it --- setup-scripts/health-checker.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/setup-scripts/health-checker.py b/setup-scripts/health-checker.py index 7c5e9d94..738e8c2c 100755 --- a/setup-scripts/health-checker.py +++ b/setup-scripts/health-checker.py @@ -43,7 +43,9 @@ setup() async def run_checks(): print("Running Skynet portal health checks") try: - await check_load_average() + # Disabling load check until we have metrics solution and process to + # better address + # await check_load_average() await check_disk() await check_health() await check_alerts() From f5b81d1287e0d8be1c265326d73dd31224e51cac Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Fri, 26 Nov 2021 16:38:53 +0100 Subject: [PATCH 16/46] Fix disabling portal in health checker --- setup-scripts/health-checker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup-scripts/health-checker.py b/setup-scripts/health-checker.py index 7c5e9d94..a2bbbcea 100755 --- a/setup-scripts/health-checker.py +++ b/setup-scripts/health-checker.py @@ -107,7 +107,7 @@ async def check_disk(): inspect_json = json.loads(inspect) if inspect_json[0]["State"]["Running"] is True: # mark portal as unhealthy - os.popen("docker exec health-check cli/disable") + os.popen("docker exec health-check cli disable 'critical free disk space'") time.sleep(300) # wait 5 minutes to propagate dns changes os.popen("docker stop sia") # stop sia container return await send_msg(message, force_notify=True) From 637cffc38f7d1466ee3906618623692eaf3922b1 Mon Sep 17 00:00:00 2001 From: Steve <31445407+stevefunk@users.noreply.github.com> Date: Mon, 29 Nov 2021 12:53:41 -0500 Subject: [PATCH 17/46] New terms for siasky.net This new terms.pdf updates the following: - Date last updated - All references of "Nebulous" are now "Skynet Labs" - Updated @sia.tech email addresses to @siasky.net email addresses --- packages/website/static/terms.pdf | Bin 69062 -> 75474 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/packages/website/static/terms.pdf b/packages/website/static/terms.pdf index 85b5983e7b3dc923c419f13b1a67c24bb24f9597..61561255465366fe8485153ddbb67090f75a7007 100644 GIT binary patch literal 75474 zcma&NQ;;T6l(t*8ZQHhO+qP|W*|w{?tS(oVZQC}!vT=I;`6FgdoQa8(7m3Kd*S^V% z=gD_%awRbddS(VT81lu-^L-d*A|@h76B`&lK1MZbH#>78DpzY`S6goe2Xi+fHFFnx zS85nWB^O6CcT;m0A}Uo|Yh%WL6^QJ)xrihk9WDRO5OXwjB~meWFf(^CccB&#fcba( zA0=7;tF);x5i<;%ZSeT=xVK$%4R5 zHkf1I-pR9IPZ6b;V3N~}AWbyD6s z*cJ2-)D`%Ao}4TPEMI2?b`O0hWajJ{IrM%#-akwd=AhTa{!Fhz!D3Z95@oSXgpNwm zLQ`k0tc2|RreUbSL)|0OJOmGBC67HhnF}%g=mw879sq_6Tn;ebiGabhXO6-37M8_CC87-+_LQjS+Ea!xncXY`G7_bcHbxs7bdtP}B@igQw$yt*!lqkAVgn4Al zLxww-?^PYw7!j1V+wog!d+lXDUF)(!8I5@R$MV4oFKy9s8YuFfG_z}pTQX&98!xG^ zgW_54HTT8}IA%ha$N$HAsNJG6-gG>G%fTS?4QGG#W=;)oz|%pM9hx0ugVDA6x=XOl zTT5F)hGK$Hm@&myhyUj%iAEol9MqADcf0>5PU|Z}qyZQa`5+*$!~aAti?J=CwOOz+5}@Y((H);ELC^Yq=})z8>S5}2P)7sLT`_%~L%*-(>^7~j`VqTWMA ze$$33ks0O+gBSu^;E2E^&y=^l$rdTgBTfTZzwEQZ>exr#JM!5`2JzI$F_g&UrC}1a z$m$ta(OQA6z)8d$A6qnIGU^@KRrBV~&kpa1-s6{@F?KC}S~IVkzRT#Bb%O--TvU)8^iDJps zbxgnjZ`@TTEj&tFq|mIajCa~inGk_XA}METXF>HXLEt>825G^MXeD98%6G2L8b^{f z7|C=8*aF361gzlmBA>Yd2L=@x=DW+$^BdeX;nBbp+p|8htC4?-r;=xsDNLBh$V3&* zGP@%#sOTv#Jr@8=u1OSK63>OLb3UhIle(R>J~OKe?{NW>ouLIQWv)GVXGt7F3h!A4 zRx4D#tS7Z`ChDQK$Lt6Lz+KGdHMfUcHIa*hf3awaRCv$>zVYV@nWBpZlWQWyM0QBI z>&dgk>qnHa!}aj6;)>cFir)m3jh3Bxvgit+k(!o%Nn>K2u0X4wZs%h_-0)BKs{GNa zopNzPfWkgRIFjVGqdd+yCL8=#VO*M|!vw!{w}$0FBGD*~XG$W7jG>#?3Q<7@sWVf ztaZn*QQ4d6ln(X~TwFw|q>gs`@{Fe5jRMgXm6c#owpdOVESKwBxPu<8pA{Ja!=sOW&r&Vs_EXk!Yq_{pfU5s^Ob<#X+Uh zUz0v?JvuaOm$9PN!0))lG3bSHYq)$uk}S3t#!(WbHt(1WzlF=2S-7UnG>ta_mQ+UC23MiH64(aW(yM zca2+AbhdIw@oKEjfL${=NaxJU;9(~+f!;5CX63&pR}`CydcE;mleydh98DIF)bf-f zto;dZrVQ>cqnmzCL%I01mU5(?(EQjlr-4q)cg?xT#$UpJ?kbP8fInT|Zx5aQY=XU@ zv4{i<`PURK5Cj(2gr`1K^azez(Z*6f-Um#Fr0v8|E`yDEZflZN3d#O1n~u({WR=}==D~bK zO|yi0!f`fjQ%(9%o;fpWq53ZDLEoC@Wx{;Z;kQ8c#fO8I4!|c(TGw?hyL_zEy;#Af zRur!O5_Q59RU(3KfuF0sfoEf13xjogUO6cRK~|LDTFCOZlnHMqTxv7a&#f=uxogrC zoj2_!up}3J<^LfoQNbh>t59c19U95y2Wwzth{$*ZGlQCb?b5UH#q!EzvU$XBrWnnN zrZOQ+Ge)|?<*$ENbVM**&Sm*B9@w&P>mE+W7$tIToe7FVJ*10`x%#DedP0vD@c8#~I?(@}(` z&^G2YD%&aHlA8qc=~B}6OFnuS6yJ75x`CyOynRW=f$~o)nl0;JR)Z^nJ#&#vtZi%< zi!LqfT^s05l`&I_FQrt`rc5aAf=~!CvpkmYsbcDFZ0s9|`a!$*~mX zfh~fs>WmBV&xEpNEG+UL8clbNHWjZS61ZhJaxq7-MX?f3GgwuBiRVAgXMbMz0R@7A zK3{h)fj_rx2?gH|AJ-3uUw2T7J^mg3Z!W$cK7ra{uip_LF;GE?oE2ea(0t7@KqL`@ zVTH$k!q@DiBcN`DtMhZN(acLDP*KUAkR;rB<`-h4?Gaev>vQ-@pJ~~N^A7fHmmDbz zCAxzaz>1w9Je+LU#R5+(K? zBR#DJtx~dH%1Yee>p7;mMEA0=ZWTUMtwzQ$-w*6;YH`*CD?7`8q0uBn=ufBT5U0#J za4JiK>|F)K{m0oFr`4_JY2&0zC7TpTPu_vDL4z4k(UOUUvA~SuSQB%?awNq4BA^Pf zj5bYoM2nZ(C>3ZtOM?*J^9iO*ozCTKnpKU-+v85Gr>lrU>+@7|y((}g-+j(5)~U2e zko+|`UgoQzgPf?7M#rSJyY`g$(cW(B+R7`6RlALX3_%gw%u^z3Mt` zaPEm=9W*mf&t^c+ieCPB(z95&P)*{jL-6u9#I=_2idyNTGo^R-BvQ*1q$)Z_)Z{wU z@1JYZ#6kP^4IxB|Qytfmp+^wt+%u~dqmMRQ>igT@m<7)tYb z%ZSBi!J61w6T4iTSFb+s@R=6SlK33>mg4wYa0vcFsO8e_`QzT4vL*6qGY=Zq2hKf> zCfy6`v+XSc4#-i745_inuD;%1SO`Lu6d^!{e(ot~)?qN5Z;@Mm> zqm5j@bU^j|V)PqAG5QY@|G&umf0>;7zi?Yr_&=EZKgnE9l!)mcYs>tfvnCNU1M7bt zoG^^?azxDk-l+-`xw*Li1M>d~;+dKLtE`&0lQ|Kiu!Do6+rL@vCT{=dS<_3vBZQjHLo>oUOLv@AB}ncNWXc>C zVnRT%1UY&btgRpsSFz#zwbmmmi>6(3yfl!!p7ysl(BvjZ`}OIxJ|oZ|QhA@|(+zWd z`RD5rarJewjWGjJF!C}ZQ2*0^@-a>Mcl~Za_ov63Ec>th@7;O4>`B_wQ0mFbGX*pF zKN~jewgM91%mYwW7V={l#g#g#-0VdS5vVevrAgTgO;k%EP}J@DBce@6H_y`)*O{uK z6~8IDz2pczMKL;VwLgv>VAHXA;{?dZF#QGTN}HJvnNOSM@uTMGzt@55#^ouN)u zrdrtH_=})SV6sl`h3ZA>*Q7R`EJkD5mjQ<~#99?ivAtu6qNSN&_$PDsWkby;^L8cM zrN7BkLb(Q*;do~!drwftQLOkcru3~tr(>OpSOj;Y`{}CWhqY z05St7a3M`SFt}(f@fK9LWj~rZ5jq;QAFUnnrZTM`xs#NukLjFNc6d^Yn{p$bpZoE< zrm`LPhy0_oABV@d`8@)A{k)_w`}KDNI~(YoD5E=*~; zLx4Z{{q6a=zJCtLZ0Vw!L?{3;M2!OvBr8L{n@#8)_U8f|*FnB#oiJ?9$-qj==qcCi z$NvJS!P0#5*#mRREyG@IO$UqD7L!)=L2SmII@ZO5d>P!55`~#wP@a&dZ#-qIsILX3 z&geM0q{vbCs?GE_qwzp3pOly`u3aCZIKZ&$0aAU{?i=`Y$&dK|Ff)#(9$64GuJprbut#$g;KYdZm`FBkE0!RUL zgx>lJr_$JNXrZ_vSi36UqOyWd-9q!7F8DW`caltmxQXjpAAS+9*UVKd2`x4yxspo< zJ(e-L2f*{`P%z;AV>E%#LGb4eP!JIK^CTFkCn&H(fY`S7wfMAHe);vVu|QGhwN}M% zB2035J!>1uuvh$1j=Q6j-WvHwd5gqNNkXqQE>V<%6nrp7uHSbnh4I&b_a`?|?=66( zO66An@}%A)z>d0>KUO+`9~XisO2h_d&ayOHJnD+w77{C^0QC>DMJTZvsblthHN;1f z<#o}W|E4R(Ms(27f_|6A5RcF#Jh1vPe9k3>yejO5$CI2Y=q3Md;uc|?zhx@nIFcqg zB@jo5xYGB=<{tm*U!9>pHiz2RaE-ai5oQIDzH~IdQ4eIc3){rN2lYIrvsxf4lqk?@ zk%(zmH#Fh0u_TPA8ilZlC}(BD+#k?Lqw1 z{zBA13Q;VjL1aS5xTZn2*cJ_JYZU&3O?#GoW-z00D4|dN`xKms#z=w%iE8w`Xw%MQ ziRp=@9cqm$cEFe6MqFi6GVyaP@z_xa1?XL8QbfFv=}XNT7a8#J888HM7vX9cVHxX} z7gGkUTzKx(q1&w3+O%Uf<&v;2_|!oY=bm{6hkbb@o(RywziH`nHrCZmu!tl)8q(eDh4EFUTALDGZ~xU_#MK~F1>L6BQu zNBxPtSU^~-lklrQqi-nINucm)tS*hTyp6qoXG$g(K=YLkFLX4>=uup?Qt)F<%;Z4y z7}4_;0n?j5F>xtoU;q6HYphOBRL)z_hThl6I-zmyNrltT@3UZ9xQCR;Kbyg(N=}~| zbW2=ID2+xa+hdi+W=+?aeAS;Ec2fh?oJT^Rjvj(P6@^?=Dc_D1Gl3DNv7NZQjVoL! zY#Y)VM0sOn0rPxBGD&8RcDWq2W-R@i3nD-{fNQ*3Hc-m~t_Xj@RA@d4-IC4ruCvun zA*PhrcO1CU(`*mXl6zH#5C%B4GHB)l0-Zb3VF=V)l?xOLVw1H0;Ncb1H2-g1rb)Zr z`p7<&Eh|q#by^WRX7Ig;#j_Z>Kd0bOej7ZL?xT6fGPagF2wF?>A&<54x)rDk#KjYk zR?K%q$Ngqm71P9+kY*(4K|#fyROgm2OOcE-VG~ldx;o z)>H`%+QbA4PazeKvH=?1kR96md@}SEd|IJdvZ%zNPCgd|2N-|^^UpVDLs5a;m zn$3iYdE9sx=LItBH{xC?ik;&ZG{RjH(omE*c~ORR)?NGdoe}u9{ z?243Y)9(bZNZkg5W;s08;#2`$Oa@FfW+jF`Mybj_mwkW81T2Ev8{@B;4~k6uJr%B0 zR=e%;D=7~~Lh(2X2d;14Ea*6ru^n7}l`WvKvg05}ok>iyox)Q(o5HlgC8Lo}TR?pH z2r|oML_xzX(U8!ao(z~u;*$)P@iQ=Wm;o4)@S&QIXbO?eM3qtys;R?Otbkmt=B_y^ zIVrINDCStuJ1jz?fdwv=i+`toGT1 z+)A~d*b&1>`!CXzJX4N)Kk7@=?e{lblV$a$jN4 zG$CrmD!lgo152y~oJg7pSp%`K#nR%*R9e`$H$D{Ro1Q${!v^0tE=LmozH1@Z12)f2 zgEQA$1mEK*PTM8;8qB0k?PT?91URC}p-EW@d$*OV%JnCwr%2_fHy##Zdl~EENra$n zWGotP9T9(;QRcA9tIYN;T1k!7;Mvb<)LakC2QPbQ+BiC>^Q0vK>=l1B%953fRW)*| z0F{J7m_Fh58PYePFg|<8q48;8gCO&;>lTU~(?mcywK?rxuwAjWN!F~3DXTlZVQ~!& zSb?~;UFEUSY-xiY9Z#qZC z7&ZpDHc&;-*ELQAfrlJ{YATttx|@uGBWM6x?PvXy;T=zqc&(D^Mq%^k%y&5fAZCuR zSeA-KO}*XW%%9>t#0qHvCG2E`np^-4QTed_k4*a!H`d3w!~)YU^>@aW8yQknO9#sS zw_el}{Pl90qajZ=XpkvySm3b5*OY;^Chs`-Z$?D8|V`s+q`}Xwh4ozj>bt7Lw zjl{#Xf*Q1F<{)tYEZy#Iz)Scw17kjAO{eruUUl!6vY%QP-&3)q6`t|RXu?ORV@Ua} z{wrO0Eu$Bl_9-Q$K?qPe<{tD6goCa!x!PZcI5PqAx2uPALrh4Ic7V9LEwN`)RO=~= zULn##2&I8Qg)d*heL^K0Io+N8&Vkt?kxr8HEd*)paQ&IQmnsY)Z;^?k0HS^KSr;C3 z;TY*^pptChO+zhDz9%J|g=z|bhvb+0oiAg1i{zY#{iTw`Ys)A%eQXCNpl3crcami` zIviyPRmaA8dxz~xWYk_ZoFit8cV|V}K$Kxy;n|cnWd)pJA-`t7MduWemm}I!-VlvM z0AF}~P}Q=?-B?@0m>ut&->NeiK`!D!$`1#uMYhA3qs~6OV_sUSU6FIggm*DsPujbeLCH#-5kx6tCi>U9;M_}N0Tn@KK6_M8HC%@Jh{M@wU4&fGyL{H?xYRstk(%z)#KZ?HDV3f_n9f$j&1VJ^x6a^@@;9+v{M7_Zqt*}f1BR0hCP2}0-)x`6hNX#ZE z5|SStz48xIj-CH$m}ui5WJjU@{=uVgw=fDsD9bdYu&yvl`#|@9p}L(NhrSRve==?H zQXW!dTE*SYT4Ol(DmHehh^8;ldD>mRDYShS{+h+;on7J-{A}=Am%RXUjMSa$O?Y}j zxd^+N4XOJMc$=qxGnC4E5BvYRB=dg@c>XtsV&P30*fc) zwy2}aRUtE*3w=6_LX?8vn%#!~KOIVfevEEjP1{_8o(e5V!p26Dz5)wb#mPTD!h}a} zPHSMhXPpY9mc*@ikZTN^Tti1d#*%B*%*296a+mq1J^83hLH0OPzBY5?(wj7CAyW7Q zeMchGNfEC(pEcnPcy`G&Vh!}d$&w4tS`)EB9o zsjSD%N^v9#G=`-5XXZUc2sDtU*Vth4TG|jq?syWJzD6YkSDav<4Fu>5!UVjD}k zB3e_OsGq0+f5OY|S~J=xrU{e96fR!?0Kz28qG!$|)%R75X*rO07-$S2d_Dix?Ym>t3RHIyi8S)C4Khhl!!D?QK!W8el zrj%p)>(;0SftR80JNC@1wjd)QP$1DX%SRv8tiMYNi;0t}E`EsE0(}ZNT+wO~jyg=c z9&K!69X1nT5GaJ*uS++{2dtBx9lC!5U*g~Gw6s*FdTFtv0h*#Sr2U?ig5PK zm9;ZAuz0Y^pz5uFajYO6IV23nGY`UWw-n; zD7&cn&=@E)FJih&By~~gJw$l(NmxvRT;EnqB_w!LFrP*y8lT&2FJ6i$c=ww8#?7Cd zHB&6PDb9wd8<(MHI}gHz8-;%EenGF{hwj1TiG}QiKE7K{qU#s=I-}iTi5u=`g z-!Gd#U0=7of&jvdRdeUnUcbMA?{0x_e1P%9EUBv^=IAHupIp%+J-k$gkP!rt8U=qD z$Yj>7m$MBYd0!Z_14H2M)kRoH?Nim?CXTTi&{Leo? z5IFYqGA%$wqGrSFv%uq0q;v5+HTp;7+&N_fsMJS_R$wX6i$PMSjKsfJGPRM;ze&f?HB}*edwZ7+TXz;phtyMH?rY^?oz6>ruR0n zWrh6SEV=X|SnQe~fmbzQ1HW0M0ORnOkC0e|8=?!mv7Q|F4l{g$GE9FJ>a2)T72p*H?%aZ6@)!9b5>xfCGW8~nZidnBDj&;FAEsB`pw>Z3+7>+dYj}I$p zR#rg4y6QV55)B-I0#0>4%LG6_I`xP6Hnc3&gOlpf6vuh;kp4n8A}$AsFyr#6JB&#U z7Y^w%O5!wuYeDgr>f#}-4s*a$0Fln_CmxPH^SyRst?+PbJ=@cFlcO3AUaG9iBs*=$ zKsB|DUC4F+sdlE_zuMWm4V{Gg!r2ZUkdAC%=1h@YgND9vG9d-06Hlovt@y20gg6&r ztB~X6++^BJ31u7|qN`Zdp5QZYZ;Tn!!Wu3_{20RkhnX)7QHuuTLQxBqqNd57*&XCs zyHgW64b|quGOO!LRW7{5V?W%0oH17AHW8#4a!t{g?4}#PNjqnE0m9GTcMZ6lmt|@C z>lmz3;^wEAhbY&wm+-q1;Sf=u37Ht%x#*>Ck>}#h@bQ3(?Z$UCQeEj1yp4?Ymyj`} z`On60QkgE!kJ*z;IEAdJC|`YHf6W=ZG`|!B4fpFtxH->R1|4l_zNK4K5SVySRJM5# zbdMOI!eNNo-4-1_G#7qNIe7@6@{Pns_>pz*PrbiK&q!&%^eL zxp-yiWHKtME(S}Brpvo4%wm5ZLcjJ|&=4?LZy&{CPF)#5?y=pkCDdkt?wA}GnyV)(Y}e>=>@tBy7=^Ut$?T@222Hs+fkT$>QGEPr#x4OuKVSAqTh zMv1p{QVlw`RYICdtwM6qLgK5xmwpdpX$uXL;#lh`Y*tV8F(myKqDFLS`aQIO)8taw zL@CP#>NQWdyARJv3>!XWN$hC}x91k9JWrx$!=C%z(1@Y(n5}>PI*Q|1ZDGdfJ;AY^ zLQc@vMJ2a}b+#KH;6HzBDY$#gu)AywbBjcso{mwwEGOTNtnwL_mME%zC5;g`fPi)8 zO;J(7d$RVXX#B=x|U#XnK#Rm(!Ey>1F;%4Q6kVtzL5aqe~tr~=YoyDQb}i7q(Ql$Cdq#z zVB7f1I{#-J1EOPvc72K(;7-9}gM}3D!?A|_f@8KT`yGS*9wP*e4FPo2_@t$XjW%4<*Svab*o|D|e`t`+<#nQ;k{6oPmxS zG;`?aB}jZ*-?226z2Pc647~j@G}@2~TdC4kW5kDTFGDHZ?KP+S<&^icYu(6l+QPs3 zX(tO>3rEqqz-!h|*p;G?+l%OUk*qC(T+CLhn0p6_QujHNE}M*#dof_DGn_m+Bafj~ z`(TYY%WhsO6otWKWn8)_)d`jS7d!}tkRfBMh-^+5%Zm{HVsoj_6_N$E5B_Ye`aT(g zF9NsMlHb0V)!#mMgwv`)1qvTl{dMd>waagiIsMfd0BiNF;N#?M^e_+7|V-AF4lq20*JqC8fnw5F!$ zV<)p}XG!Q@ZaH(5U$=z`i2XiJ`;dp}SVXI~mGxzv#P!-x_teq+?5JBP#ko98FQr&~ z?k=<71v!f6rH7^8HLBi3Vb{2Fi^V!p6CbUh)cyRvc|zF4nyU1Ad>IB4JX4~Q#6a{YG>-u{;*;C3MU z_Zk-c%M$#7;Xsp5Z1V3DkG}hiSXhM;p_9kK#!e%2lf*fEld_*h?F@Bo+*5|DRLe0` zEHEzue}dn7V-GX_H8Fjx;xf}1gav+ydqDU8e14I4zg}mwDelHhGX4a>7U-5S#?tt| zU6;2N?0zrB8F{@nafYAV4{#e#xX@@oHim22xA1V}H~1bhmqj8=D6vZmQDDuhahqGf zQ^Eh^;R_4+3h;kC%s)vn#WjHKYPaI0fNXQl2Ja#fl@dQY0Qb_SWpTy!mP$6t>~F*; z8l@7wu6?L2UuxK#$(CQ3>oj^y_XhSru^20#q9`TO!Pnl!NNw&L+-o zJaDUhRP#xnN>gnaN9iZVsq(Kpv`MMa;?ZKfm&2c?F>P(}(%&u^?`-A**}NRG0@JY( zsmzNFHd*&uaFHTFBCUeX`i|e~a-F(o_Bsp2&SLZA)lVL_BA0pB$Za ztf9COb1s;FgA@qxhs`LB(DM0NowStcC{+_!Kt%sGyynmRAUp|-4RpM`eD!YkcmWLh zlL%gpD!sVXPrdYG-MM?6qzfPdhMy*n4;>x1CJ#zcgeS=4@PvN%ACi>`l-l*gQ$)Qq z1n<%9mOo&-{wxV2?Xl{d#bA1`u|VPjC;4b3164K`zYlPr~}3 zdc*VK!mXGk&-ZC96uI}7&k7|N`Q^vKbI^oqj3{6BT`-_h$Ar1pM-miKIY8R zXU0&|SL_cNyHxU?u}!WI!tV2xe_(Dk?rg;y8c|imRcs(LQl^2xtQM*V35)u^pC$ah zdwVFqOz8bNjpz;heB9k-EFc6VL=c`nAKxEO9zSpUgOOjV$_f5$@l{byviLaUPe#(K zIpBCUmo69%FtXIO-`@2MMXOLeGZFENL~A6agc$s*QzdM5*o11jUT0a!BRoih?T#GR zDq0|B)pN2eD^}7?5tL+i34GBL)>jtjlq|rZB-RH3$f--2t(KnD2BmVOuY>f zGt_n%U2=kDSyyLG%p95~rMS^C%WE0gBDeJnv>^)2nM&lsw{_PPJg=)eJspeELwC|DEBqI5`6oDABtIKi*iHrv;rOlki6j_UotDy% zoWW`{_YdL&Pd;BQUk1RmCb@wz(2piT`ZiyBF2c>P8_}0sPp6qH)#(wrQ2qu5T=pE6 zR)XF4)N7s_Vxs2$aR;fVY-(7eLa3_6`kC;X)VcO%&9%0TB$eEtm0cq1ekF3b5Yl)mqK@vtmP5bt-WZ?7klqWq6!DQP8;t0G`7B zw^-Em!YE-jQ_3QO12wab^%0!XWevHX{?{XlrWym6T1E2{gsVV=tqax8FLsDa&CwTY z zT`KtyTcVM=XzDn3c#iu5u~gio)B%t;AnxOP+L7qP8TQducaY0GT+X%J`Bn8kvRPdNJDk62yFQ26GQiV3z;1=cuMy^C zi(#~f(Tjvv&q8@CxvXhA5WYXxFW!YAOT`h@*X6z0rJ4&sfp$a%*8O)DKcsd*|2pb$ zK|OXWMDPe5pEn?J6FoSTEw5J?8TVmOjcX7L*8$%Zk>NhkMcdjxWo65MLGy!!VdP@N zTA?reUg(%UM``cLJr~-Y^3DgEkfFj3A*fPatt+<=xWTXDvYZtd8nH?tRa%6^Su0y- z*FFaUT-e2dt-?sx>w{x9I(%2{<;l`U2~=4xO4qGpea#Q zZ0iNwXB6U1EgZ}SG_F(&7- z+Ov*BAYK+Axxcg1gr4@k2sI2$Z_g`^G~d~rQTs?tqD-U*m*BRi);Sw$fkY`#&$kMh zQ$~fMNvP_{%-p9=JQK_x*)wp48f8%Cd4%HCB&Dux=rX?@YBdS=8v7!R8{~T$M^rJe zLNmS1YJ1k@)rs1Njl7?61-|s{QC0~AjUQ#MwBzYinKco)EXS)2%`ICLc_(vVG^c9dH)KM7=P6MR*D>#@8jOqOmd8|EvYA*jt-X_j= zV<@g+0#C1H_as~jB#V!RfrhLU_~sztY|v5so<*b<6bTxRROyQ{kdg%fl{PWpg-S#| zA{ZV0_C1v%n`N0}?LjZ-1U)cXprlHK&#^VnCrHMD3Hqkor5LiY7OSdnCj{y{dTM-{ zi)p>P&SAFgvRgV(1Qmy(f2One3Efu6G`=QBm@2fNc8_V040dQ!fG{Psq2b392Z6uN zx|NP9-U8c|0>%H6g96*|VWI2=>h;9?-{0>VXJw|IFo;j^@|4gb7&ZSoA$7_#8tefS zg2+>d&m=GMP8w3JL372-rts7KLeuYUB-4$j zd>6=fXAJ zD<(aC_ac|sS|7%twgRkDDtF^d zp1*TeSj=&j_AL8{LHA-|P-y~-Y5vd8%S0|@VjR06eAXa3`5{-B=eSX^}OAWmksfhpV5I<>hBepvBU~XGz zeN1-nboo=8Le{GQ+5sCoko~DNY1l_5_rZto&sJnEse?T{CAliHdK^dtg7r=bgU;K6 zq>G(G@Vud1whEajhFYvFav^N^+2njSxjD}v1~GgX1?6AREVzXlY+$VWGNw5P{3Sm{ zFN7!o)KXDuX9_7!xO4TP+7f(0KKaDei}{#Sx&VfKc0A~RaRXFYquSIUBNP7A45Fs5 zuExmjjzCTWQMQb9a=qNUQdHH%0hWh1{Y9Pz)vpH*?&wOM1iB1Y(7KF5tNf%f^twzW zB_uWXE~w>wuQ#q=*CrnrDzf+@A_>K_j!hYkCz;cjM~c~SCSWycnsLwT+SFzL1of7O zmti%J!tpv=Vjb_fF4cTqycL=Scp8(YR$0l0naei;+!2F|qa;w$Y*VrFs>dAR^9MGU zZIov`0{#9NrB^1cWs`}zwlQYydV<73pf_s+;-1(IUiYvpph3S z9Iq4}d#V}4STES)|E{AS@VTnn1qkbga=1EP1?&cReaLeDO1azJ!PB^iNtMH5?8sI) z!hcxNbzSibp*=}e-O6Pzf|_zcjpel!G0*haxOZ9!m0;x7?7p$drgG)$oTTA);DLw4M*y-738zMcMt8iG8 zUzJ9#Htn_cqV>N__@3>)#*8MHLjRgCWhLiyY%>D_3j%dQ+8MpYC%%6t| z(Ci)G5p*>x|G8kVcY=wTC?Bu z=a%=I@80zshp*TlFUK;XyPc;A>HOkDl0xT243>!&x$?1dY4Gnoe!yTh%vnl9nTxdt z?0H`ENR|1z7#k9Gu$1-vo)`T0u`R$HqzeI+Mq41qB_W{oxJ?TqEwQm5i9B8Ww*n`~ zLfoqQ(l1{FB6%cCe}jMfTg+pL9fb{4@DEuS#Mo_PBaZ=Sk_ zF;>T7Y|ff?`Wldo-8nTaUZ;ks@_v~bwnMv~L>aQ>JmVJ$Q zmpyp5+KD*oz+*U8CvP*^R+X2ake7oX!4?Xu}BI? zhZ-*jc3Jleh-wceTT=R35?b&c^Hdb%*!~t<994?R&xhKbwn$08P{b7@G(@+NtEwEQ z6rh|=3H&5&J2wN7m|E0CB$MEQcRtv8ZALACH7o7#tYnM302i_J^I0c&|jiR(gI1R|z)=ON*`=LJ zohexGIE*4G5v}pOy4|M29M-D1Q=G+hI>{?~+Wh6P-l!bB##O>YIGR_ODqy^2p0lql z);xiXHCr{%9O}LDclUtT<@}9lK2NHD5 z0E3bCaxe>#Zelb7g9N?Unz%y|C4W-%oFt)w-Kt$yS6ldo>|ebs0t z)6&}*tJaRsM62b}rsH3mR}5Mh#D7++R%}#pS>oXv>NI{YgHtj z%o89!66?%bLzdAMwQM}mlFD8-Wm}Ua+ZWbJTckO#ZZi{8-2I%VR~?#!c(T#MyiP$H z!$3)r27nG?pA<4N-8-5#uIZvw0h3BC97>XIF!75C6zlF8izR(ZH4sI|3?-%7)S~{8 z>fMYyWfgN9>_pvKh|7!M=WFD4a-TaEL-@M(F1=KkYZT^z#riPr} z;6n(fWN!%7KiqgkYCO}7BJ9p6uW}5c_RlVA4@syh`p~N ziFhRcAvcSL=STmx8Fzl>S$TjuX7Z=m7kLoJMvM;}olxLo>#mw!Ik{vCQq_FPpD$U- zq=!#X%M!LaXSS-ko{s?r@zP&=qO`H4vtE)lLx@?O?H zz^ze#w^tC?jHt&R9c&HB*|qP7i)h&th+E)@55fh^T!W@31K$EWEuKHFaysCHFy)XA ze_SK_?%?fo+neaGHr`X3k6u-0-nR~`-Me(2*3I2TtcRPV%j}FM-aEx8x4C_4Y+}jR z+BPctcK;?*?xzm7f2Vd18z3#$CHH{i^0_AwemQl5JXm;LTP6KES3Ky#%BsD#7nBWFRofxt6UzQ@Kz0(WUhx)?5 zjOd$!0+$HfjiC}jcHL-IOX%VDcqH1`*kQG&rbv?+(1X1`#`f1$#uC$s9w=SyRQu}6 zy}reclQxx06ZILfOk3#*80E$!Uq+voKJ?npu`Q5(x%C!Jb+h5%mX55L&|x{iMU`Q_ z|Le_I-^yrnilBTi3Un1J_j}A&qOOFm$@!{Pi zBywN}QD=goVqjh->l?#2p<^_I|JP^FC1a02ceii-U&g?K1y@Ep%Jx6oZHncyOohb2N29lq7=8QO?!sREX`_-bAzfwUO!qTm&rR^!;hU%=&YfqGZXZ- zasdZf(Nkheb+V6JDE_mG4hc`8t2XRqp}{;n@k2JYtwvPK3xJua2^DMm zDBEk?!}#u=rBQ)vsUt+Wedt+L^M^n!kvR{yvnssVnIs!q8rKQw0AaT7i+@5Y;AI0g zwcg&G4i>PtLEoXLilUr>3*B_#g2OSZ1L8_NsGXvTG@{vLF&V@}qkRGah?1e@Pw{jD z6$M+lcHaT@Zuk<=4z?OM+Xh-i=<35HRMTO~iVM3b^_lht0pAntx{<4-S<{}C;#vr* zR&eOskFjQK5QsewewfW{rk3%{R{J&h>+hUm({6`BVG#;V%I%xRuPUk#sJiLbw`%=; zoo&1Jz(W)yLvD@43|8gVUoT`e{d<5U1K!aZCla`n#aMDH_Flx9-#1y3N>U({#7f9- z`HtwRV5pq!FCvMsLZsBV=UDAC5EziZfwN?QbC#Z3>Em$t9TamZpmrIZTYeAE%j$G`o;TNQ{9|Ab2^8I%3J(S z)j@h;NZcyLF4hFTL+f1r1_gx-6y6i*YqG5I<9R4N-k5CF89De|mr{y)^cWpG^0mMv&m%wRDyGnAN_C5xGvnVFd^w#Xt|%*-k= zGc#Dsj3fK&8+~8*^t?awB4#2os!n9Bla(8C=Q$aZp7#*>6#f9pyM*qUqm~l zw(P%G#}bLMw}|*p0x$5>a(u^$Zl-%&zD%>q67nR>ijDCHMky?$UJzci+NyHttXZha zu&HO~Np_=U*7++$HxQA504|)kJe7{LkEtOqroY82IDRXlta~w_VpVg*<_b)>)d)JBuGVPLdXah3YItXYKBpoq9ChWw~ASsF#`*YxEWq)X9>u^lsOA_k@D1*4lwcyht4~MOj%9C-@;pH zP06N@2Rda*Xcsi4l{&CbKqD0}Mr;;14?_fXxF}~v| zE8hJOLZhwE#0bhs)n~ZcaHJ=vc=O<87TME*VV5H)GgKd?x1>)Gt?G4Bqc>!L*+fyzd~7;b{nI2xHiP zG=wY#i1i7JUG|YB`xua43avbgT7CG72aD(qzeay(zfuL^1eVBzJ^w4Q(+q>r-3*$R z#RgPv6|}b|Tz3_&U_K+3$XJPl`jkNw9(xkURWl0OhE$ixR{Cx1{Kfb0mGr%$M=r|N z{Hj}lMd9zCWFHeX{`<_#{GV%L|F8xX49q@wj9*Qh>|7j;Oq~AE2|p5?7%6=uJkk1_ z+k`>c#NC;YLDJ>}DD)rS!vFCt`N2RGb$1q5a{fqC^5<4@7Q#RKV84EF3mL@hY@Pqq ziLny0{;B(@VI%yrJK*EjKflYG7+V+!*}4BiegrTv6S8wMe>5okai58;vlHQ;Y$zXh zDSc2ajhqz>9RF5+urL3)BxL@>nf&ul|H0<`x8=V7lcK>eh;tJDdA|AI2>Br{2O-D* zUfjRrP$xpIzqHY>|1SSuTIPRKzz0qBe^9`O2LCgC&0k9B|A&qHcfa(16OQ?R7VeJ^ z{VO-m|L2AK>*oK}by@yr;r=c0&;Lo^{eNXxez21NZ^q>Zm-&Bk%RhtQ|2LNVJF@?) z<=Fm5;r<4p|0bN%pD5roT~v~JFB6iHKEo&V*Crt%*IL2%EZR_FRU4>izmR|(ayktll3F4{jV*vv9N#if`#=% z+P@8(JGkLmWGNeqTT#Kh@i#`|mYf1A>n|BY1gPwp=!LRL;j=8sA6|LL`wnS+tze|fJy zX@_=K7M*AJEjgQRykB|FI9oY%4l95TAdLt6Y(Z#%ywnI50R{qstkI{_OBom*I1Wdj zA2>3)*@J}A%?$ds^n67 zlwHE*a-_U=^a<<}E)?+%zOEX7^h@?CqCh()xAj9)^_NO@uMOx=hcwZx<`2LjVYtqj za!|tZhqn90h(eRpb-AlZt`nj1-Pcb{p&qht6x?w$OJ0WIDofz6qUeF*T#XrGe zfY9qO+1>R>=WxG2k^6VdFioU*IGK*~9eIBqArWWt>GZ%fU|49>$Mgse^ngv(!_Gbu z*Zt-(*qez#pTWjrP2dQt>Iz?^(PqD27-iC$UdWF#V}&uM%`q^u`kU?($RmkM6b7AE zHhpM}gx+8_gD#hu!%6bg^QShL`7Jk03jfcj)&kQO1sYm>FnR*;tMFXWYI&$dn=AO; zbts|Wn`$lb$&b7k`wQ?=F#&nh-nFNhBP#e#{kN2HOacsTh3V2}*^tX+BPqI2%d3S> z=>7n^aSv(1R{Q;{C;@IAa)}OZhAeJI#$L^9H?rJ|gXeV`TGO}M9f*@BQ?1|HXsBNx zZguR8JE)|U<|%mOx;&A*JE5mw=z)a6NU*sSh74t#0bJ%nt0C+(!btP+@M+QsXWxda z!v*>=-k^RfwGu1l(|&c0ScG42tvouYHtH8bVI8Ar|As9;>=GoQmB{9dt;I^u+wTch znBoB0W|FmpZ*O>Fc+ku9dUl^SpO^`te*CWN~szY*h@KOD0{LqM1-grLM1=f?lP|TT{147X#)ilbmN# z@QG6k<~pGf)__$;NFyU?%LKC)N*(dO5B(gp{qoTqzZNQ`*F^oE^TC>w7WmMdc1J7% zFEyD(FB=4%W=XFdeIpai%i_$n7L-;4w=oH62hW){F!FY`5^88pH4SHG=pEXt`;vuW zy1`Dc!HAecH`3vQRXGL&TuQsTVFSlMYC%M1vDm-YF(&YcY6*7ekxndsrsF5<{CVv3 zq-uIJ!M+F=79+V+DRVq3x=%4Gug+IL|I@D;uiDNL&K1z&yTdtfUF24Oe&>(k&2zrS za()57yp}Lmq>o@QLLt9}Junib?Ci+0g<4d*qZ z8UFt04(G^)2HtenZly}B z5>vt7g6$j~r=uR&^;mW3Rym*{Ai$I53Ms!5PA0d*X3EQq=ruL;oa$+%{kRR}F zudUN{`|^+$C-+9M58JpaA|QOh^h-;*(tQk;dK_HW7$AvaU2wA`uJpvCHVOt*X}U(;_ipJeOMi+U%v z5IBTv=gvi}OsJPxTSHnMIy#ihQ6xQWpKx{wKc^BR5-)>>4ft*h8j}c z7i-NxGN~Y)c6-=UoDlg8*<&XZ6^j=m2H;9E4Ak~y-D$T@P#w#;0T7H930Tr-I6 z!1M+=bWK#ofx(vVrNN~ZCxZ*CO*ei-FT-TVJFh0W?vDhMU5Z__D||dDvq`;4w~(9& z#7KrCQ^WEJQP>l5cg#1zlY+=-ir?`b9Ovcajq%)rL|305!x4&-4n99MGs>$Izo_B{ z-itV-yO%q+JLkVBmJqox-VV(2Pn#Sb8}JPGO6|V=wnv<|X2%U(xa9kMjuL?x0d5x~ zGHC1wzOI&(Ip|{y>k)s_)z~JmPDZdZ`s{W^*Y_)am{ov;mEfFGM~WejKi_St*S%AK zzfcbrpGZ#v$|nRnPfnZ5u}0e!#*7xscyw@S{$(79_4ZZ!{sm?4h0L(0;X28XIsAJJ z9ZQh5KuWxHHCZKzTcV!hx}Wf!Ax*m!pLq5d>!8P(=<_s@Gwu5CX-;S8H37Rq?gN?| z96<_9@X}3`$dE0eBt~&{dTnxRRLzjz!HvOgAq*i(?!}@(nCRDiO=(DBQ7piyJ})3* zA7bI*bnWzWji4^29)sJU-`wpC{B+Dr%mUlt{ITnyu4;xN7eQE7)7=r@SsV;ah^GO? zs?3NefloGH+!YU~DQrHK6!n_W{AB4Mf+nF3HDWI4ASMSW#mvcco3fG-vqIXXeISa3;M79?+2on{B~wK}|*6_vDCz zUdHd-Ec9@E3*3kdDu4)wa_hDWCflW6lsujSKC5bkIr4;VzJMf2U_DB8B~#-CeO0Dv z3!|w3zhUEu-EoIs6*G-;+A^i2Q0oc1put5GofdVhJ|UK$dEC}KBINduM67vCLq!sF z>~SfOY*Kpr-VsX^*82lw9UWir3~^=yD!=c`G#E3Yc$bPjFRf%{@JIo~r6@B77&Exx zw&JX<8jOh{*sGO7sf>751FZNx{w!!v$Q0&|=nyB)o*}bkIQL}--feI=3M;|DgYvB5 zL@$B|%Bg>IVo2_MH`eXaELfeeFSuL5?;g=Ztvs;X?xUMz^=))_g85$b8fq8t3Pm9f z$8~Zu>D~ha3-y-Zio(j72-&3C<8kFUiN6Dk2PsaxV3D2a@zhU{D8|tz2aWrr|W5q9`!}o&RI!DrPMAyTQUYi zpGtpDXCcpKMhZ596%ZT1Y~6y9*7_%Q(lEJfRt^nrbNw;@w>gz$ADZEjryKfHm1!15 z?b&=re46lm@j81-2F#1+HvGns!>SeK(mrcu?3+lr6p?@*dpZPo^JVq@nOc4B&cJXK z^w@D=c={S~h89~iwySA|YI!=v%(zTC@Z0ZqrD0=olNuT_#d_?YRENLj#OvpUT@=fM zWNJp`@EkvZ8MT6mA{$m_>?ke4se*G8Q!v(HOAs>DCl8? zi(pH8HYDcN{`g%lBDV8~53CeD{;&rCiS|J>Ao$;k;X=;h3 zn7s~$1!sxd8rs`Vr}X!g(fW)a?J8fLfy;d{h=EPJTStGO)k4L*CVQOS!5eE&RW%PdbhRij%W+@*RDVNR*gjFM$T#$AIzJl&1pfXc|kn@$>zHT#_Cyc{TF(xdos3-ba^RHTQ!^X&^6m? zQ|P2-Zl>a6tYUXZv6zg>xtd@HRJ@4KQzc{5@kybS^S>gyzf-Gom%=1%%}Fq-9b2Cy zJeEJ@jakjT(Pr=2B^z2QYdyOOK!@YM-;AcEFJW>Pz2RXF?G{MSUU@LUAkTNRyOM74z|}QG+YJV@aWG6m z3{8s|(b$;E-~G;RBCn;OYo^dy%FL%6;(o9km@5IczG6E^HQ0#Da*=%V(4D)bm9FOs1wesh6q*Zc$}3V9yOEg&Kq!@B_WChn94+B- zffptYAlaywF7prv#e_=i>W$7O@O3*noI5wrW|qHxF$;zKj?5RtJEIAL)&I+Jw!p$_ z0ejp%^hb)v)?ir}3StsA@$#fx<~%0NS;1 zjHL0z>|TYbavg5k5_qkZHdj;emc6#0MPdtQMUV#p^-;%}PJuHC>rO_wE{iQ<)}8J8f)-PbaLWnscV_`&XBHAu&^ArZHaFFC&p{870OGmkyL?$n?3US$hq6ZCm zD->0)i&&pm5LJ;Y1s4Ksaaw#1bOpk!3`Opgg&U#P$eqQPz7WYnHCPz9*ynBbw(&LO zkhpI;Ia@e?4n~%qiVr^074PC*bAVS%?`WJM*}bld#IRB)j}!oc)Is!tGK?Izjd z>r{?Td2P!%>4WaCWGpo3YBszcXO{UNPZoLtefx$nwJ z6&|byT(;sTrH1Z-)pxYjVu7nbduBdVa0MfzbABYMVA8fOU5afk0_m9W-ol^{(zP?36H}Wr{eOoEK1tts@=>nQ(By>&^BXb2NWEQ`O=zb@r zfLTB%rXX2JCZ-HXpaDc-CC@lW)U$39Q_LhrRHtjA>wuEd(RHZt=rPLV+~x%~#+>&@ z%?o^K@LV^L2tubug~--ZP{ZC}EP z)6UK!d|WTGGqLOB4y9O}5m8+2m>f{knPu`+{GPLgl?zMhH_6U1r{;&_&;7^@`0)0e z{3K59oc#PM%8_lrxVlBkVKuD?!9XTm7YS?Ps8W!n5FSw(B8pXbG<>0O9m=XLE8+>D zZ(eY;_08bzh`@9baegNA&~vaib}{~Tq0uJ`2(KTU(ko3oFf@OFT=95ZQ zbl9_yf`KnM*kSKMYCU+dKEO(=&CDIKx=OpXM-MVCgdf3Gfs`MH58YSg7)es=K_2t^ zqT*tt8>dG;)s+&nmVI4tawY$=pfyNkt9;_3fabD0%Vw)Iy^+RS#oparFrGgx$;1AP z8IG)c3;NPx3t3%P=c3Kt5i6ycMjMBRT{}r~E_H7S?JS0tl-ZbxSqpWSAtuy4Ac=;1 zu+3P0O-v`qmbPMk#F^IxSw}s!81~?Mq>dt5l;Kyn$RC4|KNY}H&BUL~nY%lrIZWOZ zlWh`EkT}b~Zsu@46vIlPMoPD+hA~FQW^e>YTdwiLie(ko`*JcZ3&NR~OH2_J%<;j9 z$zo4yCS%U!Nz0p;%S2nw#c&rJa1*h!8(P!o1l8UYgd!xGDwck>)~UjQsxEJ#>UzO1 zwY9VctMn2rZ=B~FROKx@^UCFnikL~ghvTYr+4&g(UyiuP){w$PoVCDFa$9V@Rh8*2 zC^x%sO73T(Yt(CNfb{so_j42m#2gzS_J~l)oojMXj|op|RL_G8oWe8(ftBo=q?;MJ z4&1d-%jbOqu6BGw9vzv=--jYS(>8jl3VMz0A8*%}=2g+f8v9c%#UA9L7KTjO{cE2m zE?6g;wA3@^1$iVH!zG0Tvx6Uq29v-dawyUrxg;$BL-0D1wwrb+gNLl$GT7Hs+Su2M zGD#0=m7KyT(9?Xm4)Y(09V}z#Cj=K(J$E8K*5^~MS#6%n`cEur*S*)vJVtXki|d)V ziYr`H>*QAW^q=l|vd8fe!{=?n4sVmN8|3B3e_7$g<0=qjX)G-Ad25UAVV$?+9qXX& zbQD)PlvTmpRcs}1TsI~1;*YPZ4E-r=Je=PGGNn>XZQAigc^3lunn zYw7TW!=C$x-ye11*Qqx6Bd79^Yx8AJRg04aNki0%a}+I-z-noj5qMPMBSD`KY1PCj zM>mLu2^c>1jnG5by}q=JcAB^w%w9!l1eq~bpM=qStHwp`wwR27h}EOZ=14^_MLD&!@ zwgb$-FGh%Jkp3e65HZX!4){xs@1Q#g*$7{dGxbrnn{my$c5n1@v5E-CgMWqpCi4AU zn~UrKkP-e4`kOEtab|{~S3CAP7utdEd*)lXPpP;k$N;PX`L+-T;toTgMtBqledy95 zq5<@%pf-#Xa;k$i!u2#kS05vR1Gu)oJM{LmJr%7$8yq^ZE&>LTZug~>dayehtymj& zNhLAIJ;pYm38xzEOmH>!0iv#( z9O$|j-2{3j-HE`x^>$-b6}6Lp@yQVK1;v5=1;zn!U_c*sTi2cOmHGu8U+4vIz~_Q- z+t(fJ^1ce~^3w~%rNd&1FF1k_%{GC)*OUAO*Z@Ty{3VsSd?%cIF9Og^pJKbV3iguI z9rY5)nUD{$6&caV8|04g4f&3^1FBQD6O4hV1B#*d9O)hG8A&hT^^m`(6jv_@G`zBR zC)}<}5XkT3{pHR70i7q{0l<^)3leM310!FI*vowZx7~U{yX}P=*X}ZN-J>bVVHsUtqXHUn<28Y?%NjHj{6hE;!pF-2->@w%C9Sn=Zi4Zk%um z&NsYu8Gcy396aA#aF|P?GSCE=8c-79LOumwT)IW+pz+DBQxG;IfnJbztGp z?-lXm<1y9cX@Ea>hW{;A?)?DL`6+B;>X6_Cmg`kLRZh<{RL<}GqtZ*exbq$_>y3Wl z@Z5Fg@Z9k~FTKT!3HG>NDHjgK-$7lTj^9(ApGMy24*wJfu2=pwx%Y{=Lw@7pceOvo zuT#$N=p7_$+&AcR)q=UgC$Qm(aV2D4K~yk}@odDDkkN@i)GRrQk;vFU1VzE(B$r6R zV&e&tp%WC7^sf=rSlF;k&dJy3or~E`LqE+rw>XpBc3G2zQulO<4{jsnDlz=?_`XbI zISu)%h=wgyEr0GmawZNXZ6}rFM?a5ds9pL*2=f)=oLINm1H+?GV1mBSzl~(T6Lj6P zEJ&mHd|T(ErPLiAk@eQ$M+f&t&6q*EA|J5*h(tsXhn_+eh03t3wTgOa4 zPTt|9sZyOYRVqiwgezGxaQcamX<4notIDR8n64sfRxME@>8e?kgqk!S$ee5yL=bi_ zFgY|E91x~~LE|Y}ty!LqI$zdPy^Q7s*}Og4!+ z>0ecC7p=~~Q_mxaawA9dAY$K1y{5;RG$Qa(VOz)?YNr)2>+AxKaymIe`F39occ< z^ugzCIsu8B*c0C8r61cHP61JUWf3Cb!%NSH)_*rg#gC&c+uh;Q^$@J#=_Hm zXM?Z6RiX#QAisG043a~^kPDeZgFAS=XF$0b^~|%B_?|_i*MA19iuy(!{}+F=cuoIK`H#(>qj#+H5~q;dp=fG zOYsdFwB7m*fE&Ib|s&3=B-d+O`l4YOoYc6l^4uvic+g z_E-uk47d=H73G9ALYnjyV=J%z7%b`&=-VH^7m3!<;aY3K&mWDTQijRxG*Z-zv#rJwKS;H{(xwnZ z830PzHZ)_Jjn2HqX}^}ZK+k;`?26G+8LdP}-amv+hDV1lwX~^;Bk2c6Ddq6+(=E;M zTxSmKa3tj2vEF>Ao`z&+jiOHtzlD$u8Uua5H9%`sHL5wv$3e}Z%ucZ4kIrLd(l{KD zN;vfJVN0#UJp=LOD|MGT8765;DXD3!EU8Bz7u<7e)O^M^hr8L5(b$r|ls=hAAI+6E zsWI49>bi>e@Zmb$!=QV4qQO(rzfAeck9-@saXLzm-0`tO3`;=x$nCzjmyWupVZv#@ z8BYXSDh7Ai+jXTVECz?mWUPN1AMhIvJB{vFTbr7PNA8c+Lu!}U{#CRs-M6d6ZZa~m zjq7ESx@3eW?=|Sx)W&2hh*Q?NVMB<2wzpae9MH6 zB>a*`<1kbzI~^1m1WRPdp-A) z_X#c3PREwdEKC&$36K=dOZK;1$g5u$99}U<5*6gPn6at(4jV{q9!SVz*y@GH&~!br zbCjy?DQg4Iye6_etE#wES%Zs_!nIV0;<)>JA}+hZZO~8 zfC|OTt8(f4lGraqijJY9ricg&aZR*L#D_*b1&sj_ef}%PLafysl%j%M!S+xqVf6}x z`Mu+`homW_wTXNJzjlFUk~ve9wZtmupd~}V_&ygjkCsuqnti1p%6%JUmN$AI)YXHN zgR;Z?A*LT~85K+w)qFMyH(dFt^W5XES$jCxX}f7>8E2VD>bY9_-}jm(>$?_ko1%4z zD;afdb?7!KR(|rG`UG_lcN)Ib&TaJ3@1)d|qUfFIkL?>gjSXQB)ym{Vi_mx;Lm#MA zOvzoLwnYTehWH9E_CNQT8X#K3MAgxO7Cp0$mVi8mpvr^5NQ3ZzTSM`BkR-8`IV){* z5R+u4*fXy{6<9#CZt;X*2rirwGUe(jpS}){tlDxTXmMufVY>Z1yQ=X8u;Gs_3?*T- z)p>}nToGZkIiHWDuGKtu(^Pt2beC50lty%jh%jFyV4eQD!TF_pbXnfWFLfrjcJ~O) z9H)J;^m3g3jX-ef8NG1)lO5?X9M(7|wmW=4K9Le^?B|(dSfJH`r)L;3A2AB=APU+I z3X|ehbO3uuKs_;1(H_^dc=MUic2Yr1lv;dLYDg5uoyYV*Fa-sXw&n{tG~}mDk2?yw zGTI39uU~&8PBewh#;e3*JxDX34l=-1VL?#v%d=HiFBL#%C_G=$pwti5R4|leI6j@m zb~DJfoUTppZKDNMz`dJ3u&~6BU^lRbmm~dHU(4-H=++c4I7&fe2dH9p8$IL-O_~4R zp=QCp0nDAaaO@75lCuDCDEOq0RM39KE5R^9UsZwSA$eiLXkJJT0xfZla^uKkXE!g+ z4dy~;yfAN#4oAW;@dLk-6Gv!9B!|GMflJd0 zA2qJ*&#dvzI;8dXyxuQH>P6s%b@@*EE0RcbQs zN$C<2+)3gz7qKp`9$5?W^30g+Q@F191+To(lOf@!EpcB+E=l0I47RB~>B zR7oQF%D5(15dDt@g@m&_a3u2M#%qIxV5x@@u$eyZw!A$>ueRF5w6SqxaD)0nwVuEd zP8JqHTR2t0FBX~^co9r$q`DC(vz2-qFt{$>`#nSvPM9kS^ARmd$+KTt-^V8!R~`D~ z&xl*`^jqM)^3~&y8vz z`<$(1lhNIXEE!O{qszx;K;o{#aBF)Y zsa^)@+TX+hY|4&xfXCA^9ifsNOQ};_2^BHD8(2~S;FtiDZe=o3lZ2OE!uc%MtW`)^5J@wJ+cQKxvT z-yYCX-)}p_*K;S{93Km95OqD~+KqpBK8l*@T`wCZxeb5*(dHWb)2(P-c;vcQ`PuFc z8m)8D<)Xr6rJ-6ea0J=09aEe}8d614_M5=`;V*3x7&Z~~sS279&0OpLX0;*BZ0X6f z64B!*H&;`UD^nKFJ*r))Ph*|V#OX>T^M!3P-$VAy2S+S2Z5QG!P7r(mNNsMz(%7UR-gO@32;@Phsa;!x=|ZHqqymt%?=#-H?Z(41BF``Y#O zwp1Xjl|8pOe2O4z=D1Bl4MjWNw+$xC%E^?{@{5mbQwfGbiWYb?v@0v;1IjtmgkQ=;OgE?zlRfAI6HcwS9+%()E_ z@9o-9?b+w(a%Z!={F0!OSG8AFd|+vrFyPDNk*@BUnQGtMTG z9iU=)-sKFoYq+Z5)M+;rI>wRpEFiH^I-}#h*mQ{|(kk{R5;86_kuK#inC6@K^2K~_ zR%g?_%hdvR=pN)qA@2qpiIW;YRI=X2v$8bo~5BYV5L?z0%WFLr@>N5mcnoh6CZy}#jznsE|cOwfoLJOLZ8L3 zr@ui0N|RcnwP6*#d+w7GA{-s76tM}`2q}KdX023F9#(roe4}BH1}QIWw+YUBwY?B8t$ka&GZLAq<_Q8`N5!ee zOqZe(@LqE5`LJ@dad|(=@-8$7eD4k?^mf9yM46nc7T<5*yD8y^M{D(&XeX=!j;{b+ zS<}5e3}dY!c>5G%3|-Z2oqJ2PcRX6U*$T8DE1Qt@7xvevzm*qIH+U=r*U|29PTgSK z)X(5-i4Z608u&GEH^DlOlwXOpyc=(S?z@Wk#97Y4h`@0OkrN@I+*+=Bq63%4)A&!e zbbkL+BCKEpZ$k?V4YjE|Cd&@feSV32IsbeDPb!E1+cj`3X(`sy(5glxkd_QzBYGc0 zKYtl^ctj+Qew>`^$Z>f|nc|Ftk@5E7c|fW1%@7C6b5nNOsjK4(l;7u~{ScPF>Fv#p z>h$`tv6BL${edsN?e(CREYq%?;r5X(u8>c+HFeDTKKCsK``hB<5jXup2RBy)10}jKy;_K@cPjX|Jr9Pfs$4A$4x;`_;w#Mj_Y+;08jOW`#W$M;{;@u-<`z?Sx0TkvcJ5umc6 zs#ikkFV%We}n24D)`ys4K-uWx#QI zqzh9mY)CrN@?9$Sy|KZFUCQv3TizMwer}uH3hI_oW%p z1?QP2Qfx87dFZQzqB9qg$ovC@&mdG}tfba2%gRYvl<{e}jCAZ5Q$=}}Bpfv}?Vg)= z*uC6^cmEVdcn%7hq$N|lEG1Oge0lumSkr?U9GpJ1p_XT0pwc~5gpwahMbe$M>>OVr zvz=&cgFd{P0sO7Ko+Dx9mM7j}390G@eT=1;)NB8{e7&JG(r~e#Zt|?#kufIYE99{= zoK3EbOU7F>pH^_AT)Vs$_ds>a&Bn3^-wZ#j;`@o%>lYHE#5aGI%^zbSyV`w%CqjZC zA}9FRy=XjYNc8=XL^Tw~$ize%@)B)~s_{6I;LQojU1EvDC7QX=pBqFBSkNd}bWGUx zRAEY~Q0y+=c2uP}X)@_;s7OOR+J>&&llCsjN207C3^z;qyVQgs^t|Ue&3SW^P-Kq9G0>r(wqRx9ztIg zk-KuS;)Pxnst1F`aKwKH1jqBC1bhzg;V?J{g7ndj(mHPxc z|m8PU81N)z@KxRE3t#^@UY#EK>n(-=N z6rm2`GvOI9e+vGX9h5`cZ;=^tN$+WqnNVpin#m)&z&fWP?a+@>FHp9Ht;&iwv_(X+ zMP#i{i%7@z2*diP)SvLpy%m6HJYWRt48eG@mmiEH=#R;;UUN9rdQ@xRP9Dgz(j6}6 z9!)2vkIT;*KV{p&tFb3Lsz}-!4lw!CM?Q3cJdFi_X4TXcU#mGUv-g^N{WjlqCID{IyDI)~YnD7D08gJ$b=^d(TC5iLl>TmH z4v<8h-a&Z6i`}+bd$vrAGkK@6SB;A1rLJ8FZo9K*pc;1T$0@EKo73uZRn}*lj4fo% zQs+kQ-XBJ@TGhSIxVuI*tvTzA3!!E9f0AIKT+x)G`Me7W>ow;XG#QlGw_lXxY8kle zxZ@R*0mdImmxVPcDw6S0_!UWmB%UHG!>#om%)i>jDMMj{vPv(@&bgwm#2SztM~zPG zyuG=$X7+Vv;U4t5^&5hswNJ1kiKnjTs=*}^MrIh>OQD1+{4~+dsZugSL4&^g^*K^7 zSM0MP+K@ghujBC0;~3Sf+~eE@3gHcky?3pZ+o+k^Y4nC* z$?w^#+zu9FDGM@5vy9LczYGxSF|-D%Vpwn5p^>4pe#}#{HCbM6myr3FqBnTEmzOZr z)&oCNEXxAs!zt`VElcB7qRNF7=`2IC6(P_}sGl3*vE|)p?|i3=CIJ!I)My^ZEtw9>Ol>+@LJLY;RvdpOpvk1r+DLuUVrNn$LJoX)Zis`@i%d%@Y2Pb3#obdt=is`rI_bz%OI zpH4(|L678)0rg%Jak1w%O859YT8@~(j1H2?{;~8U(;1%l)>t0RfA^lPp1`kiK`JX% zjf|Cx%kpf|D%cIuf17T|wDK?-N`eR-VWWMo|7~a-Us^Tk<2Vhp_NmX2+1Sy{r2&d2 z+BgZvI<(1(;CHtaT8)*CF5LAy(Qy(dQSzs6uSc*9CuS=Z5h6v>ME8nRWjjGS`;_*m zoKm<;xbe}frrnK0I!d|0N++Qj5z`ju6V@iL#0U^CocmOaY0 z%UI|^cb3Lu3pjO;-;trcFRJ}x%(ippBPpQO_# z_gN;DJtXu=v`t#?YP4a_WQCx!Xz7=T_NwYZHv}rzf%4J>tdf&1^m=Dvu^t;H|HN}1 z&d->ot(W-OcbMXelezDG!fmG%)0h-Nwz1I_->G$>{>6Q2ekbSEsZo!2{GL};udk7J z@^}VE&d%-yUFOhEQA!Ua!#CvIHrkSHs}^57B5g*`rV&$}_Whb_|7N6>crGP7!O{sb zF?lYfMoR9CwtF%0O96Bk*UB;&VBI18AS0RquF~-X!yXQ#p&bh^d7Fe@H#@dphb)7(Vs~qpTBxF~k@ox%k zAgBuSihS~&0fga zYC2x!*kF6HJtL^KYwq%XpSc%$I>`UIj|LCYBxeSoy4yk^<1E8IZueWLvLw?;AsQ)h z`MJB)7GyzAf@we=DgKS7P5}kcU(!`o+>Kb)I4k!b}Wo7@DOa z{Ir4syyf?h64l8?@;2Mz65U2aRi{e?O>AR9YWHW5ZMoPhtq3I-F3@ZN0aTSKiyKVP z?VxO(6bjnFfgN}SItB}zW6Wd8C!7L^S7nzPn^2<+vrxB4Kg&(A2|VT75U_51<|7@> z*7@XPCkz}5?;rMkY}!Be`1r2l;>voRIaeeG#)GPCr>oTJP~&$$0tv>$?OVIU4DtTr|IId(ILLGPlF`^ln&+#5~Rha5*k1ygeRq-T^9X zS)$qS%}Z0&nmg^JWhdE4pjzvqZy4{m8azOZ#=BNtvG&XGkTG;=^Y+3E*!yF<>ALYh zW&iz@`k|G^OYi>i`37P$QD(+8ldZAtHw}n(@+DmyQeR4ph_!^ziP!Z$=Da*c zKNNA?deG?1Vxsn18yv!M=Q~y_Z%YCpCD^jxE^7;Gc}aF;r+3YTy%U^6?3?T4)G1zZ z&rtFG!$SDGb5_rLpR@1V-*UhC8(R320wfzf+56v7F^tZ(-9uWr_@=p;)d?!%Vk6}h zv8|JIW&&rfih_$Rm9BqF|87MGR)%ljwsF3hoo9X|{Fhd^)3b$DuFVM`_kt`Dt(?)K zy-gLNZt{X^!FQ#aQaqpYUsDRWs{7Xy`fyPZnY2;ULoCMdn(B_Vy@7S-$;6(PU|;L`>Si;)OCFNIG=}Z z*mWst?_cB<^x&t8XsddujZ^)=hj#Bwt1?kp1)C5Qc$*lg&t8LK!-(Szd{&-qlN?J&{GJ};EQjd?h5&S1IemkH=$=W5oMNbT?~l+x{@ov0`6+3EWRaRwYt(_ZdRedc(m(Xq)Ln~hM?-J;zA~E2E z&ze!L^19SN$jOxQGUbBWnsEi~#&8B+Y_zqZGDc~!#bD!%o~)*>Hs}w{2BVa6qX?fS1h25<)@Y4xh`uZl z5Z|b*vGBp_;lrvIPqMyP|EJ^h@#mVYadSZfalis)b;JA{eOq-|bKM#lRLt6LC{!mo zWevHC;Twd=o_5>AABPma+u0+$gejREZu;l^GLks?%UBN;D;$Tl_p;5|>^fO3=Orq) zI)4WAlH^$4rK$?X6HYp`Q7SrY-k2P%^z0A0w}?BWyJDYZ*r1h~{p)p;Ta3@q5pp^{ zg6-X-L(@sGNXC5#gJ_5Y2=5MS0NcZ zDhyR7IrB;Jq4c?3KtGaEU;oQ5fY^Y&Ft-@WK`8mMm#_ zKY8SRgR=0c{(aG0BgM=}9ds0WD!S^V%jC7TamTu6>pkWDj=xdeX;9N|>~V`Kwz3MS z>ZlF#P1B7dD5DfjlDJ8ToqbtW1e=1m(Ot7do?&L^H6Dr~?gQz9x?GZsb)#pAD;D5N-f_PIFKSHFi+H z{w&C)$Gg<%ox*5s*vin9iP5;b5*REFdAbvuV9IVYpAkYHlE#m1vweGORq?rQc4__=o~Q1;+Oa!CH5J)#YN)gbZtBLBkU0mCXX z-W0+E|H+3a|1x)MwP~E~PRuB3TEP!O{E~R(eK{sxv>HFD(*BLGh3CdvMlyTUY*5Kq zZSseb^Tv!~8-p}<(q zxhz*0g;}Tu_5j$vnTVr{p-VZ{0MID?HMLRDy~?bZau#H16mC<({p9-i_P7KIlFo&G zlgn>2YZ9?`WqYLwZx#0Rvq2ZubY`}h_1*QxmCogj9klf=gV-Azm{y}=KUt#Sb!PqH zk(xXUEQZjP_o#7Z{iAeI7-`z(OfH@%!-q%F3ezQ*7O5B$nOL&iu*9|cU~e5wc8-lV zl=5XyUFVavlpI;FhNqsZDwWQ9$yEpQSB)~o$1SOGd}ssNrt>woO`x3t<%I$(1{jS6 z{%A5>1zB1~&Ajlrb{!U+b~l>i17N#=hhg&4T2!>CZq5ub?dG-H;WSHz~Tc z z6h;iJ(pY3On+gq$0;_acvBYHo)n;t0HY1i()OtfkX}9HRz{lQOb~Xoc?hosbT+Z<; z-gePBi_>7ri3#1!$LE1=;R#joDVp%S6Usy|8t6Hg+Nv;^Ul>9|m2&I^% zWP-JyPAtuswVO^e!AfIGlaicKZL3Ctz82g_Rk}@{(zvQltAfWHz<3P-nNKXQ7P6z) zb8@nxLqX4h>)bwee(i3zpfpG8r()1GVr}4UpDsCL0jSe~%)8L{sZfy@q^+6Tzgd-b z_Zl`5o3&ER;9f&27xGGn!(5@jzal2VPXT>J>jv11l?3Oezq4n&7v)_G)6jLlAdm2n77gf>_@1ts?gb1fqVpuX zH_IK`6=#c1sCcYReJTJtHjZVzURtnSAiAH8Q$^U>KQ)`7>oE2A2zLFN)7LMm}<5^sAPM=;m<5p7gS=HvN?GjlN(bS`Jl#3V1 z6)7E8jK9-(ohQKsZ1nPKuVAXy>r{@bb-$)m?ggDGCMUlxJ3+P%i0|shRfp6qBegst zzf!$NRSqDI64yzjS!Wuj8RkeHgrbu}N8ZvnoS{dgP>rK>4tR&{y4zJ*S8X5ahuoCD zf31Gl|9Q=_?=(jB06!R$7(@oVr_MH@a)!RB)G>G6Nr)Cv14p&_i`B!H7l5PT1 zNH$HRf>Exq(n8|Rgczyvaz&c_JaI!eq42Vg7HO`;cCGrjaeldR#>O_ievDj$JUs`D zC}G8X9veFj)=}0scfa(BbP3yZsqf`x0=e^gtQk_diEW|K;DN?J(o4$%#$A<|Ea}hK zAcEm$>l{RtiCl@OU7?YeZGyCx-m5;x;C zD6LGM#6ayaSJbj@=xma-;ng-LAc;}iW2r^l^xyH7RUTIb@fYnm;+|a=rN207NMnDeyLUF%KJZn#z~8&(x9g`8m(tw56cOYksn$Gg4(kE9RGIlbR4N(lHtu>2dwVGLvrte-F z!#bX97&RO2XKKWaL-9>U^Dtck8wV``Cc4wNxog{02=j8U39kEVBGo6NJIWyn)Okwl z0?ukH^k*{$c#abQg|atHC!QQ4PrO0dK2V||{%;S?_-p>AZ`uT7D{m$HqoUxByss2t zkrnv%w2)nE&*WO-^IyydPN^fvH_B3~TGwd|pqjbaUMXn5YkdonhI7s0;c|Q*k??*@}t32cAdY z2B7B5=jMuQCUnRwlTgtJ%Zor!v+G0WxC%_=5ow^3)y-*6X)>tIA{s~PCvI9rY8`Pe zn^Wt%iQkDI*Jcw&AYMD;gFX}c2^(_URd+0fRiDslBS^?yIgf-S8d9(?HgmWF1aKYe z;O>Kh>vMIf)5|8$KHje?*1vHMdbIJu0T>Y}b-`D}Y~St1Kkr&DF*42J}XnuP!9_UF2~ z3FGretm~&&^9N^gDbHpad-8LVvdSh&nsmx|OzN`hpYKy}Og-@!YeavzAd=oLG~`pC zS7rgDEhy`>DRbvxzd_YZ^3rlFbqVu~A1GUmJX}F1Aoao%6sww z|3rJ&c-xI9I_`4hCYn!k$|DerIEG3|PYC4b%ZvB9Dxuzh0(Xrwil?v?owudT9ek70 z8-IL}7;Mb|-mYfPC6IJza<(e^JqM)$>l}%83xzN9!eI?XY|0C(Oq3}04K&nHn!uul zrZ*g{G#^0g%(L5b@JEmD3dKGMMU*E>mipv8=PBc>A(Z*!X9#%AU}lvF7$Fat+UtTO z-J}V$%A4u&ZFif~@oisrw$EGbeTdEG?5ok`>(_o6ZqMQ1kDX4sbXPTG_qe;!22~mS zpY0i84^HiBYFLqi4$^{Lw{9KuUzy0?uc0>iBlO%`IzLi5*u$ zD{hxt*SWWqz2fR-mrHF_oJ-f7c=Br&`HWlnAFytXZ>yy+e-{2mlhKr$q&`gAOKnp2hD!~rYKSj$cFkL(7-CD7sWYUB?_({MKE;1qu$R(fA ziPZYGaTsN(qiAnz3-{!`doYLRYK^aiZSXSN?z4t%o$FH1QOEJnTgiX^5V75S zE@9*uTHEXKU8O6;Y0{Kh5?>w;+I>YUuf8LW3F`M?@HB$CxYmevwKiIMe4Aeu$+&Vg zd{ar=EO^kPf5>hQ2p^;u<~!jBSUW#l;T4SBj(AuCcFq(4D{gL0t) z0VZnTmWC_U8`d?Ab=rjSl1&Nc2uZpD9Hj1}XknRaxmA|pZ1GNwz=pV1-SZ<4lIg=e zRv}T113+fBx?Z@kU?qb7%$VmSSM`lLFXAT&u7vniNMuQUA3*J7NwZ#{jKI->iQm$~ zQqV|I&9HV(gzW2dT6+Q}VwHxlN}fwoT!_0(lwixYC@cWMuo|qCn1$waj-m^;M8@6D zj~*?PT&}XOvM0^=hS}Xt$2HknU1uW;-JVBxbEgQ8?<457eu@QZhv#fQ-H+32HHZ<+ zcp8NYm1cdaoZiQxb5fL%o%^hL(yf9S6BFpx%ElJK2`Y z>S#GqWk?Mn?<^}MUB;L8dS%oddHAsUO$bFl@l9B0zqOE_?6{s!#on=y&%(alPU(da zBr2AhLuJ4k5`XbjEnH#PiK534b+Al+pBl1BWkaYy9JQ3hE&0WNYFIYzm4FSy z7kNNWWt>EylyS`SN7~>U>8;%ODPwkqYGE=1V{HWa5K;LA%1S4Aa3}EW=61OSs)}pS zOp_$UDFa}bDJwt@gWKI@&$nEB7GFuA-k*6;__y#BTQ*(Zg?K`iM_xk9;459>q@#E@ z!e*C)PfFV!`!{VW$BTK`^2Jni9Ct~X}&F9pe!(m^<2IJ(7zf+S!rltqj% z;k-ilmseT|iJ|0jQsw+WUt}b|h~L0=f$i|xMIUjLhyBs6t4%w8byQ? zk1k&}p^%L%=cfs?mzS$GLG53AYiio0u+6ifU_mMc-80M2ZNJ#Ib~F#6~rA$gi zV>qu2zCJqed6gP?>)j0 zj;+ONKD}?00-sK$rQ`gb`>>kS6jC0Y^xpY4M#+VR*x$ZPleJKm3sSs1N-xxdP-EDZ z3Jeo%xXh&`DPAPyq{LcO5ohaF-Sz9aM}@cM!J-9v(OlLus^Q{yqgH3}gfjH-Ov48a?Z;hLL&m_(Jh08kNCDfI zSnay9ZsTqEkmk8+$)HhJBEU7|Tg|E$lMYEpWt^P3Ar;4zk((hsJz>nP(_R=^diXZL zwAR=U%u=Nf3rmUBd?_(Ib67fr%lG3t56-f$Ag~a$P8fAR1epfcscd&%z}|YT8WR>9UuZf! zU-Yz4OwF6~=F)4*dvJwY$?1NJ&c-X{N|OafFc+BWMnQWT#HPYFc^Nt1j^Ll9UF=`- z>v#bnA$>Eh1e9xSxH}*NsT2ZGX5|-anj1RSfPh7QLh_Pd_x;dbP$vpRFR*x{Z|;+kRkE?a}W>?dw0;I~$8 zzc0c)?haa!N}-DiPW`e|<^eu--E&wNtM)o2!#?7_0_PSM_XQHTi4G`$5R^f_(VRH2>^Fik>?t+q%Fu#JXdq#SYT6Kt!_%s?g}2SQ5?^?` zk3{qQ#QKS*Wd*SURcI`ZpIQ}pjf?qB<~VsQzrLQl5 zQlP4k^J7aaq*4T4w)faM^q|en$4Qi@9Qwt?{wyqs}L~ z*52s?yO`U=&4f?O5tx79xJlwdVMUW_h7jw;4&Wk_K{X-IG<&PDRoFwxiIA;$Q}W4u z0xtCmq3oslwWhR)$Rr?c>SE(iF7Dsnj=aVBo%`D_#TE}bZ{a;RKXmLQ2G^g14)bOw zR_j$K1Q!PKtK|9ibqb>+(mN1EgQhISw{wGLvyS^RAI{s5Mm0}5Z?8M@*G$Ks12%iL z1?As|uBi#sDHyv7hV7$gE7-HA(gjccQ6Qg^Zr7#11 zXf##Y5n5(3TA;Hfy(nfJ!B8xy3Y2}8a0F)yP4rc&dE3&5aG--Q`h#-**k`iwh<)K0 z-z~uiy-2IEeJHS*N>p?Cv$;*8Q1G2Hi3i2l3opQp7JoynHbm?`YV#~b$*tf~thDS@{b|1p-tq`As~6Ap*_ z9gs56Rb6Ey*U-%(XwAEB4g?9k)x(2p-E7K>7y$CTr!=XDHTg4I*%+yESfzY=aT-k6JVl^$6W8@(pCqD=zZDq+~smjnv zmGyPHGT$#Zq^1=ql;vr7ahE@G2XeX+`NUrW0{O_VGnNbA1ZMGx-~2AnVKF}df8eEj z5bio%#_-ucdLF<9wjdkd{C43jeRQ7|cIx>6^jTa2Oi&yjwv)Pyy^wy3Bj9Mix^r<_b>ukk~K1fCD;Y(KS91;_plTZV&zB*G3?jAtvm|(=akkCNVY%B;6jOBRew)(0 zsmy!(Ci1z+VYOIPA$pS(BhzuvX6C_qepIIKQ}-u5F2?%EEpnsHa-}fmqx2A%F8dkf zvJhf*2MkmOrhZDjy)ve?8?3!GK_HIInK44-!Wo*!8aEU-?0)bm5(g@f5H8vz7K1^_ zega;{6!;?=+SRGnRS7WwgB0vK5-jfTv4}rnnk(8!-O)!S-fImf%!u`8`OiZs-htgL z=vt9LZ6U#%P6h^%c}21?OWg%VJ9#s2Gshz8t^tk)ezfnpFn=&1fF}-TA9uA`EabhU zH_~01-T)nxsiS10P4n>VkEuRNTlW3u^wj|f2s?20uwolnVgxJlZ&9B>WJD{Gq@NP| z!WFYAIloq+f?{#%;qzJdM*#^ zebrrN+n_NW8^E2qv=>~zRkoAZQrX?zz>mL?D@;NOp9&+6lNPXZZ;P92;uA$Dm4wgj zV-K{}Yu1W#5)r}H$uGK^cp55M7Sk)Xj+;BI5~d8IK|v>}Eee|G87iN#q9_aZ{t9o` z{H59XL#Jl~&A0;EktKbH1e>aSXLSMDo8@%L8bNR-oY;^(9>A&Kqah2)IDwbE6QECj z6>7E-n|d>BL4RZqjN00V0Lc(fVg%uaD~UO8BPqn!w;JA|PavVNWA|+!2n-wui(DyI zQW;?i5(S!{Lkg-8cs4fsbEB|Sc88!jU*^Arp_-WS&{J3baOp8Bhgv&K^N%4|~=?vP!= ztg{TVOrlzzlE)8VGA3bW$0UP;LXtF9>&Y8fiDDw7rL>Vci8-{oe&k?grDc*$Egh;u z7u+UjrMU=&7=$2SCgZ{4((uF|j|q=HcO=2HT@h8yypb%zoFbn`#A{170BaJ9_$n~O zLzzkeE}(_i(L;ZURsAjq2d1o7Qn6A|Dfa{$Al!9F9nP7>LS#8mA%2Y$7)_V>TH>;xB-d-4-R6n4fo zMcry7d8xTwbSaztCbzXK`k?Qz=KviU|d17_fHXfJlvrXdAIGMNYxp*?3OU63vL^J@X*!;F6YR&d(A) z6z7735jk*E7CIVvN0^TqK}Q<>L=5G%6qzVp%2^J!jW z-RAM!l1%Ku?wE=Lc61y^)`&eM2UB}gWg;0^_ zegdw67_TBragmqZl)zh>#!IxF#??5?cI}~%AM(k-?`_p{NrNQ5(mQYtAGvM#(RYDG z{KV$~nCEgAp=dhn(P$-FdD`mK^sFqcJnqVMjXH*>j8zqOp)gYY8G>Dltr#eY2dLzx zU;-9a#q6?iB@=U|`?TNOZrO~oStS#5hnQJOSwBe$&Xr)Wv>Al5swc`be|8pnN(_#M z<5%!4;g@+=KFknc&mZ2ERIn=9RCsnWDx8ZUsQJiUz*D~YJ$i|JQiXn`AiaOxXGS;{ zTB5K@Cs5gUOp-OE?C)UxMJxb_w(LOrw&N<_*M^QARB#;0?71O(Y8?+A z%M}=9mle3NY2~H8KBgY!$NaG61c$_zHP^?fEL}2Xd8qI7>~#TeN$DV-{`KYQg0HpJ zdX{6gN&U-uAlg;B`pnEgZd21ECIaGru>BefM@+_iQH&|2YH3M5otbtiS`@8GO1VwN zcDAYHgw2ilZjkw}^YF03o8;`~#4H1EhtOs3B6@C~;rzqUKpBT528FX54=#L>=#gTO zlQCP5ZP3w*yvsG5WXxI-%Bvb_hM?3lQ&|`#M9Y%n#o58}e+WHUtL1W!7>>be;T4j~ zJ0<0ZyYY?`Rw3=o%#!Na`XZE)cAGCy7K{lK7h_+qH_6oLFywCwC|tUj`!_4M7+nTC#0zQNF2`b|v)Ugg-|=&A z6>ia|x}G|2RIQhP{X`yG*Up-Z(ef5Lt4~W|NiO-}Z!Yoau?;+@gHvHMj^N zOD~_eIdP=@RD*gQe#CzRp3f(j*Ywi}sM>%L6kho^Vt}KN2o7>xVn><2PUxHz)tF%% zLl2L9nMZyBuLNFEqC`2>j6WFd< zxH5ich%RZrmoA)lWlCe=^PxB}X5{Jf^?;3cpAAlkyfv|| zvm(WPG_gho^ND?>_#Lr=eleeXb6nLS!UEkzJ&zGDAb=OXuWcePq{?rE{FYtcMSc>V ze>4E1woHi>N!o^dmOt<^a3HMXFDr-PCy0PzKJD%phe$P0p{{=jm1)t@ZyzjPb)6{GUiHozpB%)6qm;#H=!_!1;qIa{Yc?>+;~PX z>ZND=($jx7&TmzOmz9Ia0iZMxzkRPZ8uU=%+b}oFO81)E8-dSRd%m5lgVw;d*26zu zc?ifeAeDXIez%-E7IGCq1`!*iDzERC@F}h7=$ZnWLgdcS9TM%>JB0MHacZwcRjnvR zqoW*-q>K>NmQw~S~j*xAG-6FhHCQ)N6 zYOL&0+64xI|G}!FOZen_iEDpZj;E>1_@sLhkZN9}V5N^WUpJ27M43J+lTt$AFpc9} z&8?#Ldp+3Nz$PVyqNU7Y8q1mG(buv2&1)Zhe0MZv{xGd%J|#747VRGP!08_0Hv5I` zz~G+QL9l92M=Xi~u_>JZw@(98i(pHps1!STm7&UMj^bLkE zz)<;*yfT7g)ch0P2PLVuhYiL4_Ym*ZF1_9O6GaBk-RBpbVKry1kHHyqI-{Giwfv()%V8uF zh}8sV)Uvatn()&eVKRs)@zFtVMf|-grTP2eNS8T^v%#Rr%7FztDzYFi64>(yTp!5x zpUCk?MX@{=V5rW}s>+0yy@p%aBiX20)$y+Tv&vN*SX%?2pe zwM=(rQ{TOgfT!@Sxf+6;nc%`odibYT-DV<+;hj&wBtO$dMV&=UWF4Kr$dT6f7vtj2 z`@9wo5DE;$aKcE@Foi;zSK6XfwfC(S##j|K3=_uu&KfqiOmG96t?*b7g?reZB`Plk zOM~$X>r<9hR^Zogo_P@_@ULg~iM(etTPh02pp?r41${0i9Yy@mok++@lYS9h!O)q9 zqs8JzK-v>fkdQUS^MfWNnD2S!_ArYR?K=RYI~WM7qyu7>Xc>o=Q`l9~QaEml)NWuW z&v$TVk=$B-4Xtm#32|2`Sva#OS}B2+Pf(W7GW(l3S|_NC#W=(qPvx4dm^4MbI2(uj zBD(_r@VW-x$M6|{t8ftHE-GX;{gc-}gG7Pp@9q%mbo=0}0Gry;zg$mzNX&!|I1ck2 zz!aatY=7Bw!48wAzd{QlEga_0%Plo`E=q5qJET)IS%p4BeR#B5PZA1 zPvMgn^MF(p8{s=S-~N2Yge zu#7qwp_PmZR%RVE&u)2|GU`Uci#dvP!n+TpdReqxU(ap zt3BLP?=>XZ>Z<;7%;0Ajsd>b^LtAM{x+VLEPpwFi?}C)~Na|bkR%SM1)!gtA=EGnY z5&I%XAIJ-wBcsqb%;u2TG{mLJ%hN;<#We194_cTe3^1P@tI^wmJGp-HYqVt?fmcD8XIW zrKPHX&tscGrfSp3!Ni*J?`pA+ygn=N^Wz1Gzzcfx_siLtyB>phrkbwqr_QyPY&WB& zJG1Dx*^XjVMLy3;-$^|br*>`54GuGT2dbAp&b=!uq|Z>_;1?IrBE$=LWK}fYSwO1Y zi(~s6p7oH;2&X6ssjyUQr6Hci+qj2WnN?&jm~jn_cN>2m7P`*C+>*V??vZ`xV`&eh zt&?;gQ<7qvP5k5kV_94k*0iu0il=hKX)@`}(X5S?<_g1I(@S%0=fZ%mhCwS^94r3?F?mO(CUJH&P*nie~R zY_Z!H`VCdC^+PLE+PBrJAiwLg0sM+<9b6iNMySX4OEPM;3RXHpIE1 ztRD3Xn4w9`Ko*KrX0r`5q;Q|{uNq_N)JLR<)`Bbbq=VA;EfQI9rC_>Od$f6mqG3Tc z#KT-FK~j!3m&iVD?zZKuE$1hKM9STj zE{u;Z)Dn=+ywN2FjkQsX@BlpDf)S7DQ^=O+;x{1IpaK~k0Ri9qa==M5*Lz7hyx1SCH83SngQb z8+ZL2DtTrt=@#NIFgrn8JYU9*4Ds*HEC{~BRU8`SDk&q7RtyMKC=J_#r>CGATrAR- zsVmd69CJpV3c_9;)V?sMi9W4eVyEM(Y=GAK)i11OtfW99+iTg1=@q(J?vQZDtIMtP zwYW1@X*qe)&=^#C&-KQActN_hG2S|d;dEezy_I+ET6mljj)+wByS$F${>~~2VLM)m z+uOmn#b|~~T%De}R|e5juHbMdgVM`>+$d@D<~j=gRjc3(%bM+ZN2DKdv|ZVmXsspB zx~NrRRv@h1huQHK&PgVha9J8_+^ps*Q0kX`DsYDl$8SSfozS$U81?$*d5^(|l_%kQ zo(+LD7j8R?KdF-IZ)HFA=7Q!*5Y(!Ft6u|>_rJZo!_992C8C9~w=c69E(-LMH$3ub zfx=He7sFi%IV7 zj|Lp^J_GGzJNiri-v7ZYK1n5gQ?tiM75JadXPjrq4T6+%#Ey#UofKmWL%}z8d4kz@g|F zCh)CUMu=V6hMY+=P&nebW1iAA3Zxs^lnTROx3`4%BK?Vqgki<0$-I1HnLE0uH7Bfp z8L8V)u~i&CvTgCgdtF12MZ~NxI^5gun;7n++veom2C`v9sqH9tQF&3WPscP1)EuOr<`McFJZJc1 z?6UPDFD@#1(k~mwUOv@c_w$hh*TkYEo;ek)dh+7*`FVZ?7XA5>rBlW0a+AvtXHo0O z_z6!A(unfEkX!%a?*1>*;9tP%7dOtp-ptm~#{R#6t1^04MgTeidow*tX{9fbrJjic z;ET;D;9&5DPX%z$v(PerVg0@&e>MM#Xc!q7XgL^|>AzToijGEB$^d2-T6PY0W+wJ8 zilLsZxRIHOsUv`m;Y-R$&-8^KmG~mqnHdOJn^+nF{*vgv%ng`SNa zK*PkyOv^^kM$hzxxTB{BFwlRE%+A8W#Qp`*`>XNAuQOr<{0ngRpTN7n;LQKW$^X*$ z$5jC1ztDeBbb@*gM*qUh{^PNtlfL7>@Ss8x!hfs&;xxagqF-l9HewRO(t5UE>{`Pw z$ITqw{v}p)bNKRF!rIv8FRWI<$i&RS(cTR}E?{V*Z$tq_Cu?tLWN&6|0wDh%wJ)Kf zldY|#k=5V$(f@^Ns{Do6YOt~VMbgp(7}?lp*_pnA^&cfB7G_!wc6w$ut*=;oaRWK% zzk<%j!3JPrVxp!03K_$Hl>YBd{%P^Qbo|vF2Y`_sz{0{x%fQ0;MQmi`05JWh4NR;6 zCN=;oD=RGr2jf>`CUyW5#}_p63v0;w*8t`(bN;DiWuX7E{cHLGU;M}a_Trzm{}@33 zA3gpvHv7Mw`A6rUe*PKdAK5?c{;B;B8~$zOKeZgpOtkFGY^<#RVZpy^wE(Q_09KCw z2nXAjdn{j9;6FzGQ~Jl9e`NoZ82>%^Kc&At{d4wjceMat^Y<0Af0Wr-02=>H+`rWR z9nXJS{gwYa0$KnL1^@>W;IHrtPx%Gq{2v3fzTPy#D*w9F{u_48_#edB|1S!XgMpV9 z@O4ES=~+R!W@^Q)nfKGf1Yf?Rw4KrZ*truX09kbm(md;_=ixV}%F?ro+|}MYHyP80 zW@6`ixgQ}{P-ZI;r2=1R#}$cyb1y0yH0x0Fv+b>zjYJ0|*;3@!U~u*`>a0&D^ykgI z504@NUawY0Rxr`PIkd0BjBJ$if4)FP)U@5(c`zM-gU`d+EB^%4J<@eL9yDPiFj8u; z&K@RZq;wq!cus=l<)#i<50Kk2X7R5bQ`Iv*miXVC$qvem`8+E*9S^#g0DG;ww+%mM zAMIU!lnxb8#kj4+qPU415TrXXyUcJa4j`)~j1cwZNGN+SM%?2g8BP?W#Tw#`Xo}f8 z5U$+JTb$9p8LIyF^4~G8!pF0UEJiyhV%|(K7ey}bdk3AZNJ{^I^X~tecK>F8|IRai z6UM-=NAW*&$IlZ)9dowODDn6g%cZ+ zfB;$o5Q_}~AuO&c-6Ou-8&wNU`KRyX`vo?f9S{nR8B%Yci0#&IpcMIey8%QIT+C^` zSozua?DC6myt}ua-eZUFyIy=>5YVdq#j^eRGR4F73poC7J$?YeZ4#D%5D2Cqj&FCI z)Sb`qFKrAFm##Y`-&*l}J#9x)?SSv;hFc6c!>6E6f1{w#xY^l&oO&>9ad#OD_q&!E zaq!n-_Bdb8TadP3FoLl8PWw%L(mT!gPtyTsKY{dk!mVY}7Z@F|jIw#yf18K-c3hB_ zaMd~j&Q z73Kp_o&}i>(}st}wZ7r+Dpl66zuMkFuQi__=2RLEX>N;K-ss<`GG({TGPgWbNxu-F zcl~lX}ki=8beRZxa7Y}SS#p&QfqXGq#pPmnMQq zYO25Za3R{Rk_m^>+28ZZBoDM;^U`jMbwKmf=1Rr`rWX>>HKFsMt^D^oJ~p~oMu{c& z`A~EEBJe-!8IuNWmLAvMZ>J91Dsv5WweCG*{I7sELJE`%LyGh*Nn=BUT=c-2sE}BO z35`-hoorfNLy1mA7xgX)^wRFUEm0_v!DCsY7|5eNC*mLIW%3*Aydx!$prZFwK_^9^ zH$g~xgO37H2ADe_g?*zKpzFW3;-}S@9TubR$>6u?fJ71E(AVjJtQI2Cht&*cNBRwj z4uA|z*?rgHc-2th*i5;86|hIWpC$_;-6pfkOeE-}?W|_X>gJ2TOuGE(PNi|hTgB`9 zSn~3b=E|8M}>%sk=(*=nPx~9j?86Prn@I6mb$n+wpe%Om37etq@Rd>(@vd;sh z5E{<0sGXFmbfeLS(13p@HFELXUYUDpgm~4T#p;V2-#LHxfDfQ&gP(&TGjP){>~!T* zx#bl#Sdl8!@x9e;J;rEIqY=yuW{CquNApvDv#A2F=%&Zqn$sek3>jiTF~IO6fbJKD zNg?USfLX{i#B_GHq!{nD5p5+LzaK+-$~(M!ZHvEX zG4S@DiWfcQp`RWj-37cKvJ~d>F6+?O973>R9yz4Pog9Tebh3X;w|#NZs{gE>oUEva znY^p-i=*7@Nj<1Ic1eiY&QYTLCxvis7Upr?{l$w5uZ!tI7gSJ?SK z33(W_BIPrxtYCAn7+4G#lXJxcMqs~LR4vGh>7qVyEqtJM>6vwZ;RHPAH!IdXP*?Im z2kT;lZ!1*xuHuJOMGpM}>IZ>Ixn+15EJ<2!PQ@@dqh6-}dLCO_A-JqdTrG^K3+EK_ z@KwJczHZW?yL>M68PZd8s!kDHl48*lF2}3%pQcHeEWn6gaU~2j<{Ij z5&4#JWLh>^9wnc**OhoDxCr{ENWY`z}|C* zbB|x%vTGG>dJ2IQ@_^j2BQOQp`ud#Aw>Prlb#bL0*6jAMMDPwq(WrMbp@D*z45dqN?}9A=^&f zaCL7CJHKyFbTNbm{K>)Ub&KnD15%yscuI{YOsX}Nbpa6^38_Rfk zIn)Y3Gl4VPVGZHz#l=|XECu0FK!uH+Z%E>dsn4X>@MGM@-H@KjtcwxlClN4F!=lzo zq~xv+deDqypOts_A|@ZyM{k~!0XE^b=}*8cdn>6?3G!l;_Uy%+V3!Wx$YtxCxg@=F z$x6HwhBP`^agNV##STu%g=pR>wLVc4%;4{cu+p&G;#h?2CH7!*V|p9&_LadZL;~eU z%$jj4@=kKMoEAFDlSc&##VknbkFsCLxy+}JC6a^$k~XPRK0lJQ%uI9^&&{mpgMASP zhqTb)09$FhNMP44=I+CMxK*-QeOSG~vjF$K^S$3)pu-=wsWewsxL8uXQjUYA!NR;C zir=krQTJFx&6qswYhS}Ga6IbsUq{?-4j_KqIB43n<^NcG_Cc#yV{ld8BDed5k0~L` zUWyKzk4~RP!0M>x7+G7b>mDV^PRa2}mJ-1YzzX~(UHo6nIXXU_G$X7?c?RUq<6m;J z5m4lb9ln9V!c`MO$jhbhA)gxQaB8igr9|H0^4CY-)$9{zy4<=aA76ids1z_&BinZ9 zqgCN@>1}Yn*JQ&AfHqoh#EP2^w;eboaP3eP3kxm|x5>06S!*pZ{%Z9Q;M(!9h87N4 z-waJi6?w_8RlxYgB)Ay4S{BD*K+5cxAA+pT)SMTE#98X5yE_Tvxj2paecF|RM`zTY zAUQzY-+xmS^@Du645;#ttcZ5cts)o16=P9*WY0WYI(fqlW5*4UR~!mnvtW2?koVW# z{7xauXHN_dk%M4bub*!B4xU&&yYRFF8rc22LqTLsjf-N0s4g_N zskl?{e$RQcWLLiHGTRl;%HV8Y5 z=!Cuw>JdiE%fgGzQ|hQHcDsZBn@?;l4>8-<#8%2}FP9yq&vds&m~M!yBe?AKk3=XU zkrfh{1bA(Uo++J9#77@zi#V~ z5m%&d-}q+tulMOu-kS%nC?!Y;;)8HLV_%LK+oW9aY1Yl}LTUuLoREd>L>_vymt#7f zQKI`)1|+^4vagD|#Nn64$rOYHiUl49!V44fM!iMzlirvDSq5)hfxCjkAwsUv5#R6q zU<~2r$0HFlOZ1lYK|;MoyGE~*91X{fdPl;?{3Lrp^}dTv?z7)JN1le8>c!udJ-Yt{ zoxxo1}}#o3QF@izKqKItLB? z#{qAA54I1_H?2fmrskZW<~7S-kVX1TIKGc{_c7Z{PgDu`mfiSi{M9|$2MH{D+BY6I zlx``WAq^njC3D`5U>;dQhyRDAbAZjP``Z4rQ`@#}+qP}n#?-cL8&hLyPi;-_+P!P{ z>+`+;FXP;#2M_k}g{xs*?^d#yKy%vCR!Ot`6>%%(qb~N z#XDIaoZO1W4dnI0JN)F<3u#X*2^>Zy3|s7g2|%G(=emMn30+D?K459psQ3nc+qiIg zC-R99P|gD2oDkGTn~vvgc)}IR7fVs zo#_7>2Q|udpmY0XG|F?4^)TXL_8}|$tM(pdb1v#o^OM@55uog&)u+)9dD>q9IW4@e zcT?c0DBF2HRdTC-Etl z5Y4#wc|*x3><`e`(>bNb3BRn2kJJA)IKVDNhxnN-bmcZ(jBFLDQIKy3|3dbftJyQ`BFYecbjWpHl*?Zxv zilJgou;(_t=QR!#3O)HM1~hT{6`uE@Bs9j8geZUrN91GgM8{%Ahvbqi>^-K6Yhwsu zz+EJTa_12w5SA!^#62Ef(E`UKFKK)HS9mPc#FNnZJi0cI-2+?vQ=}20ulc;A=sb)3 zKgUahtAmRnlYYlz_g2%;WC}^6G+m(~e+ALupyS1qqN1<=`p~5d-?cJ4{cfF(1`Dnb zN7$?mS16&cZ0FbIdH3enm727=xRO{&wCOx`rs<__-RO7j%RZ-YFKzg7Njr2g^c=R} zfk=ET=k@R0(5LFs4Vc2{Gd}z*5U$nGkftqJKlra;GlpHh%KUYU{TE*z<$L@$19$ss z&rmLT@s4(_cIW)bHRg;#Td-p>5*ta)VkS%mVK+I+qu?ZZ+$BoDASNt^o2W8bwGz`9 zGSE>%E-={BSv?G+9`i8tD4Dc{P3m$6rr&*8vstz;apk?HC{n;ACI-4RwBmnXKdkNb zWI8LGa;rY2c^xzn6Al1=tcS|A2c`82Hx>bYlSMg+V5FEdjT>(Pz6oWU<`*0fi*VF#my)(<~s@+bG3#!^w< z5m@4H`;=xSI1=Os)(we9%W(=Cv3c0ot>n*@BBsH+CP+$D8fEHym7eK8@$9cnD^2M|J|ac3cN< zgqxg=&54k!(76FhmusbvdIA@JLN0x~Ha!9MPCV+3HB|}+^{hCD;B3;TLbMe06@Zs}uIvpa&t-*G!SHqKYNSF(o zmF}o)%B^@4F&?gwq$w>65`>dL+$gtBL{X51E*0i*wSGPX?%O}U#rM@yH2I4< zI&eRk@W-3^sCd-n^9oiIs^Og|bSNvX4ntw4^*r{}F0d#$QQlO0g-#f=%@wAKewr26ig53Dua3=<>g~kcH@$s3zQ0Ah} z0CiRaYvZ2Fy+-f_I&kCM8d%pVZ!fOLx)W$<3bz=Rsj%-?1g3HSYfCTkAcQ?s{z$|l zz`=tI6aH5%nKD&yJ1L5=cYC@R3G$5*LuSG|u9`mBgknERM#v#c_kSgiMU9E?sX!zt z?th7lGg42_QV)l8S|(GqK<-=-@GBAEr}6vT{}4Q4k)7YG!PkffxGTRgq)%P;JrlzZ zeecI7JXyxn>pW3^2rBOLkM?;G4ymS+PThocG;Ac zhfLW!uxIGwtwP9K#`Np+gBaJ<|EwsLUo0lHQ5FTP^$E(W>>3_&uNK9!i;ch(2O9YS zq8J1Y$j~;1>`Y0L&8_n%)}R-iE|MeOqmh{BPy7j({nz};$M*)pv+KJk;GD>aH2@e_#(g-s+po^#SYR%WLDzfOmOVTbv#!h z)FwzX;^L*T*+Q9dVZ=_#F~4!~3vlm9@Htdua?B>qF%qiC0tss>F}k3g$g;>UqlE}9 zh>^%crC=?PvPggAz|a6C49kLs4ARF4m|>7eK_T>e@uj)17m#-GuV-q#Y>>zht`#A4 zfYIDHmysPnj^|9iPic&`H2j4yWXxnj4=3D{x)0R>=1c}BS{t$#`JfcT1q1ZOg3lOL z{DXxR#DyV262H$yaE8nnq8tg&gk#Gwh&2q2M>(i9JZ0?n?sy`qAMOP{CO!9S4K5CN zJ-3+siwm5BMB$JNJ{zfG2tAV3NabBObHW*eZLHt8fR@AnS{1n=*g8_vwFjb{^n2zU z>G;p|v-7>I1@Ygo^~k$_lh3Oswt8V5Kk6m)#+{M%LOQVO;{wABWMKg)nK2!y`wvWr zK!{92!SK&@&|!1DjG^M^j7Crl(jBl>;vG0yB*#53S~_t(=+&_=n3{hQ!^@F|e{i(I zJ228o>qF2Z+Xv($+g*EpItcfmI>Zr*6FQOuAhg1~Fvq%$-QQh1AXkWXV80oQqVKS; z679qSKiW+vLYyE0qE3{6Aw0q$_(@U|%HNJ%iz~e*wc|dmwhl z(D90cAzIDY1R`6Yh@=kU@2o!cxcddgt9Ml8?E}|H?L!p9mPmqOyP~v!mK!Vpf)^+= zj3UX^!5T!)enH`C7dVi64d)BX!+8r{kyHS26N%S|*MyQUqyrKNbrH5pdKF@c{3Ocu ziR_aEhxkWfIAkvTnWUAp4{VmWFZP+Z2ecd6FzguFFa%+EmAell4=6a0(+CNqUyFI> zxJU^6l}|q8`44DVnQ%{+EBG1T4=)gs|4`0M0;cj2_6Q$cXX{q;0(@$~B-&j;aG`C{M!&xd6F|2L4|<~#L&CgM9&MTdgm zg!`*>{i32vUO@8seTrU1!FK_&)lpWxqM#_!}w_gCfm zMZsg9kGt>mU;wAx5wxH>GbxlqdubJe7kpr-AKeGX3pWy^OWidT%g+jrj>jSJMa z5*Dgaz@`1Z7Vy!dt~_#VKl}lU!4&}(6P;Mu%@t?wZyUwYCDMFk}bFhreS6%uGbl^j2R~uZ4y9bzLjQN?HeVR zx{z0}e;vVmv@v)%J{E#;q7eds0?ru@^c&@5neY>x0F%JB1)^@*XV0?{?>mHmCH6YO zLnE+jciG`va&ShoUe?$Xs2md_riuL(f+cTJK0pCr!3dw^QtMFz7B6dOG;q>jpf`9IL{Z z4}D)PwgPJLM#*A-X@h>H7=6tUU84a-&kF(~%w{02LPx0*`Q7VpvkmO#bW{LF+u;Gm zUMwWEfx!q#=FJ=|Of*qDI=HAWcpPh>e7B9!zV4!hJNhN21`G?qrLZyh$}JfE8#sS` zZT_s8UAGO*hLSznD1dE@L^qgAB3Q34ozu-8mqX1S6#|yp3JEN%CRB|LF?bM(IBrZg zZ0v>z4kn?^vJ4FI3jJzN&9g1Xga>?3#R?f?2m&sLX=ZqG zIUMftASyPuSYd$DD~WlfcU&g8?9*d;TH?sQh1ZMSv3p)m?YCiOf{Os*=29s5C4u97 zZm$SKfy}Ij<1gga)}oFpOuncxVG&N<m~ z>qWt)LyKLfJ>cfVbDr7zm>8a*6e1-DxPQWkWR2>H=Gq!r^cYMz)wZmm#3H4XU=h9@ z+P&#U6ohOd!N5CPEH5*|sF$MdbDR<6rPUbJ*r!y^#0-V3p~Dod6h&~>L?~sV+}gJI za@IZhD~XP~@GJ5tHdenBVlg;oDJ0XQiC-dvkUe2(w-xnqJfgO!eob|ajMzo7k+!Kfy-EwoAmko>}rWU4trx>J3xWkA^ z5nYjG4IfIHM0vFD1z7kdI1#im$dGX3pZc2=>EborP6~DgXc|Oqw`!~=u!fv09uC?XCEN5fIE%Kcxg9Elbt^`GPxBT>U7{U_Yw#42bc;=~nD#NtrY zB2vfzG~&|#^K(f;|MQ(;XjQb52BXn56pY3H&!42O_4CItF+!6}0#K>oiAR^@{?AG| zr>g!Je_MtfYP|XYbZG?A31c$u>HpbSvIy?~;%}RxYWOEhSlKS!SS#Kb974hu$r_R5 zQn-|V+#1mZs1q49FOftNjiy{0=@Lz)BKH4%1!VF6d~R`Cl~$7f#3fpz)Jpt6IYg_| zbHe=Y)YqHHOMfrhJ;g%dKW$mfL;^kogxxzYY`i^STw}@@=N}9LLqyIyFX~jF7qb}< zYjYn63Pn>&uVqo?Q36vr!~{Kr_x*ic{BimbGOZfHCJjz8o*n=JQ4tc9s zOCD6-GG&|xfqAD^zp$(#M<=2vM>tbB(mCjs!;i*I zw7Qh+@$^Sc`NHOaX4gaqM_mtM34Hr?cP#$hbbfNJy5#M|nOc%&SWO4sQQnQO8CcKra^mG6vm1WfgrlrUdF{^DeYT&NvrTbgY{l3qi=81@NTppI0qMHT~MplAg8; zIt^TY&*UgY-$aPk))2axDi#!e@r~dQCK*Rqjm8Zavz9PQp7G|; zdAI@80pH+V(wE)DCMp8L2p+Lm1apr>V75R97 z8LCa3#S@Yc<`HHmYq!V}>-0F=PZJC8Q)|4og!H zy_dHWAua`5GDMfZXCnbFUUWS0 z>!|mcnF}Kpf%@8zwN|~C)E?n{D#X;c31n`4g%nlu3KPxRXl-U1A8}>3=t?DUG)u|% z%Ji`S{lg_-!Pc4Brz&lJo60}I6@cKMVzDA7ykdl+^p$vQDVq|=3X#iHrTghjDaiSR zY@{@jpVCVPu)j?qC8q9dcn_XWth5d6)#?k@8dDN^ahup=R^5=WHs^!^wN~c8J~YfJ zgVH>~c!H32CwXyj2hI)D4(pl`8`a^eUf``1Om@Pie4Sa?eF85t!%y0lMy-%#hgETH zOE{Yho844kziGIqr4|_M9B$F{ODtY&w3xa!I87VO2JmI;vCBj`;#%_9P{bPW4--Nf z@T*kHjIa|;2ASeoijKi_28^!IMuMIqBcz%GNN@CD4}3=|DKE?UU|4mQ6m^+dP3l8`=mU{FqvCkh zitcz;$n%2_LxV-gqol_j*o@xk0K6qUY(9KZ*ZVf{mY#WZRgt2+DGZ80_S9uQ^D{aO z#e4#NtSkdmeT*vT%Zra&N4|h8{ww^db!bLJg3ZP|b9*0oUB|kof8z()qmR{-;b(>q zzaRY!;nVu(wa9I2gC5k?KX4Oj*7s>vG}+H|v-Lm?<=l6SzCT31lV-$E9Q zM7(oCG6Ok}FT0f@a8WWfWKFZKsaG$bR@a)lQl!srAym9M#F|SeiP?ndc$33yudrnK zG8gt0wkDDAOdGNPbV7cdGYBuG`ztq`O;3o5%ffl!NM$=?H{(dZXncA_uZ6WW7{AaK zOb<#op0hgxCC6YTX0hL>6`1h5tn@ZsSDS>ff!R@D@BP)&BE_M+!1ChVtme-94z>%E zOj$s19jace_$h4L3^qmVeNRLo)ru^M7ZH6|+Y3M?-nOdk)!y+ntBI zTd|;d{Bk&>+eu`-qsR>&*xUKNLNOPdO1-ZY_(a4P@&TP#)M>?iV!a}M8FRdOZBqBd zK-U&#|I|o0JRHw@Ha5TbHyI%qW}p3m#)qFr2^4)k)4G5Rxhli}*i$S67E5y>{#$B( z$YwzfB~qA~OhR1w{`4uat`r?5Pc5EHbzL1=Jxx8WB1hpLS|K%F+v&lA0Jiyvh{nb9 z(6xcA)gCi*v#}H3{*3ycFBQ;82|Qt%ss)P6+p9-Uh#eHeCxScCwp9D7Xnd8r zs-mTxsu&eV`R&A4~;*T@x$v90-8y4u`>(Y9-8oKITn=9&hJ zTQWJl!E4cX*_lM5Ht$9`b-{5(GlQfvc6CVTwqd1fOl|692bInh@d!AZh1g5K7=?Z! z3r|=Zmu@Wg& zA$&D2;Pcc_#X@n#(oD+Ah|Lx}Ry?s;y<`y|QCPQI4oKpU^j>a)`6(;sQTgxrDrcGm=eon`li)IYctt`NbWd1D>wds@4#a{Uy8r zTj+u#0_D~R1^Zn+EK>BZ&HBq0Bb5|6kX~(pKKZhmf6OilQQ1_L3=1oKC?a3! z6)5~5D!R!I=-g}+2G)h!Y!!0ot>_yUKyA~0|E1B=R;N9mGH%Kgk3k;+Hbz(x0DzD) z_++)~@-Y*ALqcq8V7yAbh4m+78Dz_3sDDkVO8Ews%F=9M>Be~(Yvf(+p;xk#ejoJo zxM+W*6N(Ce)8`;JmqW3t;-ItpPM?41<^_8 zu~~kEFV{4{EE<}8y=n?yERA(v`JJMsj!Y%)cT&X=ME(h=+f54(o3uFu+10SFxo!2% zDOv21K!bJCX6vJ1fNsA7w350@nA}_XB&_*kAGdqB zm{O)*oKl$mi|XlA$I28EabYZ}M5c~$)IW&MbJT9s25~2L&OgpkXdPBK9Ye6`+2Qdu zz0X)%7Y&U1NIUrSKd;bFpvPr*(U@9OrUzuUHa*noa}Fy6-iTkIS(DjL@SAPyxbD{X zI-c5}Ycfbu_rg6jV3sZYsNoS7L#%Hf(J1D8hW8(F`B1X%G0xcoAL0#9fPZZa!UDq% z4hQ{7&!mQZ1{WMOv(^~V7A%zSov%VNd4dL5v13e(+7ixTXRSkx{Ktvhik7TbX+{Zu zHO3Gyt)u8PPrU6q>$*0`fM1s1xNYE(^*xQv%9*r=cpJ4kJQjH$5!STFJSJP3Xz;|C zI>8KV5KkE1dA1NDX1=6RQwbs0#s{`+EN6OcKX&bto|0Fvmyk^ z#;r!Hre(Eh*N?2%v=B1!pZG7_w?0{arMK3t>-q@jubl=8%(SdEO*Tz-^62{gSOtO{ zsL3=yGN)BEyOqzy$oE!j>N9TGBKD#tG>2p_U(#DkYbS~5s!GX3|IHsNl^U@L5cMdi-L`;rCCPyl`KKA{AonWhlAEdk4$7x+?wS+yUMWl>k3Gl zlfjVS?teczDT(Q>P+jAg&*q}m66m~deuu&KH!z+JChlKgWM4 zX`~@V*|Z^(t<6EjRr3p+bGO6lD9*FFzgjJ>W?$}VbVx^3P`A#$%ebmp!&}EkXWe86 zum+wt$lw}r$vswclYUt^qyfNkv|^KQj`LvSbrY~|dLy2-T$#;Vpo5gQ`)gGAgR>%i zEi;)NZ!m5m)9x^*MTy+~?D(we;K)wi?r)63fsjdHc8}!Q#qiav+=c4C_*+ZP`q$;> zg@uz!NLo=}aT$3B`#MBisU`AXSG`&|!V4gegjqk_mSYrFbE zI`WPzXEP8*xhHVbREqPCsgv|Rn+OAZiiypC5|L40ott@UukEheCV^|b#{5I{cc|)H z9zPs%O0eY_nr98oARfSR^_iOdrZZcYD&mZ3Hv~Ck0_0zReGR^Q>iot@WOYZ+m-7ts z4gGsef3Dce{*we-l-2c*#z|ecltdj{=dKS`z8%SL&agu`{F6HdPxak{r|$bO(TO>J zG8payni*ZLb&g;7?y1k`kXxxdWp>SHHQl#oF__?rPI7EbEk~gbV(RMX3Zp)+VgMy+ zyyFwsHQJ6Dg>06Xc`LXG7Agi=i4G|-dYVNi9}Nx$tgB#_E$sZ}#zd{EW&sbqA*Sf4 zDQnD_7#6AG)>=gu#}hZfck7KJ)TYa(?WQ?TF~v_QpIlN~1pZf>3q;e=Y)t;1!$n=) zKnL6ijMJYM3BPX^u%}FLO&Lc6BI^WhC|wrUQ%d*r_NHZNqnlY|C8z5N1D~A6Ht!ri za$8Y_6pv~Gdr*A;4LuW@9>1o~zMX~j_uhYGbL)?=D-<+bmw~P16aOw4Ir4iCu$wAR zV{3iyLbEjZx-Os9Z@!fSIA#R732ppjIgxg!90!tS>u4w!PYEY>f=*J?&s#%f@)j>g zv;eV15XVPaSR@UN=ptCECcVh@q$^-qOSLEEJ~)HTI}qgA(x80Q(aqBmk;WB%Xjep= zNG))aOIMt*2cG@l=j3>=B7c>mf#ON(JzSpV$&x9S5@Pn@3%Hk}uni~L3&b)4N0x$| znOiE9fmueUQGc3)Luv}g5eb~J>@cxu?>-*djwlarw>|iG%5JznsHp?&!5T>K`O%xw zBV(ag+XqZr?(LyVu1ia+G4v)k9^kJ?uPjFyH!at-Ut%if$mXyC?P3z)TPcrx}cXteibZ@93gd)WHq^``eiDw>L8d@LfRnn=fPexlO_T@uJ zsDPY7XCdd7^pWxr@>lg*CQ?u0N&T4Dc!b1K+$&}={Ch;d*F_B&vI4R-VT`_$L-i3 z*IMi$n@v&y1QSRfGfB6Sxgc^IBg?~rW*)&n@ZQP~l{RT%S*FlP`uAszcX#X)PggWO z8O6lMMo0NV_3KDnvFAhLyx5+N3Aog5#{a#ciTugFi-gB)r*3y7ApZLr-48j7Yw@hS zSQcAx&cIHM+z=D5D9bLcZK^{b8a~nOxGQaks=-CdMxL8Qw|-%m4Hjsn2>wMAb-#7q zOzWUnWq5Ksjcil#%+SFwFSNA_Vkm9cIyCyt%?;7sF*n`^{gXA08UB!?c!#T%B7a(<`$Btg{9*h$1|(Hj5*AJbZSM9UPTvy?jpOB z(#gr1F}OAIOX&$8YLEAXZU^f;og7>=Lmo|=wuHcM?)5h7g#`sEVqC5>Ykrpq?KZOm502 zfE!3|maYZ}6W1)u%L2!OMY#h1EdNIK?SbrxX$tbx*_N~(+u7Z%*LSb2l^4EWNxr}j zAlplM>)3C2c_%fGcc^qOcPzNt3N3rPfpm`%j5i&6xxRB-Pbv+GIoI+GIF)(zb}V)O z>EG=Xa7 z1l1?4m1|F^7*dq@OI3kUY;!zgyP6WiU&*i%^IpzjXo}-Q#$o+H`Dykrn~1ods&87m z{vta^b0Wc-VX&0VP83^V_RnE!$zQ}MX=)Gc%Zqyk^y-u5^0jh(!?8Ag*T%c}r@1=X zE9^J24*wBZL;scr>uVyM=c*dh!41rb>8E~@MGE-0v%2OQN4`7Li;OkKA(_X2eCvkJ z{s@{{zqs>=inK7&Ql;ehNVE7>s&n&E64|N@bcpfON(=vk4OWmjhlReS!W1g)nSvsP zl@Q^Xbr;leyg6h-tw#5DQwk)^WHGX`CLjM5)gLhk-BxfZbA0ZAfZs^#$#QaOhXtPoJzAJu!T!XsQ=;8a+Bd*G?X0j8|-&k(j0n z!0xZ{Y6)2cL0bNY`I_SQm?CD6V(c6HuFP5!tN?^25N{BVXGEn0JZVVt^v;)`d$G9URp(*dj{98Y2i7HD8nkOI}I090s&%5lFMYxbPTgpw#kQ4?=@$Nj;`X?&n)gOrZsK$5&D zsn4U*dl`HaL_~hft1-5m@TbzYbbg>m`Zc0cu5jk&;S(lH#-jSFRP3Q!K4BOBE6rL9 zmg*{ymw#(uX>jRiDSZjON~L<)rHQQk{q+ZTU;vr=Wf&_MWHe-H4(?)?)Uc$pDbp14 zY{J`k#W0`GdK)!jY|rfsCgEuhUau!XO{qqVKnEk>>dN3J7%S09(i!CjzTP#pK*=fNrJl!D%U9>d}{Dx(*rWm@=mqey)F*iZg7Utmo z>#ZJ=3{8}s)|Ojv=tnl4GoAFEv@W`??nPUwoot+$+csnvrgK_WXt8p6Pg;++-tIg8 z420(*m+;?Qh6C+x6KKJaA$*4N$>U-Q%j*c`g08Va_!PT$#agKHkr+XwXn z1(uj;vU5{cQ^elJJstZw*wwKB?p5@dG5wE0MNDRC(M9o%h~%SSrrc$R`bM}GJqknX zj)e~SZ5xNU3l2i%Z`NnU6P1HM;T_U9O|@1_J!kQvm8;Hw+Mg~%3nM#2Yj+j5UbW$l zUPiy99#|){T;)(<)0#P!iJ9%lzH1vWNS7r_QL<>pq7%!IGM0DR$Rpj-vMima02P)+ zR3gN~P! zuVu(Y*kK@&x8ydT!(0F546n2lvo+xfLm;VjB2J2&a~a$tc~#;1`B;I@*t_PppLW@_ z>(AwQfzC=J__3Il<}S*b&&zOG<$HcKLs*vDutD%fTeY!+b+thiJ8gx<Eqkv)~x*m-Hzv zmQgXwZeD6BMk7a_q~l*#Md7b>AhUQsj^`|E-3u1H;-I+k^Y!(iGJxWtJ&lwGU4DCy{~bGw{}xgtO0&g zY@RmOKH}0A1F^P`yKNV|UhUcMamazb(e}ekdjU`uz zlXDuZjX_T1P!^0yM0yTOL^I~`zrnsW1Np6@EdN#dH7d|%plheqRf;Xirpl_lu(P!9EunMJY1Dzipzm6rQ&@>fnKLhA#c-^6PwfZC2-mF;b< zYg^O>F8+a&PIr%zJB${76gIg7-_30D%5^8I)^HrPZ$$-K8Ht`XcLWtdd0k_`; zN3F^hWZMl9MS42I8a_1Q<>75^OV5gQf*;4q}#P#(#y?#_D$cFeQ|T2K;8ev=q?*>hOvw3J`YHRBqU@vZqx#haM12Y!Ve+lvz1Yu$e)VIR^Z9Ij{cp3^g9ME(J zJ59M-x00j5P-C1aY`2r8agwLQ=Sj_GRl1h}0oCfDV*{2*l}b{Bwfe;xEKKVRSR=R~ zA?wIrs9|aiDWxPKJJw7m>Upt$i_g^1)W0W0#iJC*8c_!#5sIzQ$a;k}(DO*9lF5pZ zWh<2%ECYq7VsCW|k;+2QY+e%``i=WFh>(KJ=)Soj~g zsGno8lo^v5r5x-`FMh8Tm=+Y#t%s%@&w;#pM{?a~AP`+#C&|K73B&Y!Z#wl7#x8(DZ@z@yX zIBWp;5h;Y6RWpw>{uI>4D1#|>@LKr;t zBQu@3QDo>IyIP+6bl~{MoYHiOx63|d|Me<7Fr}5Bp*piax1OB4^+_|cI^~AyTT14} zK4!5RMf#iwC|Xxp5KL=yBob5oN~0++eck-uX ztWDd4SD88NM>#;!{?xA)vYA+mwZ?9xZb<6=7y?I|UJ0$v-yDvwy%4y#Lv5FJ>f$$c z@T4#xcsf;Gsi1o)f^K=%-*$|Vow)bf@r`(NUxEpmUh{;gp@Z{pKArg3C+z&@>zp4i z#gl8^zc7^479A}NjA;D)ux*IAw%2>}tKEN0%P3EMNhKEDSdr@};UH&CWwCMUU-Nw= zar7|n2a0Q(V=pEh)+pm#9p)>*@NGapK5N&t7ZuYvN&ngyJ0CqC>mKvPRSigXFEbHT z6_m6#YSgl=c85dQq7^JXi?i6e|7U6Fl59q)3mY+D1ky`c`>eYlmHitMy_xPp_K(B@ z=tT;op^bX*t}Cr%?n(8#51Ee;^w%*MFJ*_mLN)}uRXBDR_AB-k_Rc!B3hJx<`wZCI z0Shoms%>iTUhg^AnjN^k^{7I(vdryVVZn&qR(hJQYpGyJetF8{?s(yKVc4YFq)5Tx zP}-SuuESx!`>|GX0frsn+Ax^+FNCpG89rUYx5PKyyv@JuP2w75_vbyxzU|6t523c; zeL&5d#>)z@?!5M|@)eaQd^@5iB9H^e68Et0k;OAhQ;Uwitu|dld*wC1+0or|!?RnR zHDgW)I>vK7kNn64l@?f*mYE!oV2y|@oWR$z30G*WKG#Tq<|xFy9U`MUEJ>Uor$r4d z8Wcq?x5vYm{sF>$asPr_&FBZZ#Rd=~;NiI#QD1E88TQqTMfF(Nx|$6@Eg(*lmODu< z_>Ar~4P;fU%kkg8tvR#oh-AIK=iMFsl-Qy)c#RG)WV5)?-+Xk;<*N7>mLY|K93{un z&eCsAckAGy;=p0`@+hHS(l?)@2$+|IP}=Gf7rmLJL|dY0-RlzvZ2%csC5~a zk|Wu!wRmROlks=H?YhV5@0ez`v>kQ;)7(Yk|ZtU&LHC-L7Mq|Q8@K;@? z*J#%YH~HwI+iG4x_;m5>0TI6Y%;my4UQZVAon{t!+1lSuR+^Xdh+v0s1{i#_iGz7@ z8{= z0EE%K(|*a?b8{L2R%-^~k>9E(KI^JanV0trDo;?ou!*#@5!`e*up^=Eiq{$b)>3BwQAeS=CpURwYVLN z1Q`bzMw*!(gN-E;0fj;bCoe8*-#2!wtZUL`#pC-92TK}{rzz^IsJ~6!92Moq)TSAd zft2~{5G50dwru7(+XR|@6OmUroFSLL^!*^6ggG}m5?gU&qqrzJn?OjiqB=aKO-L*2 ze+WKPO3Uqm(XZ37oZn#&!85F%FCIQJnZ5MNomL7I?DqF@p2pEsiY|&eORQbd@-_G? zP(CC)g#JF)dNN*i=XnWldV7Zy;M(!VWkA5(g>A^yGJ4dxjm(*P_#U-fJ&vXcSZ^&b zPu8f9lb&&%0^Tp&gCv1YMOCQ>LoGVktl3EPr2-E&1WKPQ&mR z?S8*t+ExrrE0p-TA74g}=YqDJ>(7?R8*zQ_DB6uM2>NY2qV1xALSNypZJ(&U0kLy* zN+}oW5ho0)7^kJ%XU70&VD7VG9-9h5)%4sp)eeIIi9;&E3O}7-?MXZXFVxlG;VxLOwVl1BLm2sU11w04q5)OoT|Dbv&^1uXWB}{w6NiH;f>XsDCN`WYv zk5nRlj8@`574b#1pU*-4Ftv!u$0N{EnDs5zYDrnPW!luU}p4T*SNw z>>W>@zn{w(K59Lxt;99EuX{ZIYhOof@mq-=o#9*RzC`3E9)Ov5Ub4HF6&Y+JsQvfw z6060R&q0ReL*Te^-IC7c@p2Qwln5bRa~L(cun%y$7~r~!-si%@t(2*NKXZN{HCt1N z%&hRWMR|AlslZ-q-N-(qVVxPi?AD@f*<6A5LBu1 zV|G4mhScbKfGn<-dWp?2r^^G&h|Y0*B2Y(HbOxm!nk*QN@RUPlLG)3Lqh8_Aw&hiM z+D@>?Pt*S#*0au+_@}FHE_2{nH1r6o`HS?TMl55#@uFgXYh{V){6e>mk0kHJ!Z9UV zyZx>@S?PnNtc@-wKd%q=>xFgoW#O!dRRcN(sE<*UZCDJx8S{O5`^YljWo-)BW^)Ja zkfv#dt*0KmNNiTa5qc^=(5LWQ+C|4%^`*MnMSY0c3#)c34(D(Bl4fcyEAwd2)-XKH z3Ju$Mp9bQn+P@W;j)Avwz(EeZCfkRzJYLO)9r0vE zlK@@dNkswr?uOgppF2o|i%r*mKkTm`0iJ6FRt=ap6Are6sY1HHp5-YjjzBGH!?Mc$ z!n6)EjEF@$k2y_6I#C}5zqs<}!%sA??h_2P^wn-&O8fS5C?)mBS{>&*hR5IMf5Mdi zwnzQ_gtll9q520gBtO@UeRj4`=}@Pp-L!8HbC+PS)XUon81FqdQdE)7=<9dK|Ku1} zZ{OekJPWXLF7+z@ZF+BNaWY3ci@)(TXn>Wdi)2EvX)kDG?!!gb1r%}MZjU!Tdymu4kct?2G z62K_4SV-7fkm%5pAo1b%LX0PA+W2|qL_jTe#N$9E1uEfrMIni1JC`fqPpnVXW(E{K zEvL?V^udxui5H!GyAj|iu4u41J?n8jno-4EYC6qVr;q!}V!Av8Sk8_5V9gp>nXJST76I+RgP5z8iSxKdk&KKieM2TmCr_l)4e;d7>CzP!~}3|B5^Fc&NMfk84#b ziID7NpUCXS8bVa|rHm!}Ze$sSao4R$6d~KlS}0?y?0aO%9y0b3lAR*^_WSDT$<}lK zp8Nji`Tm1z&U&5mJ?FY!=Jo#Mr-!!Dae@LNvf72+=Z^OsFCD}@KutOu#P3Ka^gJL!YE?(RkR6+S~#^Wdl_|O1-8##{1MZ=BE(olr^P`T z2cAljUU`4QxbS65IvEB%(T}lc2mPKuAC77dm}4e`xP%8~(XbgbS2J*LTO6dX=epB56QYVb|00b$V3#v9!ss&`l<7ZV~h zVB8A5bD-d5QCHQ5xaP9LhUD8N&iJ4}gn*yA|Lid?27N2pefU|CQA1qgz9-3Z&R^aVzJb8X0RLJvH@tNq#k}I|1@R$Zkns$069ZqTh6n}KL9Ao<6v92>E&Zuc(H;0dZUBWri= zyGS)Tgr7K|s9L7k%@#k^vh19A1ncc0Px+vey4ekFr;|NC2fllA0?=p+Tm71? z;P_^t-9)4&QH7pS!hr5^REmALlu5tx%4E{K!8yr2(~DqB0^auYikC#F=Zh)NULpSz zi-&rzMBtp>v-C2ZX@6f;Rl~`308TM==Tl25$1|#C);C4_DZl*T6~>XDmQN`pK3C*f0 z_L%a(I|}~TsP72g%dt@q|Lf91bg9q-x?eLLn)Xsu_EMLU4?^jic$|j*fJsBUw$-gw{km4$a|8bK^%+l=MgpaslMw5`&l%r=_BUQ4sn)$FJ-m2rRIZ zE(WCByLIMpb(e=rmp5|&6}~8A;`DEP86seI5e?`>zz60 z!2(JFhl>)Bd(Ztdq!lY^tAj7K2MHu)za)F~yasTq`BLEe_P_hoV9Y+pireQ-UF_vmq2n7<0;V|o-0x`f zL#7DTJBd8#YBEwjEI2S47rtv95cYhH3TBr z(9+hmXos%XY0cgIbt5x>3SjnXksIBbp6c8;vZrP@Eo^TH$vMWW@I*$_Q1a8Ui?Lt5 zXILJr(`XJCvyV1piL%~2V$Tx-JNop4!$3s8T%>>`xX5}bin(j3mn|>rW=GEnnxdy3 zo`j?Hp*@k`aj}x!K5LXLaMRh{SWWYR5-uc+0!Y8W zp8&*o8?+b>`&ZIc$fS!46JO;qt#l<}rjL<9x!oQ1)FuQpJ`&@D6mfg=9*$6FA^zw2;w zh?|J!EgkL#5d+Ki>plD{7A+J8-Aba>5305I5~h)x_rQmZoar}y75+o$~5argu! zjr*lQ-`7X4f1QUH2P?_#bvB=TG}S(rymT$u-gxaPQ#qc8gjG6y+PmOHd7ATBFr)kx ztg&u2POjIoF{dKzcI3-+EwNj2rQz%L83U%~*<$bel#WNQTXPYVd)g;6@~;(lXRReh ze=OgdevS}N!n)aizuZDMqu)^+is-#MLnf{8OPXIj=LmeE_7s<2{t465E@#sZjcdH= zw~c8&%e_A6q^Xbo)_UrNf2!!AXR*%C2etgmXq@*(u~ew|pW#CVgM(RW7C!M+U!do6 z4ZicHI}eSsP0Qw#nKb46m|cW+n)PMz9^{h~mKBy4R-lo;<;xKvr?9_|SH5xK1W(hG zncluoL*G`^7Zue2W9Fd!(&vKZ#x%oCI@SgwY%M^OmF*@juGLXPjzLk+Ch|w5&ui5# z?`xIMNZ5T!{s)};ue0Fy@Zw)*#(zsN-Z-Juw-JngY>O?27! zW&!`F-w`1yq`-kBMk3p3{u~20e;z(ckT>6Gsv42)$v#257NVL~mU;qN!0wOrj=L$U z)LQ3#h*MQ{&_?l@nDuo+82uN*^#Yli`#ii<6)VLnLQsr!Yjky9$L+DqO#dq9ZWwCa z&2yzRi+y-Of|Wfwie3EM`($Rs<-(+agh9V%?c$d8Y=0apW$kI(7u96(u$M5q)afJw#(jOi{H+x0tTFhfJCI?gz*>f_Xtc*#;(`l0Fbw0>FIVK0+Z;@OJ7bNCxZu;+kF8mE%GlM9}{zPGy4 z!CN!cA=cz{wa{Z|J!@{*3OkIvk*#1zv}$QH6(kYct?imLnx-nS=nUhi$+sz-OAG?9 ztq;y;#y8>ULkdMZTUnV4ieuZ|a7I-iDXNK^Je}^38KH3!x`p`z9V;@!c(MvZ%+Z+4 zHC|qS&{1l>{i{?}ODFx=)P^PEKe21J_nNFub?xcGNZ`q3&E?BWZaA@1L*A)v)D?>$ z>_`9d#bj*VQop#x-Px+efMcB(B1_D9$8SZ(yfG4E8dUjWo;6yRSr)>NuYOimo?Dgx z#vd7?Z}1n0L`|G#ehtNnMt_cs%4!lRv1AD|2j#e zBr&GdInpo(_0(^An6+r2__L zcL8I1$)u;FfJko1CVqR~G`n`W?Xk5BaxEAq3r+1fp5>|7hU;jTWNt%#^(e$3VUFmo zmuXSWdDkU84VT46IbT^t6~xuGt=+Y=n$z;rCz1UOKMohBO=r~)n<-nD(CACp?29{a zy@Y1zaJi@Kfeh3~26J=7QRoVv3PZ!^viP8-+;DaBCttXdb-!`y zw60EyM)N7gu@GdQu~$%9Zn!pi!q-npwBPv2w6acjf~lcicdGb+Z@m(>s)Av#KCPV? z4;RYj$2e8YaeSZ4q#i2se`~WS%!obs1?#@I5i>E{D;lwW);P1bq8aYelr$8TJpw`~{;?;7v%uF(s;3`$>T^Y1;9PUD# ziE5nFC8Nfh_%u4Io^<|kiKJJUYn)ER*qmFcsgc;!$eXE;a<%34K^FR;AwAHLK8R5d z#HbH4Nej807E)+q)}00E)8)_A_Du^>Y^yPAs|mIl^tBlz+L(1_K?Zd5zUUHMQtR@x z(~?8hze(+(_?yqC^`{o0t3>y|S?wPb_wc*jR5Gs9bMPP3{d-kDjn%fyu~)p!_S}8h zLLr-X-2a!7T-6X%Rlqn~TA2X%-wu%$Kqf^9x{+yYWHUb`S^#wxAp``l{7aw(ia-kO z%tZhx4l{Nz8&vw$IBAf5)A<`4u!5kf!m84eT*@zeOT-)+grk9<Jr4cd9Csxn zKU}db8QD7FU*X69AQb_GXoLaH6a-2b0puG(zz+!gH&N{t)rY?dPaqKF*62h(pwzmY zgXaE}WCe@s@rTz(;wTTFLsOw_(Ghcd9x1EGsS(0u$;Ho)p@;93O-c2B6`Ssqa4EG2 zz?`&u%p}jw(nqWF=FmQ6$p;yGhwR8&MH99`0Y~S%f^JThox+nSrlWeeTMl|Ze7KJd z@4@Z;`Q3i+Mw`ZbLye_MCfWP)nSvrLx0~zZ8KGz2`$maY6*qSI5K8gZ%liN-t2lB0)LV#d7zHyBvmJ z^7*unJRfWBzWkv81W51v)I+)DXl70& z3}lT|!214tI1q3+kVcww{IY?8czEOCu>WZTBM~qlc->|b76t=*W4jH80^YYBHYA|o z1B_y4T^KOfZ8k7c1kj|}ZbQQ02;j8XR!$fS$R+Kvf#EyHA`IkhJNpHTfH!1Bwzr2s zZbaeRY+w;6Y*%|IIDB_|aKz5}f+2vjcD08T**P~bd_(nVN53dx;hla4+=tq2gTr_F z1&l)MS~nOHxobUOB0%=LqhFYa$S%LYP*6YxY5Vw)!f=tDb&U>Itb4I&H! zvYTywMnXk|cdiE#2CUr9axlnNpE^4l0kT+*RDckbhLxMy#&$lhj=?wsl0zGB03f}! fAyc)HN^Km;PR>S-&ObIj5{5t_skpi2ROJ5;y-&6A literal 69062 zcmc$^1#H~UvNdQNGcz;u7{<&PGbCnaW@bBPitU(UW@ct)j$>wwnHksrd+*!tt==c? zN-OQoXw=iKny&71PPM9j(^N|0l1yyOobXiL4|(tKY#gMlr1nNu@cjIwEOM51riMgfUK;7|MwQU|FGcf z;$&)Q3-6I(Y-F-!ZeV1<4M&;!Cjcs+Exa9mUQagc#jG0TxLJGYCfO>49-E64Uz%}QV24behwSb zjhPMl>*5-N{<})n+*Gfg~?Cf2fKjp~|{MY_I1uJH6=VEI2ImpKI z?=8!J%G*%X{vQ#ue!jUrRSx=G|EK9^IDA_EpV+9FI@`NC8GoYnPlQN#xJaqGe1_1! zdQ$A9z<)#dPlQN*`uNwdBnRo|>F}>mkmMv~|7ZTssF36$WoP@>*ME$aoa~KNOO&-<{KWKDoSzp--XfR zM@FBixNFtNr@I@=r|Y+q@wn{$qmyn&!0==QyKNt)K9^SX&(i&rCz$Ffn%vE9@VCP~ z%d(r*@i=wYUo_q?*L?`BOGjs`QJ`WJ$*hfc?zaKlM4{}Bcdw`0`?bUg>+ks<{aKFa zzB_inJwtBwBaYt#a}I2DRE|}7v3|7O+C2JcW^LcN3;Netzdc-gp3<4q z%EwN#=hh?VR@_slI}@V5|9V7w#Pgu*v(;IFIDnhx_0{qi^8CRwo*E9F zl!fvtRP3fYjkkJR_w6w1j9h2-wiB;^%5n{_@u*=arj;^_f&Zripe6W8ZNXm|k{J}EhO z+dG`wrH_d&d1Fg~qgfzM`vN06sg^Ke=fWwX*pA*;LxEGWejSz__%8E!X!9*-FEp#> z`>Jule)pW|G65lf4xK**;(yRX0>!p~icn=9WVV95KV%m{Xd0M?(2QH-wo!~X;ifY1 z2GRpZ;sVs~F;qV!fB)5~4$NKrg7-zMab~LKi>>23K*5udSJB%xhv^GJq92CIf;9;e z8B(aE;V~*Kol;jNdC5=l@v=_%FXTss z?||uW?mrmEM`H^$OJy}pd=+DxLw!z8D_mp~9vtPf@1eY{|GZEWp1W!YtLu*GXm(ZK z{;t(w*E1~{i9ZPVvrGsEGe8P_?z++|oi`y1GA%+!pwO|4j&Z1MuH>yy!E{s7@t5m* z!+}b{UcgPrFfDguiB_i`XT~M5B@dUO$5YcbJVnLTR4Q1~SZrzmu4mm zJ*>sE^X_`%Jv%ctb~I|a?PGSQr(QnAVpI>9Lr3A(5@{V}W^3*1L32<>WF%{uL?ccC zkQ4Z=B#SN=?&0@teo51g1Q(-|ZO^K+CVMIo7ey1#B)8POR`V9nQm!3Mx8TR2Mh=V~ ziLVQTy0|$D%YVZxJvC{7Ypy5sgDstxMi5WSc#^&Cz z5H;7AB?FE9ZsC2GQ$Fp!@RA3Y#7&;avEOlxsm+WfyIE~u`6~wf;7#LRNyxE@Lh@!d zZaj5!#q8}h>7I8BLu+M`D;+FhsXL@n4+np1ukinkJgbiaiJ{wapj?-!*?bUjkCRWO zaAnkyV1)fuMYO|AjsXit^AWSS_1UVbv6%O=hUecJaq+dKR~2R@f>QevVs66al94v@ ziX49JOkk#185VaR@??U^j?QimtEQ%K(zGY_&0@N=2U(7}xcAy9=|=Qa+%Ud>S8q+s zuZ!?Lq5vx~&A#~|ma-O2QSVMtz9a2JCh4z92%l!6!eYE^URM?~HqA+UDY;u4xo-Ua z{+^E7^2boqh}Ubr)zYTa)^T_Xp`Lf$p>DhYR!E_eX%oVHf0Zd@AJ3eC$-FYoF+uD% zvc+oUzy}@WAv#xYU&GQn>oK*z#i&Kd-Bb0a-@oiQl}jB$k4xb*ehZw!So#fBj@-f2x<8b!K?Y$*rW>~X9poMjFse@6hwDF0rFthi!mBfRU zKRvjPSl1_>JUXz*#F)`srq}D2TU5O>B8!7)Rna*)Wsoza_ zrR)Ad04>F6C8-<08R0h-J*tLcCZE#wMQ;)xo#VVv)o@uL=@wKf$RvK%V2>6tpJcUn zcF)%lX%ZfZLFD937K_15=gWF9lP7{bSCBE+{+5jebEl9(#|rikKe4fyD_6%cI2~C; zLWzki)nsSOlH_C9$Obv4C@_Dvek;s09$CTaQSfpyP=B^Sa9+*6JUTz^>_3>~ay#-c ze$+g21ge(7aoNpuapF47KD)iVpBN#%%cg*d{%vuj{F)+8uC!D( zvWt>~uZo-F_^i8Eo$S19yuMgN7lCDw7XUjZV1m8O(ekcDSixyZW6x={;K9A)TQRS- zatP{t`#x%sBwjTAI{cAZ4b#-1Lg@x_kd35yM$_a5VqJR9cLX^N_YN52hV%~A-dDy6 zdrhYs*|8s}x+w)sb*>hsGf=YpNpGHr85Q@aO>^?(5d`zCo;_(vSvd_}mS?!;NQd8{w$m3@^gb1Q^Nzm6`VlHj2U{uRV`x zyH@d$^r&^O@WZRo*+PrmRrhaCu$s=OI|wxM3R$hB?hF|h#G$B*te$HbT6?1CqMD4p zV|#c})JXiiH`PtraLWg_7c<8p}X#VPnktM$m4Qi zn7Qc$27KmY6RilH{&x+*XDDdo{^@MiuPyIFao!l`_Q6~WQ-sYm$x-DG6fO(`oBq2k zX&A$<>YX*dP%EnHeAZKICg56OGnoQMS1ZdH*4>-m9bJ2YOpkoFyEj z?8{6x#1g|L_QLz>zrP=@>fDuQxb8Ay%J#**kh0<8z%6cNvVAw?^Mwe;mGdX;Hwa>L zaulMSJXB|k5T~TZ5T>A8jx?c!q?ZO)i-)%m1_$8b0x_QbcT~5=@VZ8q^XV7LC88GEsXDdQTN^a;`$ax)R+MX9>FjPbBq6 zpiv2ef%_k`Ve~VlzqptSVdOIeve;XK`HX`a9JlCjyakv67Jlk0_}6@q zfPAp&oLLLjKf^h>0gfDqmtI7}dE28G%1HR&+{iId9pIOI9K>HC6@>G_X!2$Q5@%BP zEIBlX>1dI;v2?TfLyB_oOB5F!0r)W780%m!_TszX=0_S))Rf&4t`_85HXL{kv9Zpx zKleZu#J}LVN#r4Qz&y~I#OJ_qa?=7pxdh<$3yy5Rpgj=EpgXYUskCQoc^C3|0%T`& zdRAvU_7)G3IY=%Qh*I*PN2_Om4X6%0T2L(z>rfszZ9Gp@S`pZg8!>i)0_9-c;tx66 z;1?3j;8l{cV2fZ`!VkHt;EQ>DU>8#E)N%PREX8^~~M{49@~waJKp_ zOs^4cVcQ5Ul^ftM*@#G_9w6+*%fUgpoB@hpez95N58!r^*5KKq50HW}#M19b0>Q*` zexX?sCt%GvVPMV2kAzw%kNhiOj}Tr^4(YM}qHz#*QgPs1Im6)YV8mj4vywf!78nK; zUce{1l^8A>ArWsEA2b2zrSDmQwWuucwc=e_3xqAd2F@ooFFXO5M{^>5k!eV-d>pWk zpeAr)VSfl8EL%ll2^eL_E&bWpJ*h)ZB7G@7@J-?N1d=?EGR2m*1!!y40%eQuP@+ey z1nyF|0q3$NR%%AD=V8XL=V5ky6lDe`;36MoHXB?>v>J?9Vsi9hW|-G62pP;TQV*Ix z6dA&=Xm@i)A6!VP8r&~XPmx$;*p)wULylNdKd%|ATht!XuhJO73+9rN7wQqo3+GbX zh4P7+w{X|;mUzqk@NJLmR^S=z5{76x2L;?;Tq^M*Cwpc%z})qf?-}ZnDJ=upKQz{$s9m5y=kzq^w5adF5>Fxq?3Gs}6nHO7mc(RvH8>j`Acu2YRadi9f zadO-Jk#cf-@v+GJcKeYtr}&YsAao~mcx(S5U+jO=J#)mA;`)4A?()3&5v=f`wRoie zY4P#pv(?R=>;CQftlp;ZaSWgNzTbUxi_xYalzVcE@e#uNHusU@@*MV2Jolkk{IU4y z%T4I5TfO*0(eL>m&vQo~n#J8$AK;m>sI$YSs1_yw!%hkhvrE2;6-+ z!$z9;d%aH%QE|Y;c|TPP2+qMcA!#NB*<(nwJAmaxBn@P>GJjMw-N2Ni zKusbvuNE`-QMF76iF%HkFr}o2h_3aFU^Am0&j#oYs zzfx`lHSb7zjG?_^3C4T``uF0{?xJUT$OM@5qf^$8LR^D+{v-_DhkXis9pX;2q3-+1 zYAVOcj-b_;p$R!|cObjaPi&Sb{5N)u*N&n?xCv*Snwwr^`Mr%uJW6oU^)RzkB z3fWURjv%vUF%qu;cuj+Cm|!A8m~XaZ7PrNL(?UJ;GgH9`mz*s^N@k2%p(mH3IeVFp zhOZ49_d?rm!i8~HiZf=AS4XyXQeQ?IO-LCR6C(;@E6A*6D0sg3nL|k$%0*|=8F;Zf znvt`oXbw~uJf*z? zyCOc?XJlF=aVZh8clxXh<1TYGAlIJgEpBnD31Y%Gho3|tr`kD6H6RJGGc*jEn7pmi9_V|y+)OP$lXn#ra7Mu^QF8$4+HP)9f zUwXT=yXecrxu)+*dL1aYppm46pMGUf9g$3Jo@G1W#$KYCF|UZud_?q2#)Hzi1bQQ> zhd@l^A1cZbbwQs|ccLb+gqH`z!EF5%WS=qBmI zSQ<6RkGeFP8J!ML+j9n8Lw68$%M{fyL|}o)`|LuRqjm@<9JpL)V%bq{gyI!@H@PRq z4iOHZE#3^TX^IjA#*uneg(2*~S#p_Mp_q2cmL9H52DZ>>2UPgFQ;$XfIZ*zP4f5VO zbqE}q7{^m;eZ)8p3jSMB+c{*!p{4?daM;`y^dpbbGe#GAl76_BqKP~dfXZOh7dIo= z$8XaC^I3>llUkQ@LQo%uY-^4POX>3#2ztL-@Lr4Leq^vX_*VrH9?&P)j()kO!~3$J zyWTB)hUykb^^9EM2i+Fx4OeL*1R$y9Z-uw1B6{7ou~x5JWDJ(#g6x=jJG2ZG+x;$G;r*cT#JN7!<`&_`%tXh0yp&tx+umeL z4*lfWx~-(Z%C|K=HgV}GV3#sy*sRH9Hfh3963G|=FYEyxZqS9nfgH!fv2PMIF~)s2|cXuErXbqgXq z#=8Y=D+ib7_$f{sGs9|bvA%5sKMn-b*}B;O^?PnJ!1}clpZ-8mbGf{TX3Z{) z`~mhpmA2V7*lh$}4XcEcJGhar<_5n)J-l8$g$ODFV4)UFvsAAh%(s--loJSdhY!j% zoY^YV6X*;Sc3tH{Y8igqLPDbTunnfm%MS87jI-SG=74=RepNkM&1rw*Tj8kInJ>sC zup&SHzV+SFxC}qlasC$X0G7YmJou&vdyypF!C5x0Y+s%D4#?o$TJ(H$FqSm_hLjFa z*Y)HOu5H6V2VYE3l9(KW_qe4eHR{gw^T5~C(wz@T>7#hNl|R%j+^{#Q!C6;jpWGyc zu0~SOL=5ed6Qo#g(jUva&^(rT#4|693EkCett6!nPVW6g89qzImj|68s$&9VAr`K!mEz+x+{=Rkl-u5?x4XL zq?%bJp%(haGbxaVd!ELNv@2w3uGB9UqFR(+fL?1%PpW%H0;#ji3ETQ+WPU5s&xhHU&|90&0cYOGFBfvV2en|E==Z@)Ze$P*1 z=4?4o*&hHGlz+$6AB602=|Ks#V!|r+MLTRTG@*s zN-qRwfxV`zByDsYi`%#9AqkCT+ODbvX6dpMMxTSV^XBrJb?}=qxrD#7c#5cg%Y5J1bkFi_i5bk|QX1l;c=~cu_mYBJ_(1cE?>;jjVgOIC< zlbH34J$=$%uTvwd{=UJ_ro5i-^nvf0=l$4)H>EAPRnT$T>El52c=EDqOO?INoIib; z>!!nB&%nbi+u+@Q_WEyzVGV!&IHu=C7{Yj4C;NihebgbAE5h5}Vk>mR+Pdvuf^K{J z%nDbum;R!HY(;;l6A?(M7e(PkF7&lN1bGv&iAe6I5Rtl`CWAd}&#DmCmtMTY9!~o( z9keqaP3vW_GaXG+Ydrd}HaD~!F~c50)-W*E7IK_7xtl>;7{h{W+ahH{$VbF-vW49o zXbSho7V0_yZ0vE5AP-H?^!PT1%w^!8w2PoLpy(^^ZnLSTCc1}FCj)w5*x)#QBfFNY zthH>^Jq0~W^&hS7BT$1C&Mmv;3&O@$&YoQAkQJoFUr|x89R7xg|$B!jgUPxs#d$wdqF}QH}`f%i{c8H$=D!YX$rPv6CruDl8Y)u z{%wW7NP3u)2&M6@qd!;F496`?Ae}o?loS&my4~r{E!5a;fGzbUp42RYq`DVMarX$L z@#c!X+CjN)9;Duiek;w(TKHlTTmGP7(3Bf9@i3E&P6L81N2Jow zM4#mDUHB}nP(Le6Dv5UCX3O0x-WmT|X9Zy!*05u0YLqNr6804YqZ`uhE=rd+kJU$l zMC*DG8lep0Mx6iP5J_C49=A%T)4D7RO&$8Xzh~DkscR1MQG7}4h$i8U5rY*7jFk}` zd!QL!#1-_ozh4(;_{3nVp++R(){SL>E1VLrUHe>K_CBtRKLa;faf{{QLbuuJ&kK%L z+*|6Sl<4HkJG+i;-_z%|uO!DF!p{Bn6WnEBj=6Hj%d4n1W zrbgr+{RAg>SSBa`yN|k_eCeTJYytZ1=&6M(-_UiIdC(a3p7YIbZ8AJElIPj>n5C0u~aBd z@A7duY~>G5+)qp*!K4OH$bV}5)Zx|(+bLmxGt{X3Rj8^g71j?iF$h!d-2ZJ-`A==4 zCIU=7wBO?`3fJT&&%=r(3IEl0-pjq6ZimOof;P@WOd<+vRC_0@n>x8CW4v@no9$cF zW9@*LQ0AcOWdlhubH1-K;1)B0EA4Pqqqs^({hjI@>z!)b^-4Z_Mym2#7+!HXMl?v% zu5QD0*`DW!=Sbj0SzlSN0loTQ4%i?U^Wl8Wh#n9?{!``JW+IW!ntZx@|7OWYFz)b1 zI6IP<#CYV-uMyRDz^~d?xOO)Jpe^B;4LQr8Tx!WR;a`{;;x8<(=$b*V(*2pnWuERl zc(P{ktFW^7@q|A^)Gwsb5WPNpz5@fRcE+b0hO{TJ%`sIq>}+t@AjAsxz;*MC%rS?r zmdU(Hb>Qn}OI2mqekkH#<}igL(xT`YghUk%;H|t~Dr$4B`Ml(NRNpN=2y*+c*TZBH zCbrsYKh#}KHWTynSU$hSRW%U5-?rO+oj&uo8f-zHNy@3Z0&-PomrtkI2(IKiiI;46ipt445OH)7wrHp)&?_Cf0r>}TBI+mcuC4y;&jGKdt-RiBTrVf|Ct$&JW$e_ z*Ri^z3JI33!y?v1S`ZbM%)leq)MNNV9i>`;Zwp;7>7D2uW4|zE6*=;C7tQ1cmxSev z-#34*SDT+2Nt`v303-8Q)33qGd(a{wZ6oCnC1~9_D+VxzxI*PCTZnXty907r+v(D_ za-w-&yppVBFEtR78WEamLceHP#Q?Qo%e##AfQ@#z-Bh5oEp}}A1U^=|i#9u47_?Km z5)10K-`s4Rs*7Vkygzf!_u|AwPwIYn#XoP4P zm>Cr7bXTeZH!WIl8lmlC+s;JjyJJivE+*0m^9h3Qll!H(auhefHC2Az;d>R)`5B>nyz4??_l-iNEU5>X{%1ROMBO%t{Aw z&#+P1ZIeFg6UkPSl|J*LZ(QGJ$Rwsz5o>;=e2sWdyBaX}IJny;&Tm8X zcKB*U&|K|xF>sPiH@2=XRQ1W)t@jUnCgY*oWh0eQP}S@kovMB_xz?&CJJ6B2``E%#CTL z0rk!SyvZ4Pu@$PYs?ZXrTnO{`HoJj#5$cLrGCr>(Zfm!piy2Lo!Sei*l!2VSt zuCV#uOT8hy9&CyL*<0uuF)kP-sEk@^@YiI6Oqq-=X3bMB2u5^x7rF919fRoMEBooV zwnne>3~Ru6qX=9tkD<4He_~d6kh7_DgBnk)m0Z0^#zljFIs!Gyh?I3~n`&J<3{* z`ND5V1c=NOW2enZ^J=nvmaPSh`oE`xi~dfS)0P=)x59?DzWZBzFjY$)tXI}=Eh;ue z0-sO+6q=?~Rqx3mu{_H=Q%!+Xo{2u<)Ih0l@*vhn=)kx|f|@|uQsj9^AUDqAn0=35 zKdD$u?m~}SrJKZ#>sHrcAC{1!_cwQw{Hy!6@7vO7;*sDQ!2yayq}?RkGh@y#TG?dz ze$}MyS`6C<)xvYh!sWQPJ$7S?P<;ajx|!`*C#K4dWj5NW^f%Y4rmR2d*@3EsB{XU=N<$DZFRAV*?^_{twLnc;aSZA&DR=dB>r=mdyB>@e6Q%z6-|_6PCZ>v zdj+RoY4(=x7+pSgnm&(kB~}9#BPQs(3MxyCt3jP?e%>D{b>?lp(a!z&3E+XTWGajQ zm=8U>=Ni2m)dS&6=Ex``vte8vN0k6tB4eP@kRrI+1v95ruD5${Q!2Bjmf4}{4RciR z`3L#JB$6V0NLxh0>N*m)cmkF30dDf0b6w1?0RnFf3{6mq=>Qrwh6q|bExUMcxGlM^ zQIROJ{SJPM**Vm(ldnXZA{}N8$yzWV5bf7UU25Lr+?a9HIYR)8mV2m|`%m9-i^b%m zSuD!XXShG?A-}NAJI%o<$wcIJIym4jq%WB590^ z7&R9QnRAF41ESU@tT8Xl1pY8`X!RTrp9Q-RUUIt||uk{UfE z8Y?`EuFQ!G&x2N$$2-6QHQa-QDIxO>Gq~5{&kx#oeA&(rjr(|}kpRBay;mcQbJWDI zGWWxORxvA1DJXjMziz==Li|+*8t#GSt#E@<(O8~a@vE|oKWjbHl(ez>bim#f5T~Q< zoJ4fp*)yLCdBeyvP4K|U@+tsDrq%F?scjJ!TAbd$C5(lF(-T~@EPqRgWWKZC4~d>| zd`@%V$E$0Ya*=l+-{C=+H-xfry6~SFsQKR|wZ^4->+9I}P4YJ)oR29pFKtJI$mYc= zgkWz$!Al*)f462sklo>kqgqqYDVk`?T6}Td9XDNri4B?G^?JK}bH58X_9}XAEC1MI zTrcx&?$1-2REB_8C=hHR4I+&YH^5akf{TZWH+@A79(aSlX9)g@U-+$5om&FRxwu>s zt4eOQ^QUOU;d9OTnrR5E9Y>KL$11Y~sa#>Ma`abm5hRX_((uUI*ix(E5-@Vnw>km4 z5;wW8M;iuK4kB=p(D_K;7}f=whvDa=)i@!`+_c_YhfULDWV7wU%K}5#z78$D9-bgB zKRgdY{V<2~CiqeGE-K)mzT125H{}aEn})NFU4E5XBVWJVp-`P-%K3Tw3yY< z2d{{=Flp7jkO8l_YcEL*uqCa=dg_EW#5(BXDf}6n zo;%QYs&tu4i6zNM+qzE>?m@g8*CQL%*XA*{y^D(gVK7`yzL3N{TsWBTFxzF%0v)F( zQqU_aSy(;hZH>=s2yzO)j(WF}(1 z3=g$7R=IA+_1TOlqcXdR_xtMj`gGQLLBE7Zg?~NRzE|#2#-pf{e3mj(+^1eH4zowz zJZT5Lrk&UuHWTeR7lXbyw;Qc@DEDz+ z0c)C7f2mLWbo|oaddf0xE=A&RbEB`Xc)Ga};N2>RF&UwQy*QCWHpo9Px0k3pSulX{DDSLp=UJ0-MPIj*F6hN03wjc zL7D5Egk2MpqRHhtX6zT`)Pxa}{AjhCCjX#P)_PK=woTD0UhAM%8%Lom_xos7w8JrX zMs=aA7e5yaJ(;n-zW#@jX|#QjeN)3s%SeNoo}t%B&HNt|Ueniw0=%#D_FT&oW{JxM zU$9x=JP3jIY}SAzXPJclBS&-IOxhon&JE+HK)k_;nk!|&^Xbyb(rH7dI$g^tWR(;D zQO~d{hvt^4g5l*kM1`=gd1rSbWq)w7+&yQ2Z(@InBS(!UFgY!CCz6@fUbc93M+rnC zJlB-jOL!0}hEiF|0!J6?>J2(8n#-zTyU04~0BLSeCNw4E@q#;89zhlSk5lsYzDjAJ z4*%=5z->^h4Z-09m7md38#s!s0;baopsV(9HXkoH1N;WvwWU9^oR>lLgukf7Mfrm6 zIdwaAule)=)f6*N{B-te!ov-jJ;hY4l}hfc6^r!JQ%BTLm}et)(%X1 z!Jcd135;@^($bJa$88uq`?I=KaQAn86o-YEg8GvU+a%8%cqS})@^y)_tt+pvHKu1p zBo5hmD-!V!gs*r}$*nD^>5fxlwVa*$w-bzf8E4~T*Uq?#gI$k1MWC7Z4613^_l|z&gRD?@TBynnMG`{-Ty_UajFI45 z7mU(~iRFDoB$v*S7dFdj1Hf^+BfW57{!SJWU5uQjy0vYDfBsQD{C*1c;EpXnNoR39b?p zHDP)44Z>~tU~%cHk1_hQl~-&p+SOYQ{p6I1Mrvn#qoZRai$XN*o^lR+%Fpe!x?=irkI78vL1U0jcjm0|Z}w z?^3NZ&?MRgjPr*KeGm{^W-Y1^l6xT5U5QIV<5Pa+@D@NQV{ zP_8#fE9HrXb{n_$@w_i8Me7h>qcl0wUVkkYS(-%^L^AW41Fd`1Gj#WHQ_O%es8eV& zbIehLHj;V6N4FO1RQ$M4pBIs&Fr&`zLAJ2&_GtV5=n}WJGjvbrZ0Jp!E zZqmnpy(Dxi%)5Ez-Tpqb+fUkfnTNL6*_S-q5(%gaPO(ylxQ&5(9+GRHA#eYc@K==x zJ17&{-$jF$oV71Y*D5;7b>YQ<>rB|X46+iNwnAcSXb#*snnZE!_4$fW(HxJj+uPq@ zX7N5<9Rt+$(}PdlVFlejNcyMH?bZX&1Wskv0E*D&`p7F>#?mAG$G`>-mwrOD;LPSX zATSx_%kLN>_|fJ)ZN6QVqWUGxW1B-G#@e4+rcp_uyV&qUE{Jy0De6N9wIBLCG_a4tF=TeBh^D{ zd0gAIEYJI#PW2Nb@-3DROAT_ML6a`FBBbBQ*3kf(K@%aT)l(PbK0V*z;S}c z88$2XKfmagiuOtcHcC>@Vt(@nW(wkya1Gb_C^K-QBUS+N`!&rPxii+qFTKZbv8~`^ zGFAd9(rhE>tt4{@B=G`)5=ES%)@Ac>FBJ+)Qr1vb@#TJxk-Q$j9KXm*lCi(&i(d*j za{Z$Ab9<2m9L`}XD=D40YIzxEdb2ddm=lC(zD+QYaG#E}Rr+Yf zmA81r(YhKgRb4u5p4V~Ho%j;4i-x#DvSLymGqt%?y;6Py$KpciftaAh9yyCS#pDmk z&hzQ5|LN0-prHkjWXhm_l`(ywnkJ+6RLK5YQG^V?;433T!V`pryA?%b zcTD|F|NKY5Q(P5mVpXO6M*w87m#(+Kz3==pdD^HNH9a;KFi4W zl#>=EX(xKAGeLyjfq)BUh6IZcd=SZdF(5yV)a? z5i=8)(KqXC)zeeln%1F%=`ot8uKOXUU8`M57LcWgnzjBJr?wJ7?}-!%&=P)FTxbfP&E&^=W34um1(lVv?K?7aq=? zmg8z(G+;4C>Rjt;ja1&r?BapPo}1fRZa7V~m>+Md#n@x;Mizz<&ww4DpNH&esA;|I zM90DEseIL&wl4jo~$NN}Sz6X5ApZRGGlY~B@?$wyom#(h6EUoemJPdH1kD@D?0;9RgLsz(a~*zK?Ag2spG1u?kxaqBy0 zA_=JypvNHjQv?OQrwqZ(;r1cWcs-&}j^DkBCP~vW6%N*-SY1h`CIsEh?hBXkof|p< z+j1TIDvv>#KV{-uH58d!3G0=N*i89=e$R8Y148E6UDm6cbxrN|1dThb#pfArEPBU2 zSFBS#*9fVM%kSUapQF`9jG;^N+vk1@{E&{LTd}1uS1ipE_R(rbJ>ZD#F9+bcIm%MRJKo*&3W($f!d7 z3Q}_W7KTA8#D=Lh+@t;{k3`w*R!dX3Sd&m0g|KE&6@#=@YDN)T&)lIbQ!oDr@x002aJuQENfzij?mLJ{)#Pd6V|&*VVZ7+L zOIeKVbVjvUKq+9u;2uZjcp>K^LwGth;l}v8^V`9coINw0N?uJI$x?%&HCeHB)Ap}` zD2yzQJB+@&Y+-S`eU0hoAAR;2rbXr%_GH~NepwmrmLq}kfMVw#!2tE>esisS+uz|u zwR+i%q+=fFelzeB`_V^&0Y9~s)(m<8irAUFa3N8ac;h+0*bvNlA{z+Fl2w&_phth# z;g;Ii;^oW-B9%uSUTIoKO<7#kEwt6SD9ElTm!|thEUWa#bCKo1*m9#T+>txKb#V!u z3uHdRt-jx*aqUDE?`6skS6c~40?IR`)*3w+h_~0)!s~@`O1N3BBz8cP-M*WcuUmD* zs#&>N0az2N0uSI$dAhZ7>EGqg@6ScuCv;Ez#C`wN%#(T{dWHhr>(gE5n#XTUu*|~& zlAKQ_HZ*AINv0l@_6>&GzwwPT$*|c>m==ah-CYlLD&o|~yDD}#FDoXQAN)E{pl3W8 zDXjW-(SAih#S(tEG2fxXP;gEl{W9}c-1b*m3X~pHVx9~(3-E@T1+Z9RFp5qHKJ-i1 z1UVTq2{YyQEaVR{`p|oF@0kwgUCHvlu}^Qq9(?YEzi%!L54OL$&P6duY7r+gSlMZ~ zI-+0BG)DAJxc7*qm4Ic&%+tb~Tjzhbc}vpc(i?LyZ&2=Q;_5B=J-VP?S`&j>_LFYx z;+nLZX%Crj#}s}jq2t0ivn}7*5kRHA=OBGt&1Q$W08CQ%!)+Z za7@-pOkd}jYI?P_Psymlx~$5C0cE}bGpQuZd2eq5l8ysYl%pFR0zbh9ax$o9ZFB*4P`MwQWb`$G8@~d9z z-7s8qJg=0`yo{q6DIDz*^WBrf)P(e&Ga}dibFnZx(9~iian}WhPomzciH%T_nuKNv zQxi$1Hcw$t1`Z^vfuDo&lRJtJ3&cIeD_v=vnBN=kQiE)SP)HNIy;skn{X6aurj-%j z;6i}5@M!LaGTyl~y0`8pQo(uNl%3=T?f2-8<3Ru#E|M~h4_xGc>fG2fSkgKn$BEkZ z*};BHGuQNoYWI-m9L%~Z!0eL5dRI|kg*TbM_Vpn5VdMAb4d*3z)LNi#m8Nj>zz$>~ z=Wps#5v$}_S#v6I8BLW+H5OaB3tloRDjrz~ZK|5@;3UuAF8}akC3%t!khxK`N7x#q zFJmxnPGp(F8NHpNEg3C??-YVEDrxBEK(3?ae|n)6ZSt)_kDlOOqJS_y3D5>GI>nnn`ZA%g9g@K`jrzeWvrWy76wi&OVToB zbcw|cPY<1c7vM+eMbf9g0~}x4?$djMvnvV?`Ai~AUviIxh5W$X=abzJ4Ggtv`c;iy zR;axsu?9HeeD}Sl-R#T8ejoim7(2_DOoA;;!(hYU?(T!TySuyl;O_1)xVyW%!(boo z?(Y8K4$HlpO?I>UW0OwTNxG}j^>(^{RGs%ZU*v1F4HJy8(kDqBr2V0!fAbeaxCR>X z7Y;gLd8hwkzNQuy3jPf=X@SmkbzCJztHRCnDJ=lW7i6s>tjJ+bQH+d+BnS{#NcN2DZ%^YBfS`jH&)!Pnw3-D>OEyN zd*olbYHiBZt9tC#aWcq%0W6UlzOmfYTrAyvpws{f9h%OTlNqS>j(6Wpx!CTts0Rp8{C$}vwL?iKnH++rWP0WmaHR3GDIsEfkIiwI)0MDS zGiG$pvfYzzv_4POq`wFit~;^Dp2r}7jd%mrma<*wye`$030YFIxW?Q3+)ikFCuYbw z1?rC&A8ZO`xZZjs>Cc8vYRH)=TI%mE3|A3wW(N*q=kGVbCK*ue|2^B5!fy_ z|9Q@(%s!=VIZeUE$87T{tl9eS;n}G((72}DC$HX8=!;Bu1sDW2w58B&_m;DybGs5% zuZ!VEw&0lOW~3IgTWu1#ROB=1ZN)pD)p|>lyb3SSD~hdG zi|3GSPo`U?--KlY4}*z1!42EcSBC9`x>-Sq`I!Vt*G*Ec>X7XcueD6B9#pwH*nz2J z;#LF~dAJQ5d6%Hbsh;xJxv%QP3B*)oP`8B|ev4+bfMx`?He|AEHd3~MOqL-d3!=a9 zuBls@3(y^CFrJ(B*CfbFHeqdXuumX|fv4+*#{Wnrue(2=2#$ z@yAHO_C8f(gLuTYncXj&Bd`{o;!at#UgO;8bdS>EVeVD)mD96*$lkb!NNWSx4c1}u zz)T9IDLo}U2D%1fh3+QHkcBx4hdfrzoB^dh;ucob^;M$}_B%Id_70?)Gk;GAltd8a zeP_*;Lk{aZcfb4&#>E)^Zy#0C?9a2E{2066>OFMG`~=U_Nc8lR0=@`t#&%SG-P+C&}~araXf9kM9^y^`1o;8 z0Ycrje2=?({(YeHczPK9#sTTj=pEcd>VQesNxnE?#MzW!yCnI6YIbDRJs(UHuBUbXq>nL15ChrcI}Km+T=K5o-$X z4!$f&}G01iksEdiZ$|7M}I!MzYSst(A!O)JBh$jo4@q=A% zB-9!HqSBL}lohXqU9L_Io-k~kjm7D2H#_>JMC(^EzD7kIBa`X&exz8ro}QcD1AH+* zo?4Ah8|&_J1n#JgK4hX`TwQG!Km52`$PcpfyMNRs0PC)imNAtB>1H_)_KT@jmk35} z>qzi5i62W{AK(1guwr62bsStWvhy&Lx00s^zuUT5y4lK@c%49aiKW>FmM&iFXz`7z zkvvjTDZa)1azRa(;#1{!^10-={2cO%Ph+sE^B}xpxn=uV8aHb}BgAsXVmOJ)yqI<- zTV+x6!Y`7Im9GBMPDSygv)VHcwP@(XC2^hfXkGh@a~+k3<^2#K-^kbYQ0pS!0;#9L zah!g6cWfgkLuRxL+J=YDMt0?Xw6*QUunv#s`S5@c`%kVrqIid{8*+iMklRRiUAum0 zk5GH!(IBiLaiyJxK3!BY30AGqL?9|0EgLS5=CB&6KJBvAhFi5ogT%i^YeWf=)@l+(6s5og&|nqCA%;y7t2k6<3_B07m}BwCV3N%?`vc20(ZdLzhD)6C;FJe4V|oYgC%}7o!ftRW(L#C|KRfBUJv(`uC!- zs5?L8#XVIq3tlo}Ch;UahF@cf3PTyE1V3?=A8*E|RKuh}y>-bxLMy^t2`ugPsO@^J^_MV3QkTgZ(}wRXiPMfm0bn-ic$)>)QJ;A4yri z^AK3tmTC8T5y9IDp_?D$lLC9vO-WDfxH*}qD?9{C1^3ESp?fhab&t#+#?TPsrfyNKvDR+L=QeRV@avArDC>L>M< zn;Exuu%e^jPl6b|tw{|41?>-TVH&lKtx^Zk1>cU=_XNe&#( z=t5E0x$B+$#WB3jjNGR@C92I6OZyV<>+r+v=&8Y92Q&4#e#8?}!`bV@YftOk(g`r1 z7`K{IMdvjpg)K%wCI(F5&eOy64jZV_Gld_i096#~NLhE2@q@?V&Owuu%~5#MjK(nh zoIj2NGUm$C>~MLWw`!te+4R_*3`TJqT3nWS@jMamJ3JvGgzCcM!-jwYFj)FuM$o}0 zt4C!r#j6G}QagHRk*E^Nx1G8Qd(Kqz9wb!E3Q@Np2Ind=KkRTgzXJ_xH@!}y11N^_ z7fShG=kzOnW96jw2r7zW1z%f+holG%-eWkTC_Y zf@%^8HVLF8p#nU`)5XHLp$7{94*C(~AckeVLCY4*$U!B2IOFRp%wUM%AT62OM9e9* ze_pw+t5~s}tXtSmZBtEv`P?#H_f#jLM%$4L=4m=tK)FyyVX-iNdk_;KC5IZAvVtX-lzoaQp zJt}*qd1k(8iDiarl)#_>MpH!JW&3p;=zFG{hHqi~1jm#oJSeB*tR|Qbwbs_T3YErx zIHb4bcu4r5+YxCenJ;YqLFk!&h7=jhl`36PF0rFMe%>a_4Vg_O0GCTJRa8{fWX=@) z_xip4F}R&{fs#p@8TF|?8F+#*fi4}4La2fs)ld-%E0)=3fI3O8EP`%h&p8<`@kC6l zQCC+mT7?bQplOB`DX4ndO53DOOP=9EwLWD9DZ|fD#?BB*{%$Svh>&zc^TNi3AsISc z6kx_P?wy%Vz6Tpig&k&f?;aNrBJ_IK{CPh zNuNLjUZ^Ifu2pK)6Izw88V%WVM)8(Nff%}&#xocGOV(Ff`4;>t>r?f~iW2`9QF|Is zgD@rFHKupQ7f$q*CoGMpUKm*Vs5Lh_&!TxXf}fbXrEM*Rzetf*Xo-$i%6!eYVH{DwhR&<$6sDRhA}iYK$;WEym_1xA$BPm)YHHsD zkbY}PX%y9dvZXm~G50FCDXxAY0GsEZGxCkxSn2q@6gHU)F*domiVO>Qlg*3$gx{#$ zg`m%%SxLH-D}K0k5EoBhsy_$74TZ^0>M(E9blD`xFp4h>XpnXG6(;Y{jUjv261TKQ znN)^Y7LPq6>e1J#>ygTy;f!eyxiuM2h|hV2PB$es4EEp2{1y#Ny(fiElq}>#CQlUX z%p%Mm?TSbL@`5vhy@FMCp#d_TI-5+;$*n%z=WG_r*zqAI2yT-d`1e~O9dWr>)HtEO* za-<1Sg7Y#G^N!8``NsG?1VfOKRG4uW!d5wZnG;r=4m>?lPQi;5r(NHMAuW1NNI{wW zQ4378tWe^@A2={V`Nv$pJ3e{oZ6nmlC$|xH{rRqu3b05BL+N>->uNa>60-5Zc&e5I zlt2C=g=FRz`tktY>XH+%&8qPnMjow-rL~O9Odx^~({bbHO0vB|P$HQ}F(0%!%~D>zHfx><85O#>X8%x}u5IO26w(H1S5iV9%Vw2cto zr1;vK-VKsI3e~nv!w?OlHVPKH@)#{643?G0pb(Ah^BOOCRgGKCKE= z#RMU1`SE~GXJt3EUP=*W^@jwyXR`0(&fHXUTQmC4cOJUSC_Q1ivkjdy zqnj}Y?zQ3X|B)}8Seyig#DTPgY>trBE$TlZe4A1F$0V`Ci@7qSD4?y^Le`XD$kl=< z^6Pv?W(GRtqEpcvdARQm-o(GjrDoYx7dfXiWn^XqZ~W1zzuuc^X|ueg_BY{sfP-o+ zy%@I+s-Q`$O$NKsy%&?$5cU>*ZQi6uC;XAqu$gJGE@HDfmUwniqdq+4Q}XK}(y|>Z zriXwPu=;-rqZA%WUbKG;9SL*r{w&cKPjt`$ z*Hgqd7YGekB$r)T_$d~+Z}BONLu!J0^W|@^2&|tv_{{!fkeu>&J)*9 z!d?;jD2PQI4JP~Vk4K){g{%sIfSJ&_z8P&sXpjDQ`1=|}_3}0i?~nXxg(GvOzi%K^ zJF|YsIE_gC%(sca#AIBI80}HR-MZv1;w~ey^^i-o2E~;>WR)R{YL1ommB~7Y^eZE< z4x!Oe$l|Nvzbn{`8vh0=vr>gKewdl~l8AxzS*C*~V=;W3{Ofi}vCpi-Cibkb_|Jw`?>*L|V#J+t!0 z#>-oEadBy*`xtPrMwlxHC{awq1W=!?JYx9uov;-T!uswgMe{yy&5w^k9;$PQ$G#Ur zCY?=Yk%P6dyGZ$<hof-7leeT!bY1{h(5@$*uE;S%jz-ChUP)jzI~0~QmpWv}?321?5j-HM*ZZ+J zm|H)3Ji!y1P}!RQ{yfXs^4a!zYTq>Hx2+ckb&IF9Z4K)fchW(n&BW@cik@|2M_|p2 zO=HYe6VMIee6{-Q%zugs%U`%p&Q`rH%Dk7?dy*ZQnB z)9?#}Uvsv4TLNy~phc>M45YY)_-?5?4Nk}xxsf{Pbx=kSjP$b~l$zAj_$i{>C7Rbk zq(Wfv8nAKn;n1|rn5fy|+378Os6Q=I1g%!YViVlqOG>%0}e)yd}VR zNo`;Q*>NM(C}Di&qaU}1yrO7y4Amn6Gi{z$!^2!>m1>L82qQ zT?Utl{3#sNy>0ibdICFx7A4X*blYUX%yrV}!iEor0<{_VlP&$5S#_*eE!1sqx;0#GdoZtnZ0k)k5iHJc#~}QPV`z1~O=`J~UK_+`T92e|g(esPZ!eDuKR(=TD;E zf1wM%RPQD9YA3H+*gY5}8nkbXcGQm6(_r>uqpn~`<5-=EIqUFlpzFfH0@?HqryPM`xghN*Uasw8<%q09o(VxoB zA?-COmC;}COz>jB`~?9P9|s7OB1MH369R&x^yNV-qvjTj{3VvuqpBd}@M+kC-euB6 zyV{Z5aKY0C3#&I+k>u2Y7x!P}TIgC4%9kKrK#k_mphS!n5mtuS7=KkN;G7$6 z_)??})*8xblx)hcmef#Ez9$2%Uof~I;pIphAwrD!)C^cRx>;F7(+>m5VM%>^T{7~3 zzx6mRc+i6W{ddY4r5F=NR9l;EeJNx7RU>mNeX{vbfNy;%bt;WP*KXEDbeT6N*t|Oi z(OU67#kJX2P-pu;|dsuOCsqo zqWLqMx+706VH!m1+neeq=X3`hFvjPT%ghGNV9EP$x#m+Vvr0*bt=_7=@Eqk|vmYpqSF3^73Y~KRG9}iEGIFnmCo0Hnp1%9Oc|> z*`lOOo8P@0dGjG&{Is4VDO;8J=cC+m8LGMqpVQQK(QX`^!ok-9DjQTiXrx;;E;1Mu zS>5AjU)SU2%rNxYIRq*GCJyz+4*$4aU%Vac;&Ry8v4_)z|o9IZ^ncE&PphhDXqCdXh4mPg^KF z9~4Ah)!I63jbAKeZbug1CTa@%DznQCjii{c=d1Q}@Gm zrR_4Xv!C@6B~-mBy_k|mr{bBg#mF_*C$#A04|9fo#m%;&ZCoEg=zf_$0rg6m>Q>9K zS-ur-(Y;8zG<9V^fL@W;-Zq?GVQ-iw`M}F^+v=@XE;~;8;Cz&Q{z8742l9e; z2!qY^MD@8vyoIvY`*lj+7ZVVMw+1CCq;~B2=7&FXy&qR?Vr&h6SN`#%0F*5{QwYgT zAsaTeXz}trT=O{>^p3bXZ;0THuf*-ZUfV#w+twEt%`GaL;ahx$s3rQybYm+c zRBRoVRe#48m)WM}rFd6;4)>tbwefye7YRq|R+I~D2NI)`s0B4=lH1H}o9WhVYsy_* zV~SHsPkTX?F?ptzWa9;$YwnIGrq;cDmc+N3vpPOpWVyzKPJ^cf12*}azJ>&!)c zVdHSg(aC#ZSn1s>aA9NN3*@Y*|NdrmV0ct{$&M@VZpm(=jV`P#Zdp34?{bG1>S!!a zBZt$~$c&$$EU0UAeFc0y1d_nm)ZJ{>I$KZSZ|wDtTQiTR3B#W;KjxS1bEaJToe&`3 z7_LYDZEOFHDfY(cnjgs){iNx{A#3s5drwZFm{_|Kv&7aipB5rt0k!o@NSq3NCd4~r zlfDbi$$P4Q2T0G8ey@|?Vj?)CdgFSN!xb90eVT5gy-dEU_SGZ7a z{y!%z&7tr`Flcjf^1DJ**3gaWv`y}~qBP-t!`^|tERRKGfC|J}BX(XV&sw_Uc zdZs>NE%5vB7Vkb{8u#~*1Z5p`dSk%_z!%~+vm@XMz5BEObZ&C5cI7Va4l(kX8rLq; zt`Q2*deX@k4nbWBt$Kqq{$r_JFTv5&Dw@Bhkq9tIXdWmd>kwykH+lN}vT+;}}5{M5Yq* zhjvXZ3I2`4L)7$k0bQhtsHHK1Y*x~EH@`7O7cBiud`8gu(s(CY{-XTkUFHvz6VONY zYm1xF7!C0bbwd3E(Sh>9b^{ez?%$$w8+km-i@hf|0%F2#LVrLCpv%Enrny-DL3tqR zDmf$@+}68w_*%O<&qR$s_cxtrf-$>5MxUQXr1W7Pt3HkMftHkNjOWos1J(53yLlbu z*!xY;_ZgQDG_qjgQ}{dF_=kZmntq8=he#VC-xX&$@7dxfHzUn=qjx{oeNyZ-EB(Y& z=}wP#Ax!P?_9(;_iSO05GMlsb`#5+^TFA6i!9%NT;%D+($XJk&X`@2Ba+&i_G}SWF zU@672F3S4?>fb^)Z|bD%=$Rp7Wcjze`AX=&vGNnpe^ccb!0--|F}B+)W2lqp(59Sp z1YT_`0RxPYc{2b_a(fN@vCn8DO!8=;bIX`Je**6_zPD52r=HNvqzm^%v)qve?BhR> zjRrw<0W2NiLUaWn1bd((dLs}crXx%M_*QwCL*<{NZ%o(H5ku>qiKRJ^Fwp!?(U;yk|pg7DxP&u z`U5+p3v)%xmMo9K>9bwL-V{EXA8Wp|0^Z#oL@!HU6I3;3KGAZnb7u9F31)p4+DQlQ zl*}akxk{Z*G@I4G-2w1Eh*+`of1VP#3O^z`RNu13n9ZW1xW^^XeAcEWF4ri>aMZ5n z{+cFvh~X$)FR1yFig;lv{ZJ@ErHVmTXM*D1stlKrPgR|Qag$Ro7AMF zG8Tvji^(|&sTSSud_U?c8Hp(ErBk*EV_zVcg%E>hx0V4vA0(#NEhNfZl zN!HAV;Ph>5|MlCJ=V0S(>-yA~HfRwVx0^avy~25_?`ZCV?Xr^$n1?(`%3kqVtrB}P zG$g*K&<-Rf8cX-n#Ta)0`Rvmeubr~847hgF=qO+}_95w_?*gRbe@yKfSj0$kI5*R_M`QywAzPP{76vX6bWZc7FHn| zBI;Bl%qBmG=Q=>rOBB`UD}x-mQ-j<0fJuw_vPr|bI6*{bmzBHDf1fltCmvXF3zWbFja!dzDnlF|9_MT9r~M>eDLngL%_64Gf-8yBcKaV7bGl`nA-o%koF0T0ZnMG3e`GFIR*LDbC~tEKH;3CN6d% z?S&TDnC^At%-hL_6UNAYuSMZcRY$|~!ZQbLRfu)2%Qc)qpC-m%KQ%2p3 zHD@QlLYp0AGQno^JEP854{BQXhE+R{ z*f6FwzA$jq6?^l0&@$JsmLN7Vc)aUEnP)v zHfUn-gKuL%I}cC{34&h1nKcWtYvw_tb`V8y84XQjmga=GAR+x&nKu#Bb<@YU z=lag`^Z7$>J=?=g)y2(av6RnTbsGF9hz25uzhU98$ZO0VD-saJdgqIkPvN2H!^~7; z-(UU@Q={rK){tnHAlAn~@77V6W2jGu=c!iEi*yj9!KR~AbsoUy0O(F9sy_jT&tCGR z0R$G|2hwZOX=94a-4*^Dv%n6czh02JOuLao?#2a(zyKDAW(K3nUK0Bu=_+B#@S_OSO+6!j7P=Ot1YmI2q6@X>Szvq!;xCs3!#k3Gll>hHIcN_6tC%VZnM zUBD_zZCb}spArAjP1n8QT^9B6@ZFBFf4kMm%aMn2CV{K&F@UFKm1`;iorU0~Acs3EJ zmHnOoWpNA+q|F_ndw=dvYWKdNllfVMt!MhUAAA56AW4bfFC(rZVn{+b#-FF*SSzJY zh(hmJOhjOeFhb$0aS@nHj8F}TPDD722>myWhyhv8@-wo--Xp>^{y&X~oP}uuy#ZHT z=)#8Yut@?)MyMSmDa4;BV|keMxKfDJgnu=li^F*l{ep88Vl*Jo!n^a3>)H1Z6ySIf zS<8ejz`FNJ^Xc!!E=rC4%EWL%u#MpE1#!!aY40O*0|jUJKM^ot!4S{$Aa98A!g>V& z`3yfDFk!`T;a$Q>5PQPn?G?M=#QG2cvka&XQ8C7b9D9QdKOAtQ0MzG(sC({s^Z~Qs zsr@U@ZZjYlBzh(L;Fw`6KOb%q8IXoZb+f%};4fF_CA4tA2wuhS#*D2X|)WH1urPfOfu==KkxzvH*c;cz| zD*Yi(9Li^F&^;RUOj;NE*4-p z5ADVU@9W3g9zh>Y9l?#PJNgZ+JKrZ!SM@$O@W-D1t|%bL9^^*X9r}jXo%0j43&Bt9 z9Yimp2Z5l!GMwNvTwdTEQ%{@+){YQAfE|fn&>Mj-q!sZC(vHLz@*1!m(sTaIi7UeM z>zddX^qR;Q`g$0lU!4m-2mvv6AS_&efCzxX!Px=Y(4V6pii;zp) z(zlKH1)58g6WBwN6FQCLC*Y0a8(bLv6->Wp*N64|>xKevx}On{yUVf1`HX$@{iXS# z_=eaa`UTk`O%F%{T%X|?L!Ti5yIz2A;4uH(skw8uuh{ab`KN5@m-6!I*E@UmXJO5} z--63)>^H<%aQT$~gzE!JxAZIT{GQGb;jn}pm`F+cr%y{hJaZ!Z2b(Dvzl z?dLZx`M(FK|Ln0T2rCne2)|=lhy^DvnDZ4RzkBF50@bTIPLcg;Sv;sI)k_5HVC<~Z z{YVx#VR?kS<9fvV1LG(W=!&SXsH|U%yQJHK5pGL{sGOC!qOww95JpQ zNjlFfo;lN7HZ zsYAXQSMZzsN+`F&kshIXVaN_pbJ@^Gwao1epf6;V1jX*qdK-4gOIbdROvJ~z6|6=M zw!|3!OqA4Vy%3HtkhoIvle2fRpt~K{Wq=nj{x7t=Q(?_W#1wnQ_dW8tNU%)NypT^T z4Ed3~K7RMz@YDJI_kzI>tsY!!WfX5|sZqouMY-rFF^djxvLpHx{SJa1y4{wWR6xc4 z)3Cl6%nPjIh|>YtzqFp>kG1EZo6?yjvqI6ckPrMwt|!l=9QHV2Uz3#K)IuN35P9F^ zq6CmpvA+aHT@&Bryf;v-X1=l>dhzUbtYS|JspCe<*s!>s*nWpSLSLpd8RFJ>0<7fp zeq57lW4A^E$6znqQ#>K*j4-Yz#iWN;#W8qf{BwHZfl(QzFl)l6#6lUEJKj5H3WsH< z9*0YB*NZU(n_eAu4fL2ZD1#F$vdL>7xdr zjFS_a6NMAGEBO~T7t%UZ%c-4NUSV&+`h(k)a;V0~twUGgA5@Qe?^sFV=ss`=N`;VA zp0tjGg=MOIy=$>~MZS_RQ0Lc@Ly6-+D)j``1G!s@+ut6sSpdB=*ckbX(fi@jDZ?Y8 z>>A@MgDXHO0pLUT2<3?Ri2H~l#hiJC$(8PnaJ|2!;krTJ37syJdZ)u_pzTHnSG**R zU?g^rU_W<9|41H2wI4NK^I5D*PKT;{GiUkp2@_xj&@$?bb0a$_Dwc?VQqbm)ZgNL& zURjrjC*k;IZjb6sD$&1kC8Z>MHiGEL*q$Uqwj95B;OdCb9?K(=(~oaJfQht@Z}`ek zm=-aiVn)`O(Vo5<{pNcFcZBGaW-*Y`xr&Hm*x4Aga&tj;VSO>+?TXcjOyz~snaw-m z+nZzXy|!h)u%Uz9>aRVvIc~G>>U4dBaihNTiTFkA=kFKGKb?z#*+)_IGo)W;mvL8G z5pf)_yQg&{e3PrhEJ@_Cax1XhZZH(dls05-j=SMF7Yb1xESw8u3*X_05-NYDP-$eu z#X#YWwQ*w7o07XmWvPL<&XvyzQM&z2gMpbMH$f1RePB1Ccr`6U{~Z49_iT;Mp6nR~ z--TWfYh{{doKE;xmsxH!#FVL!j7Jfh|JjYp8^}F+cp&8-*c6X{fUP8#G7uIOi6^R7 zaQ%QdfRqkPTnefUvh1il)A>@1Q!b(nw7CGC8qtk@Ek~<%j`BY^-M^VwTbS>Ne_v^@lz74(*KDD~u5pjVad z9y|nOu*I;nkKXqgkOcr-aXJtDI~F%8sgA&oBFth>4o^$vnO4ncJ|Ssu<@eX;glAlL znCp*ZXOf--T1up9cX2eW>7KkKTq5=YT=@6vk9T=(>tAaZi2&gS3C1yDoSwLz#h@1@%nDGl}87L$a3@CFke6z-xkzL zqT{_E3U52IRXconEA-)uM^f~B83mna?Jk31IF1(!RxZ6EuZzSnwEKe^Zr}MR9ZhRzSuH^1ciPJ{51ds8PV*9|_5Ah>a&BnbR*h{L#%p4|#`5&Zi(DT?QlEVTSocYH zS$U|C-=j^D8+pBeeu5x=-y61~kSu0^%B?;UWXE9W5Oo^)qel~?1I>2e(l|o*h>mp# z*4r$+922aRF-d-AiN#{Km+HfXqNbuAHZ9eao{C1?Hf=&`Cd$;*7_2Ec*r`Q1m2d9y zzAGo5Yv!U68l^BWM*tRo~WLe}%lm?9Y4wYAk*u+!DJhf(nGDrqfd* z&sQ~G8-O!II6F9`yV*TLQ`}Ime@aFO^Ag;ji`d0W2FeeikCNXnn+9P|-hj(?P3 zf?r$GNM6Zi)|Ypx)R{!XItuj$nLD0$xI1$tT+jGay=X9LzJsVXvWPRhg^d!u#6GKS)x+-Cn)d z_@a=#!G4^J#lk>nSA68ZMtmr{au{rmkac!x^?L25zuR)tEP)%krA>?mTV7vo{A+Ht85SoOi^d5k;nCSd`QxP<@gs95Y2}s>llLywMP;n5;(mM7GxuoDX zWo>Qun`;UMxbTBI3Y1;G!AO&nO9#`8%L^nX$#ZGKO}iCo6UV1?@r)50@#8968{6^f zXKdRTQY)idwtxfu4}x|j)*~Kxf5pG|5#sIOXtSmTr>CHi43XV}rX6fUYZ(^(3$Z9N zhj-3$h{-osbIv;L>Shei>e7A+&!$y!JRtg@M&r zPAjt6Jb`hHxI@c6PAEtB>T#&bl`Q!tIp&I%bT!=>Wnh)I*lRvhoXGGNhlrLez)0kk z49;m}_Ii?GzQ;Z_{Z&fM)Y>mS)qUN4T2H99K1FJ0*uD#Vhp1Lwu3yok%Phy?_1)w; z40K{G^Ixj2godzOVy($s!PaN|MtB7;T^hGAt}n47{JFrKS$h7&`JiQGUo@sLi^G43 zcrb>}W(%RCI%kw#_1iSx_ig<5mAnz)yLERVGzFO4g97T`>BDStJvHv3?4isFeDg** zHRHd6-w^(WzFC{LFWeJ ze683x=K^)kUS_zFpVZ&G->-}AC0`gG&KGLu@fWeeJg(nvyx6u_`*a=>50ahFUuV=+ zJr|lvm#2byK0W_!G6`e^FOR)GbZCpB@aSfl3kLt|#6m^^sFi3nf=v%ENm(Y>DNODx*;E7Egf*Y|wO*gS!~=VN?2IT`Rml{hqWycqx_ z<%BKP&pof|$zIy(E(2fpg@Vg4qBz+^AX0320h6e%&+z7SLUSS+VA7!; z-DC}*@TPWJWloqt`G)-53=t6^l?XE5_7*#V)`aYH)HdW=3)@lM#8nU_8A()}RWQTZ ztU&zv30WPep_QVk*Kal~XYFmrX81S8AzvE`z`U&?s;v;{Tk)4xf{e(fAAeeJo9`=g z<2=WW_u6y&LGt7ML+Q0R=3#4i^Kf;_Mm8Q?AH*@(QJ;2sdVYF+n!?nRsXLu-DS0yb zaLJwRg}vBXYBQ&SSG7T~f{Zn8jn~ESY-~YW8KGFJy!r+#V|+KNgb95y%Tkb-F-Z;^ z8A1NCp}k;cjHfMbNYEkIaGJmWLJEcKYJHZ<|fozecZQ87gY$aI)>N3J75lygSQC(!SVzGpfF{(5wnIfgv zus5rPHQV}nC0dkk3urs;i*==e;4i-^L_~sIG%cRJPzWV7OEyhG zErcNr|3ML+<;iEgdiwzrkFR__JQ-)S?H+Nz7ViWWmIRoBcShoST+bHybQXUYG^Wes zx~oXC+v0gyIM7Xe&BDr&6*rQ22R|N;9|?JC>d*WJ{%zYgs26Xf^;??~9Jg{lHoU!b z$H?>KdXS|CfuoVw18m$N=A+S7Ey&U{s<4)EunOb9$)|!lkt2q{BNv4Z zT0u)5wkAz#7@UNI5`jh=a7npCD8(;fBjVM(zMMnHWK@bW@{~@l(dA4ksuH@Q6Cr;E zu_Hty#wi?!n*tA#@w2&OT7330*9@YitDe1SX?Q*6k04VVBmJH)&kJ=&Vf&$rH7I$MYXsx9lxT|A7bvpl`3FEQkoAHNG?g9 z?XShZo3J8!+uLa9hBd6Z0BzsJ5^q=wWiX*t`Y3Pz_E82_U`JOUP)!ay!l#H%s~tvF z#qXjbvhIWKccyuy94Mg4yIw=Y4B+G?N3BoRs)q}O^_d~DN7DbTI$>649>)s3$#_hR zl&GewA3oBWVuKZIFBZ~{{#(GEeHA;`97&%0C>#U~y2I2I_H!d{D0BOD)wZI-V>8+PuNm z%QoUwdjmQTxlTd8YSz3SxDh)Dcm~j{o2LsaK;<_9r8*^kR zsVw-N$(*yFv9_tQo+ynooaUYM->#+8=wk9@{E;cqlK z!dsn0?pJ6&{c~@WkzeCQzO(*}J?j`oz^VEIwOLy~vJsVOs1WS0lKG&PwXuBOg;Kt*H>BXoX2*a=q7WsDe#G9|otW+4E zVR_qr6{iqbt=PKv0b_Q<1);IS1JH;z75*6ff?EtVgj^EfwqBXG22J64fgM1UOHzS` zuvgEQm>K@FATz;`QpZQag=v}aQ*}WtZ=v}-bZ)Ms5$^QF3t$V!1rh21Wz%vSxtfZe z-JJsPMO@e0$0vPXhcOB=eoU1_YJA2x7*@Qgdb8Y#*I-K8HOn0G-`5m0~TcfjDF}K}bmnJd-T!K*2ZRW~>00Hf+?w)OMDJ&DayNd;w1@8pi7}v$E>z5mfzsy2tQ>Cq4_(Ze913&xRQk+3CE< zWa-%kWZF7nMBK&2+#k(31EuKc5T^d7k*$#G6*>zgufc&*|LjZsLW*@Y7p3Yu}vIyV0yVUV#P6qv5luvY5Qq zLdIUTFUz`(_OGn1GYDO$D3W>q9;F!OtbU3Uz_EkvdNu{EgmMJLW5rLK^cQA(T~GLJA(z4E}*qk~Rw= zE@|)W-dt2w+Q|KDgRpNXx0d&~_+}(*`f5V9i*&bZf)`(;wRiwo%SOiqT^S2h(d1v& zlq8ua&dz5nHiYP=_x_QoTIRN&^L8S>$4&|8+|FmC2o+FHlWU z^bOUj>G*|0m=#x*yWZ7Y}XAZNO5oTDT$V&BNlh`+8} z8pSeV%O$tH#wfWmx{XKx%g+c8E+J4&d=2^&$iFu=YowMD`_8GZ2i;$v;7ymz4*i=) z=AnerUETpX=lLcD@e8^*sLT)w#Hn0wI_Gzs$pu zX|uXC;p*Q^eNh(-@R(8poKhj3JR{^{64qVnck`CmONhzshheC+H&ws}H zT2@f%yX$);3*vebHttL&``+}UyLl~}EOv*gb89wk&!-qq{A?N8X+<$)wb9p6y{I0A ztsf!@;;p8$iT9^4WP8dQIJhgFCFX(ktq3hWE{9{&qjWzoGjYF;sq5jw_WYu=uN4`u zpJBGU-#;=qFUdae^z33Ie^&8IpYcUba^4DBpC93*_1+Fr#Yog9Dj(Ce?^+v~!arlY zd|;kZ6}c0H-wb5v=wYEbB8uoj943iDz=1l2HShK@e;<8Iz-^#hc0{K|}kWfFMGo@Bir9+3^rmV$rv>6LsV9E>|RrG}H_b z?(>pkh9(|x!UdId>GZ)gmRW#3714*+64aO*%e%{>OCNnKx)O%xo=~fzLapca*RMai zk%lU|(re*2m?3pHD{>LakHf|i8F$>^H3h_2I;8!v262Pg;FmPxJ(ymGqTl%m^~-5F zMNHR|%Oi0sbiQ9NE;4x^lxLq2Hz@C>?@&8I2+c&52hB0fHIw$Sz>asKxBOiSwW$QB z1zh7AlI3Q9eZty3vRS&0P1jcL)KTL`_y57zIR;nKMelwlPA0Z(+qRudtP|VDOl;c| z+qP|6C$^27|NG%q-MaU~tzWN?r>nbH*V(=ITKjpJLaNF8M>^jjUf>?p0wl$?{@@19 za|W|w)_dl?DlzTFMJ{h-d&@IhkZUifa`eiUILu^bQ$kpBX$8~i8%`F>0(Maik|^24 z%w02g>4=#kPK=P+x+^E-+TX{;UD|9#=t{=pqerkKJ0|6@GfSgx+-REm9$@$WeX}timV#+Q zJG=gpGK<~8=t^~M!uGZt*S-AyOxVajblCY6D>AMTXV6WR)>7)6qbld+wo_de9q+>S ziS9K&2EXRN3eBcS2Ioz*^>!f9b&8#pdu zoCy|@5}N@AYm86UqQ8M9pJfl4u;!^U*ylp9embgHP|gV8OnP+mS5efwJUp3rZ3$97 zMK^0pL+`g1B2_u}l5dctNA>07Rurmglh})12;Bl?ZwD)3-IuMt9h*OYs3U`_0t7-qsH)H*9 zy7tiB(VNRcxpEiTwt;txF`+$N`!wxp-D=IsWAi!v05A?65hjNOlBnD0tZ%~o5P|u< zd-KKLIv>}n9LJQxb*$?9@Tl@;`9=A)1+9VG6lF38`V+l9Qz^z|fbI*V%I;L)-}gE`AML~{ByXLG1M8T|Bdp1ZMCICUG)VPL{|nl? zQntbo&Wq_M>vZLgk}MWFX)vGg53L=_8px9C`PrhYP8z0O zaCzfRQODpx;$m8mZi*?bR5l5 zbVAs=1XC;5SYk*AO!-1U!+B#fgJjuS6H#)j)3hsZ{fDeFMQkqGK_K>oee!svSJ;F) zGQ4QlhTA?VkuAR>tHrJ4LTr>5MP%krG!et*zk(Ymc;w%3owpPmQ}f?dy5U~aZg2QX;3ml zHj&Ll+UhDDR!mq_>z#S&Ekft=lQ}G%6Y0>&LMWvx1{jHHoM1@+!SmPH^8I%@wf2fR zAMHwamchHh;-Kr+8ioenn>jF319hYw>y$NfMzGnasWHwvIR%gAoRxHERuNd`O8(fd zOp!aiN-7f+B45|H{lUg>(AbQ4Jwdk|)DtOf=u<4?Xi2Fiq>d8a(ZtZ6u%!LnzxAgK z5YeE*Jp@x-16im*%HD%6t<+S^D%+N|No!-6ldQFZK_=3-laeToRVm8xEWrjabV!6& zM8qr9s1r&E09P_)_4jp=)B52Ag-jBTAM6sbnOd`wK!p^-obFD=qMnEssgK(Si^vhK z5NgLHk!qKUvd0ifG_fBVFgUn}eIq5FtHaGOS1TmqZ$a`P2pKoyK)U25`3Fnlyf$Xt zjc|Uyp5R@ppWm%Zpb^Q9XgIT9i7kKt-9i(jd%AYIAAWz-`4e$^r9x9Y0s0-ijBApx z^>dQCWlkkR8Al~U<#)ktDZ0~dc$wB2M(4Gl0+^3Yb_0>w>sIF!4XB_FSZ3abuNnFc zF@Cb5xbY^1HAd${90tDo`##^4#bn#vr*{7wzRtGB(NpWMR4=Y24aU;xYbG zVM!62GtsZ53f+2Y7Z-aHYiDam8^>P}bjvLm;ObQ6vR1TKxKmcpzmt$fNsp2Bh9+_VWWp4#-B@EkSAKY$f-MhSJO$)O-J z^!_r2==N#fO3s|~WFRz*t5hZK{go49UUeZR`{S^MnBs4;G+2dcs|Y4sJUp8?rl;9c zBu%7jHi_wf^LXj1nX0+$#I}-oiDKQjV@72V?3BVZ<$gz~sux;vyRGK%EINmD@-0Pc zVU}u!?n&8!mZXoKUN>ef98gZfr?fv`{;p`r z%Q5vlTq*`A3|5J4J0O-4jY~Tjz0uIbT&~^?VklT90dd4PyZp?1y`p2?)!15tCJ5(8 zUspC(IvF;&wa=dV)M~e5yp*=w{faW$Onv zMRfl zg)nvFMCGRQl=C3-((_qGA#xp52C8`C`IhQg;>|SUwhpo4!|0GedqF};EG*46==d=1 z2}4G$$jBQJKlg|kVqC;6G)_Yor%*6qF(PtQXV-(H$jb!3BQxnI2yU*8UHq?0^y60u z7derXR!-e&ASPisMtgich^<#Foq;e>`GcD;!sg_}%VjW_f&uT-N zfU1k}xy|7io@W-%)stA|rIhO~XmIF-OJYHUs8J6KfSsU3kp54;UJil%K=!JM z(nalbQ)m%g7_Nzij!!yfO|_bVn;0N^To{=mys;74`p=4`3eG3)Moco4(qm{Maze3? z3A;??H1dPxHOLgZI5_!Rnzw?jYJ8>4nuR~vFa>Ru(in=UdXKG*c_1>@Xg}1eLgEf0 z&xzMK+N?h0=G?5vpWq=cJUS}p`3{eE0lAD4@&!bRn~5irHC}rZeNGr2G3-5H-a83B z+Wy6(?nre*ZXjVg!b2K)^5=|ibcq}>f> znndSaYa9z)93TwXF~WqJ8_2wfp~f7G|GBUw8RM2PT!xGEu-m`(jW5fDXW!j{M z4ca9Atw&+8%8@QL$P6gl`$ynqQgEiey-VmeH5dHQ$*T3(PC{nXa_;KDeKezC$O!$+ zUajY+T^*74_Bq?)`BFL@7SJ-dV)(|ktn=N*@4M}#Usiu(`qvrk2EXf zt1UELE0b;cdDlR&%{rB(ldgm{NuB9Bc*jBiwtf((_<0h%WRQbDKQ%8LL=alG_^{3V?@6jQ&?k(w;Ev94%WmZjdmHE9>Kdg0SJ{*+|s z!XWlkEllkPSR`ExS*1|YrSlB5->F!_G(e;!10d3xGM)8S$)W2ZiolJceGufL6+{_U zXD&oWgpdd^wl{dIF}|4$x8#-i)Y_z(?cj6HOP`4bE3PI6DLYX&UPffVYfemlYHV!& zx%(+Duzs$;YXu%hIyLYeWTzy5c(xx3vVqv&u@wCswXC(!;o4)v34-A zAwaDw)i28*8o|(r_JkBvAk!E)s3E<%BmSXrspqkzX)Gm{4n`iMgf$i6vlzv79Y%;I zQn8|OM_l)a(D~HikxJ>%X%&jZ$~07SiGQv;c0DR%$!I6b{tjd&Ew3Q z4O_u;pfI}{(Pm=NM;iQb@QedO6wek?f{3LmqMS${HgP1h0eY<0;i5x%Pi(p@P?8qt z&=gE1-Ayl{oRr~!<RR(2=#o9h)`S7n#a z=dzFAO}W2;a~oJS4edVnS!YD5+JySI-Ew+v7bc&Pp)yNEyLLMkOQWO^tIGI@&~=gc zk#Y94F|*aZ+7)pE*BVXI%;HP(g1&O=!h&r97%Oez6&)iZc}by0c|iKM|IUqAK;^_c zUuFq*lI;RTztby{!kI)z9**8W3wRN&Cu^$TQ%p<6vCgp{qle}?xZdH)8=hSNsHy7t^cG0B{0J46=YtIhOO`$p=dj)bV?25{MYnTgr;6{I5vCKx5?YDO#d)eK9hnL+?g@c^ zS!?*U-iQJYJ+9KHU^nh)c+2gr90M*#g(F=@-IclCTjwhRB2fc&A_W}hszU!ww&I}( zhhCcMNt%s~XF0OFm7a_ymf1*fdgZOjNTH?dXl3vGcA|8lUpormQ;aWD(DU)ugDz0) z!l9b{2KkD$u3=cgyu`Mol5<;6ndrzD#dlHo`BNvWc8b5puh_l1qJ%ur{F*4t?KUq! zdCitFRmcI7Oy3Dxs(zo@x~Vm3-;&w_f?MQDu2Npn$#yZe>9MRj#3(W@lyR-3Xo*jM zZpJRtG?iRdrKq*YBVG9!A~NzmHM{DWEE&E}zP4q(uhaHuyjJ6_OUBi_={T1R zZn-*>-vzC^`{O>V7Nu6-s2Gr=qud=f>gB9)cS!Nb?=G;o3#hqT968c^7RF(k(y=Rd zn`GozP1jj=Pj=^E#93ITt@hw=!oBsT@uu;y`dadkulc<~lNn$Wpv#u+*(inPwKArA zfbWXbJ<^e`Z=!eRGto5JINh{Nmf`$)CvoBsGl|5OglQ4RL1!r|jz07e2nudtT8}N* zFC)}{mbAjX)OtHKXA zOdJM14p7BYuF6=iHBHyBqB^2lCi^YddRcoVn-IdLTmOE$JD)j##C12-TzeH-esKVt zcpA(X-){PNkxQAN^4>Lxm*XUkudqq96DPSKCx1Cqr`uL%SfF`m0&Cs~sBn-^&X`v( zVB%XTS?kAofH!?B56JrHd>X40F~a~oz@9WllrzPJ8O*X`HbohuGG%#QQrUu*-db=_ z%i=3=qE7@ke+4+o%n3;7F|k9-Nhi?t(g}(o2GCN5^smr@wstH=#_Q2@BMJ3jJOWB6|;0x}*NTkTpHZ^J>A zNBZA-{2i46B^|%F%sbX^F}vkF)P0v$P7_EWOHCkP*v4uah9kX#I=hyWx=TV5`%k%U z%<`EAGxrwWOO=XE>%=FgFtQ-CDpZbw8!SJ}9f5JJn*BQ?>>CT_MzZ)g55-TOA4G_h^1yvC`jL=)bmko#4=3LR1G0CRlg5YQW(lwrf%hz4p)`O#Z zXzq6~8S2Q;nD{QwTkd7&7|%FZE>ft9<=>-t5O%|LwIki(T4 z=OM7o4rj2ECfjbEJ%GbIzs_n?&VKMNpa<5u|Ipq2EIIWwF{EAySt39f2txcZLYU|MNrYYUJ z&i&yXg_QA2t8tGxdf(xvOpn%d<@Gi4Q(lNeTSa95VO{$9_cG`?7;U6T@&p8PFCqsc z1UF*1V1+40SbJ!M={&8*l|_YC4G(H-ffhD7T#5$Ou(ElUfk{PW;Cv*x7dtTZhqex+ zPGrPwV1>A@-qW6stjbcw-xfTR*VYfUBqN>-I(&u58q9oNVxsN&-!v<=g@RP zUo}xg8P4ngdkd*U9=@Cn#2k_D{vIc;RW}PV`tJ>tZ>d`0#~H!V(9A%4Qx$LSH*lhAH1C56n~rK4t-n0_n}QSh$A{8rj3U* z%``lOG28ns>+9izQ>jjrHI>v+LsT4oVkTNkErF!X7MmcaghdV%Tq&9wi`zX|-!M*Q z&*L8^hPd~9f6<+mL050?krrnSoVfg^7>StmbnJytF-zdm9iA7=g|j$a@}VrHez`?( z0hz<3sIyY#umF*Zr&!_@aG0-ISPAP1)nludF`}5cC)n0m?=bawvypwW0m{5p>n?us zxnjTk_M=hPPeC-C<&Qm)4pb{$+TUfa7q*Q<7`YlNHs;s0O-vcruK8mIjx^KEG2h&I z{0jOD?)V9+gU}I%Bu{sNi#`?WphLM%zxyd)3q#0fcQpPU>`3gM0|vQzeU1aVr86)h z>&u2Qhr^RY#&cAkxI=zHffGAXpV%`m zk-|g*Oq7cbUUe>zil(mMI(z~q^Y0PZt7k(mVHiv~B}7$HtMJ`Tkg`deh zYTHNPYM+b*bYqBCHR~8%UEWOg>l1WWehTiY- zF28a|P(_+7^X}QO7v+75;^)m<=@-nn3qR!w$p&)!?cnrsdz^{?X#r0G6wDH;@aY6X zjXm4XLj6OAC$eh^Dm1~>8(1<&bsQI$9DoBg)rct37-y2lh0vREh{{JCN8#7i&-w(f zte0RjYrQQRmWSlp$J#2-X^2DoU3`mxHEO>B@3AkrPf5Ps9KT8f;zNC=^ znTzIgFGbO}O}vCYpx21qMYLo|Ct)$gVzMfyhRUGd3CUgaOFjMZ&gX|Djuc`%F!)|4UI97P(h^^UJ+yhJA{)f594vnpVZZ zbhg+srdr;wDsE$fZqb?-`aa3*9}ik5MjxMHBL7I&Y}3SqVm)r7u)fvk!2Zj4o{Rfj zpud7p`eaLLMKR&d=zD))Mcd4sup#Ex5 zQijcocx}V3F#wV0Dqc!4z|0x`0SmTh|O1{D&GBE;cmQr5WI~O^pXi-E-*`WsS8EMEy zLPA1nYHGe&rHa9m%!zSGKcWrPNo$_<_`P)*xk&_ssoU~NINItMzSC-h#;Uw&F4@MC z#b>z>N|8+$Xrtj{iFHPDI1pD(R!VS)xtWUm&CEZ6=#Nzv2lS4;xBeIS+S0!9 zvPg;rcJdNgQPPzhAHD=4X~Y&}MM^Vb(Fam{Y(Gbi|U>YSwC$AJJ?UK??lEAuNj zkDiW>%&g{E5db9ErcZ|4Lj-m{;blZaLqFEsQIqNYEj}&Bv>4}%d9kS-Bt()vM zxjxfiCDDys`ouF%x^<0Oh7+PaSl6~yg({vUncSu7$=cK?Ua&NuJ*o3(C-6e`wKC1# zm6IjY``5F-815?_BDcbCQSYYJglfuZM^4DW><;5qieZ5lMvBLJm%bJ*vA>Ddx5^(a zEXC0c34J3YOk7k!Ka2admc7n9&$8POhAunbirR%OrV=dz&eS(QeSbN6d%oiwvVZz6 zY+sqT{_N?I8fAN8gkxXK5UWPvtr&;4&Da#$U>_3Vt)QjOJN*Z01M!6J7Lj2y(EpR; zZ0LtWaf0GQ)340?H>*3g1k2c8Ny0stHvXTBQ1at9HLJGkm}ZTDdY}d5`mx4t%i>KH zupt04WKgIZwwJ4;YfzgT)=yW4Ys^{UV^L7z{f90Tca8>RUFIxsoc+Vg&i#bx)zm_Y zxyzamQrrbDSQj%Su8$#g;}`$? zdv^WQKGK^{z>BOMao>u?)<;Q?WAj2j=~L^{_F$Wx1YWH;sH%CE%6$ecz5qa`F|+@> z=WK8sdE?YH53QP(rqd>-0Ji!ym^ZFmOqDWX5hnS?#VVB=;8(j37dBdSZrxU}|Lo%u zhPMWMDH?Cq7wtG9DYrU0K)O0)N}yl&<)|k+p0ow8O#-0=&u@EIYke`$-#gg;+9arV^og?w+6gTvf|8`yFS&96_bxIFo9 z=pZ(1l0^M#|4u~BFu=qOycLj|yUmB$@w|Rb4~QpR>wC6Kt&SY))DB)Vw)ZKiss_yOM+JigmSHJAkul({v|$O z@tvwD9@fkYARB8c6Ic-~E$0v&;@KgYorkT&OrMKGl$vOr95pMXQmhRV#-tjNw8V{& zxFT=bjPHhJX&J;=MoZJ@b5ScJQeM;30+6eXA482Khq2(ud;9+A?wrGhOy{dOM469j zjn1b}8nC0MI}+~DI-dXklUbj%*S`kQGaVDSwj1|M1% zAU7n|ncq%A4AV%_;b6^uH|owMxV!Kmr}5Z@9!xOZSK`2+BvRn%YcEhSq~E_3lJ?@9 zYSESyc;&`#jcOYBy|YRmpWsyl9ar0)k;fHRvtU*(x<+h97~H9nNMvsXVR>$Zy@={Q zKs!c|vnL|KpZx+SM-Iy(`M0v>tNB5%$L~F$XtzBlmEsY1PkuOjH_;U=)yZ7p$D*g1 z^UTinkyS1pASC?`qCPw{mpM~QCcn!T59JS5@q>6X&O;0dwXLSg?mh_+ha!e9x+JJ@ zlZv8vETncIP@;dnf?TXxp+9$4+z1d)CRGAytoQv`6R6lWSH0h^yxQPQf9v%9NK}Go z+o}8^VKodpmO%<&Bqy`Wi%H;o2aQu9v;M_kA8+1slrb6neZJH0^Gz^g!V;GE%&sZ@ zE{70fGWd{|_;}__OEG~bl~1ar^AF_G>K@Gd6#8%+4(1z}G|JtEP^HC%Y?IG&&eGF!$?d-U3s$f;yGXzNBjnX6&b3UUq~LLbS| zbV`2VcqdTo9Fpi2bI`6S^R`a@1O!PdwCo#b8FC;I`}M2V20fXJQAE~+c#DA>g}!Nr z)_B@^pUxaDn>*M3qS{v=A&|QE7zJ)icJ)Bpnsu}qDk@hVWC$m923K~>>(Av^xCYvt zAqS8U1Y;ca6Nq9Af}Nq)O}qyldk#)q=9PU_$T{RQx0OzVkctV^V`D%Y73u^KJT2{yxihEVV zj4l1UF@#gN<)B!E5sE4;_qAs1M}Zl{yb35{uLK#pKFsA|A}X4%u2^0D#L}o z!;`fnD|2g_Iej6ZAE~d>3yPVAh!1uMmDH0QtUs++kQ`N*(L+U=`*P`?6{R4xt+22- zfNwDU5P^j1yLS9fMb=rpsI}pLp1%cpU_asns1vq2R`5iJy(u9q87D{>9bITU9VV+t zdMjh7kBbpK8%XI)ejN^J=uGbzE5`Bn^U+BA<>7%i1}XESd?LW!SC2Ch^58z=;}soh z*A^k@dym(wA|;sZMBx$1$Lj-?_{U;o%SS${>7yAC3{$v#T!4awu z!E0Mim&w82<=CW{Z^Q3{!$W@rC(XjxpDqE^v7K!TR|Tyd(Q+Jfj3uaJW4XDIoOii@ zKKE>6>h}DZF`))WGj3t*pU_b`iKbVpb8~+vGo@$;ec-U=aX5#EOrEzj*xQ1fVj2^JE&E%Ha+P?467CD;s*k(MU>)7sY+i}3Bs{pbAqnh7S8 zoUKRbTcWCizwOoY(7nktO!SY{)|-EO=(k{clG#z0_V9J)^+A$##T~;4kspRbinygR zm%?)oihgId{CFkSzeNuFM`PoR6=i{{K~m$4ow-f7UL)hr@AsVAa~J=7kp`Sv`PA#- z6x?tk2`)q#d-m@N4?F6s=FYM{fP@y5+s~#5V1?L*%9M2dwHUn2Ac=ot3Sh0_}WWMzP?PADGVa%+l|L_=ikRmg9o5ge0B3 zozwA%|G|lV*>`rzbhhjDUDa9c-!;ar4iWWwe`T=aOOgd*3K`KVTX^j}e*Y4b=H9u@ z_oL4^U2nUjnB@es_t-f7bICp_dn*6_uQ{`vUp_}}@!f-`&M0f8L~-##(5EuStBmd| znafGa+JR@|_=9DNgA&hBA;Ls{w-S7P4ID-~(Om16jzSf|?;$mN?B$4Z zAoW+txj%Qvo=VZ#%gf5xFDKn<9C^Piyt`kD>+FV}?6fcabyZIbr^7*va#y24tyRlW zi!wu>+Ao5#3V}2Z#b)LapPl={Z9Wmh%kKn>n+_fJ?->RVMHogOiO9b` zbN2;i?f1I(+jNGj40Fu%4fRDgX4yU<0Rr83D-XDZ8;PW@bUE9jaCcv!4BXnR5B`rQ zt^9ZC^y)A-Cj;}1*ud>Kw>AI1cyVv9!a z4t2Q9*4}kImAkE3w-{~q_DlZ`gXWvb!Z|M>9dnrJ-DP^99L;BBn90#Y-RE%n?R`y( z1vS+5lyKFf&&1P!2ABeUHfd-gZjr)&f%uqC!bDo9^8-GU{>G_PXL8%^E>tayO1PQB zf9QiUf)xheuJGbsfHgzRB+&|PS3G}FUsway%ceMeFS%^164=8Mib^fgvongC<}p!* zt(Xc+x;QuqYl_mzW!YgTZJon2Y&wv3nJVytu+K3p?fi5KyEoti zHlrGgWBH2?ZGGt+(OvMwoC5~cK6k4%=V!FWVcCncbT#fqiLUs~`L-C>Lj*QJS(TBJ ztp4V9af2PUn~Ufvg(&LFKdjDMl5=cPXv581p?qGQ)jdO7EgyI1mF*3iDEuC%2;~^R z$RH^?KoT&P!Zd4oCNJ;fQD;A^L5OyP; z(?BHGvJ6idpTsHkVc^N8iyPl7m~j|OG=kC7HhD9d?F%+&AOjv8E{!xaN<{)#hG*%J zZ5CD{wbJ*bAkm1nN>-v1%2BubgHF(o`HVv9#ndqdaKhwf1=o_apgL}4 zZC=vZRf3k_3(k+AIWqnWyzSR3fAwCK(k)G9m#xe#^>jVLKa6L+CW6 zn+VQODLvP<66mJR2715&IC zVM^d7)S%Q*twgj?W*$!WWe4yfcnKZs8-lMm;PTfI{zv$T|9?;um*-&^h#Cw22Ws5U z|4;&JURiY62gjo2VyWWFX4ZLU;p_J%D()e;vXb=5dTpWiv1ty#Fm8L zyt_-$Y7_j>gs6ix)+8DiO#Vv?s;NH09BV>29wj$jKDCp|{@?v#)~eO~$DsP+xBg#f zqtFVWHDVL7H6l9{PGIGC!1bw%BK?OFk{IHDh@mbH(Dj5qpC;VWAi()4$+S8+9;mF@ z7E-LR6((4Vo&2gOxc6W$zvp_4pEJ``J#jev9sZhlnC5I19oeM4$q9xV=mY5r%MO|m zp!@fP`hn^Esz$AAdE>-#8R3-WHPcsYo3VJ=d27qL#-hlg>O^`zxV1#8>lww<#F%vjYRTcbZB)51jb2s0AM zmURd{7f)nGQDYeX)F7D1MXboMwdCR1IOMfkG#w{sV16y5qhS1D+Y22?ghpYHc$||jszawds{vG__=I?l4S{(Y8V=ueomZ^u^e2@LwWXO$0Al&`bSR@g6+$|B0RcL@$-- zM*HA7E}y~mW7L}Eo)G$Q^3n3sAeenR`*@Z23E3)lYvtL*cgyffXdk?A;5F|Wh+N)z z68J&<0n*27cT|~wdB*m6q)lPD$0eug=QCLM zp_LJ7Nm9tK1eyDMBKfZ<{fuj~Xk4Gn`|Cj68q5`HtU#o|c7$pHQ!dX^BL*BF;%GmOX`24+$!yx@OPcPjaz)C0b0w%lOqrDc0Q8%y zr>o{N5;ckf$yL*thw!&st<#;kNn>~)A@;umD%?VUY@hVm0tyLdJ!|UIOk1?u1Dnn` zK#Bu|z|VdkT!Bm2(l-;|j*fYWCx(~XnXR_H&%}k*C5(TN5qW}AJ}zuL!jiIYMI!UF zdDWQI;wMbC5%nX9_0H5T!KUEjkWR}yAfw*tivq@B?sh!uUTQnUWd6O*jK$echWeMM zjUg@m9Ng^7C2YlI)A|Ilp1#qGS!Y4LeJ&+4f~tl>M3SEvIzKiL{%`3XP?8!SQ<%D?8Bv%rOiY#p4yUFGP646UCF1!|2^ZJRcD^Xeu#M$&R z@@nO={8gje*61?>Yaobx$yFK~JER?Hpvw6y5kp+o)ktg9M{L`Cx_L0gBeSGhjmKTA zH}%W59%yXZ#51xhjgb9iNt!0VxpGS=o~GmmnoyV{k^ zzAbmRwe(KKZz@OYh}##1NgCCLWQ^@XQVn&kQnzQFGe<)9b>O6`t9`SGSsY!-4V9Pc z>6ZAXZlhJ($GWPCNchs2XrZZ7+vy=3 zH{^g)j8TM9oKXT%+&!EyT}%ROmqL8{8Hs#0;ck03SwDP{>rg>4)(9saOo%p7>`XNk zu=;tBZf!<$IkWraFZ{pL!}|Z19wtIo4rb2(Ev(7H z#LWDEWNT2v%{yTb=SxrgN%Ef{nbFqu8jNdTCoSSyK|``IqyY$&R7OK-6Khc+I#>m0 z5aR%!&<0d=^OXND`+uRJN)CTQVJKUKg#I2qb=ZLr>~MU3Y-YS|)n8t=wm)sPQy~73 zg@rH>PO=d^tK72t5jUVbZ7h*yb-Q~)l4kcKvfT>1Q;3x4S18`_>z$RBHfedi8_S(g zlaNhKmBUe<#L^Fk2^_OUkBorhFn27pOa?sI8{l6;zRm z-ybQao;V-dwqGxpcU#GZ=kA&IhQL+!}OcBOV58QWTHSUt^-kEbTU`6baaF zXz{~HE-A93Z{JDhkVpyBK81;aITdn-vf|WuhozDLSrc9`l(rcHNfGXkX!>LE?tkUM zC&%*Lc{t3+7|z37_bi@_pMkLV1p%CpotR#I-+3{8M>-PDBbfQsX(2EbFkx=EG0bl| zrMD`o61v0l-kPHD}fM7##l*6i? zaA+-wdSYZn^E4%M_Qa+$utR1qlbKS}JrU%mf^7Z;x#A)O!uPE2=0(Md5$K-CE|Cg^f7G=izL!qi zvDVDt=!dO6ap79R)$@^@PM9VJc!$V!%rW<2-Y={bwyH6}2^nDlUS-sQ;8dGPeo=ZsO+ zTj@+uHF)6+Sv7y{xgpdH_<32dZV!4{r0qZgq|*rXIyR;4^NBR9$UV@Qa7RftAfxM7 z<`tBwg+*ZA8fXCYXOg$CEh68wb79K<-oHv6V(E0bpo+5+VaC~SE>!) z4M;WQbcK2ktEi=N@ zwblC+d1b^P*N;9_>W=Vc4&(RYOUSV`91}^f^P}~e2!4+28A@Q@*t(yA6`H`R1+RNn z)Z2f%6eed6QEiW92Tr-1_Ow}DU5PW26Xoh>Mn)lxj~5Pr^f}nV-J_2whK8k zbs^;p`BL1oqHq5KMKi2sj7NDBrRA#8A5bFlMZAd=2nVC?`57k(uva9F z!xIQI#*WGng8?!SCyDR=juR)j$v75%dDbnM7kd`z7sM@+n3I-~~3H4uN02OhO z_$;8JVOW6Mc^Gg*0+9jsvY8T~4mujQ4GPNoBE62zKatA#{>9@5u0W?TwmM9 zwCu_C%RKJQyd!U30x?2AE#k$VDP0jra=c$bDNK9KQhU+MJ-REGd<+Scl=uz3S6k*H zWWtBhx$uI(0q6M=Q4`(f1J{NkA+Svc2Z#5gW4!v8HlvaXEQRD0;2S^K(){e*4dxsj36WR0ayNFaGcbCiThoP9D$xSc~~)Z5kW)8wlasH*L`@J!1WD@PSe zzKusvscW^gl{-&a&}HzraQbAp( za~8{9>ssccElm?2VSWduDBAc!xN0|P&w8j%1}CK3CaB82NlliX;;)v`C(WaLG(s>Z zK3Y<7gqZ2SncT)a#OF=lsxE^q%$*^O!%G-%k+-3?2SB%TaI2e12;i)H@$rUwx?of5 zgv-HGpEwE)`~i<|gLqJ*uas^`kJl^dQ9-FJT*-uAWEjPI^vDD)y?kWOYfzg?t8k69hQGOOHY)<$d3D4wQkf46l>GESIt<8U)u^jxsK zS(&Qix2TBbWoMChJelxpZquTT4aeN~_f}7JZ)H{2o%Qz~C7a;180r+IQ$3AzO`SDE zM=z)D)M~6*v3AiWIq_>Tj(#MPz!mLmhT3#LQb16V7f4_ zt@%Bw6iCJAWlK2zc=*OKmBFUA1Gl?iG(zhCSpC`ZI)upsA)RsC`R@zx4 z>1Z(x7FN36)1|pXV9X-$6hrO*d+1zw)$fvHS>cW}fpeMl*o( zX;CqmW{L_;uC{f$-8t*wVhUb)N(6R-6*~b6A+y>Nc4$qNMY`H=PdKTja^np}n(Ggo zTUGtg{2(zV4QG#5mG?W=p&Zz8JzPxW5K@^506<(H7aKi1`IN=Y&2e9=l`zO0mz#{N zsM{1@e0*&0YG%B@UTJBpEV;(~T_N zm6;oZyQ_KdCX4AW6^aCE5-mOR)ZVcio(IhKk^IvC>h2wbH2Ko)(JtGzZQHhO+qSxF z+f`jvUFx!J+qP|W-RhY+=gi#S|J*zG%Y3*Q@kVAw?9AM`-aR`%ruLU@>4yyaI6&_ljSD3+o;Ue2jR5)1B-u5u9hDWPZaEK~ zIATpks2gu;t8!i>8!LmJ_{(ua0m2^yvU#Chhat^5HYcPww&1U8t300be5l1|vm1Xu(k= zFVtjHyS$iJzo8<7PIUsM9FTA@&4dB7mYSlq3bkX>vgSni*NCNrq;ajpG9n1rQwo(< zWeP3^5KSYi!5M}15x7?QFB5Q;^Ct}&K{oV2aTvgxO%$Va84AcrpSfRbfqJ&H|=n^HH)sx3*6y0#|%lGIlRqE1e( zuC8?%^$AX{!f`kf&u9xrGE0A5h_L*73lV%q#{b(oF;2j;pB`G|i8nZfDY8dmkziVu z!g$8QVikzJF#!{Eg?y5*sro#GLRmlP{S#?xcIkH+SuTH_ zR)8ZL&Q`~@0pVg0+((w3**Rq8HNayxg{6M3EL?5$n~HlXE@L^SEZ*v%`##h?Hd=8A z$_1Bg`veI((#`R}JSf+b>|@>wG=tyRcwWNhl6s#%YI=4sqeWPm3oWV2U{}q`WC>dQ zUIn5PKNz*w8=5nJdQxBR@i@KsJ;}QorEr@-kch`@LtJ@95SUWt;t9XlN&Iz~SpR95 zls)WC@ag0XEtQ;Y{(EW0z(~)CPbX?&?QG)swYN6-@+mekvNQf_DT~ke<&7X};ppUy z&%pez9u)&>GID$3@Eupxr9{}Xmshb1=EUfzq^kiU-&Z*Du%&k)P{VNsCN1x-npS1k zvnvb&RuBXoS2uL3f0m!}u&sXsu@#`-hD`z#2*9}50y)5E7pLV1mj`8&nD$i+*g^ab zYUMETtq{?ShW-#694rb81Tmn92_Hd&nY}yN5r5`8QM)iO1&jE78A@lNQuzWM9xuOR z2W82bL}Os#j8P8hlG)L(U+?I=zSb#nbObGwYLU*cBg7z!6D2CHx~MF~WaZr1dYgid zDJqE-X+K0R&?uYl92A-Z7>K)25*;(pn8ZWoDoXD>nVz9X%zgCiQZR^{o{OH9zL=)< zGyt<`le%vbd!<`9+x1y;x!03h=Q{6APm#_#C6Vn*HQseb4@rAS*HZ|@dUhdg4~Y`l zsUlo1_wq|)r%S|TxAmUuafIcG2b7;w+1A63uNzB9g>-64756yPhj2jLU=SlRtYr=f z7H4ar`taCXp+>1uh5B9l14c(J;P?R>6yB z`3TyZnlj|c?W7T^bxMOXv~GL1d6TUw>O%IPyieOgSAIZfwwSLNWt3PQtyHyWR-8Gf zsB8%MP%Ung{}|2VC-iK6&pN0J#e^0$;}E%7Z?uL1nnZVyR=oG+l`~7`i?eH+o4d7x zHpy!smQ+x_3fN9Sws%y)(oLU$?M+*`cn&NU-nsFY-7Qad4xBz93Rx$|~Z z96!Xkln`}kd`60tsHj6UC|GF_NtdGua?8 z`bhSHB6zNL&^+a`kcP!GoQ=n#M%{ElF-DBP{UZi7APYOaMay@#H-?FVo9wq4w)+Mb zRXrY#S(!t8F70`C+CvMhZ9fa!KLW;fHX3IO2by7b$LRL-2x` z@vVz%@(2o_FB=&({MK^0YDs)vrtyN_PEiuh@uzsmkxgP0BYv0Y^#069*JCh&r&ZJQ zs|C01D8l)dDm=EN%|iM+n>!~05CfJdLz2_N zx&~OFLTS5j3c|INw2hD>9Z|vAv)a%=?7MCnBnFU%AHq^)!omV$?7AecCqqS>H%@J_ zFWOeYY8->WzBQRUyifZCPpy%kpLY(I+neDIy9-fwjFMiK#>qszXEMqJdttWBrBv`g za?LlB#c`6tn2L(TFzE9osPrdKF7_t}bi?}%f(!iEJgtbCH~Vz+qYyT^P$W89#iJDU zh{|12))vq3#=7NJ|1vZFvpJ8DovpKpt+NyUAKw^7d^#BuV+#X8J9m7ouXB2QRt83V zHV#I79eg@@1IMq1_)P47Z>VVEWar{&Wa5O+&5chd;_fV_({_RYRf&R;0=I`yq znDD=%VSnz;%lkE>em(AQO+*>K9BBST)V`i6%8bv*@sC56FH4|*9J1mw{pso7FO+w* zGg2~f{^}N;ys#)fowA9$Gd`V!je(ho;6L_4|JX}>_4d!Rl$;%1jGX`8Z6|z&uWSDH z5s?47f5R^apOKB3<6q-=T5De(;?O?1)x%B!o-U~%$RLPUrny?s z({RTyBfwzZuFVqG-rcCw{Zmr5*2(~qYr#|^Cw4qdcS>Fs@ThR zgZ+GcUQROS^v)K(Tnkx!e4#22EZ$yj&L}=^rmpC6J5T4XKC80D4K^%NXg_LP@3pQ9 z!ql=B?GHj9Lgj>HM}6m|&yj@qLsOSh<tZ(bii0G*tsmsot*U{@v4?Ix$J zov3q$SVEaq&-YsO@G6JuIvrv#7h}%W4)tqtOYEIum36KYXGN!i?Q?<8KkPFUL_7;3 z3W9AYg^izC84zqQrYxw6rI#K6wW11;r)@3z=pqbFKc4g*Oq}+2xk_B!`5q_o)c6-k zo|$(zw!kJjF|lby=&VDg-US{nZJ)_0(pd;EDh57MQ2bppHnuYIOqO3)g^}0Bac-O< zLk-oJ-KOgGz7=&WYo&Z*czRp{26ys+116J-Tty5pIG9<@{oX&b3W-LtR*tHLBKy z55yN&ynocERxXkztvKF(XwYUY%4B*$0@ti9BpR!3v0~a@)G4L+0K6@rpBd*v4&peR zpzRgIT{3N?FvUpsQk+GX>vXF;lnHoN@@o}H>(7${tBjmc&F<#GJV20HGNMGWkfA&v zX>HSY8se>gLuX_KIuZ!mdlxD4V-F|Z9Hk!>@)cl!=yXHqTEc^IMS%`d`@1SZ zR?E)Z;A_%5hWB`U8LN*hr^75`F}w9^yZ*RzZ%1drAUSG*-=-fn&rztlL+WQ&j{z#I zz!cQl6Sr2_=u{@uLI=pCizB$mSl* z-Q2vN9DI=}k=)A3r;!>q?PQntjnu4y)#4uj=QRB5d2Ue@{d<)$a7w!y($0n5j7U(Z zd9mZ5@E_ma>gF8gO?sT?m1%dQd0QgQ0h4o6YOrkpmYM1(QbmOiSJJ?RixhCCy9Qp* zu*dSWZ&LUm;GxZSq5~sQ`u#m1%Xk}h;N!<#=sQGGoyTzFt<1xl8Wkjw0XS=NuxxJ; z;)$f8Qk_N~qXU~jtqNc6@b66H*t$hVMg%cwp(Da4zo$Bv?l#uP#hm zA(+prj<;~z$F-i}1r<5DGF84HIG=J0xnvYrCGV2yilj7NTn@v~8m+6sCyh)1;(!wD zalun6(k{i;p-wp1a)fc!R)mDtrR(sdI#J|pWPED(eZzM~L0)6IgGdf0F^6SmOSR2d zz{b%;J*7wIFxE!a18+p3QQv;7{oV;c9#>aRFfhWX36t88+v~m=GvFWpL?0=y1;|O| zHZHIUAxFH8O06-~Gus0Q48X2?SCM8yg*1ezAFV9;U>pwHC%yp=>~xx^36Amb^E=o?8rFmV0UsbtLz^PddurgO9|DA6Y?mwhQ5# zvO!+Y9&R0}CVEYbs{xaPUs1}G4GH$6CkyC0EHrn<=w2zbdp-RZ(!OnO78Z?{Gq)pY zuN8LqXH8wh#+?i#AAb5d*_Yx2)|3D?D4KM19NM8S>NXoemWDM_ga@nbw#uRSj6M`%NyY{m^2daXg z_uC@!QLNFnOY$qGJ^n>;T7A?w)72+^I2AFC!$NH(aw)UIi)NcLR$%Z&tBH?)QR9^6 ztzr)o&Op?0OCZ8>(IZGF9Y%aJs7t4l>{`Q~+o}iK3JdtcKnNUCjX*6z(`3n(U|9s< z>T+RHHf`}#RI2A9P=xS-^%GF+T0fEQ?-mWMixVFNl|(Pqw|D7{I_CoPqne1Ljk&xj z5#^n`BA8l9(>wQS^O@{sE8e803-BJaZ@2q2Yho+T0(y|qj>npXHfHr*VnZ>=* zqY0|yFH%x*BQM=-n4XEQqYB}be8&gHO?sAT1Kwe~6NzVMo7UGdkmFvppd)p3Y?1Sj`d=2km~A4;xrcZq5@|z+`K8jFXLSilC3*cYRt^D%Z;C zL|>YnpJ48*3exIfYDUR}+>;WsHUMm2ek5j@$@y2*>e+wq9pij7ct@IK`Yr*vY>_b# zL|eZB7Pqh~4X^DheYcyw&2hACi21lK-p(&5>N^RMP{0_lWV&ieeQ2L4HnE^Z3dix> z|k_js`Nh`ZXzY<3(i9DKB;yit!7p)r#)osRz zLz3VXjgW5enaCZtDcMFwGF#k?kJ1fB;jBB9qjGQ#o09*MP~EpsfkDM!Tt0OZg9D)l zf(MM~vOrpD?&gTc7o-SuDB@=UM$$u>M>B2*yf;&^w42W1-2-?MAZ0w-b`{7+Tv7*b zfEFmz+BmZDKU1Ba+EKoWMaPQ?2g=SB9KFoo6?oq&+6|HPtg-FPCbg2K7T(WGud%=z zCtBH|s^~Yi_d_r81@K5@L4rjCe#rNQFAW_GbIZXSl0tim-O(u~t*Sqxyn>g^58nQ4 zIQGVAD}C&-@>*#rD0L3H*vBT z|IUDn)|u+TTmWIl!akz884TjWtOtt4F;Ub*8SluoiaI!2+-!_o-Sgkh;MdI8?7XZp+buwadGQ$0)GNJZ^SGKqjvT@(eH_6a6@JxTVF_9e| z8g&suk)J1AFx43`;Z3pHd+z}Az|jqRH+h%%7r>cxf*juQA5y(a90s9n-HpDBcVnP# zE4XxqBiECF%PDFbwh!fQ?`ZObt?~d}fDeJMM{PKZCI$1j-#n(yJGslW0w@X4hicy# zSFu$GF<^iUjR>*x{KjHDaJk#IBn))};5H6%1|9}5X4g;}E)ypjx}yvbMlV0l5O^g> zU>CGtTLVu?Ls-M+wOnOqRyVw&{UzdTUO{9WxsAvjKRdZo6?c*UD4HSEm`W%B;xix4 zcwBN_u8-}K1wE)lT&54`QVUJ0Xe}=g#Hj|FNM5T>3qp|vOtuG}oB0szd-@htv zJAIxcWtgcjnck#`rB`+UCd1V<%9>v2&sc3q;TqaXZ(bl$|NXo`Ut)L@y`2z}2uF=u zg!oD{p*n4!O~Qes=vk)dyP~2Y#>ld?BqbS%9YL{joMKbLETzPWN)dlt5(1%#YGSRW z_zEgTNlJZwOp=z|s1^PJTLNSTVSD62eXWe9MT)9sQL?IqNn3rbkmd?S<#~dts}z-i zg-LAvENNxE6cx^_q_E~mlIo)*mCmeWQ+=(R<_cZqy*O3J>?nXmv79CcdFA~aWY(29 zEij*l?(o%5+ScQONZQtSy~y>x7alpc5BHtk_;J---`o<%bV&Xy&*$a4{z!ZFH{Ju+jp<1eu4a*29*g(VT0zFI6J{jitQG< z;+OK96oad$1yf~BhpC-gmn`3LJtugy*`*G2UFA9nt#DihoBR-HOMT+wcZoLFgvO?Xj3x;q8uLL`mJwKMvGUor zmz%9JXDl?<3TI#(bG6pUv5m5O-*cg+Sul4h&!o#CfqM?mgATZAcaswkL#wMm->bs> z|JiQr2=K~(fBUMAz4w=o$iJB%^+ijt{mVx~Cr-w)j~+hwiF1H@P9&~S@wgXVQnEYp zH+&OVTyYIm7zslPTBna#gakeiV$|kaNJ;$AW5)w+!21tSnWx$!pS_kR$d@lMp3~a02rz{@it(WSRy~rb4lDg1+%0j=tYFu4?u=wG7+0zw-)^ zWPnn`a-Rqd$?*^j2VQ86wMw1kq_^#vMT7sm54FNXqMlU1BEAqqb{SaU_t~`s_I%5; zQ|3$KlR5YGRXA5o_N2MI_(M%J$(s`F{)3v}-h4zB8dv816p6Ky{L4uFGlBEp0k}VO z#eXsY_n!#5G5#+>w|}N){*V02f4NdK{Wa(ovCj(cb5(tO)a~ig#SebZKKGVI9|t!K z1Bf+z_(@P(L77bJ+E!AMjAPm+*631Rs8k}!$X9oL7asaqfp(U;b!yU4rxi2rs?kP_UwD@Jx9pZ_s#S6@Ll5idVS6A=nBK= zHuP>yuVkr-3|fjFE%X2ei;CF&>yJ@~qQOBDm*5Gu;+vR!;r?yr6dS0{XG-eB8=(L45C_nU z{hHPt$P=ZaD+Unh*h-O1X*8xQc1jcoH2^QQ6+~ExN2e=lj(C3&lP_UT6)+P&I4MFR zsSQGb|Et&IH|!y^{Hi5yK1B22Om#5$vj*ayAX4?YZOdJ*s~LCCSkRa8I@)$bzluo@ zix+~6hXTetuI*XGSy9Q|*_i>|WA=mf0h38VN&N+{_Ee_<)Z^DJ6F<_Z4!psiqo-w7Dt-)edR+ zzuoyOM?QrsUuF4Aa3clEBVFq%wWY#Z#W_5nO0>hCKOyYp4*64*7E4IsZfG~2v(rn+ zTLc5l?fVDpL4v|aL93#JM_sBDl$9p&ua;Ex#yRROLePrqs1uF-(#gIGx6!L3*x@~= zGZ8|>>TVA3n3mDIsPBr#hLgl7)5*3I&z;Z%!#x z7^uoy`4!vq_TT-;$47Ko251waXu$_aX4ell`o|tJR=r1p0Gaca?ySV&r1&IEQVbLky2nPU@2jbF@kV4BI+dPZJw`!Bs{{nWu zw@~!E3e37VBIlIye#2;0Pb^_56SRWD@-#65`CAL-XR#8R!nKJwCm^>sBgH^A4F@!L z28xC_V|+7US@|{e)2K4p!CK^rSQsvWQ1h

Lk(YwghsIEbqJ1S|Y`|Q-5sccnn0e zc;zjN+Q15NW#f9pLDj>kB`}Wz83|NGRx*wa-SEO%hyoa2X=OhYMeK})aC#*bCr=;Q zNrM|TTcJz4A(=rMeU37#oijDbzI2|pfuM50!Cf515ihjd8~XfyIv%NOgI9>(ip?y& zK8XaNY#yWp4p%A1uH5C0Cpxs| z){9t<(ZJg9u8Mp4@5kobntW`cC3!U-Wyl(*l4nAn=B!;1!<Meua2d7(x1%lzZY&e7z>n#vHVx96HvoEatfE)Ybxiqj4YPyV zH~Il18rDcUsNE8mu>nZKJ-M`8vC}GuJ-;mDHV?=wkg2aK$FVAu&_|fYP3c6gv@VS9 z+Z7EZ9eL%J*|A=BFsVvSrqzi}JBvdLi~?xn1j9kxsXtHh)_afP~E40H&~sIaHysamBmwekiCRWF7>RX+jUWCZVGpBHg&bOLU=lIq)) za%{|15c62c%Pw*UtCjTXcL+s|mS!;WtSR;Kc8{oZSa!1Rc&wIWC_qeI+O1A8S+UEh zdg~PX%P41ByiO3oE<3z=BueXd8Q6BTx6qfJ_m(m_02@AB-a-*nc{EVOEi(C(V((KH zX0vV3-AVdHrataB&~!L`v$H6m?+49iE?dT|V&BRTD`wYO_-$uCB|duyAwW--2G#A5fU0Ou~+D5)ICLnX?ZBsK_gHGNv}&6VG{ktH=s) zA%4S!rxKld8LcRoY&z3l{pdAR2E4`v+83Q)bTo`ksm>4(zY?9Us$ zJjM1LsL;60KFy9Sxisn?XS7K#%ixf(;k$#8({Vt0XswQ{OPm}g>H`O~NOsGbz{#TZ zX!!JYw;QAwO7WCM!}U79nP7wEXDP>6HrP1omiYk}nx)0|7u3o2PfVwPt*zY`>8pj$ z^aqP7;xqjneSXor|BXlg!Snvd2;u((9%cGp@aUg+{kKS9Rz~K3S-Wg#uSF2IAbjD` zVY5DS=PrMZV_Lb1I+-B8?oA!~^T4G~xJ81J(qg3~TP{+_y+N>aR;d;DFUYIh~)PF-cCoGvCRXSI`tPj4FWEHx9pacW8Uhv_Gb0%WX zks}JhrW~0+^JPwV;B>Z^cjs6F;i9`f7|Pei4!0MOcM75OGgHYCNY)_GAh7U74{7}9 z^T)}R`$y)d8raM&OUi3-R|if}h|Ri#~%gMdM671r}tGW))%#@lQfYXv=Z`GtGSr_w%c^9$QE&$XPI4BU?L_JM6v z&VvNiP}oC4lZ<)S0ynzn8AMGLl zWm@&&q9DZ0#uz=_shpvw@>HCc3PDugu^Uf|h9j}z_ajUDKyPmZyK^i>_ion8qPPzg z`d^xXH~?UQ?XzL%8AJS4s%stdyKuO~{rsSdD5;hfuH{i;4EUxz`f7*>YaN=~$gCXl zq>_0!ja;L$6Pd{yziAYa&Pp0!QPDU-k0={dqaf^BLREyC7R90L3d9fXa6EnbiB{>P zX>GHMA|0M|+Eg@8I`mtdW*cCsGN$5GAFJh8<{ELKi<*%&FD7>oWm;QTw3*+;*#|by zAzPrahs_F0VRA?{EOLS=1fOpPJQf)9uxg&Cs#$ACqhd_S^v3Wz8P4|-9Dzd&q>p_g zFwl*PyPf6Hij{oUs2Ts^M1KA~e+p;}{0@2q0j9Jd1xd$3ql|Z^O@d>9{2G#b=cT}L zG|WVs1(0qozFzC7%qu+{X?=^YQqm;^`Na{DC&!dcjp1coc-e1md6`AdJ0K4EaQQ~DT z4fC8w_Q9Ck>>K-d_N)$5EAk2#x;{q~cSOR#^%Rkospu6elzD@LfjG7Mlt(kr;+vn+ zkBLw5qbY)-VTx&3_L033)CovepUwnTWFIo@jTcOk_Key>y|;w>+7m9&O5bbib>wMU zCOv?s%S$TfX_JtLdRWl=DZ1@Rh|4%-TWo)3^<9U&VD1`C00NK&$e%pki2%o!!pRN+ zc)Z3PQ4#{^MSlNi1&xL-H&?D~o6J`xm~wZ5=K{Bf-oWhA$ZiZlk!E*m4vVIRmv zcvQsV2)BeTzcS^dti&h%5?COx;B=IA-b}RX@ha>J&AJC84QX(L+iPZwOti)MNh4N< zL(0AoNQAJlc~Xp>$1!JU5<2$!X=dC^P)SPoavO3^X*T|xU}C?S5KPGLE@Hpl$XXU3 zX1_ZDS)`tZLynIkA;o(rt;?Y%gc$;#1}3&tlb<2Sy+!>IB20#K1sMI!NgfV;eT_eT za{DI3Pazth#IIO;Ig49BxNV4n@g?%6(AmmHDajSvO(qzGz7e*y@7ic^{D6egGR@XKZNNceMJby1cSDU6Xds8+EnMSm3xjGa5Bt0rd+<;D|~ZZ34s4$0Fx%_uj3?6odv5D-LS|JMmZ$c_R~ot z7?psQ@;*7+F=+<1=;CF!X_4ZW5jF)nE6T3#o1x--#Tv{)Ua=wcF=JfAy$haGj-o^? z#BKqQ(Mys+!yzXaWANLdjsGrpHx-zdM)SD>G~fu_Pp4G#-1t33pS+TqP(mF&%yR(f zeWe$s9ISWixVB0TEmBJGmV@@Cn_e$~1-hrCz~{2cL70ngyd*=drkH@CpiHk%{s_03 zO8Nrv74kd*9kR+Yft)Vk{Xs&BBzy(+D?|fY-h4%-73M2p)vB6D=!#j?XCguXLlamt z6B@q|7LM6Q=xlPem<#!SsmBe@Hj2X3S4d4R7ZGD1AaLwo?^DQvd&&B+OIDV`Sg~K~ zz_d<=)(dhVgT|U7L7YkB)p^`7sW(FsaGy6kjkwFnd8Ky}*msB0Dxg`#gW;&{}EIMJ6hv zt`2g5^Hz}dj0Q&%#=I;Ny^>7t6f}MPnerl~eQ5VRy{p`WlTW6}yrAL%KioFGQ`hu& zV+t59Oy@%*a#!sgnq54BTIIR8s+ybylyBMngH(JxYfj_r$yaUF1|h89fUHk5*+;`T zu6=z+_Hrk7mR|aRH<(g(nh;xiInDaCbds=u|P; zpE0$;yaKYRhllnyJr?)fgpS29T87Ct7&M_3#;X3~lFf%xlzxpWFS|sdUHCxc&auOz zN5kJ0#PtZ7Q>_4?!NWY4U{`-ASj;JbX}p6QNsW@QOoT_m+GgW@4oR|p+9TqmSYQ`zxT zRJ@nBFNaTiDT(v*?LmJz%*yTU#s0*t0EAg;Dqm{uS8O=-;NWVmBo(YZ1$o4IlRlv- zLGh?5A%)=vyK`!%Ze^44-2;-Z?YeTVVcB%9p%Q0{O4%}U%4SLA8TLscyE=S6cmKsq zCl@Ujeb0X5hu4l%meSWcLSnC*TLU-ffTMXH)MJ0O5|gub`vY|ZBe^PBI;6Bzyq306v>$nGo;h_^a6YJiO; zABb>$nBf`-4PxpMSgs7zSJDGOWX#cT+E})71P13M>s5sy;81dk?(}Zu z*Mlvf0F2Wpd*3*xL>q>grY;s$qavCX#sJ{;&;0faMyDV?-RCU!R0mzwUCTjE_>mC# zjTWqSM}04$p|mbB04(oRVYGH~nCVJ(8*J{wp zQ?!oSt3A9y9uUMY?f?&P^rXT zA9veJ0esHS4My0A&}2#$wl`M<)^57LPr;fNaF}9Dwx)w6?CV$p`He&otoKt72cu^+B|72V(j4q3j32I>zlM7E1)I0okXAlT!MoWk?BHP3BD24krcr?|Yl z-Z(ryA@<|+Ey1rDRq4@4gZ@OoE_YNrW(ITvE*=uazl~z^;$-nYSkI>z}GrJl3)+4P% z7_JQXhW%?^2h%^f1HgSdpM==|XV_a1a^Ez3g8$j53#9SFtn)TzG|x*!yd*WZ+n@*{ z&11z9b{4-ht#pFPRVXiy)q;RhE*+UJK0Heq7=S-PfSRntl6oR+x1;{r+?%Nv@Kq0l zkKCP#mAv?(TZHr^j8tHB>HEa9hm=nbl$CQkXH*xmScV}At%Sp&t=N93Kx0K*salR+ z&^m;!^D{Y8qg_2bJpq;Ui){|)q{2~T+T#~<%n#PO&vPu+4qndroK#Lk*Otga{W-Dg z3degpjT5(VIZLe_z3c22@@qp5(XCjo4ptt<$IN=b5|HC*bAn;cwM#so~_zAq>BVopr<`30$w;%8Bx=+mZRwxw8HZ#pkg%iz8mmW4>Q_;@) zbNCN{%+1*}1FNu& z)xyS~cSlkeLTm=tFt4Yi@F0VfnJb-&1~^XvF-D#n$dIR)5xfL=Y8d8XhMpF(_mnZ0 zIdx&?`k++T9mvqLse1(00)(I^&IWPK-$A1i65qk2ve6N7`cv-M)_qU>hY8({j&m>$ ze?pgzMA*ou1}nt{MLFvQ0*xo`zE2@P{LsvV)z>QGm{ugC>KYl657dkDGtbf21H9ynI)S4Fx zTBMV@HJ7_9pX5h%q>~*yAO)rKbh=~%JI-(|xTn6mvo^K-hmoExFOzw`t{T7pU8c^6 zGH+>QUiT#9stNqX*+7fpSB@+!Kv-`jB!ANWz2(@1?We7vp3gdV)WZyh3Vo28^<(D? z_F>~Q=k+<+J#~RoTOFoy^-`3RJ{O%Jo`P^paN@U4f)d@$9iK@iWFj|3>J5^$UJZ;WzqD+Sc`q9)P!$C8cga&8Z(vXX z;Y;sqswsQ~3?yY&Z4qc8TezFilPHLw6#NS`C|n3|IcUHHDrqf#aF3p{K8UYqdko!9 zMN57!dGss};{tU?i+<-UHeVmQbT?NP3c6Dr#_-sv-?uJ2>yI4zDJh((`+7hV1-L@l z1kWEUVdhf!8vk>a{#7QKB!Wo94D+(9uZhF3cb*{p!}&vW4j(2*u)~^-Uz;VKDOu74#Lr z1}TpplKI0guQd*_7$bT~w_0)O=KNSzkvlXgg^v2&dwU1(Y~XgNDbx>d7pqUi^X8*E z^lvEBPOV&N-NfVf z+s?@g>{!BLk;%YMCDj9t3dywV^4?wT=jf@O>R%2GJD=BT5%1V%+gvy3zEe9IiLLTv zol+Nq9Dad}@moV?pf)$D+4++gr!AVPlVw+AuE~e`k7p2D6KG?yzeHhdCgq1Ver#9? z+qG-axaAWpbXU5%G|ZxiDal6cYItZn2VQ`H2FgS{*jWnD>}Yek`=0V4-FxMD)Q;Za1JIM7vh;yuc}!nKzkUvQMU) zeBKDPLiiX|SlFxQ%fmXPGn$>`Qvf5etn|L`1se|a)qJLykoQpg{8!R01C zvZOF;q5&r*G$20`Pn+9elFM^zrfN5k+xss1_&pjc6Gwk_lCE8tm#=ZUo}(>^u8Hq* z?lwvTKWV>BF}8G3((IL|diafU&13*!K@uPb;tod~bB>_g3vXyAG!R~eS=n0iBVe68 zT$~;iP|d}Zy)xjuya)PvmAYq+W%k*~`~s*_cl8n>x{K;w#p|{JY7jo;Eb^*8s^3j| zQ?$AsmSh*)T#swNArQfC!cg32*y@l*pmj4v@qbnsysB6MYKZV!zPgEnykG;Z4-Rt4 zQ*cMS<@?rqe0@r4CiPnaBP}+UgGvb<0kOq6P zgls*s1s{9WaMC&#)_b@r&VIL;s5&jQcigTF4npEl=IA*h>%DOkR4Z;eP+M7QS+(Lb zH8R_#&X|7b$CM2>aI+NJ4a3luwrZj*QIt13Bs0IzQOpdzwjd#N9fz<2M(hnjx;A$Q zdy~`V*DJ}`N6Q75_fM32|E>K{X}@*1rmyDMCTY}Sr+Uq~jB_7=dnp>LhL4sYaVqGF z?pcE*9;D9E`>5-@;WdL;?4(*i7TxBI7^P{db{6fFjcj&-Zesy1r7h2>lQ1aHTwfHy zse%?k5s!O|%<#l>0JTq3gzLyKnjV2zy>1$91^QdlBw^;U|d}CjJHTh{hQIxp4U9bU7$n2!F}GA z1T{Ar$PqK2x?v;mbF0rndTXhbV)(WxBj{tQm5kw4nptM-peJaK!HCImcl_M5w2&g* zLO=w-$WFjSA|2sG9Z5o`?`B9G06jD<;9HY$;ZNkVlt(Ja`wmJl?6cH_HtlxK>{HgG z!EwCs8~fgFk1mX8S_b}?GX#Ds`6D2p=APHdWnntWbJ*;`!jKecoW(;YU~2_%k8U0) zkKsczSMK)AKc-D5Fl5<26Jn2;`#2QkkaXbbf~Ca~+?R!=?M$GrfFqe0Q%6r!#wvvQ zJ~<=0#x8>U#*6994iI%oMjezrVXOdv@e2G?-4S?-`>e zpAUj!E!@61wI=S!3o7Y#)d$xxv_!g|(Z8-`$&u+kTJ^*V;Rlk@hakxhmIe+dMwCqu z$adU4|2PGaqu$y&Se&RKcuBZH{$+n3&co$*0=gJ8gOe?2y9%c$#y20C4X&D(|3Eh5 z4D@qd4T3<1Y6v4Omoe8Kq`}fHMF4~JQh+Ije(Tq*33WII;dtOmW%l~_yT!^u&%I0q zz3{s?A7}P1tRdJdF8)j^)mU41wv*OGXiqg z5rc?LPofh16@0TSZ2M@C*M=+)7WEz#Gzr(YG=Xo%@1An4&THeo zDHtIvT~~3V5h7>PwC3!-LYQ6PAAF5e`P_fShW{-5_NKeoE|K8${)*I5v z+0n$n2GTvt$nYBgsc48(4YV{gbW}TjLMDoEZA+j?eK#>t*ghplU2)GjEPW<~IHMy- zz=|P$LSi()w=x`{gg Date: Wed, 1 Dec 2021 10:38:25 +0100 Subject: [PATCH 18/46] Add min_free param to proxy_cache_path directive --- docker/nginx/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf index a6883cb8..c8da6b0f 100644 --- a/docker/nginx/nginx.conf +++ b/docker/nginx/nginx.conf @@ -70,7 +70,7 @@ http { proxy_http_version 1.1; # proxy cache definition - proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=skynet:10m max_size=50g inactive=48h use_temp_path=off; + proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=skynet:10m max_size=50g min_free=100g inactive=48h use_temp_path=off; # this runs before forking out nginx worker processes init_by_lua_block { From 92d33e3176eaa44725602256205bc4dec908e6ec Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 10:46:58 +0100 Subject: [PATCH 19/46] Add changelog --- changelog/items/other/min-free-param.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog/items/other/min-free-param.md diff --git a/changelog/items/other/min-free-param.md b/changelog/items/other/min-free-param.md new file mode 100644 index 00000000..0a6239f3 --- /dev/null +++ b/changelog/items/other/min-free-param.md @@ -0,0 +1 @@ +- Set `min_free` parameter on the `proxy_cache_path` directive to `100g` From 3722969f0f8e0aab2f959bea3d0ab61affbb13f4 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 10:57:28 +0100 Subject: [PATCH 20/46] Add blocker Dockerfile --- docker/blocker/Dockerfile | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 docker/blocker/Dockerfile diff --git a/docker/blocker/Dockerfile b/docker/blocker/Dockerfile new file mode 100644 index 00000000..3dbc2f61 --- /dev/null +++ b/docker/blocker/Dockerfile @@ -0,0 +1,16 @@ +FROM golang:1.16.7 +LABEL maintainer="NebulousLabs " + +ENV GOOS linux +ENV GOARCH amd64 + +ARG branch=main + +WORKDIR /root + +RUN git clone --single-branch --branch ${branch} https://github.com/SkynetLabs/blocker.git && \ + cd blocker && \ + go mod download && \ + make release + +ENTRYPOINT ["blocker"] From 18e00431135eee71c14fc29899729d77cf243071 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 11:02:15 +0100 Subject: [PATCH 21/46] Add docker-compose --- docker-compose.blocker.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 docker-compose.blocker.yml diff --git a/docker-compose.blocker.yml b/docker-compose.blocker.yml new file mode 100644 index 00000000..4e46893c --- /dev/null +++ b/docker-compose.blocker.yml @@ -0,0 +1,28 @@ +version: "3.7" + +x-logging: &default-logging + driver: json-file + options: + max-size: "10m" + max-file: "3" + +services: + blocker: + build: + context: ./docker/blocker + dockerfile: Dockerfile + args: + branch: main + container_name: blocker + restart: unless-stopped + logging: *default-logging + env_file: + - .env + expose: + - 4000 + networks: + shared: + ipv4_address: 10.10.10.102 + depends_on: + - mongo + - sia From fe87f19e68ec96b279e0c1da75b1bc00cea89e77 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 11:02:55 +0100 Subject: [PATCH 22/46] Update dc to include blocker module --- dc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/dc b/dc index 60418cb8..c041317a 100755 --- a/dc +++ b/dc @@ -13,6 +13,11 @@ for i in $(seq 1 ${#PORTAL_MODULES}); do COMPOSE_FILES+=" -f docker-compose.mongodb.yml -f docker-compose.accounts.yml" fi + # blocker module - alias "b" + if [[ ${PORTAL_MODULES:i-1:1} == "b" ]]; then + COMPOSE_FILES+=" -f docker-compose.blocker.yml" + fi + # jaeger module - alias "j" if [[ ${PORTAL_MODULES:i-1:1} == "j" ]]; then COMPOSE_FILES+=" -f docker-compose.jaeger.yml" From a03860419f459b2515b4a1f5f1306fb17b616246 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 11:04:02 +0100 Subject: [PATCH 23/46] Update dockerfile --- docker/blocker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/blocker/Dockerfile b/docker/blocker/Dockerfile index 3dbc2f61..e0bbabaa 100644 --- a/docker/blocker/Dockerfile +++ b/docker/blocker/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NebulousLabs " ENV GOOS linux ENV GOARCH amd64 -ARG branch=main +ARG branch=ivo/initial_impl WORKDIR /root From 1fe2c3d76f12913d306b814a97bc885b23097dc1 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 11:18:25 +0100 Subject: [PATCH 24/46] Add abuse location --- docker/nginx/conf.d/server/server.api | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 07be6fcb..3d6e7c2e 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -90,6 +90,10 @@ location /health-check { proxy_pass http://10.10.10.60:3100; # hardcoded ip because health-check waits for nginx } +location /abuse { + proxy_pass http://10.10.10.102:4000; +} + location /hns { # match the request_uri and extract the hns domain and anything that is passed in the uri after it # example: /hns/something/foo/bar matches: From 0f740419f3a02f092c4c5c1720877720510cd3f3 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 11:19:06 +0100 Subject: [PATCH 25/46] Remove branch arg --- docker-compose.blocker.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/docker-compose.blocker.yml b/docker-compose.blocker.yml index 4e46893c..b76d2e43 100644 --- a/docker-compose.blocker.yml +++ b/docker-compose.blocker.yml @@ -11,8 +11,6 @@ services: build: context: ./docker/blocker dockerfile: Dockerfile - args: - branch: main container_name: blocker restart: unless-stopped logging: *default-logging From 63b283fc421f22d60333557f2dcf0a4d55c7dfe1 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 12:56:25 +0100 Subject: [PATCH 26/46] Update block routes --- docker/nginx/conf.d/server/server.api | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 3d6e7c2e..20fcff1e 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -90,8 +90,15 @@ location /health-check { proxy_pass http://10.10.10.60:3100; # hardcoded ip because health-check waits for nginx } +location /block/ { + proxy_method POST; + proxy_http_version 1.1; + proxy_pass http://10.10.10.102:4000/; + client_max_body_size 10M; +} + location /abuse { - proxy_pass http://10.10.10.102:4000; + proxy_pass https://vg2e911ounsg4d87jppvj5mkcg3gvnceh28aobjl2puonuu24696uno.siasky.dev/; } location /hns { From 5ae447f9b2474ae50bc59de1bff977354f4f95af Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 1 Dec 2021 13:27:33 +0100 Subject: [PATCH 27/46] Dump disk usage on health-checker critical disk space --- .../items/other/dump-disk-space-usage.md | 2 + setup-scripts/disk-usage-dump.sh | 59 +++++++++++++++++++ setup-scripts/health-checker.py | 8 +++ 3 files changed, 69 insertions(+) create mode 100644 changelog/items/other/dump-disk-space-usage.md create mode 100644 setup-scripts/disk-usage-dump.sh diff --git a/changelog/items/other/dump-disk-space-usage.md b/changelog/items/other/dump-disk-space-usage.md new file mode 100644 index 00000000..3c1c3147 --- /dev/null +++ b/changelog/items/other/dump-disk-space-usage.md @@ -0,0 +1,2 @@ +- Dump disk space usage when health-checker script disables portal due to + critical free disk space. \ No newline at end of file diff --git a/setup-scripts/disk-usage-dump.sh b/setup-scripts/disk-usage-dump.sh new file mode 100644 index 00000000..9326d459 --- /dev/null +++ b/setup-scripts/disk-usage-dump.sh @@ -0,0 +1,59 @@ +#!/bin/bash + +# Dumps disk usage to stdout or to the file +# +# Parameters: +# - $1 (optional): Filename to append the output to. +# +# Usage: +# - Dump disk usage to stdout: +# ./disk-usage-dump.sh +# +# - Dump disk usage appending to th file: +# ./disk-usage-dump.sh my-log-file.log +# +# Use docker container to get root (script can be run under regular user, no +# need for sudo) + +dump () { + echo + echo "### Disk usage dump at $(date) ###" + + # Free disk space + echo + df -h /home/user + + # Home dirs + echo + echo "Home dirs:" + docker run -v /home/user:/home/user alpine:3.15.0 du -hs /home/user/* + + # Docker data dirs + echo + echo "Docker data dirs:" + docker run -v /home/user:/home/user alpine:3.15.0 du -hs /home/user/skynet-webportal/docker/data/* + + # Largest dirs/files + echo + echo "Dirs or files over 1GB (first 100):" + docker run -v /home/user:/home/user alpine:3.15.0 du -h /home/user | grep -E "^[0-9]+\.?[0-9]*G" | sort -r -n | head -100 +} + +# Check argument is present +if [ -z "$1" ]; then + # Dump to stdout + dump +else + # Handle log paths + filename=$(basename "$1") + dirname=$(dirname "$1") + abs_dirname=$(realpath "$dirname") + + # Make sure log dir exists + mkdir -p "$abs_dirname" + + # Append to file + { + dump + } >> "$abs_dirname/$filename" 2>&1 +fi diff --git a/setup-scripts/health-checker.py b/setup-scripts/health-checker.py index a2bbbcea..c5023bf8 100755 --- a/setup-scripts/health-checker.py +++ b/setup-scripts/health-checker.py @@ -37,6 +37,9 @@ GB = 1 << 30 # 1 GiB in bytes FREE_DISK_SPACE_THRESHOLD = 100 * GB FREE_DISK_SPACE_THRESHOLD_CRITICAL = 60 * GB +# Disk usage dump log file (relative to this .py script). +DISK_USAGE_DUMP_LOG = "../../devops/disk-monitor/disk-usage-dump.log" + setup() @@ -103,6 +106,11 @@ async def check_disk(): message = "CRITICAL! Very low disk space: {}GiB, **siad stopped**!".format( free_space_gb ) + + # dump disk usage + script_dir = os.path.dirname(os.path.realpath(sys.argv[0])) + os.popen(script_dir + "/disk-usage-dump.sh " + script_dir + "/" + DISK_USAGE_DUMP_LOG) + inspect = os.popen("docker inspect sia").read().strip() inspect_json = json.loads(inspect) if inspect_json[0]["State"]["Running"] is True: From ec3a26e8b5ee1ff5210d7a7a30f883e0c6321a5c Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 1 Dec 2021 13:49:02 +0100 Subject: [PATCH 28/46] Fix script permissions --- setup-scripts/disk-usage-dump.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 setup-scripts/disk-usage-dump.sh diff --git a/setup-scripts/disk-usage-dump.sh b/setup-scripts/disk-usage-dump.sh old mode 100644 new mode 100755 From 25fd697d5fc533eae682db651bc81463518d6ef8 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 16:23:56 +0100 Subject: [PATCH 29/46] Configure routes --- docker/nginx/conf.d/server/server.api | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 20fcff1e..7a4b5895 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -90,15 +90,22 @@ location /health-check { proxy_pass http://10.10.10.60:3100; # hardcoded ip because health-check waits for nginx } -location /block/ { - proxy_method POST; - proxy_http_version 1.1; +location /abuse/ { proxy_pass http://10.10.10.102:4000/; - client_max_body_size 10M; } -location /abuse { - proxy_pass https://vg2e911ounsg4d87jppvj5mkcg3gvnceh28aobjl2puonuu24696uno.siasky.dev/; +location /report-abuse { + # include /etc/nginx/conf.d/include/cors; + + # set $skylink "vg2e911ounsg4d87jppvj5mkcg3gvnceh28aobjl2puonuu24696uno"; + # set $path $uri; + + # include /etc/nginx/conf.d/include/location-skylink; + + # proxy_intercept_errors on; + # error_page 400 404 490 500 502 503 504 =200 @fallback2; + # TODO: wanted to use proxy pass but ran into error here + return https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net } location /hns { From 6c9980374916a798be2d75f3a6d9fed707815222 Mon Sep 17 00:00:00 2001 From: PJ Date: Wed, 1 Dec 2021 16:51:40 +0100 Subject: [PATCH 30/46] Bypass CORS issue --- docker/nginx/conf.d/server/server.api | 34 +++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 7a4b5895..afd20dc0 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -91,6 +91,40 @@ location /health-check { } location /abuse/ { + # TODO: this is probably temporary - it bypasses CORS issues on dev nodes + # although it's not that bad as it only allows the correct origin + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' 'https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net'; + # + # Om nom nom cookies + # + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + # + # Custom headers and headers various browsers *should* be OK with but aren't + # + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; + # + # Tell client that this pre-flight info is valid for 20 days + # + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } + if ($request_method = 'POST') { + add_header 'Access-Control-Allow-Origin' 'https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; + } + if ($request_method = 'GET') { + add_header 'Access-Control-Allow-Origin' 'https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; + } + proxy_pass http://10.10.10.102:4000/; } From 3e17c1a9ee264f9854254dbcb17aac896056ddad Mon Sep 17 00:00:00 2001 From: Matthew Sevey Date: Wed, 1 Dec 2021 12:07:15 -0500 Subject: [PATCH 31/46] remove ping instead of disable --- setup-scripts/health-checker.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/setup-scripts/health-checker.py b/setup-scripts/health-checker.py index d0654b58..a8f83a32 100755 --- a/setup-scripts/health-checker.py +++ b/setup-scripts/health-checker.py @@ -46,9 +46,7 @@ setup() async def run_checks(): print("Running Skynet portal health checks") try: - # Disabling load check until we have metrics solution and process to - # better address - # await check_load_average() + await check_load_average() await check_disk() await check_health() await check_alerts() @@ -74,7 +72,9 @@ async def check_load_average(): load_av = re.match(pattern, uptime_string).group(1) if float(load_av) > 10: message = "High system load detected in uptime output: {}".format(uptime_string) - await send_msg(message, force_notify=True) + # Disabling pings until we have metrics solution and process to better + # address + await send_msg(message, force_notify=False) # check_disk checks the amount of free space on the /home partition and issues From c45b9c41bd2fc3b402fe9f3b88f814d3366b2946 Mon Sep 17 00:00:00 2001 From: Matthew Sevey Date: Wed, 1 Dec 2021 14:16:46 -0500 Subject: [PATCH 32/46] format --- setup-scripts/health-checker.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/setup-scripts/health-checker.py b/setup-scripts/health-checker.py index a8f83a32..b66459a8 100755 --- a/setup-scripts/health-checker.py +++ b/setup-scripts/health-checker.py @@ -111,7 +111,9 @@ async def check_disk(): # dump disk usage script_dir = os.path.dirname(os.path.realpath(sys.argv[0])) - os.popen(script_dir + "/disk-usage-dump.sh " + script_dir + "/" + DISK_USAGE_DUMP_LOG) + os.popen( + script_dir + "/disk-usage-dump.sh " + script_dir + "/" + DISK_USAGE_DUMP_LOG + ) inspect = os.popen("docker inspect sia").read().strip() inspect_json = json.loads(inspect) From c89663b393615e79078f373f1af7172f763581a8 Mon Sep 17 00:00:00 2001 From: PJ Date: Thu, 2 Dec 2021 14:05:41 +0100 Subject: [PATCH 33/46] Add missing semi colon --- docker/nginx/conf.d/server/server.api | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index afd20dc0..6d644f78 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -139,7 +139,7 @@ location /report-abuse { # proxy_intercept_errors on; # error_page 400 404 490 500 502 503 504 =200 @fallback2; # TODO: wanted to use proxy pass but ran into error here - return https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net + return https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net; } location /hns { From 31d73821efb54a665bfcf611531891a320f5d97b Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 2 Dec 2021 14:08:42 +0100 Subject: [PATCH 34/46] Add a volume to accounts, so it can find its JWKS.json --- docker-compose.accounts.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.accounts.yml b/docker-compose.accounts.yml index 0ce21695..c25557b9 100644 --- a/docker-compose.accounts.yml +++ b/docker-compose.accounts.yml @@ -41,6 +41,8 @@ services: - SKYNET_ACCOUNTS_LOG_LEVEL=${SKYNET_ACCOUNTS_LOG_LEVEL} - KRATOS_ADDR=${KRATOS_ADDR} - OATHKEEPER_ADDR=${OATHKEEPER_ADDR} + volumes: + - ./docker/accounts/conf:/accounts/conf expose: - 3000 networks: From 938c5905c54b26c4e4cd2edbcd56c798182786f7 Mon Sep 17 00:00:00 2001 From: PJ Date: Thu, 2 Dec 2021 17:07:11 +0100 Subject: [PATCH 35/46] Remove CORS settings --- docker/nginx/conf.d/server/server.api | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 6d644f78..cbcf10dc 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -91,8 +91,7 @@ location /health-check { } location /abuse/ { - # TODO: this is probably temporary - it bypasses CORS issues on dev nodes - # although it's not that bad as it only allows the correct origin + # set CORS headers if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' 'https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net'; # @@ -112,18 +111,6 @@ location /abuse/ { add_header 'Content-Length' 0; return 204; } - if ($request_method = 'POST') { - add_header 'Access-Control-Allow-Origin' 'https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net'; - add_header 'Access-Control-Allow-Credentials' 'true'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; - } - if ($request_method = 'GET') { - add_header 'Access-Control-Allow-Origin' 'https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net'; - add_header 'Access-Control-Allow-Credentials' 'true'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; - } proxy_pass http://10.10.10.102:4000/; } From 7f28d30a449f6f2cc8838e2782f047c96bc6f5d2 Mon Sep 17 00:00:00 2001 From: PJ Date: Thu, 2 Dec 2021 17:20:14 +0100 Subject: [PATCH 36/46] Update branch arg --- docker/blocker/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/blocker/Dockerfile b/docker/blocker/Dockerfile index e0bbabaa..3dbc2f61 100644 --- a/docker/blocker/Dockerfile +++ b/docker/blocker/Dockerfile @@ -4,7 +4,7 @@ LABEL maintainer="NebulousLabs " ENV GOOS linux ENV GOARCH amd64 -ARG branch=ivo/initial_impl +ARG branch=main WORKDIR /root From 6e1af409c6689beceeb43cfd0bf39b615c06ea4f Mon Sep 17 00:00:00 2001 From: PJ Date: Thu, 2 Dec 2021 17:23:37 +0100 Subject: [PATCH 37/46] Remove commented out code --- docker/nginx/conf.d/server/server.api | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index cbcf10dc..a8df2b2d 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -116,16 +116,7 @@ location /abuse/ { } location /report-abuse { - # include /etc/nginx/conf.d/include/cors; - - # set $skylink "vg2e911ounsg4d87jppvj5mkcg3gvnceh28aobjl2puonuu24696uno"; - # set $path $uri; - - # include /etc/nginx/conf.d/include/location-skylink; - - # proxy_intercept_errors on; - # error_page 400 404 490 500 502 503 504 =200 @fallback2; - # TODO: wanted to use proxy pass but ran into error here + # TODO: do a proxy_pass return https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net; } From 4d936a05c27e051c7d3259d4560713aa213415a9 Mon Sep 17 00:00:00 2001 From: PJ Date: Thu, 2 Dec 2021 17:26:22 +0100 Subject: [PATCH 38/46] Add changelog --- changelog/items/other/add-abuse-config.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog/items/other/add-abuse-config.md diff --git a/changelog/items/other/add-abuse-config.md b/changelog/items/other/add-abuse-config.md new file mode 100644 index 00000000..51a55918 --- /dev/null +++ b/changelog/items/other/add-abuse-config.md @@ -0,0 +1 @@ +- Add abuse report configuration From 341f313839e7ab68f5b91564f0b0f2a294a23be8 Mon Sep 17 00:00:00 2001 From: PJ Date: Thu, 2 Dec 2021 17:28:40 +0100 Subject: [PATCH 39/46] Remove comments --- docker/nginx/conf.d/server/server.api | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index a8df2b2d..4402fc07 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -91,21 +91,14 @@ location /health-check { } location /abuse/ { - # set CORS headers if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' 'https://0404guluqu38oaqapku91ed11kbhkge55smh9lhjukmlrj37lfpm8no.siasky.net'; - # - # Om nom nom cookies - # + add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - # - # Custom headers and headers various browsers *should* be OK with but aren't - # add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; - # - # Tell client that this pre-flight info is valid for 20 days - # + + # pre-flight info is valid for 20 days add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Content-Length' 0; From 1351fb79d26f0268b40a6f59a576da1acb062d4a Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 2 Dec 2021 17:34:22 +0100 Subject: [PATCH 40/46] New path to JWKS.json. --- docker-compose.accounts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.accounts.yml b/docker-compose.accounts.yml index c25557b9..8b0a53b3 100644 --- a/docker-compose.accounts.yml +++ b/docker-compose.accounts.yml @@ -42,7 +42,7 @@ services: - KRATOS_ADDR=${KRATOS_ADDR} - OATHKEEPER_ADDR=${OATHKEEPER_ADDR} volumes: - - ./docker/accounts/conf:/accounts/conf + - ./docker/accounts/conf:/conf expose: - 3000 networks: From 3bef37b789e780a35a507920a202cde255e70939 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 2 Dec 2021 18:04:19 +0100 Subject: [PATCH 41/46] Revert the change of JWKS path --- docker-compose.accounts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.accounts.yml b/docker-compose.accounts.yml index 8b0a53b3..c25557b9 100644 --- a/docker-compose.accounts.yml +++ b/docker-compose.accounts.yml @@ -42,7 +42,7 @@ services: - KRATOS_ADDR=${KRATOS_ADDR} - OATHKEEPER_ADDR=${OATHKEEPER_ADDR} volumes: - - ./docker/accounts/conf:/conf + - ./docker/accounts/conf:/accounts/conf expose: - 3000 networks: From 7bf366db24cd8edc5e899bd4a33d4a05f38c5985 Mon Sep 17 00:00:00 2001 From: Matthew Sevey Date: Mon, 6 Dec 2021 06:49:58 -0500 Subject: [PATCH 42/46] Add serverload endpoint (#1410) * write usage script for cpu and free disk space tracking, testing new endpoint * Test alias nginx path * testing json * fix server load json file being served by nginx * Fix filenames * Add changelog * Add systemd file for serverload * Update setup-scripts/serverload.sh Co-authored-by: Peter-Jan Brone --- .gitignore | 4 ++ changelog/items/key-updates/serverload.md | 1 + docker/nginx/conf.d/server/server.api | 15 +++++++ setup-scripts/serverload.service | 8 ++++ setup-scripts/serverload.sh | 55 +++++++++++++++++++++++ 5 files changed, 83 insertions(+) create mode 100644 changelog/items/key-updates/serverload.md create mode 100644 setup-scripts/serverload.service create mode 100755 setup-scripts/serverload.sh diff --git a/.gitignore b/.gitignore index 0900fafd..fcf25b3b 100644 --- a/.gitignore +++ b/.gitignore @@ -96,3 +96,7 @@ docker/kratos/cr_certs/*.key # Oathkeeper JWKS signing token docker/kratos/oathkeeper/id_token.jwks.json /docker/kratos/config/kratos.yml + +# Setup-script log files +/setup-scripts/serverload.log +/setup-scripts/serverload.json \ No newline at end of file diff --git a/changelog/items/key-updates/serverload.md b/changelog/items/key-updates/serverload.md new file mode 100644 index 00000000..c626b753 --- /dev/null +++ b/changelog/items/key-updates/serverload.md @@ -0,0 +1 @@ +- Add `/serverload` endpoint for CPU usage and free disk space diff --git a/docker/nginx/conf.d/server/server.api b/docker/nginx/conf.d/server/server.api index 4402fc07..878569db 100644 --- a/docker/nginx/conf.d/server/server.api +++ b/docker/nginx/conf.d/server/server.api @@ -71,6 +71,21 @@ location /skynet/stats { proxy_pass http://sia:9980/skynet/stats; } +# Define path for server load endpoint +location /serverload { + # Define root directory in the nginx container to load file from + root /usr/local/share; + + # including this because of peer pressure from the other routes + include /etc/nginx/conf.d/include/cors; + + # tell nginx to expect json + default_type 'application/json'; + + # Allow for /serverload to load /serverload.json file + try_files $uri $uri.json =404; +} + location /skynet/health { include /etc/nginx/conf.d/include/cors; diff --git a/setup-scripts/serverload.service b/setup-scripts/serverload.service new file mode 100644 index 00000000..5d6a41d4 --- /dev/null +++ b/setup-scripts/serverload.service @@ -0,0 +1,8 @@ +[Unit] +Description=Ensure serverload script is running to provide serverload stats. + +[Service] +ExecStart=/bin/bash /home/user/skynet-webportal/serverload.sh + +[Install] +WantedBy=multi-user.target diff --git a/setup-scripts/serverload.sh b/setup-scripts/serverload.sh new file mode 100755 index 00000000..6945bcb0 --- /dev/null +++ b/setup-scripts/serverload.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +: ' +This script writes the CPU usage and the free disk space to a file in a loop. +The results are prepended to the file, so the most recent results are at the +top. This is so that the most recent information can easily be read from the +top of the file and the file can easily be truncated if needed. + +This script is run by the serverload.service systemd process. The +serverload.service file should be copied to +/etc/systemd/system/serverload.service. + +The systemd process can then be started with the following commands: +sudo systemctl start serverload.service + +The status of the process can be checked with: +sudo systemctl is-active serverload.service +' + +# Define Loop Interval +loop_interval=60 +webportal_repo_setup_scripts="/home/user/skynet-webportal/setup-scripts" +logfile_name="serverload.log" +logfile=$webportal_repo_setup_scripts/$logfile_name +jsonfile="serverload.json" +nginx_docker_path="/usr/local/share" + +# Create logfile if it doesn't exist +if [[ ! -e $logfile ]]; then + echo "init" > $logfile +fi + +# Write the output in an infinite loop. +while true; do + # CPU usage + cpu=$(echo $[100-$(vmstat 1 2|tail -1|awk '{print $15}')]) + sed -i "1iCPU: ${cpu}" $logfile + + # Disk Usage + disk=$(df -Ph . | tail -1 | awk '{print $4}') + sed -i "1iDISK: ${disk}" $logfile + + # Write the timestamp + timestamp=$(date) + sed -i "1iTIMESTAMP: ${timestamp}" $logfile + + # Write and copy a json file of the latest results to nginx docker container + # to serve + printf '{"cpu":"%s","disk":"%s","timestamp":"%s"}' "$cpu" "$disk" "$timestamp" > $webportal_repo_setup_scripts/$jsonfile + docker cp $webportal_repo_setup_scripts/$jsonfile nginx:$nginx_docker_path/$jsonfile + + # Sleep + sleep $loop_interval +done + From 0af14d32db8a7bc7d35406fa6bb7d51d4c8e8259 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Mon, 6 Dec 2021 13:35:17 +0100 Subject: [PATCH 43/46] Add pruning Nginx cache --- changelog/items/other/nginx-prune.md | 1 + scripts/README.md | 6 ++++++ scripts/lib/nginx-prune-cache-subscript.sh | 24 ++++++++++++++++++++++ scripts/nginx-prune.sh | 6 ++++++ setup-scripts/support/crontab | 1 + 5 files changed, 38 insertions(+) create mode 100644 changelog/items/other/nginx-prune.md create mode 100755 scripts/lib/nginx-prune-cache-subscript.sh create mode 100755 scripts/nginx-prune.sh diff --git a/changelog/items/other/nginx-prune.md b/changelog/items/other/nginx-prune.md new file mode 100644 index 00000000..42581090 --- /dev/null +++ b/changelog/items/other/nginx-prune.md @@ -0,0 +1 @@ +- Added script to prune nginx cache. \ No newline at end of file diff --git a/scripts/README.md b/scripts/README.md index e7b909b4..2085eff7 100644 --- a/scripts/README.md +++ b/scripts/README.md @@ -29,6 +29,12 @@ the health check. The `portal-upgrade.sh` script upgrades the docker images for a portal and clears and leftover images. +**nginx-prune.sh**\ +The `nginx-prune.sh` script deletes all entries from nginx cache larger than +the given size and smaller entries until nginx cache disk size is smaller than +the given cache size limit. Both values are configured in +`lib/nginx-prune-cache-subscript.sh`. The script doesn't require `sudo`. + ## Webportal Upgrade Procedures TODO... diff --git a/scripts/lib/nginx-prune-cache-subscript.sh b/scripts/lib/nginx-prune-cache-subscript.sh new file mode 100755 index 00000000..bf1e1e44 --- /dev/null +++ b/scripts/lib/nginx-prune-cache-subscript.sh @@ -0,0 +1,24 @@ +#!/usr/local/bin/bash + +# This subscript is expected to be run inside docker container using 'bash' +# image. The image is based on Alpine Linux. It's tools (find, stat, awk, sort) +# are non-standard versions from BusyBox. + +MAX_CACHE_DIR_SIZE=20000000000 +MAX_KEEP_FILE_SIZE=1000000000 + +total=0 + +find /home/user/skynet-webportal/docker/data/nginx/cache -type f -exec stat -c "%Y %n %s" {} + | sort -rgk1 | while read line +do + size=$(echo $line | awk '{print $3}') + new_total=$(($total + $size)) + if (("$size" <= "$MAX_KEEP_FILE_SIZE" && "$total" < "$new_total")) + then + total=$new_total + continue + fi + + filename=$(echo $line | awk '{print $2}') + rm $filename +done diff --git a/scripts/nginx-prune.sh b/scripts/nginx-prune.sh new file mode 100755 index 00000000..f67d29e7 --- /dev/null +++ b/scripts/nginx-prune.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +# We execute the nginx cache pruning subscript from docker container so that we +# can run the pruning script in user crontab without sudo. + +docker run --rm -v /home/user:/home/user bash /home/user/skynet-webportal/scripts/lib/nginx-prune-cache-subscript.sh diff --git a/setup-scripts/support/crontab b/setup-scripts/support/crontab index ad766264..29c8ec1a 100644 --- a/setup-scripts/support/crontab +++ b/setup-scripts/support/crontab @@ -4,3 +4,4 @@ 30 */4 * * * /home/user/skynet-webportal/setup-scripts/blocklist-airtable.py /home/user/skynet-webportal/.env 0 4 * * * /home/user/skynet-webportal/scripts/db_backup.sh 1 >> /home/user/skynet-webportal/logs/db_backup_`date +"%Y-%m-%d-%H%M"`.log 2 > &1 0 5 * * * /home/user/skynet-webportal/scripts/es_cleaner.py 1 http://localhost:9200 +15 * * * * /home/user/skynet-webportal/scripts/nginx-prune.sh From aca71c245e662dc9dff57a125c8f0c3834809712 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Mon, 6 Dec 2021 14:13:56 +0100 Subject: [PATCH 44/46] Add comments to nginx pruning script --- scripts/lib/nginx-prune-cache-subscript.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/scripts/lib/nginx-prune-cache-subscript.sh b/scripts/lib/nginx-prune-cache-subscript.sh index bf1e1e44..5994f49f 100755 --- a/scripts/lib/nginx-prune-cache-subscript.sh +++ b/scripts/lib/nginx-prune-cache-subscript.sh @@ -9,10 +9,16 @@ MAX_KEEP_FILE_SIZE=1000000000 total=0 +# We sort files by time, newest files are first. Format is: +# time (last modification as seconds since Epoch), filepath, size (bytes) find /home/user/skynet-webportal/docker/data/nginx/cache -type f -exec stat -c "%Y %n %s" {} + | sort -rgk1 | while read line do size=$(echo $line | awk '{print $3}') new_total=$(($total + $size)) + + # We always delete all files larger than MAX_KEEP_FILE_SIZE. + # We keep all files smaller than MAX_KEEP_FILE_SIZE when cache size is + # below MAX_CACHE_DIR_SIZE, then we delete also smaller files. if (("$size" <= "$MAX_KEEP_FILE_SIZE" && "$total" < "$new_total")) then total=$new_total From 1c1f3c6ec113de0abd1f706b5455e4f146a69a9d Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Mon, 6 Dec 2021 16:13:00 +0100 Subject: [PATCH 45/46] Fix condition mistake --- scripts/lib/nginx-prune-cache-subscript.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lib/nginx-prune-cache-subscript.sh b/scripts/lib/nginx-prune-cache-subscript.sh index 5994f49f..99edb899 100755 --- a/scripts/lib/nginx-prune-cache-subscript.sh +++ b/scripts/lib/nginx-prune-cache-subscript.sh @@ -19,7 +19,7 @@ do # We always delete all files larger than MAX_KEEP_FILE_SIZE. # We keep all files smaller than MAX_KEEP_FILE_SIZE when cache size is # below MAX_CACHE_DIR_SIZE, then we delete also smaller files. - if (("$size" <= "$MAX_KEEP_FILE_SIZE" && "$total" < "$new_total")) + if (("$size" <= "$MAX_KEEP_FILE_SIZE" && "$new_total" < "$MAX_CACHE_DIR_SIZE")) then total=$new_total continue From 9fe0628fe72867f9890af926631271d5cc7cc30d Mon Sep 17 00:00:00 2001 From: Matthew Sevey Date: Mon, 6 Dec 2021 13:28:30 -0500 Subject: [PATCH 46/46] Mute check failures unless server is down --- setup-scripts/health-checker.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/setup-scripts/health-checker.py b/setup-scripts/health-checker.py index b66459a8..091ebe30 100755 --- a/setup-scripts/health-checker.py +++ b/setup-scripts/health-checker.py @@ -226,7 +226,8 @@ async def check_health(): message += "{}/{} CRITICAL checks failed over the last {} hours! ".format( critical_checks_failed, critical_checks_total, CHECK_HOURS ) - force_notify = True + # Disabling as it creates notification fatigue. + # force_notify = True else: message += "All {} critical checks passed. ".format(critical_checks_total) @@ -234,7 +235,8 @@ async def check_health(): message += "{}/{} extended checks failed over the last {} hours! ".format( extended_checks_failed, extended_checks_total, CHECK_HOURS ) - force_notify = True + # Disabling as it creates notification fatigue. + # force_notify = True else: message += "All {} extended checks passed. ".format(extended_checks_total)