From bf556111339e14226c110136f353ed490b3b8295 Mon Sep 17 00:00:00 2001 From: Tommy Date: Mon, 17 Oct 2022 05:30:43 -0400 Subject: [PATCH] Reorganize (#72) * Reorganize Signed-off-by: Tommy --- config.yml | 30 +++++------- content/apps/_index.md | 3 -- content/knowledge/_index.md | 3 -- content/os/_index.md | 3 -- content/posts/_index.md | 7 +++ content/{os => posts/android}/Android Tips.md | 12 +++-- ...PN Leakage with Secondary User Profiles.md | 2 +- ...lications compatibility with GrapheneOS.md | 0 ...ing Your Android-Based Operating System.md | 4 +- .../android}/F-Droid Security Issues.md | 0 content/posts/android/_index.md | 7 +++ .../knowledge/Badness Enumeration.md | 0 .../{ => posts}/knowledge/FLOSS Security.md | 0 .../knowledge/Multi-factor Authentication.md | 0 .../{ => posts}/knowledge/Threat Modeling.md | 0 content/posts/knowledge/_index.md | 7 +++ ...hoosing Your Desktop Linux Distribution.md | 0 .../linux}/Desktop-Linux-Hardening.md | 10 ++-- .../linux}/Docker and OCI Hardening.md | 0 .../{os => posts/linux}/Linux Insecurities.md | 2 +- .../NetworkManager Trackability Reduction.md | 0 ...nVPN IP Leakage on Linux and Workaround.md | 0 .../linux}/Securing OpenSSH with FIDO2.md | 0 content/posts/linux/_index.md | 7 +++ .../proxies}/Commercial VPN Use Cases.md | 0 .../proxies}/Update your Signal TLS Proxy.md | 0 content/posts/proxies/_index.md | 7 +++ .../Firewalling with MirageOS on Qubes OS.md | 0 .../qubes}/Using Lokinet on Qubes OS.md | 0 .../qubes}/Using Mullvad VPN on Qubes OS.md | 6 +-- ...ing Split GPG and Split SSH on Qubes OS.md | 0 content/posts/qubes/_index.md | 7 +++ content/providers/_index.md | 3 -- external-blogs.sh | 46 +++++++++--------- static/_headers | 10 ++-- static/_redirects | 29 +++++++++-- static/images/ivpn-1.png | Bin 0 -> 79433 bytes 37 files changed, 127 insertions(+), 78 deletions(-) delete mode 100644 content/apps/_index.md delete mode 100644 content/knowledge/_index.md delete mode 100644 content/os/_index.md create mode 100644 content/posts/_index.md rename content/{os => posts/android}/Android Tips.md (97%) rename content/{os => posts/android}/Android VPN Leakage with Secondary User Profiles.md (95%) rename content/{apps => posts/android}/Banking Applications compatibility with GrapheneOS.md (100%) rename content/{os => posts/android}/Choosing Your Android-Based Operating System.md (94%) rename content/{apps => posts/android}/F-Droid Security Issues.md (100%) create mode 100644 content/posts/android/_index.md rename content/{ => posts}/knowledge/Badness Enumeration.md (100%) rename content/{ => posts}/knowledge/FLOSS Security.md (100%) rename content/{ => posts}/knowledge/Multi-factor Authentication.md (100%) rename content/{ => posts}/knowledge/Threat Modeling.md (100%) create mode 100644 content/posts/knowledge/_index.md rename content/{os => posts/linux}/Choosing Your Desktop Linux Distribution.md (100%) rename content/{os => posts/linux}/Desktop-Linux-Hardening.md (97%) rename content/{apps => posts/linux}/Docker and OCI Hardening.md (100%) rename content/{os => posts/linux}/Linux Insecurities.md (98%) rename content/{os => posts/linux}/NetworkManager Trackability Reduction.md (100%) rename content/{apps => posts/linux}/ProtonVPN IP Leakage on Linux and Workaround.md (100%) rename content/{os => posts/linux}/Securing OpenSSH with FIDO2.md (100%) create mode 100644 content/posts/linux/_index.md rename content/{knowledge => posts/proxies}/Commercial VPN Use Cases.md (100%) rename content/{apps => posts/proxies}/Update your Signal TLS Proxy.md (100%) create mode 100644 content/posts/proxies/_index.md rename content/{os => posts/qubes}/Firewalling with MirageOS on Qubes OS.md (100%) rename content/{apps => posts/qubes}/Using Lokinet on Qubes OS.md (100%) rename content/{apps => posts/qubes}/Using Mullvad VPN on Qubes OS.md (90%) rename content/{os => posts/qubes}/Using Split GPG and Split SSH on Qubes OS.md (100%) create mode 100644 content/posts/qubes/_index.md delete mode 100644 content/providers/_index.md create mode 100644 static/images/ivpn-1.png diff --git a/config.yml b/config.yml index 531cf77..3a8c4fc 100644 --- a/config.yml +++ b/config.yml @@ -51,8 +51,8 @@ params: url: code - name: Privacy url: privacy - - name: PGP - url: https://tommytran.io/tommy.asc + - name: Donate + url: donate socialIcons: - name: github @@ -106,30 +106,22 @@ markup: menu: main: - - identifier: Knowledge Base - name: Knowledge Base - url: /knowledge/ + - identifier: Categories + name: Categories + url: /posts/ weight: 10 - - identifier: Operating Systems - name: Operating Systems - url: /os/ - weight: 20 - - identifier: Applications - name: Applications - url: /apps/ - weight: 30 - identifier: Search name: Search url: /search/ - weight: 40 + weight: 20 - identifier: Tags name: Tags url: /tags/ - weight: 50 - - identifier: Donate - name: Donate - url: /donate/ - weight: 60 + weight: 30 + - identifier: PGP + name: PGP + url: https://tommytran.io/tommy.asc + weight: 40 privacy: disqus: diff --git a/content/apps/_index.md b/content/apps/_index.md deleted file mode 100644 index 4b16e30..0000000 --- a/content/apps/_index.md +++ /dev/null @@ -1,3 +0,0 @@ ---- -title: Applications ---- \ No newline at end of file diff --git a/content/knowledge/_index.md b/content/knowledge/_index.md deleted file mode 100644 index bcbabc5..0000000 --- a/content/knowledge/_index.md +++ /dev/null @@ -1,3 +0,0 @@ ---- -title: Knowledge Base ---- \ No newline at end of file diff --git a/content/os/_index.md b/content/os/_index.md deleted file mode 100644 index 7d73508..0000000 --- a/content/os/_index.md +++ /dev/null @@ -1,3 +0,0 @@ ---- -title: Operating Systems ---- \ No newline at end of file diff --git a/content/posts/_index.md b/content/posts/_index.md new file mode 100644 index 0000000..68542b2 --- /dev/null +++ b/content/posts/_index.md @@ -0,0 +1,7 @@ +--- +title: Categories +ShowReadingTime: false +ShowWordCount: false +--- + +Find the content you are looking for! \ No newline at end of file diff --git a/content/os/Android Tips.md b/content/posts/android/Android Tips.md similarity index 97% rename from content/os/Android Tips.md rename to content/posts/android/Android Tips.md index 24d8a80..a62e675 100644 --- a/content/os/Android Tips.md +++ b/content/posts/android/Android Tips.md @@ -32,7 +32,7 @@ You should also be very wary of low quality privacy branded phones like the Free In certain cases, installing a custom Android-based operating system can help increase your privacy and security. This is rather tricky; however, as the vast majority of these operating systems (a.k.a. "custom ROMs") do exactly the opposite - breaking the Android security model, ruining your security while providing no or dubious privacy benefits. -I have written a detailed post on selecting your Android-based operating system, which you can find [here](../../os/choosing-your-android-based-operating-system). +I have written a detailed post on selecting your Android-based operating system, which you can find [here](/posts/os/choosing-your-android-based-operating-system). **TLDR**: If you are using a modern Pixel, use [GrapheneOS](https://grapheneos.org). If you are on a device supported by [DivestOS](https://divestos.org), use DivestOS. Otherwise, stick to your stock operating system. Do not blindly use an OS just because it is advertised as "degoogled". @@ -104,7 +104,7 @@ Multiple user profiles can be found in **Settings** → **System** → **Multipl With user profiles, you can impose restrictions on a specific profile, such as: making calls, using SMS, or installing apps on the device. Each profile is encrypted using its own encryption key and cannot access the data of any other profiles. Even the device owner cannot view the data of other profiles without knowing their password. Multiple user profiles are a more secure method of isolation. -Note that there is currently a [VPN leakage with secondary user profiles](/os/android-vpn-leakage-with-secondary-user-profiles). +Note that there is currently a [VPN leakage with secondary user profiles](/posts/os/android-vpn-leakage-with-secondary-user-profiles). ## Work Profile @@ -136,6 +136,10 @@ I have seen several common suggestions in the privacy community to mitigate this - **Using PGPP as a carrier**: The service randomizes your IMSI by regularly reprovisioning your eSIM. However, the IMEI broadcasted by the baseband modem would remain unchanged, allowing the carriers to track you anyways. +## SMS App + + + ## Where to Get Your Applications ### GrapheneOS App Store @@ -150,7 +154,7 @@ My recommendation is to stick with the Google Play Store unless your threat mode ### F-Droid -F-Droid, despite being often recommended in the privacy community, has various security deficiencies. You can read more about them [here](/apps/f-droid-security-issues/). +F-Droid, despite being often recommended in the privacy community, has various security deficiencies. You can read more about them [here](/posts/android/f-droid-security-issues/). I do not recommend that you use F-Droid at all unless you have no other choice to obtain certain apps. In some rare cases, there may be some apps which require the F-Droid version to work properly without Google Play Services. If you do end up using F-Droid, I highly recommend that you avoid the official F-Droid client (which is extremely outdated and targets API level 25) and use a more modern client with seamless updates such as [NeoStore](https://github.com/NeoApplications/Neo-Store). You should also avoid using the official F-Droid repository as much as possible and stick to the F-Droid repositories hosted by the app developers instead. @@ -183,7 +187,7 @@ If you have a Google account we suggest enrolling in the [Advanced Protection Pr The Advanced Protection Program provides enhanced threat monitoring and enables: -- Stricter two factor authentication; e.g. that [FIDO2](/knowledge/multi-factor-authentication/#fido2-fast-identity-online) **must** be used and disallows the use of [SMS OTP](/knowledge/multi-factor-authentication/#fido2-fast-identity-online), [TOTP](/knowledge/multi-factor-authentication/#time-based-one-time-password-totp) and [OAuth](https://en.wikipedia.org/wiki/OAuth) +- Stricter two factor authentication; e.g. that [FIDO2](/posts/knowledge/multi-factor-authentication/#fido2-fast-identity-online) **must** be used and disallows the use of [SMS OTP](/posts/knowledge/multi-factor-authentication/#fido2-fast-identity-online), [TOTP](/posts/knowledge/multi-factor-authentication/#time-based-one-time-password-totp) and [OAuth](https://en.wikipedia.org/wiki/OAuth) - Only Google and verified third-party apps can access account data - Scanning of incoming emails on Gmail accounts for [phishing](https://en.wikipedia.org/wiki/Phishing#Email_phishing) attempts - Stricter [safe browser scanning](https://www.google.com/chrome/privacy/whitepaper.html#malware) with Google Chrome diff --git a/content/os/Android VPN Leakage with Secondary User Profiles.md b/content/posts/android/Android VPN Leakage with Secondary User Profiles.md similarity index 95% rename from content/os/Android VPN Leakage with Secondary User Profiles.md rename to content/posts/android/Android VPN Leakage with Secondary User Profiles.md index 8d349f2..72fbc25 100644 --- a/content/os/Android VPN Leakage with Secondary User Profiles.md +++ b/content/posts/android/Android VPN Leakage with Secondary User Profiles.md @@ -17,7 +17,7 @@ You can reproduce the leak by doing the following: 1. Create a new user profile (you need to create a secondary user profile for this, as it is not reproducible on your owner profile or a work profile). Do not log into your Google account at this stage. 2. Sideload a VPN app. The leak happens with every VPN provider I have tried (since it is likely a platform issue), though if you do not have a VPN subscription I would recommend getting a free one with [ProtonVPN](https://protonvpn.com). -3. Setup the VPN and the [Android VPN killswitch](/os/android-tips/#enable-vpn-killswitch). +3. Setup the VPN and the [Android VPN killswitch](/posts/os/android-tips/#enable-vpn-killswitch). 4. Log into your Google account through Play Services. 5. Restart the phone. Open the secondary user profile again. 6. Go to Google's [My Devices](https://myaccount.google.com/device-activity) page. Observe that one of the sessions for your phone has your actual location obtained with GeoIP. In some cases, your actual IP address will be shown there as well. diff --git a/content/apps/Banking Applications compatibility with GrapheneOS.md b/content/posts/android/Banking Applications compatibility with GrapheneOS.md similarity index 100% rename from content/apps/Banking Applications compatibility with GrapheneOS.md rename to content/posts/android/Banking Applications compatibility with GrapheneOS.md diff --git a/content/os/Choosing Your Android-Based Operating System.md b/content/posts/android/Choosing Your Android-Based Operating System.md similarity index 94% rename from content/os/Choosing Your Android-Based Operating System.md rename to content/posts/android/Choosing Your Android-Based Operating System.md index 2b481ce..cc93fb3 100644 --- a/content/os/Choosing Your Android-Based Operating System.md +++ b/content/posts/android/Choosing Your Android-Based Operating System.md @@ -51,7 +51,7 @@ Some Android-based operating systems, including ones like CalyxOS, often fall be ### User Builds -As mentioned [above](/os/choosing-your-android-based-operating-system/), `userdebug` builds expose root over ADB and require more permissive SELinux policies to accommodate debugging features. `userdebug` builds violate the Android security model and are really only meant for developers to test out their android builds during development. +As mentioned [above](/posts/os/choosing-your-android-based-operating-system/), `userdebug` builds expose root over ADB and require more permissive SELinux policies to accommodate debugging features. `userdebug` builds violate the Android security model and are really only meant for developers to test out their android builds during development. End users should be using the production `user` builds, and any distributions that fail to deliver them like LineageOS or /e/ OS should be avoided. @@ -76,7 +76,7 @@ Currently, I am only aware of two Android-based operating systems that should be {{< youtube id="hx2eiPTe7Zg">}} -For usability purposes, GrapheneOS supports [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), which runs Google Play Services fully sandboxed like any other regular app. This means you can take advantage of most Google Play Services, such as [push notifications](https://firebase.google.com/docs/cloud-messaging/), while giving you full control over their permissions and access, and while containing them to a specific work profile or user profile of your choice. Most interestingly, the [In-app Billing API](https://android-doc.github.io/google/play/billing/api.html), [Google Play Games](https://play.google.com/googleplaygames), [Play Asset Delivery](https://developer.android.com/guide/playcore/asset-delivery), [FIDO2](/knowledge/multi-factor-authentication/#fido2-fast-identity-online) all work exceptionally well. Most [Advanced Protection Program](https://landing.google.com/advancedprotection/) features, except for [Play Protect](https://support.google.com/googleplay/answer/2812853?hl=en) and restricted app installation, also work. +For usability purposes, GrapheneOS supports [Sandboxed Google Play](https://grapheneos.org/usage#sandboxed-google-play), which runs Google Play Services fully sandboxed like any other regular app. This means you can take advantage of most Google Play Services, such as [push notifications](https://firebase.google.com/docs/cloud-messaging/), while giving you full control over their permissions and access, and while containing them to a specific work profile or user profile of your choice. Most interestingly, the [In-app Billing API](https://android-doc.github.io/google/play/billing/api.html), [Google Play Games](https://play.google.com/googleplaygames), [Play Asset Delivery](https://developer.android.com/guide/playcore/asset-delivery), [FIDO2](/posts/knowledge/multi-factor-authentication/#fido2-fast-identity-online) all work exceptionally well. Most [Advanced Protection Program](https://landing.google.com/advancedprotection/) features, except for [Play Protect](https://support.google.com/googleplay/answer/2812853?hl=en) and restricted app installation, also work. Because GrapheneOS does not grant any Google Apps and Services apart from the opt-in eSIM action app privileged access to the system, Play Protect cannot disable or uninstall known malicious applications when it detects them. As for restricted app installation, this feature is not that useful on stock operating system anyways, since it is bypassable with `adb push`. diff --git a/content/apps/F-Droid Security Issues.md b/content/posts/android/F-Droid Security Issues.md similarity index 100% rename from content/apps/F-Droid Security Issues.md rename to content/posts/android/F-Droid Security Issues.md diff --git a/content/posts/android/_index.md b/content/posts/android/_index.md new file mode 100644 index 0000000..2e455fd --- /dev/null +++ b/content/posts/android/_index.md @@ -0,0 +1,7 @@ +--- +title: Android +ShowReadingTime: false +ShowWordCount: false +--- + +A collection of posts about Android and related applications \ No newline at end of file diff --git a/content/knowledge/Badness Enumeration.md b/content/posts/knowledge/Badness Enumeration.md similarity index 100% rename from content/knowledge/Badness Enumeration.md rename to content/posts/knowledge/Badness Enumeration.md diff --git a/content/knowledge/FLOSS Security.md b/content/posts/knowledge/FLOSS Security.md similarity index 100% rename from content/knowledge/FLOSS Security.md rename to content/posts/knowledge/FLOSS Security.md diff --git a/content/knowledge/Multi-factor Authentication.md b/content/posts/knowledge/Multi-factor Authentication.md similarity index 100% rename from content/knowledge/Multi-factor Authentication.md rename to content/posts/knowledge/Multi-factor Authentication.md diff --git a/content/knowledge/Threat Modeling.md b/content/posts/knowledge/Threat Modeling.md similarity index 100% rename from content/knowledge/Threat Modeling.md rename to content/posts/knowledge/Threat Modeling.md diff --git a/content/posts/knowledge/_index.md b/content/posts/knowledge/_index.md new file mode 100644 index 0000000..37df047 --- /dev/null +++ b/content/posts/knowledge/_index.md @@ -0,0 +1,7 @@ +--- +title: Knowledge Base +ShowReadingTime: false +ShowWordCount: false +--- + +A collection of posts about general privacy and security knowledge \ No newline at end of file diff --git a/content/os/Choosing Your Desktop Linux Distribution.md b/content/posts/linux/Choosing Your Desktop Linux Distribution.md similarity index 100% rename from content/os/Choosing Your Desktop Linux Distribution.md rename to content/posts/linux/Choosing Your Desktop Linux Distribution.md diff --git a/content/os/Desktop-Linux-Hardening.md b/content/posts/linux/Desktop-Linux-Hardening.md similarity index 97% rename from content/os/Desktop-Linux-Hardening.md rename to content/posts/linux/Desktop-Linux-Hardening.md index bd0f025..c63a3fe 100644 --- a/content/os/Desktop-Linux-Hardening.md +++ b/content/posts/linux/Desktop-Linux-Hardening.md @@ -5,7 +5,7 @@ tags: ['Operating Systems', 'Linux', 'Privacy', 'Security'] author: Tommy --- -Linux is [not](/os/linux-insecurities) a secure operating system. However, there are steps you can take to harden it, reduce its attack surface and improve its privacy. +Linux is [not](/posts/os/linux-insecurities) a secure operating system. However, there are steps you can take to harden it, reduce its attack surface and improve its privacy. **Before We Start**... @@ -33,7 +33,7 @@ Depending on your distribution, encrypted swap may be automatically set up if yo Most desktop Linux distributions including Fedora, openSUSE, Ubuntu, and so on come with [NetworkManager](https://en.wikipedia.org/wiki/NetworkManager) by default to configure Ethernet and Wi-Fi settings. -WfKe9vLwSvv7rN has detailed guide on [trackability reduction with NetworkManager](/os/networkmanager-trackability-reduction/) and I highly recommend that you check it out. +WfKe9vLwSvv7rN has detailed guide on [trackability reduction with NetworkManager](/posts/os/networkmanager-trackability-reduction/) and I highly recommend that you check it out. In short, if you use NetworkManager, add the following to your `/etc/NetworkManager/conf.d/00-macrandomize.conf`: ``` @@ -68,7 +68,7 @@ Note that randomizing Wi-Fi MAC addresses depends on support from the Wi-Fi card ### Other Identifiers -There are other system identifiers which you may wish to be careful about. You should give this some thought to see if it applies to your [threat model](/knowledge/threat-modeling/): +There are other system identifiers which you may wish to be careful about. You should give this some thought to see if it applies to your [threat model](/posts/knowledge/threat-modeling/): - **Usernames:** Similarly, your username is used in a variety of ways across your system. Consider using generic terms like "user" rather than your actual name. - **Machine ID:**: During installation a unique machine ID is generated and stored on your device. Consider [setting it to a generic ID](https://madaidans-insecurities.github.io/guides/linux-hardening.html#machine-id). @@ -87,7 +87,7 @@ Zorin OS uses the `zorin-os-cencus` package, which also uses a [unique ID](https [Snapd](https://github.com/snapcore/snapd) assigns a [unique ID](https://snapcraft.io/docs/snap-store-metrics) to your snapd installation and use it for telemetry. While this is generally not a problem, if your threat model calls for anonymity, you should not be using snap packages, and you should remove snapd from your Ubuntu installation. Like with Zorin Census, on Debian based distributions, and especially Ubuntu, consider holding `snapd` with `sudo apt-mark hold snapd`. -Of course, this is a non-exhaustive list of how different Linux distributions do this. If you are aware of any other tracking mechanisms that different distributions use, feel free to make a [pull request](https://github.com/PrivSec-dev/privsec.dev/blob/main/content/os/Linux-Desktop-Hardening.md) or [discussion post](https://github.com/PrivSec-dev/privsec.dev/discussions) detailing them! +Of course, this is a non-exhaustive list of how different Linux distributions do this. If you are aware of any other tracking mechanisms that different distributions use, feel free to make a [pull request](https://github.com/PrivSec-dev/privsec.dev/blob/main/content/posts/linux/Linux-Desktop-Hardening.md) or [discussion post](https://github.com/PrivSec-dev/privsec.dev/discussions) detailing them! ### Keystroke Anonymization You could be [fingerprinted based on soft biometric traits](https://www.whonix.org/wiki/Keystroke_Deanonymization) when you use the keyboard. The [Kloak](https://github.com/vmonaco/kloak) package could help you mitigate this threat. It is available as a .deb package from [Kicksecure's repository](https://www.kicksecure.com/wiki/Packages_for_Debian_Hosts) and an [AUR package](https://aur.archlinux.org/packages/kloak-git). @@ -171,7 +171,7 @@ You can make your own AppArmor profiles, SELinux policies, Bubblewrap profiles, If you’re running a server, you may have heard of Linux Containers. They are more common in server environments where individual services are built to operate independently. However, you may sometimes see them on desktop systems as well, especially for development purposes. -[Docker](https://en.wikipedia.org/wiki/Docker_(software)) is one of the most common container solutions. It is **not** a proper sandbox, and this means that there is a large kernel attack surface. You should follow the [Docker and OCI Hardening](/apps/docker-and-oci-hardening/) guide to mitigate this problem. In short, there are things you can do like using rootless containers (either through configuration or through using [Podman](https://podman.io/)), using a runtime which provides a psuedo-kernel for each container ([gVisor](https://gvisor.dev/)), and so on. +[Docker](https://en.wikipedia.org/wiki/Docker_(software)) is one of the most common container solutions. It is **not** a proper sandbox, and this means that there is a large kernel attack surface. You should follow the [Docker and OCI Hardening](/posts/apps/docker-and-oci-hardening/) guide to mitigate this problem. In short, there are things you can do like using rootless containers (either through configuration or through using [Podman](https://podman.io/)), using a runtime which provides a psuedo-kernel for each container ([gVisor](https://gvisor.dev/)), and so on. Another option is [Kata containers](https://katacontainers.io/), where virtual machines masquerade as containers. Each Kata container has its own Linux kernel and is isolated from the host. diff --git a/content/apps/Docker and OCI Hardening.md b/content/posts/linux/Docker and OCI Hardening.md similarity index 100% rename from content/apps/Docker and OCI Hardening.md rename to content/posts/linux/Docker and OCI Hardening.md diff --git a/content/os/Linux Insecurities.md b/content/posts/linux/Linux Insecurities.md similarity index 98% rename from content/os/Linux Insecurities.md rename to content/posts/linux/Linux Insecurities.md index 96325de..ffc2083 100644 --- a/content/os/Linux Insecurities.md +++ b/content/posts/linux/Linux Insecurities.md @@ -47,7 +47,7 @@ The only way to systematically fix this problem is to design a whole new system ## But Linux is open source! -Something being open source does not imply that it is inherently private, secure, or trustworthy. I recommend reading the [FLOSS Security](/knowledge/floss-security) post by [Rohan Kumar](https://seirdy.one/posts/2022/02/02/floss-security/). +Something being open source does not imply that it is inherently private, secure, or trustworthy. I recommend reading the [FLOSS Security](/posts/knowledge/floss-security) post by [Rohan Kumar](https://seirdy.one/posts/2022/02/02/floss-security/). ## But there is less malware on Linux! diff --git a/content/os/NetworkManager Trackability Reduction.md b/content/posts/linux/NetworkManager Trackability Reduction.md similarity index 100% rename from content/os/NetworkManager Trackability Reduction.md rename to content/posts/linux/NetworkManager Trackability Reduction.md diff --git a/content/apps/ProtonVPN IP Leakage on Linux and Workaround.md b/content/posts/linux/ProtonVPN IP Leakage on Linux and Workaround.md similarity index 100% rename from content/apps/ProtonVPN IP Leakage on Linux and Workaround.md rename to content/posts/linux/ProtonVPN IP Leakage on Linux and Workaround.md diff --git a/content/os/Securing OpenSSH with FIDO2.md b/content/posts/linux/Securing OpenSSH with FIDO2.md similarity index 100% rename from content/os/Securing OpenSSH with FIDO2.md rename to content/posts/linux/Securing OpenSSH with FIDO2.md diff --git a/content/posts/linux/_index.md b/content/posts/linux/_index.md new file mode 100644 index 0000000..ba99892 --- /dev/null +++ b/content/posts/linux/_index.md @@ -0,0 +1,7 @@ +--- +title: Linux +ShowReadingTime: false +ShowWordCount: false +--- + +A collection of posts about Linux and related applications \ No newline at end of file diff --git a/content/knowledge/Commercial VPN Use Cases.md b/content/posts/proxies/Commercial VPN Use Cases.md similarity index 100% rename from content/knowledge/Commercial VPN Use Cases.md rename to content/posts/proxies/Commercial VPN Use Cases.md diff --git a/content/apps/Update your Signal TLS Proxy.md b/content/posts/proxies/Update your Signal TLS Proxy.md similarity index 100% rename from content/apps/Update your Signal TLS Proxy.md rename to content/posts/proxies/Update your Signal TLS Proxy.md diff --git a/content/posts/proxies/_index.md b/content/posts/proxies/_index.md new file mode 100644 index 0000000..1eeec9d --- /dev/null +++ b/content/posts/proxies/_index.md @@ -0,0 +1,7 @@ +--- +title: Proxies +ShowReadingTime: false +ShowWordCount: false +--- + +A collection of posts about proxies \ No newline at end of file diff --git a/content/os/Firewalling with MirageOS on Qubes OS.md b/content/posts/qubes/Firewalling with MirageOS on Qubes OS.md similarity index 100% rename from content/os/Firewalling with MirageOS on Qubes OS.md rename to content/posts/qubes/Firewalling with MirageOS on Qubes OS.md diff --git a/content/apps/Using Lokinet on Qubes OS.md b/content/posts/qubes/Using Lokinet on Qubes OS.md similarity index 100% rename from content/apps/Using Lokinet on Qubes OS.md rename to content/posts/qubes/Using Lokinet on Qubes OS.md diff --git a/content/apps/Using Mullvad VPN on Qubes OS.md b/content/posts/qubes/Using Mullvad VPN on Qubes OS.md similarity index 90% rename from content/apps/Using Mullvad VPN on Qubes OS.md rename to content/posts/qubes/Using Mullvad VPN on Qubes OS.md index d4121c6..e9b14be 100644 --- a/content/apps/Using Mullvad VPN on Qubes OS.md +++ b/content/posts/qubes/Using Mullvad VPN on Qubes OS.md @@ -33,11 +33,11 @@ EOF Inside of the TemplateVM you have just created, do the following: ```bash -sudo dnf install https://mullvad.net/media/app/MullvadVPN-2022.4_x86_64.rpm +sudo dnf install https://mullvad.net/media/app/MullvadVPN-2022.5_x86_64.rpm sudo systemctl enable mullvad-daemon ``` -Replace `https://mullvad.net/media/app/MullvadVPN-2022.4_x86_64.rpm` with whatever the latest URL for the Mullvad App is. I will try to update this post to give you the accurate command, but you should just take them from [their website](https://mullvad.net/en/download/linux/). +Replace `https://mullvad.net/media/app/MullvadVPN-2022.5_x86_64.rpm` with whatever the latest URL for the Mullvad App is. I will try to update this post to give you the accurate command, but you should just take them from [their website](https://mullvad.net/en/download/linux/). ![Mullvad VPN URL](/images/mullvad-vpn-2.png) @@ -66,6 +66,6 @@ You can now use this ProxyVM as the net qube for other qubes! With this current setup, the ProxyVM you have just created will be responsible for handling Firewall rules for the qubes behind it. This is not ideal, as this is still a fairly large VM, and there is a risk that Mullvad or some other apps may interfere with its firewall handling. -Instead, I highly recommend that you [create a minimal Mirage FirewallVM](/os/firewalling-with-mirageos-on-qubes-os/) and use it as a firewall **behind** the Mullvad ProxyVM. Other AppVMs then should use the Mirage Firewall as the net qube instead. This way, you can make sure that firewall rules are properly enforced. +Instead, I highly recommend that you [create a minimal Mirage FirewallVM](/posts/os/firewalling-with-mirageos-on-qubes-os/) and use it as a firewall **behind** the Mullvad ProxyVM. Other AppVMs then should use the Mirage Firewall as the net qube instead. This way, you can make sure that firewall rules are properly enforced. ![MirageOS](/images/mirageos.png) \ No newline at end of file diff --git a/content/os/Using Split GPG and Split SSH on Qubes OS.md b/content/posts/qubes/Using Split GPG and Split SSH on Qubes OS.md similarity index 100% rename from content/os/Using Split GPG and Split SSH on Qubes OS.md rename to content/posts/qubes/Using Split GPG and Split SSH on Qubes OS.md diff --git a/content/posts/qubes/_index.md b/content/posts/qubes/_index.md new file mode 100644 index 0000000..1e2d90c --- /dev/null +++ b/content/posts/qubes/_index.md @@ -0,0 +1,7 @@ +--- +title: Qubes OS +ShowReadingTime: false +ShowWordCount: false +--- + +A collection of posts about Qubes OS and related applications \ No newline at end of file diff --git a/content/providers/_index.md b/content/providers/_index.md deleted file mode 100644 index 9f4c810..0000000 --- a/content/providers/_index.md +++ /dev/null @@ -1,3 +0,0 @@ ---- -title: Providers ---- \ No newline at end of file diff --git a/external-blogs.sh b/external-blogs.sh index bf3115d..6a63dc4 100755 --- a/external-blogs.sh +++ b/external-blogs.sh @@ -2,37 +2,37 @@ #F-Droid Security Analysis echo "Fetching and Modifying the F-Droid Security Issues post" -rm -rf './content/apps/F-Droid Security Issues.md' -curl https://raw.githubusercontent.com/Wonderfall/wonderfall.github.io/main/content/posts/fdroid-issues.md -o './content/apps/F-Droid Security Issues.md' -sed -i 's/title:.*/title: "F-Droid Security Issues"/' './content/apps/F-Droid Security Issues.md' -sed -i '/draft:.*/d' './content/apps/F-Droid Security Issues.md' -sed -i "s/tags:.*/tags: ['Applications', 'Android', 'Security']/" './content/apps/F-Droid Security Issues.md' -sed -i '/^tags:.*/a ShowCanonicalLink: true' './content/apps/F-Droid Security Issues.md' -sed -i '/^tags:.*/a canonicalURL: https://wonderfall.dev/fdroid-issues' './content/apps/F-Droid Security Issues.md' -sed -i '/^tags:.*/a author: Wonderfall' './content/apps/F-Droid Security Issues.md' +rm -rf './content/posts/android/F-Droid Security Issues.md' +curl https://raw.githubusercontent.com/Wonderfall/wonderfall.github.io/main/content/posts/fdroid-issues.md -o './content/posts/android/F-Droid Security Issues.md' +sed -i 's/title:.*/title: "F-Droid Security Issues"/' './content/posts/android/F-Droid Security Issues.md' +sed -i '/draft:.*/d' './content/posts/android/F-Droid Security Issues.md' +sed -i "s/tags:.*/tags: ['Applications', 'Android', 'Security']/" './content/posts/android/F-Droid Security Issues.md' +sed -i '/^tags:.*/a ShowCanonicalLink: true' './content/posts/android/F-Droid Security Issues.md' +sed -i '/^tags:.*/a canonicalURL: https://wonderfall.dev/fdroid-issues' './content/posts/android/F-Droid Security Issues.md' +sed -i '/^tags:.*/a author: Wonderfall' './content/posts/android/F-Droid Security Issues.md' #Docker and OCI Hardening echo "Fetching and Modifying the Docker and OCI Hardening post" -rm -rf './content/apps/Docker and OCI Hardening.md' -curl https://raw.githubusercontent.com/Wonderfall/wonderfall.github.io/main/content/posts/docker-hardening.md -o './content/apps/Docker and OCI Hardening.md' -sed -i 's/title:.*/title: "Docker and OCI Hardening"/' './content/apps/Docker and OCI Hardening.md' -sed -i '/draft:.*/d' './content/apps/Docker and OCI Hardening.md' -sed -i "s/tags:.*/tags: ['Applications', 'Linux', 'Container', 'Security']/" './content/apps/Docker and OCI Hardening.md' -sed -i '/^tags:.*/a ShowCanonicalLink: true' './content/apps/Docker and OCI Hardening.md' -sed -i '/^tags:.*/a canonicalURL: https://wonderfall.dev/docker-hardening/' './content/apps/Docker and OCI Hardening.md' -sed -i '/^tags:.*/a author: Wonderfall' './content/apps/Docker and OCI Hardening.md' +rm -rf './content/posts/linux/Docker and OCI Hardening.md' +curl https://raw.githubusercontent.com/Wonderfall/wonderfall.github.io/main/content/posts/docker-hardening.md -o './content/posts/linux/Docker and OCI Hardening.md' +sed -i 's/title:.*/title: "Docker and OCI Hardening"/' './content/posts/linux/Docker and OCI Hardening.md' +sed -i '/draft:.*/d' './content/posts/linux/Docker and OCI Hardening.md' +sed -i "s/tags:.*/tags: ['Applications', 'Linux', 'Container', 'Security']/" './content/posts/linux/Docker and OCI Hardening.md' +sed -i '/^tags:.*/a ShowCanonicalLink: true' './content/posts/linux/Docker and OCI Hardening.md' +sed -i '/^tags:.*/a canonicalURL: https://wonderfall.dev/docker-hardening/' './content/posts/linux/Docker and OCI Hardening.md' +sed -i '/^tags:.*/a author: Wonderfall' './content/posts/linux/Docker and OCI Hardening.md' #Securing OpenSSH with FIDO2 echo "Fetching and Modifying the OpenSSH with FIDO2 Hardening post" rm -rf './content/os/Securing OpenSSH with FIDO2.md' -curl https://raw.githubusercontent.com/Wonderfall/wonderfall.github.io/main/content/posts/openssh-fido2.md -o './content/os/Securing OpenSSH with FIDO2.md' -sed -i 's/title:.*/title: "Securing OpenSSH with FIDO2"/' './content/os/Securing OpenSSH with FIDO2.md' -sed -i '/draft:.*/d' './content/os/Securing OpenSSH with FIDO2.md' -sed -i "s/tags:.*/tags: ['Operating Systems', 'Linux', 'Security']/" './content/os/Securing OpenSSH with FIDO2.md' -sed -i '/^tags:.*/a ShowCanonicalLink: true' './content/os/Securing OpenSSH with FIDO2.md' -sed -i '/^tags:.*/a canonicalURL: https://wonderfall.dev/openssh-fido2/' './content/os/Securing OpenSSH with FIDO2.md' -sed -i '/^tags:.*/a author: Wonderfall' './content/os/Securing OpenSSH with FIDO2.md' +curl https://raw.githubusercontent.com/Wonderfall/wonderfall.github.io/main/content/posts/openssh-fido2.md -o './content/posts/linux/Securing OpenSSH with FIDO2.md' +sed -i 's/title:.*/title: "Securing OpenSSH with FIDO2"/' './content/posts/linux/Securing OpenSSH with FIDO2.md' +sed -i '/draft:.*/d' './content/posts/linux/Securing OpenSSH with FIDO2.md' +sed -i "s/tags:.*/tags: ['Operating Systems', 'Linux', 'Security']/" './content/posts/linux/Securing OpenSSH with FIDO2.md' +sed -i '/^tags:.*/a ShowCanonicalLink: true' './content/posts/linux/Securing OpenSSH with FIDO2.md' +sed -i '/^tags:.*/a canonicalURL: https://wonderfall.dev/openssh-fido2/' './content/posts/linux/Securing OpenSSH with FIDO2.md' +sed -i '/^tags:.*/a author: Wonderfall' './content/posts/linux/Securing OpenSSH with FIDO2.md' # Blogs by Rohan Kumar (a.k.a Seirdy) currently need to be manually ported, as he uses a lot of HTML inside of the source instead of just markdown. # His GitHub repo: https://github.com/Seirdy/seirdy.one diff --git a/static/_headers b/static/_headers index 985e26e..183f8bf 100644 --- a/static/_headers +++ b/static/_headers @@ -12,19 +12,19 @@ Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://tommytran732.report-uri.com/a/d/g"}],"include_subdomains":true} NEL: {"report_to":"default","max_age":31536000,"include_subdomains":true} -/knowledge/multi-factor-authentication/ +/posts/knowledge/multi-factor-authentication/ Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none' -/os/android-tips/ +/posts/os/android-tips/ Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none' -/os/choosing-your-android-based-operating-system/ +/posts/os/choosing-your-android-based-operating-system/ Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none' -/os/choosing-your-desktop-linux-distribution/ +/posts/os/choosing-your-desktop-linux-distribution/ Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none' -/os/desktop-linux-hardening/ +/posts/os/desktop-linux-hardening/ Content-Security-Policy : default-src 'none'; connect-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'; frame-src https://www.youtube-nocookie.com https://www.google.com; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none' /*.xml diff --git a/static/_redirects b/static/_redirects index d0440e4..e67c5a2 100644 --- a/static/_redirects +++ b/static/_redirects @@ -1,3 +1,26 @@ -/f-droid* /apps/f-droid-security-issues/ 301 -/banking* /apps/banking-applications-compatibility-with-grapheneos/ 301 -/apps/banking* /apps/banking-applications-compatibility-with-grapheneos/ 301 \ No newline at end of file +/os/android-tips/ /posts/android/android-tips/ 301 +/os/android-vpn-leakage* /posts/android/android-vpn-leakage-with-secondary-user-profiles/ 301 +/apps/banking* /posts/android/banking-applications-compatibility-with-grapheneos/ 301 +/os/choosing-your-android* /posts/android/choosing-your-android-based-operating-system/ 301 +/apps/f-droid* /posts/android/f-droid-security-issues/ 301 + +/knowledge/badness-enumeration/ /posts/knowledge/badness-enumeration/ 301 +/knowledge/commercial-vpn-use-cases/ /posts/proxies/commercial-vpn-use-cases/ 301 +/knowledge/floss-security/ /posts/knowledge/floss-security/ 301 +/knowledge/multi-factor-authentication/ /posts/knowledge/multi-factor-authentication/ 301 +/knowledge/threat-modeling/ /posts/kmowledge/threat-modeling/ 301 + +/os/choosing-your-desktop-linux* /posts/linux/choosing-your-desktop-linux-distribution/ 301 +/os/desktop-linux-hardening* /posts/linux/desktop-linux-hardening/ 301 +/apps/docker* /posts/linux/docker-and-oci-hardening/ 301 +/os/linux-insecurities* /posts/linux/linux-insecurities/ 301 +/os/networkmanager* /posts/linux/networkmanager-trackability-reduction/ 301 +/apps/protonvpn-ip* /posts/linux/protonvpn-ip-leakage-on-linux-and-workaround/ 301 +/os/securing-openssh-with-fido2* /posts/linux/securing-openssh-with-fido2/ 301 + +/apps/update-your-signal* /posts/proxies/update-your-signal-tls-proxy/ 301 + +/os/firewalling-with-mirageos* /posts/qubes/firewalling-with-mirageos-on-qubes-os/ 301 +/apps/using-lokinet-on-qubes-os* /posts/qubes/using-lokinet-on-qubes-os/ 301 +/apps/using-mullvad-vpn-on-qube* /posts/qubes/using-mullvad-vpn-on-qubes-os/ 301 +/os/using-split-gpg-and-split-ssh* /posts/qubes/using-split-gpg-and-split-ssh-on-qubes-os/ 301 diff --git a/static/images/ivpn-1.png b/static/images/ivpn-1.png new file mode 100644 index 0000000000000000000000000000000000000000..d8a74c51b1958821cf159d7a8e920bff3e2d054c GIT binary patch literal 79433 zcmeFXWmFwY6E2Liae_;LjYERFYjBqYcbDKA+}+)sK+xds5`tTBC%6T7zRAfsuUuL8 z|NZV>u-ELK?w;xD>Z+%nsxU=)2^2&ELSG6vot6bMqj4Q5O&kyx4dkeM_rkls7cT_Yq*b>>r z&f!*hh^PfE4x{Ghr<<2I1W5w3{K?j_=@svbcOEl9a z<^eP}G4=;AKEzww_5&qRgYU%b6geP$g*JW}mqI8WDGIV?NA{EJ~F;l^v2y#Z%gD1bGQh<&E#cw z^3ir^L{at!lV}oIJgiu5vS0Sv%B2{obTY*_LWc2IeLn9@vGCkIshweNgao?vyC9l5 z(-DNMZ7h2TwKVDoLiQn%W}j_}VH`0UtDlDKf zz1UNkt&=bvp)~!R@(^Mobd~($X5zT9AjB7Y2)6BW?3yD464N6jBuOFc2|tbr_<=5{ z`P`>w2(cJO=8=kh0J_d^}HKd?GkQI<=RORh=EO&pK( z%PYCClRl<=-=@f>w5FJO**5tj^61zZsT~RhWh~mLx?ok2FXTF4eu{R|gduTb&U5XW z)Jz!$QW8=_OI2CFpt1X``q_c&Ju?S94bqCygD9bE(O=*M3K=+W7=7iJgv?Qd&u&i6>d_; za&(!V_AVb=ycn1@nLG7Z~Snr7X; z^>rCH3?U|HCOj0sQ%NrU=JeSjW8Z_-u~xnI$~4OKX-9KM`{MP5=0ymODw1tPKTZ-( zBfWhx-LTWJPBLe?{#&!RaqpXFovr2<`!%iGhg*!`T!NR7ha$h@>u_KZHpn%|RmjEA z_j1g*RD3Kr9!{fT#Wc0aTHv@S%c|80UJ+=8zb3fuzP38fIM(A;=RPC)PGrNYOa%Q} zjhBPF!=c6ngXh?#6b)v~3fiHu#H z{inXcd5LwEhMkx77fE--H(ulRyXD(;x1`>F-mu=s&jint&nC|?(2-Ee z(3a4_P+8C^@C`5q0V4hlaL)EuO`bL=t~B%PZYF1U=+ctLk{aI<6w4Gf%rC6nT+WU@ z){=}dXOX8(2W5mXqQ1B@*x1}IpEoOzACZ4}S0^?_hAU1S>52Q3u%7!s zxK6B&tc6{ior<}bYR9Ww&sxdab$O&I$zE;Cd9(kQ9Kvm2YT!ZOhWqn{%gCXOll+Ln zQKqec&;H{uk`s#6R-@ir!1N?We94DC3+zTGp|b3KqJ%n~fL zh=M`fnMSyow34*X7qf$g8OXTC5_LA3ozUUFsww}e>%w*gG?}#=f%I1yN;y*BWWV!~ zPR16>j4@8>)j27J%xI=F9_t=;xD9TSYJ`?+q7Lm2XVmQN(t%%(^u>uQGTQ1GG#QSDXD1ycd8i4O#jDj|e{yejZ(oD)R>`P}XBFK?g%~O4U-irRdTzt>j3)+1A}F$fiFy{H7JA)#l`S zL8no|R$(JsVJ)Jwvz61%RB&S*B3K~~uH&>Uo1lnBc2jF+@TbSTSU+4mCj?UuD_CSNdZs(^oL=swWwQ3t zPbGKPmYR8J;Wh|x;kuq&-!<4vdJ$0dUabCk- zKJHAhKb?I#dLT!0ATcDt;ZycdeN?}(|5=sX`NOrV``A~qa_i4o1cBj|L zu!ppl=Htk^hFquU%aEV1AK~~e|EUM57c)!hOY8k9HY2_6^JU05$z1Se@V)MkZdAwW zt@y*}bECYiR!DCMN$0R9=Xu9^z;y^Ti3Z7%K)?4Vj+$-OXU8GjVa8EC(GG#vqpyjQ z&W+oCDM1Kh%S%D7v-40ZZb9a*K=`uR8g>xlnr{krbNRjWVY1#fH9;uOLJ6rdK;)Is zi&fx%`62)jSU~U-T3xm!F&$Jraa2; z#Qz=+{Ng7wcXG1hVPtf5b!Bj6Ww3QHV`S#$=4NDKVPs*U2YS#uy4yGzxY64K<%njxuo!m4hI zM_I6*uXpROJ5O6b+A`LKDH*4kFxMI{B-0Nk8xN1ru>v1nmyy(Y15^2QDhrhk+EtE^ zDmLFUMLJ%_tP}=VTg$K)YMzcxhfLXcFHnz;K0SMkxsSbs#VEv4NX7s8vk`tG$%6Xl z7X@VAU(K8`7#L0%zc2qZAb==;cM+ob{S77Z`x^sY8u*U)Rs8GvfKKv1e*JZa0-Olk zhY9@MPVr}gzi0n5!Jor{#pKCqWCXa{$DPN|NXXtXQX2Ptr!2ZVE#+V zgi30`|5myG`!wc%FQ)%IF#m_s_g_l(|EKfzU()kc+!g-I6#d&Q{g+_=-|71w?ePCo zE5Nk;AMNnJ&Cg$s>~Hh*A5QIehkrEfuj{{D;-AicJIUXY|J!Z;Y5!x%IO{eyoGz2u$!|?>!+t(O*RG@F#;ke!9xn&t?6e6e-`lJbh(n$N0+Z1gzU4uo2Y*A;pBE6l4RTd9>9^Awysx(vc1MIfFpL`mj+zhOpCTZ1^nQ>#{#rTKef zTH?&l&X29NwWY@pv9WHqZzwM;>m5b3zmj6ze>kFiB38<^x8&*ExE8$i zun*{v>mK*4K>I?Rl%kfHoo)0|y@`x{uq6KX>St2@&Kx`g(w663_LY@YX9^s5H^;JC zW#X~Y!|!I!79f%CUWXx2{;gD;$moj;HVX@|Vq%os+^`4;%birx@mMVwmJiUP$ z8h5M9N?se1e+*wdfvsC?dRbuLOizy?#<8K%mXRTk^8wadDdoLQ6=)nyl6;#&U0!R` z-#+1w3HRl%+qukDrRbS$KMW`Dk4L&ifmyl}@r4#6yFo z>A^?KrPC5Z^Iwf3H$;{4DT0s#`#t*%4gX_Sl)wfFA6Z#{T##Q^dHGRfg~Y5!2XF|JQTD+J_5$#50?AIxWA7adu5^$Ji1|6+zwO^DiP21$qFIWYfhVG{+neL z?d2@)ouY=1ODH4)`Gtkl<>q#ivUL{I$tgk-RIw4Hl>5n2_;S}!d8z-X*^IegEGUlz ze6&z&W@EGJIL_~Sf0@?TN0GpVxHDO5w>1z23k%!EmqwbNJ>XfFDE5M#A-TXRn`7MLt~-C z3qCZ-YFEud{`E4{Ir}uQRoJ0(u%dJxGkeT0T1;a_mr2{ixL8 zG#ZHfP?4WPr*Ymq?p3MPXv6Drl*(nl`D<%1P0(yC^Vb&jNG5kgpOUb@QyHXz^^pl! z75`tGsRW(pJbpj|8oC}CXM_NS-M+ecOG8s<1wz0^#b+_TJOBCX*RO>I?u(sK=vQIr z#Dd=W`S}V;N-5#t;l%vXpRNu*`iI9mMTmihs-kxjC;@f)V>wq!gv?XXH*k#PoPg~X z`E)y&YLe=UO)Z-mo1JYSYjQg+83;xI!Tw7H2{Aw@r`_H&DE>jRu~6S(3J2?u?nVsf zo^djxMDniX3CK+R1=B1}KSQcre9`E79mM?3WYK$ezUWN@?QBtS?06zH$m9+A->25n zNhsA57L))5Nt!xSq4n!qT!HV~Od~hzwGOY#J!TV=pIqN3T>Qy;t&ru9;w_vEru9Wc z$cDx-;rkMnO`l(s2btLhBy43&beE1`7GCd)o*AR;*nwbC7 z?pPKe^24RZ(|oar9~D{(%-elo2@N(Yi&c7p%z1?%Aa42#{_iKt;~!5I9j39GeII_? zV7mtS?)`f?K9B3=fv61KPy3XXNM<9c78nv$_$b#$8i=`zCE_$_hv_=4E`C0uA*lRz z>kzHRF1CQy95LCH+^qS$od0}VESu)={OAtm5D?gy$P-PVR>*rRuBmz7;q_o1AD58e zF{k5tbujyulyn0)r%hX#ysixF>{l&)d_@@$Ao~++AXxk3mTbUa*{ci|#81K+pA~Y7 z$H7??Os^;lIlS&KB}lw3hp2O4GAo(Uad2G+#|Px!!-5*E7o-{clIeSacWANO=y`m6 zB$tSO&Hw4B8=i#EezWh(`!Zs$%eX;ekH{VT7{2pwi}h9(`EDo6cQZ3iWKolo6>8<` z%$~PrO-*jPI-TD9i6Dla5MM(jrMP<<>8m)FbP9rhX;UnF;C#qf7Vpi{+A{||{5~JE z>j@thBDhcEa+Gr|liljN-kJ_FI}SD6r*zc9+Uxpgq1EMBUWQzR>u9|@fUO;Ky7AX(r6+25?N2tO+`he)8-bZ zs*Z}e_Y=ZzV0#-&3{@z#*pul zlSk8^$Ls0pjIDyn8OYh#1K+AuF1NWmii_{~!y>t!EQ^I8<1zB{6LGy}F{XKt zy&@mVFH@@u#+H%h8sXc_48+8@o5<~cM}!})PG<4dI10mJx!t4D5>(Vu6p07~-+u!J zICLslNRigBfg8-2>8u@D$BWKQ*HM&_>?L|BN=E3GpY+vzblG##1{7zSBGdab;Y~Wf z_w&veufC7Y3q*D)5I z$3DBBCJL>BG6+=(r$Jxyk;GglbcITbaVGlOD{Z9ziwNcjUc-l@la~h8&{dv`5CyENyLV7LDdmVY0kolisuCHlV2TnUN9M z&WZkYr_QcA)1JULJBqE6(N=SnI%vdv?_|(0t=K(GZbY1>z~d3PjNN2OiE}7~9I*@$ zTW_6XWD{y4Cf}lPs82J7#&fn>OjBWaS@g`ed$>-2naqS~sCWCdX)>Iw6IMLX)FLhI z3@uU=`LEMZ0@^@93}iwssWt4EUX-6u@JGe3!weifawEEZ7t=j8r5hBK<#EH%Yf)TY zJ`#&Ieo3L-?0}7e%!*#D>$aS!6 z42d9Q7xXoa_HvyCx#B@MW=|S4JZjI9>3p?8RonUZEi?kAE*$=oe>i$Jd6o`kL#oPuUn~I_*Y}Rr+w&21p~_1(CTKk;)I~m zD9?32_%mr(s{QtEdwbs_K{+lO$m7-a!LLSx3-4Z@p=mnVBEk?3(Lk85X$t^L^$&eh zZ4fWkEy#uLR!|DApsJ4YJCR*SlFg^>zZe%pL+y5B!-E0MRjujoYC)+|D`Z1u^0+ea ze7dBW6!Eup0vEo(WO0P%>9jb7F<|8;zK`CESpP~7LZO~Qz@*}PzTHCOzhv5T+y0gX zn2eLjf)E6z#dm{FVq!UstDhopi0bP1R@=9a7Ff}Vjv0QGYeeLr1iGAWOMwzrOx3lO z7i_$}{UBws_j82FQ82}fU*$5t`GTE=$NbFz{rYoFjRUYS82V#F$%o3^5PDvFvWxLa7$NIYA|-aM0M=cKlHDBMU&IM; z4_kO)K2sm;Z_i%EZZz3%sn4ro7#6fx%`u?D9I6pm%+q}b!HAtU?-EaGa1*XGR5=tn zB^gfxhX@*kz%BAwXkQeKA7(Ec?yx>s5iloz$SP%&4fcI8;bO`&xaT-5L`6U2YJ8e+ zjyVEe`@9M$#0FhY4>y9>^ILsCKur}|jnScGz7ihM{O}BxgHJsZORxMT1^rEFdY>qfl3Z)L~_p9 z45Aq@rPFlG?Cj1%@s#L9?F=;RfoQbsBj3NX2z@gLFb^dG!i;dW>#}_+9O0SPcs4(& zs7tmlDW8-kT_6I3d$e}Bo5Y$QsO8d+ z==2f~mP7u%Y|Bd_a|w{GdCKHjLmN zILG^PpAm)P%#2Vhmz;Hffvy%p(glylaQc3MZWdmN^ai^4AoaSrz!un(uvf4gx{mi&(Pi)HK@BgKf zHj@M*pP!1?t`YL^lJSHPXL?8{Tu_c7Y=svE)yrpBoopby{RwC1Z`E2a6g!PgqAM3u zkehxOdTu6Pb&Nyxls%yThreJ)7r~mhsMM@a$9jkPz#_L=K?VOY4ca-@*#f>;)|4Cx zFE~(KR?qEGwOYO#f)$%VIZ_@8eBxOfS*9EgcQ!&uTui;Cl~JrfSwgAh0A~9`fs`_fgAU7r z(ZPLrF!1u)%wKKuhPr|1jrBHSo)}UcKhT8q_5?~2Rh=xo@2H45j-!%JQ!JAE3 z;$#ansgp#n(~-L5Lm;w6AjHb#RV5I~@NJERZBZ%-(`f-VRP+|rRw0rZVLDC@k<2g} zO4cv~5US_;sO@(ex8%4uF;3W4_2_MdM-fJymfJA1Wbp|9Z93@R6_r_iVN8;iUEJawfMU71Bg$j6BBBkP}j<0dv=EIC?P%fJ+To ziYWicb3Zr?ooeP42w`EermCa_DXu*-Qr3Z;K4L67cO_5M6&a5y7S?=8=z+HyMU#9y zq2HGc9Lq$6pUp&ZHeiSavk8kR^od?swumgOw81%w-3>d)pX;Tp~p(F?;+o8(J z-wYQP7Mxtcs^4TCBoIU}@{QHP5No*glMue(gelh$PS8ClG{Rknzpq9Hz^}6u{`BvQ!=RCiNnDuNNt!O`Hl>suFG_>|Gedc-Q1I(TMY zBisIKMs~+k4kB>oGpGELGW*Yj14a{7_J2h+89XLzmksa(^V9Vdhv~uSM7+8Uged%M zW@zT+()fexML+cpF3FFLm*r3%@I{r>kl-)AI2P}3Nfei9^mkEbluQy!H&UQe(U_?I z6B4GTRSWo`E5D)L534AFe8bygN+6@Y_jBv(-W~^?D7M~Q60en6;JHX#aDfDyASO@igdnt^!`}sYIo4ffo zUD-X9q|}i_J%T`T#Po=Zx<6_=C0_13seVce5cFm9dng}%qdFr``Wg9K3;)D?v?iA| zrO0gW-?PW9`sibbd2J2GnE9Kc)%oY9h<=v0=jw{`3t4z+YJ#~&*3PU{o*iLImVjsqt(rfczFwk|8xQsPcF z^B91O6ypitRRE5_udBSm zcrGTtu;in>6pRTvlviCA5LeN~sR{R8?2cn{6lRbO_6TgXBI5d|`vMs4nLLJ1BuCUG z-j{;7Fke`Tq2Mo@wXeC>(_lL;*cc|;3rED$x1TwK+Qk);DP(-0Re3t*v_JI(#Os66 zS$r->@6fZj>@D{u;+%~|{PjZ-P&2LeKXhbhSJdQLlH~`W1jOs;sMNYs(HJ+SZh`W5pdDOtueP{EO` z<`eqY;rdj=y?y`yH;^I=ER3&tDVHhT20+-h@Eh1uQS%O?Km11F;##G>58MTe(!+Hq zA?-;l&)2ijCq@*Bl-Sr7!~O#RG9Dl5y$rC9^Kn{C)!ifFukdhrOgp>XQs}rC;}m#U;KZY+rG2_TKa+zC zba{YptqNFC@7Xp^=MF9yiLac5fbkk8$8K81?#foE;p*mm0Eceh_M(d;p-VJT>v-)9Fhpr)}J3U|#4Ns7#ldEr38fZ|w9!M?|mGsO|V6 z^v#*Y{k*R8`O0<-ay+MV7$(!!04!U%CJ;EFSQp)#SnM2V@uGh(q$;Climf<(nFE^O zAseuvGuRt*`fNu(Aln;a%4VyA7*Me4Y~@uQg=2l-wPwktpBqHj84*(utoZ7$2uPXe zd=C++^=XH*^NDGD5T3;IY_{royx}9Sqa#w)(?>7S2p<)IN_jrEU7_AC(|aOlte$(y zQOERjM0_;odpWBW+!~O3{I1qP@Q86gz}dmIej}~6UPV^&VtvzS(wkxgl95C5G7_IPvqi@S8L2q%x+l*Q((d zU$LE8@*0m}uJa0g4c`Q$i~tlU4!vd|Zb_|kUx`w|o^$sH@kl&jf12T&<0aSr@FcH? z4~yirc=T&tf=~ipo^Lu^QLjG>K53Ym zo?KP>Uj#V<1Q@I1j&^}Y?G6CoS^4=tGd~g{tXJrDzB)(vxp@a*C#m}EFaq`-0P#SO zLQdKGJn*hEOOds+2aKS^u}Du?17c5H-I$!}@RCqRy5AH}gA!EyxZdT57j;hkL|ii3 zON%9G#JbXgZL}q&kvnQj@v%~`b7Ol*#p#aM2rVbaZvS2Z=&{L9thm3rRd$WP4qwg<(<~(gS$jKGGPEq;(SDb#*PgE%gOE~|WgD9_V;>*$ z^`6gDD#@RgcLhj%+U3aasB`dAI4|G16E{N5@pCj8_P=4O5}!l6rcd3{$*BF#yHsyA z1e|XGfZ868q&d2-I8PFyS0bUGt2|wdcdiqh-E_W)#t^sLj+QGad^ZP3C3MR-j8#oH zs~%y68(8;ey)k@`XT5gd56qW0&_#Rvpxa-_kOId1!N~ajVZ#6?%3-r?4owV}km!D2 z_QBxBVP|CF>TqrgW$TCsgd(5LwqWrlU~72Ewi9LLE5pV+KI_nPjU;boQ=!cewy$0E zaGzDm-!0GtY*~svAP#($c@5~ZhVNuKF&?k)dlj@H7WMc|8qu{LfF&|y4)+_KRuCMG zr&`}n#2>AcaiSS$_D$OZ{Q6pGW_xv7!-ufuPqFJ|T&~~=&)v*ap;k*>l(sVF%7Sax z^=GxqN(U1%s&A|J{JoGLoQRro?jXm4J)%2Ru+EluemYYPhA80V&?14dWNGNI@TGxx zx`j&U+m?dQ{Y5M(xeXOn9hpu>iKpZ0s6r~!P^!4D9{6Z&ji~*xm*m+EpyOD3qwSL) zbxD1mFZ7^-P+qR8d`455TN$qD+1nSF>YBeCzjJbW2n@tBT)9#g{kE`<`Rn=Nlox)v z@pRp})4P%rQx}_5R?$bUBEY|HyNzsl8y^iZGFSqutt8~`I$mlFh;DmFHzQ6!y}`vbcx6UC?&*;fW12oV zOTJ{~d|r-+8QPaQ%ylyw>2j4r^6^`Jq+>xgblYRRQHP_SeC0>jd7DVrkr-Xa*FiUz zE%MK^ge<)4tIM;AhpT2D5vw{^+1q7<&24B{Hdt7A@+pN^Dj zti(=PD$`bfSy7y}c)QMK?=QE5d3Ri?`7eMhAz;V8K=(NAo{(KOI_*o#y!}w6>w0@O z*|_#hc5}A6bU*HWEoaSbn{GSR#FZms{C+ku0{7JYSAPlu*{c*QWY>!*Owg!cepSak z{%KJ60(ohZT2=UJ`-5y2&&A!Y-X%l8G_s(BUX`|XgACP~Yv)7zCm4V{FfmCQjLGSX z+V6NE1`p3s*sm-Wvs`J2g1)`7D-i8Hm@O;qUTSk^bx-P>Fda?LN=Oi`j$Zl+uz}YH zvq+NAL;7#_;v9rEdASHNdQ9oWKfmIEWKge;m6iW2imWfC9ak=|l51`lYzH8{k4p^+ z^HPm#7!qG}=ite@b z=Hnd_KqPI!<)n*#ny5vSNv1OxEU`8=@Q-Dyt9~u9qKczRWL0Aq`IQxgM{}?Y_u6K- zUN*`#H&|lk>j#OMUk6V|curb=*@w3bfi=*1kqflcpJQ2iz8TeaVek^;%GW#%R(~f4&z62Jf zTRq5)oxpRcv4C&y@g7xsWm=hg+ zKr4&7Qd`je$|gr8M(v@#8PXDzq6Fis;rdAAK2RL=V3eS0v6UH?pQ?7;C7(NhLF(eF z&%Eg|<0|})N^VBw-ub-|LUu)5*3$8|rK`al+ajgeWhrM`5tSBpeBHp^o`I%bDgx_A zD(wq;=Q>jtwqwprB<*(f+}S7Vp3@PqQToamZ%w<}b#cH^(pFKl8kY6VqfP(XIT3Wl zrfrDM!@61E+hHeUhj-Z(u1>Pr^?5=8)gcQDcZsjg{Wc%IAH2f0#m2lpK(L}HGq6U% z0o8c!$pqIBei*6c5QSX}ms#zRS$X~2CJF6%jAZkVAL8^jQqa0M?lRaFtE3P5LAwe? zb~l>vIA!=WZf>bW85G~u;y{v33&hP<{0LnZC}Jt*r@qv(^GI6%k|jv-(A7C{4f-Kp z%;nO0f6l#oQg1n%-IRa}iU)zYY)ps$o2U^`sQv40p3E^)XdBrW&&Ub6C>_e1CHW3;xBPU@@6f-oQbrbhkt{)e=ztdx`#T6tY=Rq>qhN}XoK`@yImPHA-$ zJB2#@N)ak?AF4tUKJ==nJ>i4f^K)}$G&Mg+OH=7J)6ml|(eSTOTagVaH>gCLI8^fS zrr6WxY^irOZ%a&H;{;gGv=;K8&$8+a?`peu@D-bRe(2=$ch=^fC7O|_s^R-s_xM5Q z;8_u%+o42Wgz$WdELt0@x-b>^u(y*_w1jklTp=(2-bu#;hPzYF%Omcp+g62Hju&c~ zR6MJN#@Lg2s9yKZht#m{fDqf|rk{Bs#O^SeD#@iUtt;s^)u2eKNUwyv{z%Re!2H%=fQ1i}dHds>%z7P(AvO~~F#CAB| zjRsxrWaN0<@0;yEPkmN+neb6&rjuKFRoZrY$ak}RVcUM?j-2pqhu`%Cs<<9cb%qz` z{#aDq6-;r<5!9Q?9NUzLML=y@s6NT$10-e&^Dw-Dq#k2^P*G8l?06=3g0S_vG4qJLMo{F3@2>#(%I$nG zGc%*Qq?3@S7AcO2nSf4P)fOtAKpat*BB`zhG0DU_#57#QuR9XecaAlN?W$sh12I@ zy=RuIw4tGWZ?sJQ8!cDd%`HH;;Oi!G+fRjFDWce>mgyKjzb@I$-v549Ve7S2UxsD5 z2r=*=(={Bjb$$Ab6uPB>NrH` zV2o$H!;8d8gy} z1DSxL>ez5$#EUam$d)}-VeA|!p)5Xk7OEnSVSF?^OV}(&ri#4E(^ZdCLIKadjb4e9 z*3*uk!zo*@cs#COm+P4e3o~!XFt+z;20jSM?M45xKt>I625=)Hhb$gys}h_)5|DY`vRT`|VgpBl@`V zqCOnS%hjCVFp69(7ilYx-8xefTVi|A{KFNYsvf=g(=};1IeL!_SGRsYJ~6Q$<1mry zvTy>NUBop8JQ{Jn7%2mb*?2Z|rQLa8U#bEd8mAJn$ivkkd_ep8_qX8JZ07Cv>wyTE z4Yo^TQ0hJNw-R(;Yii=bg{-iNGm0E_HY+V(zPwpB*<*79UJGETEQo}2ZKsPzopAfs z6V)J<_~b2^-0m;&=dUIuNQih{=$_ty#nTZDMG@7fX0p4}0+vvsSuWeVn6W!wHy9p} z{)(jt?T#^7r)(}(<_Ag^e$ZRAQyiS!PxOGy=09Z!()4msuS`zi(EtO7n@axGu(O)U>d?$ z-vh>PcUi6-C!9Ai;nH({j%$wqzx8r>5V8iapd>y3!$n8{dLnx}6ea8yiDWdHZ=xGs z&^M!Bs0S{e+L1y0iDxfT`1{~X9AU#gsdSWQ|87T9_a5>5A~sBX z$Jk_NcgJus*r6s&91gx`OwE^Ra3}tFw7b^H3U6lmv4q2Wp9PTI zf7EPp_?d3M^@U0yyTkSLIp?uYfrHk

oL{4hGK~(EZlrwwu+5hzOa4_$gT*5Y_z^ zVPt)zt8BSdTWpu6R)e+Aeo+eTtm7W6EgdBm*qD0g@plxyo?m~ldwQ~15AWJloCJ#< z5CDhbu@%MH?i@od9%-MC^+FYQ3KToIW!g?u8x$}T*ke;pU1v?Rd)}JYMyddPsG_Qc zUksoHnTG9&K&U*xrn3s^3Cz85D@smICQL^gL#4909kbVj+aiwFe7;?^ zM%w$Gdn9)Nq^KR#-7K8J*fwWI;!~;7LzED0fwL{ILAun$#P|;9R=?q!C+(>IUslYz zxopUFT8d25-m|i)Y?EabR-Py94Ajcmqu@};Q5TI7-`9QuDG{_r>8SX!0sh79P18iX z-yL6v7&V5XqjT_~i(`ygl2Mhb6`g5GIyh)rhGX_Zh-6lMffvzB98Wn&v*7=>TlXw` z1MpJu2A?$FKwf^6?1`0pI?Tn1^ zgUw{d_7wheMTGloohOqHiNEV-yXc*RoAoSw=}ttmR;0NWwH8#}lW>FHFOFItBHUl( z7_EJjrePF>=5sd_8!p@*>TvsK3(P||U^} z$B1r(%zLBr&o_JwnFR7DC(XMZzxmy#U`8AU?aj73Q(0}qFpDM}a)T+)*%ll1R_DY0 z^N}usz=56SL7in`=kb%op z9)wjneD1+JQQofcd`o&S_g}ICKl-bFWbYZcoWlSi$YJKXFk|lqBBdgV&h-Gu4Jl}k zAfLH?Z8#Um7KB8TaJA7kY2Uf7x{uVKDR`eJjEwNjNg($UpQZx!)Ro)H&xI<(KnenT zuBR@%^fTB%lD1&E@fGFaO6!PS96}0n0-*>}qoL$^p<7IvdVqW;R~(CoE=zP4)f@9j zemQMaYx2s8Dm|awGO8N0PfDs0{($~8H#fh3k6DUFQEY~0C>{*)HJmgFO9t;cyr(BV z9;5cf6dow_TcM>Pa$?TI59GisUJCR*Bbd++xhB#NTh2TxDf#f7s6qmK>43}JoBLH5 z6YuhFoPx6GOd~AXrq=^&CA=f^7!xDGQ$5u{0x7Ha+^Yx8_+vVU)nuK<@D4qB4_Q80 zL4JXok5;`Y8DIYU3!GPS8I6J1T6M?)gtY-sdHuhOoqm%5>KE{Z+by*)7F2Q$Yrl-> zMY9X_7D;*Rw?iL(0HxX}V@ry~Kxy$tdsY8%M=>gEiz^jtR?Xj0sywOkUbIEe#VOMX{J2vYp!%HgHw z#3+(en_J;3)K;wN%rxEhH*KU|P!-;-?^qn4ANwnVq})(f>e=fOCkw%^MBFTZLJqyh zOMCj4f}}GzF>LOq>#nW_$f(|6lwB8$)WR6ROGC6n z0vROr4Z++jF}Q3T%G6tf*JF=IYAsZa=JhQ z&GX$5mz<;|gyI6jL#_EF8JwB=_g7z|Hf)kAs_7MR=#Ccamw@u>yXo1sRi->5Vm2WV z2_lFP9mMMdfgnj`O+-WwF2}Ve7(#Ux10js|J4KcT!+GK7FMPE}Xk*+_=46oG8Ba}B zPo2=*t1*ZSLow6_52wOQC*H+b|n zB7eMM301Ps#`7%t%xq&)Ry2v=zT7DcMtNqVdP;silTPYS&1XM&Vwcr8N2>_u!ntZJ z55ja;*TWBn$U3qtZ}j$DrdhS}T-&SI(H$~mUOrVBAj?WBh+y#IFRx0~%CIjEX}tyk zg((}jpk{d*%Bz#!QOH2;aBu$Pruim3Z5-)&&<2Uoi%_qxE~e^{=$(CFj#69BJCOxd zhn8?vIYSp6Z^kMm6jEk>WX){1O?x|3P~QcnjKU}6-??q4c<^m-Kava6rGD2Grlb6h z9c!4%9*|5Kj3VqDyqRwYb`dE5GFlU1MHmtLiq@}!Rmls~2?Kd^Xc7^71;Hmadibb) zb1)cYi0QG9b|#q9*Y04(;*yv`Bs66NiLuSsm8N|Ms1l8cL*A-V|LU&>l(LzLq{~(_ zILoDG)#zONsZ$Qut_TOf0adfSA~axYeeltqjJT{qL8_vVx+@mU2pKtfLPC6|5Xjyy zbbsGs7Q*0zi=lG3R~)NwNi5ff30GuzFt)~y^vRwH7@(1grDMpV+Ka}0vkd9Pe-qEbgnIZF?P?VE(()kTnbIq;2##3O<&xwE@kdX}RD$097tSIS>C09@;}Gw=VZ9(oyHHYVku5|Uo@PSS{tt!3eiP*n zBdpJaV(Xz70P&9RM2hQrH2)_3!r>kJq7-DF9vG&&-6RliX?a=5+?#Bpty!L&^%xCx zX3+VNAhtMn`wjUib=&}Un=1pj@b%mYXlg>pTv;^7Z4)6C@j?MT!i``iB`GP0^>bKt zoNY5eKy)GNLRD7d1tHkqZY$sf6I<|sq&A_#8>u2wWE-4kGm{x!^w&+V2txB=4 zrA!Kg5w^9y|K~_53W`?lr$l02Ag%Y!VigH8p~AV3`SH8(OQ#%hx_`PIy97~DS3 ze2cSH*SN`kT52l#5-msd`0md$een-2OD;qsV)C9bF|!kSy$FR%r)o}4OKekOUWI7} z;RvJ(90vv6I|lT<7S5AAbaeR=G1)4`vP4{VKv@hlkgNPrriPykolM+i8Ni z#1t*3^0M*VUPe2Ekhu%S>!JrSkk_iWU+ez&q_XA>BztN?QuOoj&vU*ZKcZ)wBgd}) zKc3!#A3BW!Q}gtMDz#?=lb!E09SR z!jaSE`7#qhz?SoEsp%=H1N+C`lfaIwS!bVTNsiFjYHJ_-a{=i+mC;ZNXwN*=A!cz2 zWrRvbXyBx*@sfV^lC#ZzaK#}JaEECsv3?!?jI}jtm|~Y5FcQlODkZ5tF|OTIn`d&e z8ORV+tgbFcMdy-m_L-?^@3ggf2K+-CS5z!j{kJum*FEhTH8>&-3qn9%XK9}tu1xzy zD1qeXQ-t-u*DJYuaifalt%zu@Kyml|uLyyI>gm@`o;CQMyBbSHtCnWQzkPE0kRL)kn)1(ymrtL}o&$R1Uu z8cA@m7dQh&W~CIZk7H3i=NBM8P?37)W0FHuEL*a#PvMM4Ws6yT8g$4mHpB&A+j+T@ z*AvI<@mA2fTA5TR;kDj8>MEvL!iXs%p>#aN*OTT&wD6r{*6&Y&sLlBaRk)sSpEX+2 zl2sE{rZUUEdJU;P9vm9l|67Z$3q43+nPb75&Uv1CFu&Z_^IEln;w#I{CNqjFO!9M1 zO^t++QPt-$hEPSN@w{G(>2Sn3L}|uC;-KIl6GPzwEE5;2EKvy?b@l$Ol9$?*Xy&tT z_zP5&^U3ntQKerNrgDF4s?o4Nv#eeq!QX6dC0iC|lx_<3tsrGDr0KzzlOH789M@a~ zX?n^siJfzhjjAErCuLZ{RdN^Fl3|wPYD95C@sOiw%cRJZ#r=W#l}e4L(Tqb*CjZ!qN>%%{r$fx zn7Hom&7Mk0ZTndLY*oJa)6lTAF*skd-f6jHzP{2{NcL-z589=(9RyiE+vl^sy+~zh zJVPtw(4737)-uP2irV^@kB}S+uMg^Ij>J8eO_x@Yf7n!O51UYY4Itndp+k7IVB?MS zKRK?cnxw;@RZBb6zW?(H2Bm0|518j>(D0_PLPIS`3`#d`|LWa0YriP_!Gr-Aehg!* z z$jQk`gY2uie!AB%pEv%B%(|aHi@CUvO6S_zo?J!aP3g9acXV~x;SNY`&6eY%+aGEJ zYk}I~GoI=X%l@_+tD}K5W#uzN0_nmUA7uR6Xd@S^Jo@gwVI~9Jotgx!_neG)p+P}3 z3e1(}>b)^>2&z@DYjW0GCgY|mUe)DwjtuG|sQNn;e-9lteX+<2eQ7K0?^yW}NNPM8 zN3Sk2l}!1`mVGd)F| zS}%Okiz0R4Q|A4<_BIdtU%H=kf5d+Xaevtrk^WJ6f`gVeo||0ln~aW!u6?)sF~O`$ ztIvoTRWcpfe{1%LAT&v15=0Z-3JpO6ZL3k@()O>VN} zQnOT#7pc&C6FU%%)ty^14b}N=@N)FpAva zYZiL)_O|Q9A*L*>gARCzVsGEH;5-s^B6=>lZ0;7R0KwS=A;G)k0R+UYZEc@lf%f8} zXo>l~RDsO%eQMQR>BeGfEGxFcr2c% zggO&b@v{pyxDP=^GVw(;qnN+M;Jww8S8CC4DafFzYXq#KB|1w@_g@7~pf>0NUt7rL zJWC9XY}MonkdJYsYQyMk*!lV2)EitsK^;>n+ez&EAL(uGQT_?A)`g9!u~hO&N8lU!->N-+2FA$IgDwlQ~;_z!6ySoTK01j_`d^o1UXfczFpv-t8Jo zl?V#_$I2fNGMs3&a+7#z#-06!VE^7W{VFPi@}iHO4l=g@Z{nXOk^loRI~pa+nzY2D z>6mZNix*JJJZ>4Ab3^n=*^GR-6nTw@;BObOp;P)W>%|6t?GMwSZhKUZpv8jVfm3MC zF~pNQ#IEi~*al1 z5#5!Eyy%w~_PO-_QZGBx@R&wGyo`nS0`9k6RccGa*-EF(vsVMxf9-~WwG<_em(cgm zudnHyPSXn5vTB@hHS`NPWE?Jx|&dQm&4c6x^?ZS08V#jy+0)8HMOJ_e z8C=-$K{%*a8PNJ2WB0DNkZRpudkNpl5fulyu6eEg725|rlSL>2lZq;4*7L^utHsME z3C5JAE{}n%(&axY=9(JaY3woe^Is6i`FJd5=vejNX)Q|a?A~Q2RYsp_%pbt*4I^%g z_oUj}*yL5)+D;X?ROZCHp2WHg&Aa}1tu@`8M-vu@CtAF0Cfq6^5C`ApT0q|MCoqSh zh{c9~MGM`&yL~4wFVWgfYX>@$GbX z_#z=lC%lhqw1VgLFLOt?7j?t?i*YR)Z~I2X zSAfnKZ(fY~n%iI~>bg4?RixWHj*A~umytH<&A7=bg4lN(9T+EidN_-k z_C1S9jp|U5XTnrjtsyZArtKYbKh?W#d(M}UYDuSdY=jiUx0!z#EwQTsRCqm z6s4FnxxGNQTgh5d>3jV_-A8S0Osmlp>xVleABOiIu>CNII0r1|26TPn&N`U4xqt*F z0NiduNg-GEI&XbcoT!g|9iXm0djQJOiAI~WvcFe^)I(dyf(tsZwu_d{_^|8p1|0AT zW*S`jcWY^vmzS>*1UygDIiDvT{cBFWI#Swg+Ty~Hgws{-Udyo~F`MMF50| z)|^zDENB`{yr5m1oajVbJG@H$ z?KSJwJMK!~#U?MB=?bUAradgWq1w(8ye|RcU19lVTNaA?l%nZ4hyKEwI3i7mp35`B zegO-1!yej)={om2Y9M3B>s03B9eLl;6T=mMIpj%tjr&21Nq;;$m6YbS8q(nv-XiO? z7QC0^_L#>?2mKH=AWUrTKS)5w>IP_LLrPydkq^NUK_LBoZ?4Zf+y)!2R{Hh3<$HR1 zSY&Kx&kh!h+XLhr8)CkUB(iM=M44!v61IJ%|K)7tO2nU#7!dz^chw2gPa$qe7GvH0 z;tj*F)~`tvibbC0DeShaEUNljf9!UgJ8Pb)k5>lgjX~|ZZR!gN)WIrMmkV^p366LL zud)n&Ocp)U4ZMLDDakeL5BeCF#g2_c5STPjYqv?%owN%NTl1}YRdKT#e)MnMeKeYs zGtrs9&hYfvD}pKezU`oxq9SP#MYLE}LcJWi3}wjzmykI3S}H1QI8m0sXFtQd?nr{m z{NnJCRqOT{SN*Cj=!%#rbM3_CbzL1jRpmY9tvtWDirepUf(`bYYb6VV7kgzwiI}>9 z8*3!aIIAt1`ul}yUb+P1PUL&45KycGUsIDfklN_g1H@|C>9&8-`C^FU4DP_4@hnt= z2t+VN4{*}2W5BD<2`B3 z%U|43Gc=NM{XoDzS#k36_5n`jDBod2du{gIxIx^?0d7ZjPE!YsWV}Obu*U{ijxS4p zJH!giMNH;T*A`VE!;8r80eR}-;nHiO4i4emxrq3mLYqk?3Fvrn45eB?$k_R|_fK^{ z++qPcm22tl^-9_Gc>2Ry_kq!!9NE`;gH zyrEKH=-lOWJeKWNP%&omz-~@(qz_mA68Ene5NXZ8J1dvOZmeNMGn|7K60G2{!wH}4 zeyFR33nL`EO%VW+P)4ZfkVIaz13pAfCSGs`kjs z`^>(Q-xRCX^MX=s`glZvG(93Bb zncwqHxzcGd1@~bA%|LO-!yP!)r}IOlOX8;T*uAWdTC-LFRGG}o zw%P4g-G$lSZQ}3x-_I3kRkPTCT#Jd}m31vI5M=GcGK3k_K_SHV5iOZnqg4<&nE)Yr zfCYB|%U|By?2Y~nRFS;aWOM}(JlwBOVnM+qx;y(0LQ$g>E$51<8Gp^B#2j zCO`-}G<9IEa<}BDwe|e|a;f{@nJXN*gZE6=SGt=|a2ZS@R|*Lwy?ZF7(WoQdO%CJR z_`menH1BBIaZ z>g0k(0Q0OgJ^lUJv6;HMv!Y_=LiftaBhxOLohlY==fnR5T@#_6!PouceFK$u)lKK` zq6D>;GS;}FIwUi{h8+mk^0mUolebJLFn~&YG&hOp)q?ypZ|U$7tO{I9jAZPaYytx3 z1Bs^`#9`%Y4!Wol+qxjDbtg~SS0cK3a`L^Xwb?S~rTuhKW2@V{I+Ms0-NPmj_W&It z(!XXx&g*5ei`9ohKe;V`E*ZL>ZK+&B%GpHJb%Y>%Kk#ohlD~z&Vu623E7Ljt1mU@4 z4s*_zOt3>CJ`1gyj1IK`dpZ8EHNy5);Xlifa2bLZ`m<&3n6YnHLYNfK0~JD3(fd@@ z(U0tq5e7F(N_AyP&Z58St@ZpEppx&YQ+{#6oL4wO5U_~OB1%T}tcS+gkHmFr+2i&i zI^aE!TtTJ!^njG#Ifw?fbbsK4iVB*}mmsQ6-1O@sMdj>S`&Z*0;;+80GG%OA8j_w5 zz|1lA^Fhb+5sjK@z8?HGx(qdcjhu1z;~H4B1Z+mH)rLTmE<<80qL>ysX7*F*hW7Gd zZ#B0_n&5tBwE1y!h*T`c{+Q#}C9{F^!%riXZWFC7S1F-an*3L?J}!pgInt!sMuv!@!cUt=3>6pjDZH9@u{iDW z2n2C~!+lCPissKbCZn0zVBq8W(+EdB87=v%)(}I47#v0`oYXOVUli#8NEoSM zUA%1=gmuvVyY|HGbZ`K?2X^K!`ncD^qj*hLXftw6Rv31~Xb$~|1k_F}{aDHQx)e~k z3si5L3e-!xD%wunEwX*`9!`?>3UiceVG|4IIwS8lO)#PuBCz-jm7E zYY91D9i?i&K}UqyM_5l9oY1n}tA-JVsC|FcxL&!45; zDe^IdY$ooV#+NFL_7%gCpTZ+rhl_^XE{b~<2EB?6#z(O}mh#smx%iBlz_?x(;#C=e zwk7-!5yj#^BGaM(c#K4FYPkWB0%uz(zfH4P$jjO7pMSH)7VpEj7S$`wURbdtgrsrX z=(YMHF)uGRx=CfXb0U)hS0I-a1*iV;;nqZ{^`$vFjK$L@QuTzHBY7JE=8>>&2`wX!jM{iCo2u zc15_Bd%qdyy`q8bkGDF? zLh6<|Cc9fxsMb``t^XZRzB2>vTME3&Jfe7t^;dxSZ9D$@TwK7P%+zU_8hiGZ}TXe<=;Z4 zb@c~S&O`&=353&!B7bo8rSi&P{2>kjwIo{Zt{gv%9u`HrE#64z`Ng~r9peE(P-V^a zM&#x|B9=8cZtJh?YAAS?ZWrqn1g_b|f2BPB<0CL}mpnXL{?%cmm929J8 zDd5;#b2MenlYhH>7axf+mwlkJ`n(HA@8W>j!~P<+$Phf0c_ygs zvaV`}*j61)A_462dhh5Kf^F1R{`c4q<$_4mB>pml%j9&U@GNdEsi0URGvJwsdiYuA z?cpW0xQHAG6Vr$U5xoB-OyT)#8F&b$a1kixvb`WS%;URAPXI?lx~a|~BTOa!w3Ozl-gS8-BhI;6Tq z_+Ij@Yiew+S748akKlKrFdYSDygpTE`*p`S60Qt$TC0pqKTq!z{l2{x;gp@I#hf}+ zmpnvkb8B=Jpz37jquw%6Pabk?d*J$w7!|HN4b*80dV0Oj8#PoNHy?Z0OCV*qYV^MJ zkMnEcEEEU}`{Q!B!)3phM;=d>zI zg1v55`#Rd%3B()8JpdiU*k4_yYjYAs-!{P#A6tx6R=D{vbLEu1-(g$751T!!bJ!(k z$?xpcvcRnB;G3||r%l8~1NDH{%Y0SxlxRK7G14Lmq-~hOl(6jP+l50Nk8>4Ii<_zH zroo{U0gnKyz>XX1a5&5*x5M{Id69_oRhB5c{ihljEOzc6Tlsm*6u-EGPAxLkO?QNZ z@^|=X^&SSTx;-%Jb4>c#S8QIw)7|hbU1QEj%@Gr1F^C5ep(SjqdTIHL>@dEXVr8wY z*`D!uY+R{){Cl+iICmxZSi7D2sQnnLP<-9CFQaY6x$ZvBf|7)_G+JgMuN)})Z0wL5 zUPQu?&XZpqrBaBcDezE4R$8{Fudl{P2=W}~V6_~-FImq))IukI=I8$oFNXkyCc9e7 z3RmVU*~XodL30eYqR^Mdnr(#hYS)v2?k=>u{ae{A>2P+t-wtOgdo^RtJl5Gqh}NoE zJcub_Ipl~vh-oZ7bcC#VX*sP3Ov_TbbxH}>Ltg|k-E)Q@)fo9UViHLz%#deYGV+r8 za7h$(1;U@loV$*2-X^Kgsj@fH0TU*H*#j?FG0FeKv$lK+nA)Bh{3P^(Mlo=cw)WTF zvzNc(V#TW#%t;sv3-++O+xTOKu-|ov1#AOv_To^``^D!_L4v}D*Z65o_W4|?RA}fS zfcGTHmEDf0+jVybKOO?VVIbuT`^v1jKzB1CA$nyY#?!FHIa)X`QN3+4(f8YdPbV4` z-tQ9}p8*77S+l~hzP_PH(2j*2FzEgV_4B9)HydRmqeWa&TX6~t)YRnmZ>Wyk4nAa^ z^$pO&0kM^S{R^C~JMbmt%PZQ=hdw4FS)``)UxoF!OxwQO)1(n%3zjePC`pF85=-y) z8?tk8MR*&0`4V7?u4_ctQl5b=ZC|9P=Q==+)01!ihuMqO@}9u5nu2}xXdvn$0f0E1 zjeNv~{fel@e&)CVVfAh&S;>gXpWB*~45*D)4t&GVu}b|S5S5kc2z zKObej`Ww#4d@B(?G4aAP>^9N=O-oWySpmpxS#{IU#RBzL6yPVf@!oVNIG%POTjrFx z%KTLqnyEX;$$3hV{YQVFrUf|~jFq>z4f`-4^!{p-e0&}O!9q8lQ?t|{O-0y+z+iMz z9!1OZqoJAIt{kzS07maWfK3*10lBPd-){;SeA_MwQPwwOkS8^K)~-~?Bv)Z&#LPLW zd!W2aD5B#$f=^m7TPk|p2iZk}$SD6ew}S_={UxDqLTx@c850Q!{0#GMSPcn*#7N!r zzgk(tmDQCoMMbk8Ow#oF?-tR`$dt^RcoO?0|L-qlCG+W&s{FaQanV|{l; zM)81=on5ae4tm#vnPz!SzX?Yh0Kjd;FKtV6cd9V2J0vKG%vl|!Ng9AQsWkOan6B=Fx_V8l^c)N2`@#$QU%kDdQY$8wisBm8In(ZPJ|)oz z5Me%h!$&5CBa0~gLD=OM9{H0O2>!u|AaCeH@8IA9_zqT5c+X)vW-wQ*kj9Th78;>I z##CUpNwMq5Rtb=+!wf0W(aDjK&PwnZFK8TcLTSd_pfoW%pRloiRFgpo!}|sYGln}} z7)CQl!%D)b{YCN3wMHds%1p;MDv?DbnFN{QfAtIxQ$8f7#i>rz+DY5uV9RLB$;lsR zswbqSP1Tl=otmMf=KC-U{}<(WdcM5VP@H1AH#=n@`FC^_1j1p&f}Zf~ggmwrlo9;4 z$1B;M_cz1<&kxtt5>%tlbj_qsfug&oS9V)TdkFlub43DP=kDjUfBNO?oB7t`iM;wh@+To26z6QdMAr|l z4e&!TNd?>o5=t)@oE}r17C(be6kvOTbP!NzqIl_m^s-MA22G0jGzkbgCBoj3<^y^y zq4F#&qoboXr8W*IBI4d#Jxc}m5Y?01VkEJ0Bl0GWoN@}%m%h=Fy1Kf;mn$p4^T1o% zj0a$wLUVju2|L@eI{Sma*}s2hNjTMT2#|24h8tv_Qny!)jhDap|39JX-cal_kgVez zpP6BM4h60A&}+oOvU0mR`|URNE78{F!7m@^ln6jR%qUD;Ong+L3496)e`!cmf0vh* z#Q-iwT-;86YyXkhT4-$g0x=o>yZuQZEXpKepliCe-D-r5^X-0kS0;A-6-{%!-maI78$aS`e#p5 z)}NZbioIc?-su~zV1*jjxMM$>F`u(r+wGriTVdIUE=_$H14R3sWe0o}1E28r(5bavZydL2If|=56T8O=;>do7?3h4q`0B`1_ ztRlBJUtMN7f5Cy&R#E~HjX=XAA?f{MR3{cv5)`DGzK!c=!tr@JW;z)0k^+=G}3~Y^324GRj2g&tc z*{uE)R#q3H3}p8dkdl{1qaIVoB^y|y&6sNxE^wH)l>1U);&Qt$cefG$KN(tzD|SFo z>#yas$-9SH^Cf|zFAiH!{2Mtz^gvb`{+~{A9I#1va&LB{fdr6kX#HAlG)Tf_#Xm^P zOxOsP#lyN?M%Gs5G;(=iA-ND~l&`I_42R%IhgR-(RU_7=?=Bpt% z0C%h-(Fk5VTLqWE1%Sao*)l5w2_gJ7&k0!bWec?GU*hn2J+uLJhpbnt-o&Rgx$|Ow zUc#vZq@lSY1D|(mC@QvLgNTN{lMTQU6I#T?T?`GrLnDTK4v3T#6I;5v>Zqs)y}N7U zw4BS%Ue5f%Z8X3wkHi+7r&lst{Y~(tK76>eY?fZMf~#I2Cd)#d11XChmAM1R;uJ4= zJMQzc)8UpmIOc%^-C?&15L#w*FW?AKruFq#qob8*?G3s7xmj7* z?@8EAn3ac1f#pL-PM((|>--iWLzi4Yb2c%N92ph;5IMW zoRheTh3GE-pKH&A?B#Zm8>_BxpBc5NPWdfKT;bZ_Y;9AJ6);g#W$jP_#$ECeXSfE} zE~DU7km<%m%=;|lsM^w@o}PDfTfllkHTS=oDw*mE(*Ts`_04oImLL#K%a(~h$Szc_ zY%il-sEg%4?ocYgahK)f^|-O<|0j3&?;R#AZ&Dl*JcPZgpIK7EW{*PVW7a|vwhh3y zkPMJx@d8z>j!RiZI=FTq&f()b3EHkfVx1X2h_bM-*Z}zow1rSyvRbI@MFT&)1YfvI zmFD=*f>r3{7*q??eOyd!Y$Emnw)$^vwB!PC0s}FLk*Ul0dmRAXLA}XcESb}ih|v(Q z8{P3_r8DHJpsfhhn!eg)NI>3I$N*e=IPk;ZC4WxbUkWl?{e^+BFXQL380#TGq7~Y0 zXz-O!T{&zxrSpD%Rk{*M-flFU#`bOT?gypB6UJ6nNcD5Q;{pINw@6y060w^`-|H5G zbDY!V1aDDi2to31^P|urJ?HZixcrj0){tA_fM4QaBrJN$hK623Ke#;pwFuw!9>09y zK>dfFtbiPs)BMHc8_~FO3q!?#=ftc4;6C0J$z#ui2+1QUaMUu_O|M07|0&y_7=RiS zg}SO3ZPf_N{H5Wwqf|Y)zK}8480_oo^#l6{u}9G#9C3@bOfkO2{Qmj$E0^F?ijg7=8LF*vS7x+wz&mVjg z88{95@U*G7y1(4toYS^IRB+ZQanFyIDcNgK>NbW_xd6TsbUKqWz~eUNhUzF;kv(CQ zVI>ObO+th*J>FHza`$t+&?lt5R+BrAo1}ZF)?D>BrqbeuhL4mm1|jF?)&M@+4G8C; z9DqE!KU*GwTWK--{p3Ud0Le5$hpm*9e*4W0$ z5iaM-{lw1x9*ssL6xZaT? z)D*uVXsoSY_5_)*_m%rh-uc4rVsKoov6KO^X@INg__@3QX>Gs#x?kOdnUD1f3>5*C zK3JWhVPw(_3WP~QXNS`fSxRqk+~Urj4cFm2?W%pAE!0rEprd^6$LUuozSnL1e?#(rPdmlwqRFiigp2;VY?cB@pO@!p@>1QwM&hYIle^7Q6GCTaHZ1Eb+okcK zWOX$<-TlOLy1v|Oa_(ak|8nW=p%*ir^X)R07g(L*;?*9u6}-?42LSIM9SmL>34LTc z_hsef%kRHNc#}&-w2;vI|HD=B9Xb)w?-P+Chx<^2-Jz%ZEJAHr9NK?1@)6pz!_X^B zft%BbG@DhR7qF6;^)W7YZp5Oxq5@xrwcI-coe$tkC@x?y1;+?cfj_V5O|rs&TzPE? zNorHKHUh~VhY_KuukQ^R_0=Eq>6O^GYOSy!)HiQ{wusIP{|OJxwnW`$ZEY<(*BDzX zt6LvvVB|GDJzL1x!fxsG|EP3d98v0_{yK4F9?YZR?2*}{$_+Ax_hzu@h%yK(W5#7r zt-r^Eg75DYbQXR|ZMuIF&zGa9Wv-stu6(Js8oW~$;HB@KtSpcu;x#z>{e#lD`*Sk93(`bAhB1GY^^z@qoPGKNUqZye8p~qD44Du%YV+h|jbnSKAwGi|*Y%@Q zedy><<6ULxO$D*u0OEY3-ZxysjhQJ{Z6$(spUNWJhEAVIlz$zYd-z9wd z6~JQG6A50u6{`i;^S$6vt3n^<_lSge|NG;t1tOzhzP$f<_}kZQkEVYJM8pZew73FQFVP2|NboZ;Bxo4I~@aQsFpI9 z-Tr*X0o0I70nz>B_Q35Y*r^`?tse+*Z9Mx^p6Z$~4J|>M{0>`?WMtTP?!FZD#T{B_go-R$l!&%kz~r^=nRp90af>y% zXpnCLWcGDBH%S}**S;3~JBqAoO6@N=zcmCmH^2XB)8@ebf)boJ6E=`U>C*BjTRUpR`B05-9~-cMHXQb^L-x;Ls5 z3rXHGznx@)4%|a+5x%U zLf9`xUi&tcyhCF2%}ep3w39s?VnX-C%*g|s&sl>SM|R@-NzY$8FuvxoMa-WrQf020 zQ;)bf`+^bbujV~+sfCA23I3;OkZcVi2&wZw@@Xx;L5v!7@}X52ToVPzfC}Z2hqD%~ zgFhg*=;+MJ8}sRk#$~IJT@SCT>Hdy&=b}}?uUu$QUIqQe=JN9^lF8e7%kXL+%)6v# zx@Bx436W66c~tI5fo(i|T}J7CVa7awpy;j$|CuNXn)RID7A@xFXUtjT`sggrOe7^~ zQOC270wf8tn<@5Df?a&efI-zYVLzJL$;0FC{$jl9$M-fMsASzJ<*F9WY3d^*xUJ+_ z*0<3bQLwPU5n4bf(EL$N#Y~Xi@wLHf1=N-p7(UEbSRvE|INLrG;e|}q!MzVx0MH2XcgdNF;wG6Y*od6f3v#+(*j}hmbFgu@91!aHxPf6^MG%b~iiD&!Hg31ahAXWm zi!kiD#7A@W87AXfO(WQhUj0u>$~1IffRMO;R-ydmhhuHr#pM%9+y3oBt=%DT?FBNs z{>rP4gHh#K-lMC!M>Oku3K%MRT`0~yTZ4oK1Pwlqgx&H6f;`rdl!93Hc3GTBhb8^l zuO&4iS|~+$sZO)!YhtHO?v(@{wK;jJ=#^K*3#xx4ul`2* zh+ZCKFS_ZeE{7ywzD)CXyKeN^C<6O`;*kHR&!2Ugx@Q?L2LZmM+H(FnaoGJLP|*F* zSn&4R?eIQmrEb`LNoWwbVvpCs*7zPq~O@Nw|^4{z-i_lFgmS@i}6nJz?AY4^ix2}xxh^;&EyR>M0vfP+wGw!%I zBu&uk7`X7ka&J}Nhdu({QF6&Oz*}xNywGE0=X-`2PORZ@vS#Y)P?nBy{)_bf3OG1A zyy8|fC13&N>W78>Kplb_{ z`x`khxisl)CIiB#lfS>#Ac-wjqtl`1H2hQQ1JaCmW9+SBa(nQ_U*BL8%ouzMKpp&{ z|MUX;IahdIlz;Pvwtnz$xH;)B4p_NDQ=8_ssRj)@$|ELrq@ttArz`*&%9C$>7tR+B zuu(|9T#Or_Fj_y=7E8-o_BxK2LZWP;8YT+lu{ zCD&8G7}@Px1^!&O;9`S|hP1ReYJ$Rk)ngH_vO<*Vb@8VZ<=> zxsP@C49LpJl%r(O^AC>5soiKdy3XGp6dTT?Qe@hP(f&#N@guJamx}Zu9ypL}X+}8T?6^p`F6R22LmiBkc%pY-MV8Dw zar8F5AHlB!cBplHh>Ub!idEuN+v95icYAOtw8u?>`L|MK-CZ!*IY(+38!P4ut4@o% z3?#7dMQXjtU70mbzpQX^Zab7`h3q>v-|s&@_g?{w*kcWa3qYlyAlE7%kc$5_qCl!^dSLySQ1+k|r40#AwvMtL5$WlMZV&WK>uCf? z^652;aqMQz3^zV5>vOGJ|H+s&1D!6bK+MEMof33G5j`g7dl{wrEoh07)p`icdt z_ekh3y=AYghX7Hx^E=Q5wDsWX_YpJCz@=Yd4o>@X=OZ7m^rX<(=ZZxlXsEaWLyK$C zSsw_3K(hnQ=XHfDF?%Zjnz9Hda>B3(V$s$oV_;%J5iJ$tu%zX#0Gf}1F+P}qG0C!~ zh9=X<`K)o9CnjRdr{YSGIU;@L`6Kr=`IHiaf`aB6(M4&lfAijddPfs#IaQEoNAL|c zQrd9%85mdp8-C$HjBO3T>HL>u`PK7{hgtP|bj3;uDWMNLYLnyB;Ji77|w?|ZvFsnTYJiw0i6saQld|#PEn2LgMml}y`fyTo3GkurqWbXRyNS~ zuc47osWBebc2)EC?~Wjq0f7DLW#AU&$ft6G`kQ2^Lv69)HTWUNJC%qcRV&rIyR!zLjar4Y&$Rq8Y*d^1G`0^Qi- zEICtwrj{&|M7AB>m7kSJ(aN4xBu2pqR3tr~F3)>fz0h#FfI&k((s**{^%xkh<7wC) zFbIB^()avCFQ5S@Eo@!A`-{2!bqH{AApNB%p zh^S>}0?;_v@W(mZN%h8FIjsE(Dcnfob8XQZfaKjdhz4swx?H&QHtz&HYL8bWk^f*v z7dEs)`*h8pYhJcX1>H$aQxhUWT+F!}5s)$H-{!+aY=~~aF}13-cTmq%>zKUIGQLhL zc%2u&e;lhzw`fi%cG7yxh)dM~F4l8ria&|&PJ4elD;1@7dqG?SGEaX{8f&{NV5S|i z>Z>uIY-xtm1+k`eUq{r^h0UQ}j)tafOGVRI{;k3On6>*=Te~UxujE5kGAI2nd*>y9 z7|_+t*i~6wtaZDzdSIZZCtth*b4t|jUT!SGJLXuJK}s3wN+7_}uta7YlWF$l@ECk? zDBlDO1SQx}4xGs1%3fp{9a~99gEsq?Q~k(Scu#pAo@eUN+qj^h9zuuTD2sE|V6>Nd z*X{=(XP$wBy+c&JDSZPK70RIozK2nS<4^KYl>OxX7rMl6KsZd-c3I~*NT^-L^z{d& zOkL!^`1JH3uW|w4Z{Y4nKSA1att?G&9Je_XV^BfmY{RTi)(ECO1OpROQzL|b_sb)D zeTvVf&D}X}5TdQ7uu7)BAYbf;VQ5S8N7`jD}OjJ75$N5D6G8@mA7g?C*&@ zLG{n2+zecFVeHt2n40-(ULl!t7kpsq&85`)9S9NN$dSb&QHzr_;HFmK+sk951*fBQ zZs#8VaqsZIc-@&Jr_uOBT;HbSBSudNMtE}(J}Vd`gz=%Q+{s55-phYT_?^{vr`Rcj zxY#?d{DH#i@sUF@$CQa_*K7BNZgOQ69u_>_}1QbQf`k^KH9;R8CFND#l0!PffQ zxC-sTlP0s0$Z&IH%xygd!4Jrr3cj|=FIc&mk<+yL0Yip-g4VSd;ZobCrd09T_+%D(4ghMKi4+Ex z$T?iS;K&zGk(jt`nn%aa|97Ao|KIHIV4ua21;d?>LXddgdI{%GY#j^G{}W}-k0d)5 zI+AlYJt7OM9rs-i=I#S1i}0ZWrvr9)?`@->&mURXs1+>ekH~QBxj#PmX`wnBP|?sD z^Wtw{*8edpdu#OJ5#dnql?Br4^DChT7{CMu>$&HruA)x2iDG`R|7WnPO;Tg(9U10p zR)hHdW=p^7=7RX&8{^6m7QZIUBDn&c=GjWrW}%+%FoH(vvIdStZyu}Cgxxtg${Bk- zy&JWr6P0N_@LK-7+?wGf$zrrd!d6n!Qv0&E);r#imwSh}YKhjTdKKnJWw6=C&OzQ@ zQo7JLfdtWI!_8SGXm$RXw2i7ejI~B-M)y`S0>urt$}Z2&E~mDW!-`MWA^GRMm_!=5 z27?$Ou@6+N6+h21QBuC;zhfn!*hJKOF)f(ALb5e_H8kC7h3LMB{DrhsGXE2$6nic$|3-=EeQP*23d#w87JGT|6#kZ5W4L^T5wcp3 z5q)b||9%7wvpFF`alY7dncgsYxAmM#&-euNylUgX&5fj^{N0wvhNZz{W41d}@Sigl z%Y>YfrahK9a=8t<)^=EZRN104v|TzEqE}md_%!8|?%>I_DDGaKB^k*bX8~WIhfvg1gF28l8KVAHimIZbbbK3N<^XE#+c!5G8yj}3 zi-3Qk^)@Qn1DD~M!o}8TxlFuO1v?;&;A70z+QpCl>h9{KJ~H+c=&eYVmT?Pv#S+D5 z96-!rCabIaNnV}=Axgz!81?nb&>x~01t5fG8?k_PEqQqtYsU4qgn-Hmj2wyuutoq_@F(=BDCVqz1x6$ERv`lE@W@H`ty&t zVD-8IZYX69Ag+IJLrGAzAYc**|mb^C~e7o}^oDV;$Odbp9++qa*^ z(|z<&ju6lYl^3ysRn$E9l}317H-bwH~LI{~KYn`1soAtA66_zXmSLk)Dh-|FjMx&nj2K4ca^$}VF1 ztp>)P*V;#Z-<|SVVddmXFfv*vs#uusHrf$&`>;HG`1+c<02%4H`Av+S^7jexux9(o z_v#BB!R)73f&v3w6@@x6WFjqw>%)1$q2j&`mgA&vTo1l;nucN!X{f$Stgru@l+=gG z0Qx89)3gDOXD3VB15w*^21P|8EuS5J6<5`)nmB8?C%?qzHh?MTtBl#Z9iY5np)aO! zQqUbO0b6SA-9Ce=n?hPY=?3z;x2}Eo4&QKl(SgC?tlUJW8G{IADGGnDcvO zUq8*d8m8pxN|7N_-vFSjS~S%=*4|iMBGrdw;!JSTC=w z1vbz6-D9ZObGI9GaPFPkcmN5X{pCCn!b=&Q`mySDh_l?*srD6!5C_BFd;gjAizN?V zv(2r8F?MFvkaZw?)wum{Ur#6%Z8!KCmi?h!1xU-#_L?ZGBP;JPJIk$MA%+S*{W>kv+Gv7NY~jIp@0ZP!Dw z8gR!MXeAwV) zNe-fCZPO}9ZvN*K|AjcsxaEBfN+kNF>CFfP>s5F4@nY&<5ckj1t91_@@)bBm)YnAV zB4*m|@PGL$Rh`b(InVCLDr@uf-8p#+4zgFZX%~xq^eqbc?{@_8K`K&y$3b37h~e?s zg|iXX5EwxDB6N{3St<)JA}Gdd3DIMRp;vM310Y6U1CAp;L_$r&c;?Hs#<-v7Ncq?8 z*|;Yhe6~p(qf@ALI`E@r+gFjE?^;{o17j0vT@O*-N11O!OIEvkDSb!qxf&|5UA+xV zSAe<7(-DOC2ZF`RkT5JJ^Tv6`f;XeFLN;iUQHYTr0xY>db-ps*jCJWT=+Aa&jU-Ns za|pViq+KbJlaa((ouH`^!ZI)qi_bb;z?)I-V!ANyJ^$E1DRg)fLRI?4eKfTOY}DkU zSCHWZt3;9QaGqSa$nnd{qC+5PlAnzK6!+A#=2!COOQbmZs3>2UXExdXN;dk>a~OPu zUzv^^YUUEZ*^c_~c540C`+t%gVA65$HHFSA!=dGz5TJa^=pN}$0zlSN+T)MY)%xDg zYmUFsiRQMTvrv!(V0j?Vzt%-BvUART&sX=ey|Z)A9d171__S}4I1eeVgy!GWQ2VL)xew$`P?w7@T~^oAiuFOHm~m5 zNfmm|0xG-juPFO>v+cs10wPTHTBcBvGeJS;aT`CP#q$`4D#S8oEFkn5yg%C0kS};` zrz$;_a?+Qs9h&zH>8rth{g-EwHc%J7|CN~disV!$RsuOTxdgqPy?x*#n+E!Sepjn4d1CfU)|7PsZwpd{`cr;5 z(!meulbBHkzq0pG#6n0%KOaQFLqfi|pRXO0UNm?9`P6JL!g=jD7yedh2`KV9`TneY z0TG0$UljrEbYI!cvhp$>LCC<=%~k%|-4z_>0VDrz;Aq(62M(rb62K-Mw#;JLueFUG zw|+eSh4e%yCH@#4q8Xb(^uU8hQs@b)@JxU z+>#ya1o1b24k4pE+CH}rBR9RZ%^z(k`wlr%N31kmb1;xca9xt=3C*wDSU5|{-`Tj% z$~D5G6qi`4YgxgB(BJI$aeGJWTUi=>>y1R9myk#o(J-*OZ**icqSwonVWP+rFfa*X z(N?Aa5q$slRF2F)6Wgz}J%S-XuGO9qPzGKNa`U!X;Mr|HjT&RWCR!xp>@;!$ZTy9% zwFOL$XW&U)8_aWr60gmzA(r|=<#%v7||ntiX3MRFI6KH5*4ic{EDrF^$Rt|sEW zigbWv2Lj$eeB8Ums>W&dXaHVFXHkr2;?$s`KUl`<4Er81ITAX$xgNZHZu|}v{-ZQc z%n-^536235O`DIgbpO@}li^LAk4v(2B0I)8FJI-zBECZZ81=6yhwQi0)wKTfeFMC= zg{e44kb92bjqakj!9>3oeI*8%ZA!&$8}L2CdLY{7Miwf8lRT1zaD1KO{~hPLj(p8I zdK~!mi+t5h?6d{`o?b)p9S`>vbC#f6$U-JA<<4G4*oqsRq>FmB_zd`= zLZHjOYBJ`bHB!lLpgn^$$qkRf`pzlS*}}{>Ss@=>SgIPZmgc<44rK3mxcY`Dxd!rl z9o1-RZE6aocgfi4srz8pPww|H6-w>}$LVyoqAwsoaa+of)G{IV5@gG;?se=^jBGrq z=HvsixHVL`^zb!QaDl+^slsCoE@|MOrLIn;->?A3PaB>@54r$%tr^b^h&8b}u1>>d zgxhBjLo@D0@Ja+C#>jD$;zMD*zIa+wlYuQBCr)D#3oa4Ija;y6f98Rl!W}AA9}u^rh({8IgnWgCgwFOHxkW7W9fF|y#T5e_S*^8^@q)H z?-#%4_$q($&i#Sks>S_uvU7dNmWf~*W1W1+9mw?R! z>av8VbO!!^8bIHe=Zq_bO`n>u-RChPPbw6ADjh0yy7MYMA2vgCK>rc^?`O)kM$;O= z*!*=eH`s-Xfv{smO~)`&WpsN~7SINY{6293OISBzs(Ls4z284_b1#-*sVpn?f2a1? zw<`;&ggpE5e`Jx?p!cTpf)x8dJfF_2xFu$m1)7ZL>e2 z7yU{i*c`QdM)E6W3M6IRK5eeX+AOs1yAF%gwX@52`ako~_1>h!zn5CvGHh|}-Mp?F z9Tu{EgJrB)u)Po%8SsxaZIC!Wj}1De4b%RM#lT1&YQN%JZ*@Ptb&Y?ZgJ=%*@hot}zz2L@du%{3JS=-B6}>`MkAD8ROG*p*3V3R^K#= zNs_Se6z)M&S6A`*2)JwzdQbFJ=uuEm&f2cWx3;!=dd7jlo58W!Y-k!pm$F2>-S@}! zA=~3XJPfq(`JNoFD#WeCH^2>?6QJr>_`~gQ4`&zz1-%}xc0uKJvC$e=Ns?_YR1+Mw6 z#{jT-6d4vM_x3^QFqf?I0c;`0G6jBDx1JTR{{d`?r+W${X3(OJ5s%GMc>j%m6ZNml{Iacqy;)#9(g=-FpSHEK^N@R7Bx+p|AeOg7*Ol$tzP)9gpfai9I0)I z15Y$leOPNnvINox(FGvlH|MF?YoAO8Ne@ENdYSPSAi_y~7z+*q)ILH*IY?ZL1c}qx))tN?-}arTz<9)agGs_i0vI=E=8*DEF5h+fmKm zzwFK@*T~y%oc!XqR|Z{<-#`r7)!N1#Fw@~nYK-L|_ic8T#r~tpGGT^=Psf+`sDALN zat@$Oo5_ak;qn-{+QYxZZ_xJUd49yc%GH;f$lm?5>{vnIu#W5EI?DL^zzcv-k|lQE ztxzN8t5n#q{ba0NG4~$^@#s}!bhb+%m;&l`xBmt~nQ`|*C= zz0?V+m3*e7HgBwkiuN)Y=s!TAI`f6Q>F)j2yIamVu8gzaG2rQWP+|% zms|bpozGXtHJuowpt}vD4)Iw$>+tj1qK2qT@RPr05+oe z_AN9vbY>(%Sw854I8lx#EL}4^C2IF+S;NC>y10(%_PzJgC}Lpr zVEM7@?*6W}QgAN+$H7tg_ojeA@LIwC4XDJ}v;PF29kG=TUrR8hrIPAkc52%Q@%VkG zFZO$Bq7C(5=oeXOKI=*F+yp=sdvYaub1Bc9lR9V(t_Fc4((h z56+dA5a|d@z75<3p=3(q1zdGo9XHvup)r7!3!7}!3ltw>$uk~{Ad6O~!USy4z_+!(^yOU$9epMlv4pF(Q~AFtBV)Y5YN8xY|ozynhLHs@J z5L6g?Nb~EZUwM8OH-w5$bEJ9T^SaR~M*&u(o)7(|MB8b#9EP1Jsx{^oxMKm4nCRsE zj%6UUK(t9x6+8f`9;5|z z2Ff3j{!RU*BJ_lhARqX<{o9x5!4%Z3T7Uh3*s-`a;!;Gx;*^yh?F`|eEHWFyp-|X!!R?qz=+?bR$ zQRh#(;cp^$dPc^qbrl#g;uQSLN3c8xii+d)wwidElV*iIpbWNojd4T0hY%T;V9kve zDXmulYC@xh7BL6-2W~(x1@`HM59DP=$bVn2pe$F^n(dFvG*OM^N(Ae~1>|K7A^+r{ zWaj2_g_xrE0$dyxwRsXSJOueEo0*%V6LCRQ_@O7p&FS*_T@TcYIkSyPxpUgIo7Mt+ zkqUHW=-k6u2#M0fgt;bga35(3rbn_o<5T-m;Z*5s1F5DG({u(?1!}Q~^1{-TGkjF{ zxI^hwa*#76Kg6YsDi@D2DW^JlSh!tJ0|{sM`-X%_Q~Juw0?#J<Ird#!94 zK{N2v0X-JYSR@`Nt*fCgS~^ZbvHN2#m$1hK3oeo=cngcmTbl%XKtk};E{nqFDbSw+ z93NU{>oVT`v{Pg!ll6%r$BB!JGyWSXwaK@2LF@8#tL;X{RT9*@nX7Ei%D^=97S4*3 zs*}-?EaVqvad<~@T1|LjB58#wjc3zyXliubiRTQdK34m9KADiK>%0wuBGG?}%7^&q zIMXVDB!6^QhFwBYXgi#Exb_!% zPV}I50dR60AfeY6Ck+z|7>$EQJ2`^vSZn?-!QVpof?5nHX^mvmqIF{wDi~$lbnS`i)RZj;xNN6H_&^ibGSu_##x3 zj&oA*x^e7&(LC<*-wT!1e(P`%K%c&ke%dbslnTZb(2$>q(YrMK%^F*AuuS z__Ul=Qq)5tDx25Cze=FCy*k!d8a(ggH$(YJ+$7e+c9e38HDdoc1`1ua3H4l*u8n+J zx< z2#u%)4~UfeduIC@h(0m`&mP+ic)J3vr7o6!lX-d#S+|so1R8yVp%c6gfi63C$E=i% zgUDuL#%}*9gck-}){%>N!6U1{q2QyF2@X5#;;fhO_`Hl-8q`EHtTPnuq3D438rqJ- z5UdcEs_MazMip6?a^eyB~PW0Devj=TZd!p?V^(mb%Hc; zyF%eS7vuOg3La9?F$zQ+p0mo%e<@s?N(Twf;&BUdINSDtvl>afbUBx3BG=4OHb`uB zTis}pD=0eXmYhU-vweR6&A=QQ7*q=QEL>S96z^sBmp?$OxrfB^4xm>oVXLlFJ+NqO zpXh&6=ZG9hrxS3?Oe0?Efka5$ZwI z8JCR|_BVfU)#~CvxJeguV}ci>w;RkE-@`)4vvMr0 z^bKnY$sM_s7+{}G4289xZuy*KmNDZQZO(BNN>Z0n`DwL$Qr8Jb8%#sY+V2i$2!h}J z5*mPpa3+sfd4rk3^euwqJT)hmv{ha?N32+ht#bLHB+*#=gi87}HFaCtUu!HGEf%}g z&k8HG-@uEKm|mHzgNvrwMO&7bQ?1@4uHs{eRGQu|1mcg4R&lyy$MY%5!4h1Brd90l zqKXodHUI7X|8-dXUPbHTyjVL0CMCJOB%I=lF>vz3&3;caIU0q1Dy;V%nw~@xy*B5z zLS1bJAXO*+}TWu?f>{=qCKhs$rx*<(0jh}2W14S^M%)K`30&x3tGJ(f$T%U zq&jUca zUhAuTarjoUFm5SAsEXBq1E87wG3vlS4W@qUKm_@X+~wxra_w{M>fR{=Z+Fjx|6f$S z&`iPnZy-^(1~izXRH^Ue{v3f}x`3Sb&D6j_--gc!VW>cLlu0nq!7Krv9f4}raXPIX z;X#lk)*U1V3ZLEJt`AoY81vS5SrO(Ijn`a-Jvgy?GzLBHLjD@V#UnSo*P6oEEd^6vL z9h{~=?La^|8SneD(L9X5iEKn5gIoAc{VE76xn38{^n&ECL<*{GuK4A}CLrS2$esvt z_G}(l>BkoPqlQG0A^mDZJ~P~E{ANeKoGR))-4)x*PV>GTKa0o1`)jIQ zPKnhY+Aubrhy#(FMWc!cnIRfJ+L+~74xdjalXHv(zD_-fbsuM*#wbOSHHMA~e29pA z3Wu=i>aLe3H_Xk=dvao#u;1f&G&FEYLQ57!{zG^;uXla;gj~8$^_h8~p71o#kotbz zY`|%I#MdV3%vM6~?86TyL=vw%7E|%CAg7aaJqH2^rQyKZ7b)Z)5VqJwUO)Y_CUpGz zP(srli`AA}7B)7z`r)XKIex0be zD0?2sx-+#}&*^67I?RjJq`o2Ilzx@Hu$`t?xPu%gsG&O!78&TRB=D`Gymc>M)iUE- z49Kmozj~w!IiQPH@kt+5uo`{s!HY#73IjoE?0xrYTd`g?keLIyfZ&NV5wwGEuE3jn zS|ZRskUwZzI4jv}a--gS#OfWV(^eno7ER{{{SAaWhU(Gffpz`DY)!LyQx3gWD+d3( zxD|#?Q=-l$>??>I2;K?;fZ!vI!Uj`8m>(4OZyO~Tf37M?UT&GvD7e8EG0~V<#K7u-Ei}F9zE@zSJPb zd;7h4oZGR;&G{?9!jivN~ig0+Um+`|@ww9eP8Ln)Gp`oN{b zAcYfwv|)O*Clr+`H@GwR?c*lq&rp&v!unRXmhML=jdVC?{~;cO#zG!}5fT2LYY_Yu2xqD#T_gFO+{m-5_L_-X>fBXJPf=&hCM^+xa*iCCl4i$o~sl>DTy~P z{Ht_5r>kEe^6RasNtO)>{=28nPw-lDA z6u*iHs3nv%#Fwc1BQ%-rPClSS`3JrSZ4@3QwK~m`4Orefb?ARztadnZ&`prN(h3@ zGpBfZiqbq4=i5{e=}CVaPdAoR954xb;>TevgZ7^{Gfm%EK15|12Z}=4@={ysErhv0W^0+OLSvNNkyQYSZ@5pK38CL0y0j=8pV37zu>~Lrm0u$ z`?JY%ms;LSPx-2{Hm{Rs>nxU^PZQ@+PMkim(!6kgIYsbL(2E#JWg& zO`(+tQb3YHBHlNtQh67VM5eM)>4KiaL7vy3ur26&H0$U4dpz}xFIzY?w}oeq6i$Y=4$eVpAnyb&nNtZ-TSD8cL# zArW7{X00AMeJv{p9803i1L=M`pi6zcSNl7_P~5OY?&V;PC6 z9q~^+*2@RacxyIS&a?z0+NhHs(i%@=s>JP#_KUjc)1mSJSn5B7S-|0O)we~mg{b}exM}lF=tNEr z1|nr6AE(J@A>%FgL;7~*nfuTB;f?_h93q2WKn6wynG*on*z0Ye*Vw-?l2X&f6v8q; zU-c_}{_cA}NNg=gGoo{*6XrIk`G#2?RZ$hXD32s>zR1Nq`T3lfQq(AU#9C^|`Zgwf zP?@8MGwH;ZB-b|VsIZFF92$p*7Xh{D)9L3Gv} z_`5gs6#1NSAZl2rM~0gv^mdEE`6+xtg`ta zaS>EJ^rjSb@=ZmTdShiJOW)|6c+?^EKTyc!$96H%zn5yW=?FAEG-0A|$q-B7LSj4-DEN%vxs`Q?I zWkc;xdXkbpQF^j2&i{0)>i_Uh#Gz%%uc>(uON?hd0YZL7E*xcxLW-OWfdlfpr>BPs z-24=+OuvJ9+j|g&2m0>@vmu0+_(8wY za+I+kUF1In5N#DQC6$!CyE9#1{evVzOQ8{f#UU;c5vXFZBY+(a{TpsDr{;<-1Al`? z5+%(Pb|%U;&VY-%Ul|uJPiXt#83JJE)SuWe&1| ziQ%~W6KUMud!uXZUT;+vO7epsLs#|nU#|DnvN<|@p5uqLK1&5BF^}Kt`&FAP5zR37 zAVXLc_wmPsXZ>&W;b-pZbo!^c+wrpxerzlTXnnq1v0PfJ?=Mj#Ag|H!YPsJ^P^PrV zXXD1u&Jk6tbvme5j@0LxsW=see#1cDw?K^a?p=H+CdFMpyWb@Un;>_`hE&lZPHbyI z{)xfCuX*~mimEaci7JqP8Bfv>9v&WQbNO3G;{;%-O4$+-r8O3BXnCMrn5Kc(zW2{a zqBmHo8E>-Yv3UYh`JHgkcQ*x1g26#1i_827FuJVw!{VD22C>!NT870uYzD$2)*|=! zCu(Ztf;u$s;UUpVdAzjZiu2)g(LZA%eLmQI=F7o|6FxM0Zv8q}vP3F$1 z+e(Ae4i>d%Rt2)VrC5YqiE_jbT^VN{0;T3j?H}CJ^iV0qySxH=<|HxHfdDYY*lOWHfL9~i^gx!bS-OjpPbRqiF0LxCg=YRs_&{Q@4RB7a>&LkpTvv^?KmYU8_1nysU)f?K%g&^;$~y zH7?-dFq9-Vg`P~*8utzn(5>~lgY0Bi3xJB{x`S77d!V6lF*XsfA>iD9vQ?SR2ov&(mzia*z0h=?Kq?=}P@td#fwsk(Taq`}dC$ zexM~DADQ=637?cbvxD9Axk*(@yCmk<{4y?87fhKRsoluySAZL z?g57p;!ZmMt!M~U1x{$qNKQ+Nfaklri%~9X(>Enit2l}xR3m1tXV{AKR%C&b(YVDW zUuF-2Tu45fyFgHf4lJVIb+Bm1ax(r`t^E(I76K=U+tE5*(6f-(a|DZR+ak)pET-o- z=UUF*6dB>q&yqF8ax%CIZ1zRRlVodsIofsG8h#FBxsiV@{tl}KImOmuM zsN`xS4UE1k_}n>`AM@O3Rx+oGK5NU`ycX9%HB8e*-PyKR zAZ}og_s9koyX)_t){_5+dFRMja0>~(GnS<4lbUp44$c!H%kSDmP>6?A_SSQ(>^!uKbx-ZuPQ(| zd{?w<$|9YJcqig^QR|{E>sCr{o6jG{Uqr4q8B~1;`3}{G2i@{AzP9+7bG0OcI}+)u zlH+A)W7RhdO)4b1!S0T-dRbikQQDB&{|}OdgoKVe-wynSr2`-#!hpYAF0+8Ltp1I^s&dtKS{LwP12OH^4w#roqL=5iCxS-G1SOC$E_nNQU22gIYM_2uqO zr_G}aDfyU0h0O7C4vHk-I_8E6#5}JkSTUX(e?8+8xu#JxETy~%*xQZ?s$o%~p(A0Z zc<9;;e}k5!&@U-MI2Q+`wf}uF6C%|dN$Idh9l}Gr^yGl~R^}n-i!e1ZNqh(~N^fCF zv8I+*mB>rl*>wzkqz>ZVQc*BH?Vxn)-w~70%JJ;)E|be&34d>&dW4T0>DgOb1oyc;&6r1&R8+SNQ@k4;)JK49^l$5RrTRsLt z4;Qoyh7FWdvIV?0LdMW}#4}3Z;0T_(Hb#_QmWcNAgnT8m^SMgMF-x1B)%04Q+RAXFp`l5mSO2mr3pS-6 zQkMr_e*3?$UlT#%(qgB(<6HMgtPeEca7UkMHg_Xmo#E zNv5QQ%CniL2T)a^GV-5v9`yty?JE(G7GZxml%I0DqtdB!?dEKGm0wwY3PEpRID4Ji z!e_ZP&enkOR4FG{ZMjofPWFoJDJY^~-g4*jtt}I*mD}M8QGq6SJBpOG?4(<-wZYe^ z8^Tz7G2JGhqd@GwM9l*?;D30r|6Wf+ zeSjgLgn{z;W^-FxTYf(Ea4D#5TwPxq3y-?!>^1$e|5uc;HLe}x2{yB|eA)N^%g{Vt z87;t6$8!;RMX4&R=tqlPz8+M%B~OfWW&l(e6qM zF%{uEq6}E{(GAGZoOu50q5Q%~Vm!Q^BsGH>s|Icv$s)@C9^4p&~)gz0Gt_$;;jUIv@BG!n=z@p*M8LI+B|#AcGlOIy1aF2 zwij3uNG;gg-`zE{ytZ5y^*u4Q%dMQkI2G#a{|WCP|34y3@az09BejaN-Jg=S9uvq*IA;L3a(;KDU4jQY7Pn`YO7c2 zEFwd!Y5XI3y8r4cTBvoR-1vKb|ULn&Y{#W%5~$U*t(KM3V4Xbp_xlrHrR@`U0e8 zgT?5{LbLPk)oz33Sbl?vEG!IF6x*P*JSZdn&lflny9eu?tjd1ZM=T`kRBT%FoAtk^ z>qujPHng6SRv+erCxObI6>?zIUp<^y3hjUuPwKs*UiMU-{}UX=`kw2dDM2^Ldz#d@*(57@_D!YSKI;M2vKq|l^3 zX%?Hl+*#d#Veh}y%6#^hn!AiUlA`I2=M6%!XL!deVUobGSFh>O3^S}m-YE={;%`4X z2SxBC zt!G+X4&Lub|sx0hzdL({IEjyFl=#0iCkk%V!@VPV3dar*O5 z;baTmHy9#i7ma-kajS}WZ3u@2p6KWBl3$VEe>-bUx1h5B-WJ z0f-d+E-@F8muPRh*|;&Un7-z1352E<+dB@1c!zvy5i`F*i0OYF&DCxvN5mg1&U4Cb z{hVUQ>%;JEPMBuz=3uS8(Gqz^othdp86)snQvxo=K6{5DK~Xn0$B><8aKi^;Vk%@_ zSn?lPA-K%Y^5W1xBO#fZJeNfFNM;EU{G0fK!>?|OtF@lq^UdK5t58I=cFN-&i}=Ln z8O1eMzs@wtu)oAJBjz`Il~l9{VZA6$qQz;Y)(a>(=__m0-*_s0I8W(tLTav2A=(O? zA&Yqx-t2;DqJAWQIot8G4qCUK1Li(s8hBf8q_=vr3-l{3j>e+eWV2>AV-vwkpaGYE8t;!3+7xz)w>lWO zAZIHqNZ(>&JkVVc#D}?~CFxHXwWqeKBwXuwWUwOFI@S@)VRV$r+So9W)rg9z0TVKB z(m_e(Z=tfd27+OEBxn6%#U5wI3-msZ`R#H-*D?wOXRo%!s8ixIc|MP4@~!*0JYJbA z|Nc~GWrJNuAH>uxIV$g)Cu7SaG(DJTZEm~=7lD4|^?Frk=YL__hr~b~9vaVuf@G{y z@31Z^8MHzN_K>gG(z(os!OaO+-ub{Fc(wH&OY#H^052tLW97S4aA_MGWZM}FX3xUc zkN#ZN#rQtA+*4JubEfN)IlJcV zE{rK?nsljgoMq)UTM%UZh=?m^7e=#FEnUSj@ZZX031O0Q!qz&HuY2 z^KvF3$8)8pr-RsKT6Y^jJ*OlmYinr%vr%zR(=sBS;R&@(XTBTxypy;lyH z1ltx8R9w00bABuHP>Bw0$o9SPkH3MRYhy1*{Qg=wx*XNwb=(F2J&4wvNKD*WP78{r z5OTj6j0092*5g&%zi|sT7O`N^mr0>(j#_Z3jQ*3{HydGTlTu_zqolYo2g?&t51Rz zi25OHC*&_R@TrfAaK5{NjE$AKamWMqM+mI%r!^O25ZyI=Bm=rsJ6=9wu1E{jIYuZD zRUH;*0nfnyeOmSXDP5U3IfuT-5W`f0cpdXmW20+B^`Sm?{%bkfHK?RI>R_Je#3@yn zo{zXlQ>V>*-FC?>LanBGRTZW5BD@8qJm#}rx){l<0$(m7htj{(RM^OE-uxl_X{Pn5 z*H7G1d+%a;GnJCvP3K`x< zVBEpMa&^PBwOG#-gDAX4I=}OdJeTH&1&7SZN)rSgnoy()m>vY}MmatNtaOB%wLRRO zF!z&5PCkZKuUZ8)g>z00&zs^vTXtf4(xyw%WqBifMThYEeg;M|G^(fOv;eC7a2d^h z$u_g+Nu!q!Y41rTD$FIBHB--|*%zB!jH$G`+r4jl_z>{$+{Q=74)t`@b#wwgDf<~@ z=Sj>|n)HQj8b0(8jOPe_CL(~Hr?4n2DujfFHur{?hg6-`M1y0#=6}aj8U@gjVPVeQ zAcNX1qlp7*zrmGnSIohd7d(Ief;m$Zph<$qZXW|P)yYUGNNuU_yiq?BVaD~x;qg7RbK;E_VZp}Cftx43^Ku;`U*~# z;R>D>K+V_(Wq|9etEF~OcS=l5oJGYA@_!$|Ah|th)xY*gYuM0$n`vy3JqjhF_A;}- zQ^R=shvac$=ImL!BltNeYbiZ*_Sv-4cd#kmzm*FyGE>sBwq5bj*(Rea-}ih@o6qr4 zw3ZSxe*PZU8~P4C?9=Ed$d+qssq}nwUE!}ZNfmILE^KU!>4~YmNS!Je@w#_+Yp8vk z#7H)==*5&zO`R_S*Y_XmHvt27v#w#k$}sATnvM z9HcA;Dxf1XJkFMXXo=tm7aSs@dEcH>m$R4I<>nXLnT5Z$*FrDf9*6{K58Rq5V>7R2!UG!;Wv(G zl_+jFjTP_a$g?tX75_y9K+9cCl94FWz0tuXrWI(+Vvk?XX8!g5Ku*h18I8X1d$0+$ zA_+2@j2s$;f$lQyeyS)Q-uHeZS^x;uvE27sC%V+aDHa%$ryA8Ua3>khbW}0W z(f!oT77TOl>+6&5pbO|dIIv2_Y^V6M`$t*n)34%Bii%zf)gk~x@;|$Sf-b4 zx@-43O?Dq-WZ<<_A@)K0?k-G|BZ`TPJqC z!25DTBKX-I@)<=H_Ii3oqhf4MufuK$v_es?oUM)I2|<52CT+$NixSQ;C*+t%I9|EI*4_(DZs)KZ<%aqthnIpd}Xv(tdhaa z3!7~G8R$_8 zj$7*L?eMAUFwiTjk?}Z+_Yama2ID_1zvUOy(45Jij6l?oTKu$D*E1xfC^u1)&f^Af zxC!O->LYU6`;pc&)_C%5Y)E@wrrlv?h;&&*FCVrYI&QVib5Pj4CfnazGs5xP{)_|$ z59JKOq$bEadbM;e>*?~{5eAh^9bUiZqa@~%cwSMbt-|th&H~vqZQOB{Yhz4QR6hH+ zWo2dahhrR@eas3!L|p+Pj@yt3U!i!{P~pF!*8j{K9Vr`AYZ0&|+4Apga~$AA0&2N3j8zc$-+JJpSRjPgvfV(1>-9eE$S zk)C=m;*|wNk9F$Q`QHx#{tn0r`l>>|6|3cdn$rz9GQN32(^^0Kvk+3_x7CP=l-C_Y z0mf`6PfnV0hPSJ8ZXs3FTU;6FOOvJl8uX>5r97zmP)R3GrjpA-g(Vw%@kwv>(%u-U zGJT@`X@8ppGp+46YSD>bAZkzAj81$aXst9it-qTTT>djUO@}uy^Ak)k)MCKjKTe26 z@7mT6a#p2aD3w(eE8lo0eBs3I*9^f?z={r1z>y0@C+eXOLj)g>jKz&y@OZ!^ zw3!lYLRw9ENbDo*(=9W5>#+4tIMz*Z-B-k2s;!x}>5AXu4L^IRD$D0SOjhtL$XR(g9!zAj|M-@|Cb99P^?Mz3UeuS4@I6-D zCZvKxVRtTGCP;{z_`d;~{E!Rn-X3*j^VG1YCZ<=MG~`MsGJ_XkyGeg}cW~(0x_>}2xw$zWum*%sIYbio z)F!ifPdukW_iR)6oh+`4Iqf5kg?_S~tN&4eY}{BgTkC9XW>Ys|TI|GET(S>$R$xTc z^{z%Ib<^el5%m@fZFWtxb{#7%MOz$-hT`sR@Zb>Kp}4z41xoSa?hrz7cPLQYA-ENX z;O=nlKJWR?_YYuaCwpeinsuScEB5wDpH&O;<)T<;ZGDCM>>7ljXo_faRK2 zg@mA{TWlc}taS;4{z*wAGi63%j(Wr+trVYlz9k98z-5MbHi-n|x70_=sF^8x+W(Aq zLi`80SPH0S8_EQx8Vb9H>wg3B+T{MXM`P)<@3t+!MnkV&9DQ}+p2N)B3y?FV`M($@ zK}tCSoa2F+J#_KNh5!;1|b&{pauD&>?-!;!f26|;g3}|QTFJq&B;n?3qOnx);MZPPV z9SKUfyu<){E-=+Wp#Oh>82J2*>|F`A4L|0;3@1tyuKJEpby{czpG@OHib3_D7x&$`B` z3F&&1KXt0e>V<0MZ9d7+X}K#1Kk%{YBpH<458mQoK{!~5U&ushtuIa+n!EtdeXp7f zKeK|EdYsc;a)3FTP5o$v8-S61iup=>?13?R-!Y6kyL=~C_L+Xc2vMD;DqYnpHcsgr z3BuprFr6uuukGI*$SCm6V=q6q_O<+rrkQT_cQd1Fgibb2jZld>NbadXk&POb%A4&g zc45$f1WO4|{%{=m4l#-UH&o6bZpYD+v>#!}P$tupWPY#84SU_DM^|LZ_4uRL>zZu~ z{0SBogc$X33xl!v$3M1JAE$F=DwC^oOP^xHX!8Gd?c{w*!3f6GUXvJa4FCc@Lol=! zpRGtE*S==ZTV@BCV00%vGWj()^F~_o9~|xMZ;)k^)st{Sk~xf6(T1|Z+1F)k;|7*_EX8C#P;h3zsHz%iX_oiq}R7?!ENcn3ZaIA25Ji+e>pVukPoe{MQdboMmYsT==HTOKo z2>7Fw+8J8po8c>&>^pAUU$f@B+V__otYNi3B{vy(fDYk-92|Mw|{ z(ofcuLBM*&1nN^My2>ia&QqJrXg%-oYII!fO4%)~ww@9o0XR#n&*JX{n?Q$7Dxw!P8LES+GEW1fV{5?IDyUX(ue)3=(?(HCDxL zrowf5Y#qV!J{;)y;`CjoD@?yznZWJ8hK%>xza5l-M{jf<$TU04#dT0Mjli|Z zPF-0YJ6mTwwK_|73!IE7$u{OMfNGaEj29#>+Yo|P^&~@SI&wahp;*aY2F9i!6!x9k z9Xx#Wl(EtgB>VN zz~eB}%mX0jC2i6Ku!(}E_snv`h9-nM{fXth*f!y5EjRf|>( zp!L;z9O3HR*4QpKsbxUO@n((u^tk;IvKRBhVS2* zT=>)SuzEQs62PliSBWoTlM&woYtBZ2Pzc%(Ae{9Vg%!izXc3p9Yip00_W-oofJ8;B zKGm$wa-48)rpC4rs&1tAE(ey2A$u$LTQz?RS4Bx)(OEU-B^m2iWR1&c0N$`H6_+EJ z$}u@zo8!~nTOHeHIoi**25Y%B@@3l`gHy9Dz167tm4B7*m%dk#cNC0;weEx&DEnsoTuR-g@fTjiRz`Ke=(S2D*mVavJ~Eu&Voa-Q z#SQq{)P43VGw!M*@3b=}ddr${aH*aJ;5>R{NcTPp@=sjnnN$7}o5~NIEL*8(k zW3#-D6}Eciq#Vd{hDh6V3}DkRluTRBXL3Z6PpWXlg&tjHtINI!+;3P=$HLrsbk`r0 zUbYhC=9*+jV61$qh-v8#kBlQ!U_O+kjd@Nc$KHE8P5?zdi+$jqZENRg@Q@poxXWbd zfUd$F;9WKqt#Tb=^lEav_Oo?vd&$P8md61O=>PZg?FuN9?X~DsktBEvWkYdhTon-) z^mh*^*h(+kwd&oiYwtJglmM2*P}%sGLMH>9Rxo-r)#cxSCNA57U&^^bSBV+a0pz@7 zS3x|jFBZL*gfHfE=&&K=sx8?AhX8dw>Yj|>NxUNe=`YLRncbZ<+8?i z?#?K+Mn4Hu62%_Zc7!_79yvG8Yd>Qk!{^tDp+;>k?(Y%-CcVj<{bmhcI^19}6^QJ{q)G1lY8IF2$Gt1@#atUJ zJ~52HqKa!H;8zVE@Zx<56nty^5QftoMiN6{`R8aHzN(U-MH6sC(It-%>6Y1 zHMbs=lNX@m{{fhRfkj|kqp3Q8kRyrYtl>YJG4KfZrN)A3v$2Q)3f_O)lUf{Vp*^ zQw;7iT5gTbI$wjg3W|tl$n^5V%G#E(VE!#j0~^LT^PaM;HDXBhv%Gi;{cslwITogT5b`eUkRb$_EC?OH~PjNr7E zmRrqF5;k@pwfQdoEQRn^Q?bi5rw9+Y+ zkG7G-vF7uP^$<3gcGx?bS{7ycWM|jJW}4nKCVrC*L!N>9PR#IG3DY8D9<$HQ6WV`# z&!>QHDj$~$`6X{o;rH|R0h5KG2nA=XkbrL}TChK6jV0}}Uj6}ex5OgCLL*^*LfU4? zEF~Fvmm|@t5aL)<1t*g}vCy|L)^%>bJqt=f${tRa&qb06`l4d3rc;Idd@hE_=p!hW zs!h6En!P8K53lcTA{U)Py}m#SK&)KiVd0xFWr?Qhy8Lao$ZL1lLvLfo-ZsiUbS(9fPGd`QBws*nklH36%p zT?)zTk>0V*dFHb_H^je33^rGbbCXx5%(=_Z4Pr_bGK#xT9h=Ik^|(w8k)c>yEmvPu zxBMbR9QgPfECIpOc0wLXwl6OBm082mQh04aY4|8PbVkrq;4s!~KyMezLyBTK(><}rVk zRmgNfw0RGs@%>a??dthjHIvXu&0qFa$+xwYyINQI_#}gZ$7+V{c;Vl0$qhk0md>|3H4OACcY5A?@WqbA(~`b0@-*ZtTxTaT9v8)L9XdzL6vB40lV z_UA+wTG_)DGNQNDqg&-rwYYuxnBa}AwQXU6RxY(-^v7a?+mRpn%O{(i;?{xg9@p8?!RF^YXH_jpI7Vwu z`M1Nr!px4U*Xyu|>6g=nemrJuN=OXujPC?PQd&9bN}dx-+YxsOVvfzZ=HGcy%S1-A z@ozxV7O7>m?uJJzpNg03%SQ3uBAu0bs#^V%Xv*@QQOl{AJHpA`7H|O~X6+EoV zrx02Im^gQEw|Hk9waAp0&qgacIdHc6?eikd37j{&I4mBg|30?qC1rElR* zdslP)6$@>L!;^Gr^lEkvQVTKRkb)ye7txSPou|rYBjQ>)Rw<<%V@wY zCUrFI4iwo`RP{|31%_(R+GMgj$l4ifVPEsF+K7LbzG9NGcaN7 z`m=Xit45F7%^3@lU?O!JU~Dto*V1x?+Tu_({hq=>oPBem%dgG`+;_pn%f+z6xIZ)m zPe16ea8JqW>!EeLy0zW@{n3tCu*P1e-k70vI6#QsxX{oBXg*Nq!F~IUV>-R#)ALs-1nPqJX?|j89g{H<@&s@FZ?0jyzs#70wR<2wrFF zs8qRy9un?e2%3*LttZ$t;BWz3A?U7eUe3^JyHSY^%r}W4MyIglbcLOk)}q`e>EVO7 zcpc)ey=^h{`b5q0GZx-cWT97kb#=Xtj@mu)JC6Qe#+>4F;`VJq@bejHZ5Idp^HA&x zN^NO+8gA7TUF#V55i9#eR9;5@w*X=XXh%hff<}{WI%=i!uHHnBsU5t>QdP%+s>H-{ zhx<3z$S1Vh(Amyv#=Zo1c~|_`TKyfsxNAFnsB5SYNNufSo0y+yZsj~T>CW%jnx$9M zkX&x-Ty%vbVMT_O@JlM^-#gJ>tZXL;c8c`bO?`7Cd`QBTy zc-kUsY}v=xw;!h+s}U~O?}C*j(+b5S;?L@<($sz%DO*CQX@Ipk7b*SRa4jg$JR6dA zB}|W*&HYtIw!@ehlAsioSTR$U9IYamRus^5|NE=2_c>N(E| zM>~{a(U$If0NR~fN{IbH??4kyhzZ`efMms5(OaSf4WWz!{rMb$kLfFr(w|ESn*wC# zo!6fQ!F+?C+HX%sl{tl0gNP{kO{!M&;_*<-;4O65B73-f$*`C`32`nvaCs)klsfr^ z$=zp0bk)kNk|e2JU0u~Fu7-vjd5s&Swk&^yUX=2NKHVW9-q69-I)y=BO5$3C^f7#| z(tYSi{1&38r)RoZs$F0`Ris?&bylb(7_wTsPy@seeMfsW?|XfEY}zj=JE{qS+ja`6 zRY_`9Ea*{D|5Haknm!j&yXdUXCbg_};;0Tgj3lcSP#XDw59d==Cajt#x#I0!Ze!h8 z7endBo!&0e3Y$xyi#8bgP%2~%<+b#*>I)>Tltl8L*02#4~h&bYW=p` zx)%533##SYY@AJ0*_n$PaFR`(Fu(QwB%HRdjvA)vdMRH&DO+-K^M~+o^+xg8Q!i4` zf|d;j(1h9BTeDKZ&G@sg6=NMt_B1NsNx>hW*z^s%u}EsiR=8Do{NRTP3EFa!$x^{G z`_|;CLW$*TS8I)z*adpaStRyy`QuJ{+xhrP4<|Rb#{l#?L`?nxZBs;QIOI*VtStG_=~Kft!J|I+2kTm$^mit* zVf(v3??0>L_->=BT6@|>ecw-dWIt?s_^#Fr^=e#vmEkj@;wKdgj)YLCAO4wF2s8BTNr0a0ryhXY3Y7utXw=r$l z5u$_Q5gl2>)Yj&+1zTjBgMCk+58{~gy;1LYcz6n^yf>3r6F`5$RR56TnP;a7(8nmq zOFWlhLf%tBv&%w2jLmnGz zZ@dq81Es>D6BX_tDyTaqV}_O${H3NE=|rd%?=AEjycx=o4k2U$;er2q_@h6y z8(zLHDas5Ir!zeJRfajnMUy%=TQUS^(oBMZ{#=lCQ?;;8FT6TYHKMRqNM)viR(_IS zjNzq7LL~DlH1sYvl;^C!_O24%*X>8UC9vj)vIOJ}9JbR8V-!{Iy*A0TMK9B zfi~V0Y;2rwY{YNlfWwtEG*|^@1)YpoWOV-w1wg}NI8Q%U_bGhaa;xuJbz?%%P4!86 z!Fpg28-*6AoJIl{qo`&+_Bcw9bAX7AjLy^fk_*W%qIQpx;Wx6Zt@;MfafGf0T=5oO zSx05H7kfo3G}ti=zys85;qe2FOLwQ$RFj+ z((7a0WY$+11|ms+^b(Wt2+PD%f=O0uhIdDo96DdWZ52H*q<0adsK0Dmpk;|V2&kvb zS}RM$p^MoDINwq^M=dS)5w8+Pg>rnl?vj%StYwFuno^Hie83IfzC8Jeu7e_Eo_}DO z`MX}Kt$W_5$l`t0U2Ppvi)0~n{=Apn5GS>huv@84pss`N+MvDMxvDJqJC0$GyiXxk zDvzGVfq1u_Wtm<4JtnB8)_vM$%zl~(A%aU@|7>|%l$}s(yhv%wCCHjx>>xt`%VRU6*8h((ge;Z zh^>oMt9$vl)?JNW$asc^mBi%rb8}irg67-J{)z{#eEbKF{FQ2dZObHzHxtqA290*d z!fY*E?sB)B{?i!-YcA8n158UB-`Mr&Q(bgJP-o5%+tKAn~roNafW=i zLKB*eu$GxR5?YR9n9?5-U>~h~+$>a8#WW7Gi(hk3O{p266HQLLa^x3o$%3K|>n6f- z$4>*^ZvJwMWmW#bquKsPPD!DS_c@PzvW3K}`H_)Kn}G^DR$%I~hLo5Fvkyqg>liAn4l_s)Td`67@a zgZ5g#)wF*SFr^8fAq9bGJ$E4f?nDAzCpkrXL*zP+-#+XIn!(i(!NKhfouZ2mMiOkJ z>!a6bjTB4*eXrUfKJQO{xlHE7Xxly>!~1A|$T>c{>LdAJ*zEfU8T#%u|KvUv1v^`( z?!*sT^4Udr5Un`Oom;BNjfk#WKLf5(|IDuK{r$-bIYxu>{M<4)IBmgASVcGncMmO8 z;{Udav7de%y3jUn+uMt(!p6uj{r8FUd5**TIitDg!3@1KyDGb*+p!|-tn2AYW6nJ! zSN`^nF4vo-3jOmP*b@2K^z=gx)_l z&tZ`q;wUcK?8tGC;)OFCe0dI{Y;hNNaw$NBjH*w{^WgNaV8Z^}odZ8}B)LwEp?RY19X^@hr(pfJt9KZVW|3ijAW^K-en zY0+6~%&Bj28;Ck{J@XaZL3^#!%m6dO&LWkRU4W@vch(d3MST`WBxIk3V8R%!HZE@F z=H_Vgl$nZ8sH*{5F@>p1CvLCC)`jisu8dL{SH7PqTH(*WFN-#Fs46p0MhRjD@Oo#9)_Fie zaa%cf@kn*7p;{IF!chkTL$eD@Z=9(D9O7{;obya~V@KP;Z_xwDeGaMA9s|ys=9~Rm z&|6?aa8~ihJi|BN_)C90w%tO5URFDx?f+Z4jzSYT?#ThNt@qOe-6@2<u|=*iDcYxuPOO}n4F8y2Rm_&Wk^Hcx!j^m+9>G5EjZWYB|lSy}IM^<6|d zR|xwR{;^O%Kd>sHT!3mNn5O*g)r3Z#wvt9(l|L^C_Qi)bZ+z;;^KN1sUH%ZI;(W7E zNGi<44A~tn+$?Bp$+JZWv-vqF57S*Fg1M82zYZmKs1s`csz*o{sC-ExXm5W5&N}dI-`mV!nh zMVc6)qZTu`bmPRLu|(SvmTtqAVak$)qd4X4gz$-HlM!rEG8(NEycSEH#8kK*28Fyh>T$xsQ1f+vP zzm*tbPsYB%>xzdrOYJS#$cV`LviM=ud9A+dK$HRZc2#5V zLr*!S?`I=K<;WLA-u4Kn)jw)sWw@;}y5N-u^@CqQ)%LAvc*Bl?u2LZRTYn!@ z7}FA`*m43{{;uCB%b&hsp;QSf0A@>LT9t^Sj&jY5WTgsOop&0;gJTA6&LE4<0+_2q zkw3F%vL_J~CTCPtmMj9pRubsN1AuPS8r!6k7bT}WhHM;C& zr|bnwR8A;}E^HX^$&q|U{+ByLkYf0VY#)&uF0ZQJ26@8x?ZD>Fun@zbl+nbJtB(P# z65ZY_jSueq$z$dvvVsPn8JS>ZzMD7g*%GF5eeh^e`I}F8pn=zqBF@Q49qGq|lw@+R zq&7sj?avC7oC^5)TD^^QQmkMMvozI58`LoZD&9`Q`_ASBb0%(943$zRyi&{sPlR`Do1wy0My1#zWiZ(}E=l$@$;dTU(Ry1_i5*QEJ;V7}?oc zPUsMiKLsvL#IGu$In7U?)!v%Rx?PCi`Fho(0a3kpHStl6d4&nYa(4v%Nu@+co5lJf zhr!yMy(50#&GE#x;fV5{>O#TE?Es!FF&5OzH&}nS?k$zzfH;w*4b=Q=jUy)!(AtXML}(Dz2@yx3Dnf zBON5Gx0(6H&ct0ZB5AN>T+A8!-PK*n%gbx;cd+FCSQHR=tX1)O`v-PPm58i;HKB44 zMzN}@P?vt+bato}X|V$G?}qB0@`UQ3_?dlGF`l>gO-ygttI0r)r1Z{EGy#Em;!j(I zF1d82cxS{fQISrq5mUCPVg;=Rmn0spa3E>^HFojVfkC!DF)q}$hkUpM2XP$oM84jp z*YR$g0NBE5{H%>vqNxsBqTp0b9mc{c(9qiywdb z>42_FZ}j6qDPuaFaV4*bzhhwRI-`!R`}@umUi(ofH*zempIdAp5Jo>UuGFwHTfO5_ z@@n$2fL<2&9>rTtgbYNyTJ`DVbR*zHeRP?S$`qsuC z__7)~Xr$QGJ4G!2hkzh9kV%ra)AjrFG^LG=TT6>qWakNBPueP_Pf+1^WV^X!E1Fch zEWg4K9z}$p9~}sJl%qGb`pjtAw_h8*{V{n3A((xy&oWPw?rFvNONjXm&}H5|2Oc7b znoQL9yS51hF}bDGn7uTdr5Il_7aN0>h)Iu6k7G2+Z9@eqHqEV~JH-{m7UovCVlVbz zM`lI=N>5;i$uy8rAzPXl z%k2yGEXNOx!!F*w&fZdKtX&9}!a%+!Vp7EVWi~O?F9(RzBMX3h3OP zdfMK`<#pvs&)LqRLUJJIFVKQ))=7T(zrrr&;AOBKhXQ7Rd})}-#2(xQalVrc+>7!2 z%1`Lt-k4QszihVNCn*O1jIWT}i)Ky%g*l@FH>!A$mI zo~ZuRsOpn*T2NCnS^p99xkB|G$|cSL{N9O!EAR}Gkkm^AW*$W{ava*w6`w~Ew^^j$ zt>yYrIXkdGl4^Kk$5VQ9@y9NWm(I02xaKy)o9=j*-%bVVI z6msBIG7;o!qxeKsn?{sAt`+Tef4nSoPD5?k(*^-1ufPis;f(;g>R3q-Vi=5rA;AadSLt_$ZZtij*0oTE*UsWQdZM8IVhc zA2Sm$b75rAJ%TP&G# zJwCrQvpve5JPqtx5mX_`7ow7KN4{)y4UTLU=Fku&Q)-}7y5mLS~FT4l;`_6yu2P4!NrQN@7cGRw=2 zHp%=U=lQ@>%jDPVi(? z7+~%d)lW>lT$KyT()+ycVU z4NF>^Tv`|Y22mI-JB>64^p`Y--0_-nX$@;J!k~lxzP3lzmwj38<;cK4! zXwPt*Cp)s0Kk_jEybl}6P=Y`u%j_EgW9F>=NCEwat6on_qN{9&nkk(4Vh%4qPLo00 zLN!w^;$X=KLwW49rMKlEE zIKxCmv@v9BVe$6jnTrG4+qXm>ax}&WYLo0h0db5xh#T{p3Ei^HF6h!Is{QL%g8zmu zN+IWlmt=7+vZ8tG{%!4y$*f4h@Gp$@F6HiF-?b(LnR?+qSt455FT>QVI(N7N)!b08 z+^nCFbt*^RXi^>I?pUTRpcfK|h;WL0+gYWR}`KL%^4_+Hfns?r7QGhs6v9OvZmS$VSHIv!BW-qO01_ z1)Z<$WB~aQCZpu8ACPUpTtWq`<~C6aJN0qVqm8vnTK@eTN5b?GFbr1d!SOTt^qf|* zmXHw#AvC5#CPiGl70&B3R<3n`ECN0ES_ho-|a2c z9vsT^F1P{N3=55li;msE(Ejs}Mqr)w-lr1u3OwLucuFk@w z2*j*%3!5u`9^MBctJ?hx4es`!v;I$dJO%~|musO@P=MUH$(*WJusi6QzIDOs2;vMu z+sIZ684^~PdH?4k)*6-{bzl{tG1UUv!P68p^UZnYnlM+8sSdS19o_ijo?83>{W>np zA|*@v7*-7*fa65yh)svJtHs4zVJs(46xQ0#RJa%#?x7|iXY*x#3xAJIF>y;swX>W) zgx=iH|EQ$PzD@*|3a6%8&a2JSJtgO81+WFS$CU`Ec8TYn=-bZcd+6mDje%thORmI= zg`9VdL^2dbcdn*5MunIl+b4w9D2DvWirG}1`1Bu`(}`vmo)V^nb83=rz`#pp_(Y{q zoR(JdVGAMW9`$0M7_{;FVbD}z;rM&bcBlaRcBD^-qsO8B=I6?L4%vII{!KJ9*@N+QfI$powttxD~r42X4@c5o&;J&%QtS?|jITm%^zG3f`lkO)hA>y*jQ zqmGZ8eTXKgeNAh3347e2G=)u z=9|SYz~#hqMh%Om%$Dx*Ouuc^fODJ>PQIE<>A;_Fz&|vj0`00wV*|f^DG8Xn=H?cZ zB$AW!iH|uLBkI4z5k3a>T>#OM+wnSfYB)tMje*}uvtjC&qb2v*;v?thuY#7I$6;Z=_?AaPa^19kVkxg(&^NqwLmR{k$Y(MCwVU{O z`G%Jcz^AmNQxO{~v=>gCKYJ3+RDmHl3SDk#b#B7kw`Up7?F&RJCV$&@NTJsFEmW+< zy2IC(=bst)-lX_3kIn=>*$-qETEB_ zH-Bv;&KNNl*OH3H)Gu=_Er z5EzuWMaTk_U~K8XMnM*YR$ZacOwq^l63OM(00cOdvb6fjH!!_Dm&ZXCu^uZ% z*q@|NdiZKwC~`yjtxwB;92e9);-n0K?FHNmNuZlM$0@sVE3LK#KW6HDNpOQ12p)A> zn5O@lTs$oIYow&9LRto4dyeQt7(lJ^DG_Ivr4=2R=QE+>M=si}gIB|*s07yZW0QW3oJkq6|JyGht{Cxkd zd0f6csrJ*^)7VQ-I`qo(B3CJYhp2JwOhLgM6boDxk;3gID^(N|tDIQOn1jCj!A3Ak z;ic7Q4F~Q_!b<*a9%c4k4>7S-Iob%851LDP5Um__0#ymhLE?7IcCT~Hk9lPZ(4)i! zPwFY;B319_AO9&LzGf4}RPybn{A_ z*~we={w zV^#T(q#m5CDDW!4&v)pjtA>lZ);*A_x9Xld{)m%0Ko5PHe>8Cs5ji%QKA3wF2(XPY zCx(b7%KTatgAttS8fMyoN>}L(?=6?t?7FMCY^-gq%Uh9DV%R&ts1gexjOPV152ZSM z;v)rm(69gd^EwN%adS|+8g6fr5lA6+Y-YR`Hwl>FU%2VFh*40>1Gg%0Vkaxqp2I6i^lr7GqMn~D4!uRuI4scG zQ^)O4fL6;@`^R_`p&pAdC?|VeQ2P!EZjs;)l}jAjEywEmP(gI5bt5P!;3`F4>kXYvFVxpJ$Zn_DIMqp~_Mi9pc3b3^$^Rl(Iohs~K-`;Y#^1-yboVP0-6&lY0 zm)3{-SaR9tiS6yBF*Dn876qd2HO8lPtw&WPxXi=?c~uCgkm#!_lJXB2Nx|6xYGF7a zO7(42T~cjZR~OxOlGWbNFQOyB#EtgbryZuu7XR6T#Us$O*%>2W`QptWLWfCLS4#q8 z6$!|hPm{jAuU>~xA?N3O7W2I$4~PZ}cb>6o!S3%zj5+^o8<`fMRaO=`0ao^g+Dd5f zXlf+$h2(uRf|(qxsMU9khqB>gvg$SH`sZ11hVf_FlvUTCm5Z;K$fEiAZbu`^ zZT^bgH5a_nXu*qbF0jM})3SI8rK9LVU)Zz}ImNzWX~RX;3jMQYwrYo57=lv!9CWfde1Ho1pJ0kFUksgzUUDV zVH-cx>^3v>m8-+#)fSqHnJ1U)h(jWTMhV^dF8y`qPu!g=aGS<%2Tf;6^^&emn@+J@ zdsF62K(q*WW`9x+Dj3^~dWgu19QAY4>MLrVYUYeqt!yWT*)afTC>TA9i;gs+M6b~g z02Ba1Ui<;}t5-lAj+Uz&K)FLG=6M>g_f3%S*dUDnT%%r-M=vm|0QO6@T6`=9lU)TQ zN&#)E3MjYroI2m(fuFyqy?NR($NTzVnxn}!r@GvB{4gGSa%WP$V-9Fi=Nm@Bg3gJx z*9`7oJPWZa&8H@Ly}Su|cs6ZD_RhJv6CgRo@i^CAm|0K0w*hi?ZFeYKeu=-_MJY>k zaB|u(OXTb551F`MjFY`=pQWChD3eySv@F&;Kt41!N(KA^{dbYR_NcW}TnTPUh?IU% zHRckvK8-m+sFR;ul$O{WrL?CHPY8x1nxP3{&)#eKzdOy8dt%dtlY^$&_vXc zhoTy$$yq}PkK^_lgi^p(@&p&yd1)n$+{DpkYtu%4;M;Xaq>WnWlEbI6vf{Q~ByWIR zGnmUrOG{^)p>#{FQ3ni=HSrbX@;HDK9sPH3S~WHfhK2=;pb!R5BswN8PlOlJCFjo& zNkhYjqq%z5%hTXxlJnOYb+(rUwXc^vM!dWa7CP*k1blYmm(4SX{ZPTnCQ?5lNh|a_ zofTg%d3GP#*1mc;C7EPY6fsM4JqZVv2fQ!$BC!uchKBU+tN&*H3W^N(Id{?nF;$=jZ>_l~_2zZ@h8s zHdRop>YlT0W9rZCFSocwOG%ad@ZhGvBV0ph5fsNwoUvlUg-yc<^l=b$S)#bnu}{no zsx|qOc*z=j$RGN7q1yWJT%}Tt^1{rTI66eytciYO<9h*p678itY;10mH(-ppGhFcV zi}PJlzjLyVT2f-aQLfu-rj7&8sl)q)4pt%2Cil(5AbkqI^}J;%3gVWVp=GrF zcP$U;%L$8uw}*2@(wRK?dbdfhu^*7D9kokVGk@>SAL~p$sHEc%J1_eGJv=A7Ar9d) zIt%H$lvB^O^ur04)X|wkj_H{i!l(l(+LB7CIggxRykb(`L3VxhrrY=v;@s9(PTCAq zu`KG22oQz|mXVD(ddIR%Zu$mw!2izhQ|hPZezh;bABl;}3;% z2S~c2P{dVPJ?TYVECige6^n9PRpqW!YmqUX&XKivv($IE;26}^fNK1GnvlqC&-aek zi=wwJL`7xGc#*FTW_fOh@`EzG%`Ra(%(6cBX&pf&6n@=v%mlGAAU3#jHFE~^!_h>- z-uu_697pi<{Jh)Y4;>!+nPQ!kN%X9>{NiHymbEjl&yFBFOOzGr{d$Bz7#^(4Z9+9s znVYkaquDX65FI3@id4|HuF2E9lCsJVAxd(4rLLzGY5vvMV5sm5NZW!tvz7wv8aOil zjoc$L*)LaeCE!|8js?sI3ZVM0dVBjGL~s^VS4z9=K$THJI@ORP3YYXa?271X|6Wl* z4%D4#>uvWZsk_GhS87qJ;_U@2fv@bZap1&OfgvcW`}67P*#lIig2qv0 zMs9S0z{%BZc7=O}|AQ`{_Iai9;I+0?E7YpfBU69kjsA5mtv~3#pu`sidm9S5jkZgW zwLcp-nKMj5a{14Sl)8VSb(D3^wQAlXkCPH0bCo~K3rdyNY^Km-A^M*uOBLNei*CKC zqJI%^t!*LuRKE5Y7>G=$Fl4;j>(Tf`Zo}5JNOl)hdGxRqBIj_;bm8)x+JB|)&rqdn zaIlf4=cO>SYDis+@+MaU7MlrJ6JSZAe)?^2W&jB11%M=@nBJsHUgvwGK>H0K*`K8y z_$Y)vb^RhP=EN|#gF*q~XQarP*BwZ*!FDcUwOg_0sahPAybkcYC<2@P5GG;I<5<)P z+^pb5lmmjTfT!x-0pMYbDPY6ZLWw;?6yVt$DZYOFr@8)uJdx0Z8Rf%?#c2_*f%9@S z9edvJ2*ZP!>N5g@ILjWu6C)tlpWCjkj4qqcjhNl2>-<`gka^8{`LyjL8-DbyH}b(y z_p*fgDN=_SZf$3!?v9y<#iXISiuHWxv+;IrxY|7@9rJD#2`9Wqb_go}h|NHq)^Du+ z8?EBH>v0KWTxr4_%vp5(baL}~leChMR4y;$r~mAy8_00Q>P~t|@j=Q5p1`8fT5ehaIK$IQ zNp$%>_?z~YmM37i(xUTl^G+|lKLiG>Uhe(l73;Y-pIvP(HQO&e#>jF5u$6~rQw9LF zvs=%7;qI^_5&$9p1(?qKK9@bJip^r{pIz4OE<`EmV{s7kTb08tC&2EXUF%&PBpLv9 zhZCOz4w*ZoqOj{uakswb`h?&!Uu(WHYC%ifQ_%QtX z)V~g50VndRIEolbvKL&=efJ&gAXzI%|AJOO8IeU-=~89y9T>V~GZA|)6M*lJ71T)U zVX5dFvXvlFa5nU+_%S4;B{Y3(A*=jOg-O!5JRiT&QZ# z)S_6|3!2rVVGUT!OX2Y6)I=prWJtK`bnjqE`RRklTfa{NbHD#}&Lk`xPOwUDPS`oy3ET+4*DF#eDA4_e&Q^^$!j4wN*O`(Ca2Swjiq;Tp|UlVq?89u39hb zu#YC8*~7qHGxxPb61(n_Pxoy&f0$Th+-S%uzTIw_AGsd1+*n&j>8&HPbTZdrBY85J zy|UK*ti%l#!bcMqmehfR9H%` zoX)AF^bQfgvuqCtH7!X2idf5eEcA5QUjYskASGmBG9^&EAbJO=Ji8LXnW@OnMd&luDi_7{}P4IL{pi2UzVCAY*>n zc|n8;ezz3g4H9NYG`!WOVb>LLKB0zlr!W^8^(@g(-liVpz05k`i5c2J*+%O7vS9CP zg0~skgOdOQYkiOQ%LNx@Tmw9y^4jR#2nuc-<_*nZuVvUbi(zOrI8rSkXjZMjw{pCo z^=%>B(~rYaG5RNqG^yomx3m|HTKP9`NN>Y8-mw5e^Sblm{+!ilYXk4$_6MQh0NuIW za%ixh$w3Nju3Wvq{)uA8JU!Kgx~rOXZ5Qg=;i^a$pJ$?wh1ylb-DA4E-rpdDP;Fcf zoJ3TX(~USWzqGJgVSB8vuh^m%R*|2IHo=r(SsUnc6IA3YD zA=bze-z-zT;ScleD=S~PiVe+wyU?0+uX5Lvb~j)*A+z-*oAB>t`?;7_!B&mp`3tN2 z3kHGp*K{FTqPkXDYYuU%3(*g@ZtLx3AD^gvVjhq)ZOTJ#--Z%8MM(xG>mnLR* z5KT>%w%4{j44qtVgPT8_JAjb~#R<2IGsk9XZzJViiM}vfTV^Q6^d3Arb$4oG;#tm_x`c`7|_WMpJLA#9i35 zg&RNa-k*g^Ihaiwc)X;;KfsygsPbw2a%&Aokc0BdbDkG%OvbYjJN|5Hdt~Q&Ie|fU z)3MgN%e|pucif-&O}R=6Ti`?kgVNIAW$uYxhrGVOA&MCKIzBem9oi^F2t$3yhSUt1 zQplj$67X?1s}8J=I)Hd#b5-L8ux+v08gpM$Q5}=1G_C=mAU+T)cZOEUF}qJA{7Igj#A0iG0oim9~(&wNTkh^T2uG*WLtA3 z`Q#@4>*2Qc`dQFBVzevv6FnBt))b6;W6$5QDWEM5|1jLwC-=J`A5V{XYIGMONyDr$ z^#Y~+;&VP@oFYb^nxy#K;{LD~n<>~%`V5%$Rah*WXPn5j6F1GdJA5AlW|y|+E7VIw zL;RRu>LdmXXTOETMATv44Qd{1DLd*ZJ2vys-&z9QAA>2;4A_Sjo7Fj??v}(miip=~ zcoCaIj?dYcfM@-KTIIEmK%QkdWHWm8EZ|Y*B1c7nV4tg~eLhHkOH=?VXLGO6-&}}O z3=A4{!@6?il(Nbw!<0m;rM4B>r`%P*$O8Irhw9X{tpDsH6_JkP8)%%q_E%57Wuf2mrl!Nf=46X0ERV6 zi&V62FZY|FyRxbDO~z(}T|LnTFc{2Kui_nZ7qkls?P@%@S{_EQQ-VM>Vi0|O@T}+S z`@^qZRhO5$1O_JVF!V34c+|ak;V^!GC+gtf-P)Rp@?##x*q!Zdo0?|8G&jf2{+KUi z9_xWEB1Iq6C}ZOnOAgsab>e)8hjG$qdsK2+lm%yOJ_o|u%#7DM6|FMnT((2gf%rI| zSlrRX8((4~f1#p1Cu-LFeNP((Hf&h$@)MJ&I>`0c_o^+6UIIS6J$?a5*CHz$D0S06nV*H8-mu6$g_rI!Bcs|?9Vz{pl`%|H zb2I+P9UF0LV2K261X(_Z?3K(gPwt77lN=-?MH^^b<{jRG>@r6g#H_$LoLN&-+U+wCe#vi?wK}d_&kSTe4O;V>(c79Y=~@Q-kQ2zKY%u?7}&VR>vhXb>5cVE{5w+ z-9Ry#R1`SMyvS*us15Ph>{9%bfZTZ@BRxH(w+j7auVm-W{6X#04tf$ zD}CM;x7lJ_k#d#iM_NmT-<}UI4=Xu2HGiblZ*aqyhZez=eqZw8NXoRi2{7bYN{7ZP>333AJmm(1In zgF8usT%y66rdlQC!|XRZo|i>Ed5bAe{-n5hBt@E#z}#wmOn!bm`MpPD(csj&gjYwQ ztC%MipEHA1WQLqayq0@mZ6OHQMMy@WSw_;d$B0{x3Ex6Q`$v&-0ph1#$9;RFln~>w z<&8Opq7HMU!>BqDXAO6C`HKgXamHVu^V^;xs?shDiPiLtEB1wXVOnB8;oA%oXON(a zh%9Ks>53$Zd$L9a!YpxTq;$rM*kT(`qy_4&qK$*#?SSPFPEn)6OM2Y=$Y(A>{>OXkUXy48xU^YWby)ml<52K8d?Z>j(eZl=|kZamo8GOZC0$7~L~UiX`qT9?0h<>lWVLWIvLN zfUJ!>ZGnw220jY`1aVxpq9(@j==Ram z2<5oXJAfvMBv&J)fz-lO8K`C8v(FqVG79#lKJW+M3@Us&*`3kk`RvnXdDB|URCu~2 zQYuppaXw4{4mg6Xt~w1GMoBoK8enas8vFf4(q<1_wg(sB4A8oJq<^SeCfZ+|{Awt) zWO$Hp3`I5UY;6?^tY0DcEdbnqlmo$`qckX{<%_l#@Bt!cR>!@$d+O}^tyMFs6_8-R zl@TWs=PN1Sxt67aju6EOYhxH?Lmwb8Cze^(>-+JA_sqe^!}8@~G(_i(DxOUx-jVZ^ z%Zu&~Vy#tw5I(32=^`u1*6$w&w*Y`IzJJQk&fnZrYv1&X*OYohgkkeAn6+|qe(x`u@FHc%m zZeV6-Z#5RL>u4kh<;qbjTUqU}SBTe`*sHxH3N7HhV^V9YeNv}1?&-NbCLd;-n^v6^ zLGj~i0!TZ?#>xu>@+H#EJ|S`98H9xtIKcu%g1MgWEU;_q4Hq8IB^lKb16JJ5MEm(L z>rfakcmJnPLW_!_%yG(wd7nNElxkARh9b0RB`g2Y-kaD}Z~VY_C7PyHP&L=y6-`-M z-mU35_pFmDszg07UXJeP0kW1CjUAN#JIsjLTERe`fTmrx? zm124o(D!?#vZvO}v)B+dmYZq5rguKR?V$R_1ra@GiDM{swqw9%7VHp-en{b+L9^_# zGUGG(<_^EbIHH=+HKfYmLx2Ad#8auFh=Z6Jc{M--1(wFZ1seicz-Oq^VXWTyiH`3$ zsN+@WEgekMa%W|rVnbXFaVt*#AKx!ReHnb)qaCB8g@JN|#4~UUzO;0G{9B$h-#MuB zR%C;Po4cGac7*I>?;%raxM-T}{gQ^`IpT{0FAD@WlQ!oJ)W9)B-KLe5fZ8Rd-v|Nx zI;xO(6R;Cyg!_SS%4x7d9N^*3?harpem5+a#W_1V-*Na}Wj=QP zg+v1)`UBbc0DQV~Q$aK)-3-<-lYUKbFuAcY+!sH0Z%zDCQO*HTc*w2MkTQxqt#Q0I zYjm>QCL?D#QMPW<3*`)p#Nj$?I5>w&zLN?vYxfw}`kvtL10ZD7NXeEIy3B`DHn^yo6{aGSLmXzoYVMSflBbgOUh)upiaq%%#j9}@7Z6jwM{9Y zZG#klF~;}gJ{y2=^@dMNo2*=vOnq0+BH8{We^Z`}gNT^Ap(y)H zelG)A>KCrn-U|J4RJ6g(U(yd0%qfN5Paj;}X)=-w5IgDC%zC}j5uD!YzO^Up%*ib5 z>i=nSM(KmR^>if_rWU4E^X@E^~Tvzm>r2+G4mXn$d_hVd$D62Y!cqKsE0 zwT=nrhDx9SflNlBO_@~k<zzv_hNi>Y$Pg8;R z^x+|e5Y?$BdIkid0J!VvC-4iPCK zt{`v#8VR^W5LWsJI5xyDpr;W31bzD3j{yL?xe!bQ9@?YQjAD!u65ea#( zaXRI%T&LLm7iR+4e*RDV5b#AnA7KrDV0V+STmA|11qMvme?UuEveTBZ^?;VJ8-ez3 zJN)hQ-~EUGst%`{{Pged&GNsx!~eE4|J8&3NnroK>E|cv|6%%(;N1UyroTc=`)aGP Q?kNSTDr(*?hujbO3$oU%TmS$7 literal 0 HcmV?d00001