From f63d97cd96031992106714e0d7f922abfc4cd58f Mon Sep 17 00:00:00 2001 From: robl Date: Mon, 17 Apr 2023 13:15:42 +0100 Subject: [PATCH] last login / last ip feature --- README_LAST_ACCESS.md | 237 +++++++++++++++++++++++++++++++++++++++ ap4rc.php | 81 +++++++++---- img/ap4rc_last_login.png | Bin 0 -> 35688 bytes localization/de_DE.inc | 2 + localization/en_US.inc | 2 + localization/pt_BR.inc | 2 + 6 files changed, 305 insertions(+), 19 deletions(-) create mode 100644 README_LAST_ACCESS.md create mode 100644 img/ap4rc_last_login.png diff --git a/README_LAST_ACCESS.md b/README_LAST_ACCESS.md new file mode 100644 index 0000000..4bdc3ce --- /dev/null +++ b/README_LAST_ACCESS.md @@ -0,0 +1,237 @@ +# Show Last Access / IP + +With dovecot's [last_login plugin](https://doc.dovecot.org/configuration_manual/lastlogin_plugin/) +enabled, we can get information on the last access time and IP address and display this for each +application specific password. + +**This feature is a work in progress and may change / disappear.** + +## Dovecot configuration + +`/etc/dovecot/conf.d/10-last-login.conf:` + +``` +plugin { + last_login_dict = proxy::sql + last_login_key = last-login/%{service}/%{user}/%{remote_ip}/%{userdb:ap_id:0} + last_login_precision = s +} + +dict { + sql = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext +} +``` + +`/etc/dovecot/dovecot-dict-sql.conf.ext:` + +``` +connect = host= dbname= user= password= + +map { + pattern = shared/last-login/$service/$user/$remote_ip/$ap_id + table = last_login + value_field = last_access + value_type = uint + + fields { + userid = $user + service = $service + last_ip = $remote_ip + ap_id = $ap_id + } +} +``` + +DB Schema (MySQL): + +``` +CREATE TABLE `last_login` ( + `userid` VARCHAR(255) NOT NULL COLLATE 'utf8mb4_unicode_ci', + `service` VARCHAR(10) NOT NULL COLLATE 'utf8mb4_unicode_ci', + `last_access` BIGINT(19) NOT NULL, + `last_ip` VARCHAR(40) NOT NULL COLLATE 'utf8mb4_unicode_ci', + `ap_id` INT(10) NOT NULL, + PRIMARY KEY (`userid`, `service`, `ap_id`, `last_ip`) USING BTREE +) +COLLATE='utf8mb4_unicode_ci' +ENGINE=InnoDB +; +``` + +I could not get the last_login plugin / dovecot's dict to update the `last_ip` +column (as suggested in their example). It only seems to set `last_ip` when +the row is first created. On subsequent access, it only updates the `last_access` +column. + +The 'hack' for this (at the moment) is to set userid, service, ap_id, and last_ip +as the primary key. This means `last_ip` will be updated, but there will be +multiple rows per user (not ideal, but the only way I could make it work!). + +Dovecot dict does something like: + +``` +INSERT INTO last_login (last_access,service,userid,last_ip,ap_id) VALUES (1681695393,'imap','user@example.com','192.168.0.10','20') ON DUPLICATE KEY UPDATE last_access=1681695393 +``` + +So only last_access is updated on subsequent logins. + +Next, the passdb lookup for application passwords needs to return the id of the application password. +(In this case returning `ap_id` to `userdb_ap_id`) + +``` +# Database driver: mysql, pgsql, sqlite +driver = mysql +connect = host= dbname= user= password= +default_pass_scheme = SHA512 + +# Use the same username everywhere, +# select by password: +password_query = \ + SELECT username, password, id as userdb_ap_id \ + FROM application_passwords \ + WHERE username='%u' \ + AND password = SHA2('%w',"512") \ + AND created >= NOW() - INTERVAL 2 MONTH; +``` + +Here is a slightly fancier example where dovecot uses the table p_mailbox for regular +users, and for application passwords, we join this table to get extra properties. +(p_mailbox is adopted from postfixadmin's schema.) If a user is deactivated or +removed from p_mailbox, then all the application passwords will also stop working. + +``` +password_query = \ + SELECT ap.username AS username, \ + ap.password AS password, \ + ap.id AS userdb_ap_id \ + FROM \ + roundcubemail.application_passwords ap INNER JOIN \ + roundcubemail.p_mailbox mb ON mb.username = ap.username \ + WHERE ap.username='%u' \ + AND mb.active = 1 \ + AND ap.password = SHA2('%w',"512") \ + AND ap.created >= NOW() - INTERVAL 2 MONTH; +``` + +After changing the configuration, run `doveadm reload` + +You should start to see dovecot adding entries to the table: + +``` +mysql> select * from last_login; ++--------------------+---------+-------------+---------------------+-------+ +| userid | service | last_access | last_ip | ap_id | ++--------------------+---------+-------------+---------------------+-------+ +| fred@example.com | imap | 1681699293 | 2001:db8:10:1aa::1 | 0 | +| fred@example.com | imap | 1681698108 | 172.16.49.146 | 20 | +| boris@example.com | imap | 1681697493 | 31.94.5.149 | 0 | +| boris@example.com | imap | 1681698393 | 31.94.5.149 | 19 | ++--------------------+---------+-------------+---------------------+-------+ +``` + +## Roundcube ap4rc configuration + +`config.inc.php` + +```php +// Enable show last access/IP columns +// (see README_LAST_ACCESS.md to get this working) +$config['ap4rc_show_last_access'] = true; + +// Table to get ap_id from (if not last_login): +// $config['ap4rc_last_access_table'] = 'last_login'; +``` + + +![ap4rc plugin screenshot](img/ap4rc_last_login.png) + +## Data cleanup + +Periodically clean up "duplicate" old rows. + +Note that this will delete all the rows with `ap_id` = `0` +(login not with application password). + +```sql +-- Delete all last_login rows where application_password id no longer exists: +DELETE FROM last_login WHERE ap_id NOT IN ( select id from application_passwords); + +-- Keep only most recent (highest) last login entry for each ap_id: +DELETE t1 FROM last_login t1 +INNER JOIN last_login t2 +WHERE + t1.last_access < t2.last_access AND + t1.ap_id = t2.ap_id; +``` + +## TODO + +- Configurable date format. +- Purge old IPs from last_login. + + +## Postfixadmin mailbox table: + +In case you are interested. + +I don't currently use postfixadmin, but decided to use the same table schema, as there +are a few nice examples and tutorials for getting dovecot working with postfixadmin's +schema (not just MySQL). Postfixadmin is essentially just a database and can work +with any MTA, although is geared towards the postfix way of doing things. +Some of it may not be relevant if you are using dovecot+sieve for vacation +/ auto reply, for example. + +Instead of a separate database, I put this into roundcube's database, prefixed +with `p_`. + +```sql +CREATE TABLE `p_mailbox` ( + `username` VARCHAR(255) NOT NULL COLLATE 'latin1_general_ci', + `password` VARCHAR(255) NOT NULL COLLATE 'latin1_general_ci', + `name` VARCHAR(255) NOT NULL COLLATE 'utf8mb4_0900_ai_ci', + `maildir` VARCHAR(255) NOT NULL COLLATE 'latin1_general_ci', + `quota` BIGINT(19) NOT NULL DEFAULT '0', + `local_part` VARCHAR(255) NOT NULL COLLATE 'latin1_general_ci', + `domain` VARCHAR(255) NOT NULL COLLATE 'latin1_general_ci', + `created` DATETIME NOT NULL DEFAULT '2000-01-01 00:00:00', + `modified` DATETIME NOT NULL DEFAULT '2000-01-01 00:00:00', + `active` TINYINT(1) NOT NULL DEFAULT '1', + `phone` VARCHAR(30) NOT NULL DEFAULT '' COLLATE 'utf8mb4_0900_ai_ci', + `email_other` VARCHAR(255) NOT NULL DEFAULT '' COLLATE 'utf8mb4_0900_ai_ci', + `token` VARCHAR(255) NOT NULL DEFAULT '' COLLATE 'utf8mb4_0900_ai_ci', + `token_validity` DATETIME NOT NULL DEFAULT '2000-01-01 00:00:00', + `password_expiry` DATETIME NOT NULL DEFAULT '2000-01-01 00:00:00', + PRIMARY KEY (`username`) USING BTREE, + INDEX `domain` (`domain`) USING BTREE +) +COMMENT='Postfix Admin - Virtual Mailboxes' +COLLATE='latin1_general_ci' +ENGINE=InnoDB +; +``` +Example dovecot query to lookup from the above. +(Pretty much same as postfixadm example) + +`/etc/dovecot/dovecot-sql-users.conf.ext:` + +``` +driver = mysql +connect = host= dbname= user= password= +default_pass_scheme = BLF-CRYPT + +password_query = \ + SELECT username, \ + password \ + FROM p_mailbox \ + WHERE username = '%u' AND active='1'; + +user_query = \ + SELECT username, \ + CONCAT('/var/mailboxes/', maildir) AS home, \ + CONCAT('*:bytes=', quota) AS quota_rule \ + FROM p_mailbox \ + WHERE username = '%u' AND active='1'; + +# Query to get a list of all usernames. +iterate_query = SELECT username FROM p_mailbox WHERE active = '1'; +``` diff --git a/ap4rc.php b/ap4rc.php index be513c3..e05c2a5 100644 --- a/ap4rc.php +++ b/ap4rc.php @@ -39,6 +39,8 @@ class ap4rc extends rcube_plugin private $user_lookup_field; private $user_lookup_data; private $strict_userid_lookup; + private $show_last_access; + private $last_access_table; private $username_format; private $show_application; private $application_name_characters; @@ -65,6 +67,8 @@ function startup($args) $this->aid_pad = $rcmail->config->get('ap4rc_aid_pad', 4); $this->username_format = $rcmail->config->get('ap4rc_username_format', 1); $this->show_application = $rcmail->config->get('ap4rc_show_application', 'auto'); + $this->show_last_access = $rcmail->config->get('ap4rc_show_last_access', false); + $this->last_access_table = $rcmail->config->get('ap4rc_last_access_table', 'last_login'); $this->strict_userid_lookup = $rcmail->config->get('ap4rc_strict_userid_lookup', false); $this->application_name_characters = $rcmail->config->get('ap4rc_application_name_characters', "a-zA-Z0-9._+-"); $this->generated_password_length = $rcmail->config->get('ap4rc_generated_password_length', 64); @@ -135,6 +139,7 @@ public function settings_list($attrib = array()) $application_passwords = array(); $cols = 3; $cols = $this->show_application ? ($cols +1) : $cols; + $cols = $this->show_last_access ? ($cols +2) : $cols; $db = $rcmail->get_dbh(); $db_table = $db->table_name('application_passwords', true); @@ -160,6 +165,13 @@ public function settings_list($attrib = array()) $table->add_header('name', $this->gettext('new_username')); if ($this->show_application) { $table->add_header('application', $this->gettext('application')); } + if ($this->show_last_access) { + + $table->add_header('last_access', $this->gettext('last_access')); + $table->add_header('last_ip', $this->gettext('last_ip')); + + } + $table->add_header('expiry_date', $this->gettext('expiry_date')); $table->add_header('actions', ''); @@ -176,7 +188,13 @@ public function settings_list($attrib = array()) $table->add(null, $this->application_username($record['application'], $record['id'])); if ($this->show_application) { $table->add(null, $record['application']); } - $table->add($css_class, $record['expiry']); + if ($this->show_last_access) { + $last_access = $this->get_last_access($record['id']); + $table->add(null, $last_access['last_access']); + $table->add(null, $last_access['last_ip']); + } + + $table->add($css_class, $record['expiry']); $delete_link = html::tag('a', array( @@ -239,12 +257,12 @@ public function settings_save() $rcmail->get_user_name(), $application, $hashed_password, - $rcmail->get_user_id() - ); + $rcmail->get_user_id() + ); - // This code will only be reached if we did not see a duplicate entry exception - if ($result && $db->affected_rows($result) > 0) { - $this->new_id = $db->insert_id(); + // This code will only be reached if we did not see a duplicate entry exception + if ($result && $db->affected_rows($result) > 0) { + $this->new_id = $db->insert_id(); $this->new_password = $new_password; $this->new_application = $application; $this->password_save_error = null; @@ -316,23 +334,25 @@ public function show_new_password () { private function application_username($appname, $appid) { - $rcmail = rcmail::get_instance(); - $username = $rcmail->get_user_name(); + $rcmail = rcmail::get_instance(); + $username = $rcmail->get_user_name(); - switch ($this->username_format) { + switch ($this->username_format) { - case 2: - return $username; + case 2: + return $username; - case 3: - return strstr($username, '@',true) . '-' . str_pad($appid, $this->aid_pad, '0', STR_PAD_LEFT) . strstr($username, '@'); + case 3: + return strstr($username, '@',true) . '-' . str_pad($appid, $this->aid_pad, '0', STR_PAD_LEFT) . strstr($username, '@'); + + case 4: + return strtoupper(substr($username, 0, 2)) . str_pad($appid, $this->aid_pad, '0', STR_PAD_LEFT) . strstr($username, '@'); + + default: + return $username . '@' . $appname; + + } - case 4: - return strtoupper(substr($username, 0, 2)) . str_pad($appid, $this->aid_pad, '0', STR_PAD_LEFT) . strstr($username, '@'); - - default: - return $username . '@' . $appname; - } } public function settings_apppassadder($attrib) @@ -392,4 +412,27 @@ private function random_password() } return $randomString; } + + private function get_last_access($ap_id) + { + + $rcmail = rcmail::get_instance(); + $db = $rcmail->get_dbh(); + $db_table = $db->table_name($this->last_access_table, true); + + $result = $db->query( " + SELECT + `last_access`, `last_ip` FROM $db_table WHERE `ap_id` = ? + ORDER BY last_access DESC LIMIT 1 + ", + $ap_id ); + $record = $db->fetch_assoc($result); + + $last_access = !empty($record['last_access']) ? date("Y-m-d H:i:s T", $record['last_access']) : 'none'; + $last_ip = !empty($record['last_ip']) ? $record['last_ip'] : 'none'; + + return compact('last_access', 'last_ip'); + + } + } diff --git a/img/ap4rc_last_login.png b/img/ap4rc_last_login.png new file mode 100644 index 0000000000000000000000000000000000000000..b9759509374abc53633fc357588a3283cac334ba GIT binary patch literal 35688 zcmd43Wl&tt+V;C}2<{LhSa3;jCj} zdEQg!ykCw?LD8(5>9x97cdx#F_jOOu7kNqaSFc|I0DvwnC9VVjaH0SJBY_MHJ(3q? zUkUw#Vkf2P2mlzJFTXHxOc*2pKmkaLi>kP#9xVE3D66OQK3x-~;K?#uVtUT>Xhfie;P#9QWbN~VaDogOFB4kucM zG6qj^j$hsHIlgERS2N`nfA}NLV9*7U^=R{<@q@R$F(_rZdh~ecSXgj8;yZT4UE*l_gfBO_IjfKbHm_k_+7 zjI9Bxi*MGy<%0I2I_4_YyPU8o@$=dq`pK1_r>9w=*N)7B=h(NJ8YYlS^)cCT%o~ES z&tEUVq7$vQbZ|$jiU1r{k}KEpQ^M7BWcoBkEL$QrnV!03h3!j$JSi-G5P=cL zHSLJ+Z#tR?12#{x)hhWa42ic{UkQ-78XemF@H`CIn_<(Oau?H_2LKbl^8IyvXQH1$f&rMoN_r)8&O7hVG$cT; zXo`eh`nTFQ<;w&l4#%%Up{>rcO`mma@D3@&^~L>5i-c~X<^6fEg_l|DH@}OTGn++I zf@lawAN>l(?~GDTKXD@XF(!3 zwQ}F65({V-n)$ud0G3mq&o1d(@w$ztg0_5z#B!=u<=$P4=YyfNB5iwS-E93CmlZQr zZuSro*L}SVav{B!WzwiTEbyV=6C+iw04KUcQXdr+pXQ>z{gS5jO0E6+RrjM-%%&1{ zRBA~Xx8C{DMiucuuwFbC^hm3BK|%V_D=JG@65zv+{%RaTjX2Oq34=}sD?WB#Ur|fb z(R*8+H0aG?ESlhP$Dn~Q^4m}+fe#!O&mIEODx@97m20mhnLJVZwfbw2&d2hosDy0W zDqR=U4T~Ok_g%R^v$XM-&ZR9~Z6A)hHa&c-@7PJ4N+A0buw6L&7YC2&tj`Pp9G5fc zJj3qw{yD8uUr659Vq2nzV%0owNC=85LbAkmLzFq|*n`@FF z0Q#i_*kf)G8MDYl(D2XT>*2$tSmrqcC!l?$vFbZ?=*HoZT0O9}seY>;S5oJnop==^ z)I0Jrta>f$NXxdh#V~!vpBDVZ-vWg^nh)jEd!sywg>mmakEH644q0q#L*<0WJs-qH zBHrM_U{qhlW&5WS$0INP2(z`BEj^}9KsAKdPS8}3bshN#qdiV&!#M5yOISU!e6Ic2 z_Hv>lgy~B!6%1fFy;UqeZjzEJC*T+op0RI=YG|kynU-Jmy)@aTjUYqt#*(Qv6tW#I zFqAxosHJaiV`xMECKF7>^BDJdm!B>gh=qe*F&cMz&aEuzoGtD#}? z&hT*s0s#Bzt8i$0b+*u^to5I(A`p*?ZF5SLTUZ0{rnKvf>z4@P(#sj8LaLG&1?MG) zTU5W4RZ9r#MV8A%JlyYEKz<8R%fR`zU8BQ(AydNzIKNs0BcQHVz^vh)lJ~asY}Pf3 z0H9KD0xB#6g$@vwIBD%WPxX0ugty%VUy*h)s3OR~4s$gV+p)eZiaYYvC3#mh#CI@; zJ~SAnj<{nVOxbIktf+BjTDRk#@0Pf~Bd{tLZVWlfl}_;}MGGomf%hV;0^#fBif6Jb zNe0!=zI`wKTlZs(%;WHQjt4cSA)Txf?5!7rjiArR>?Of7 zW8Z}W`^+3krlkUMs5No@HJUAAHu`2moQ5FbxQ|eN%Pvyymadjazq5wg%eK03^2{T; zq~~`noTQ@t)ulMbhjN>NyAF?UDU2q~t$#2S`-4Sn2ptz(()Kp1jvV7fC9Wnc%#HSH zTG8gWvEl__-8_qTZYHS1Kg2PiA|R_ydHuey_7onhYaN?1aQv=c(IF0FWVMtpv-x)` zwnkRoEm8IlosQf(K-{?Zorcx&;5K$(+OK*7T{}txk+ynBz9}u9767Wc=9CAIkE>v4 zx`n#ZDYw$aBpLemf@8900J6!i0=_4;>t7`}2XN^Xa1IZ4E8vi;Q0q2PeFtM*wco-d ze8+~ahr~m?nA=C*&odOhEAI9*ALuC+;4+>3U7ktayfJ|R?AB@6fp>aGm)53iCU8In zy!a~s%|+WlL*dd+yEX>E8j3K40kp2}W?2UUEZzgY9YyoInv2xBtounV92i>aB0!+T zC^G;IUn8IZ`g_S%_;$YQ(^mc@$QoJiiNW%9sgJIQWuC;C{_{+)>MR}$_64PF6E$dI ze5cYCGV2S%;3+Qm+@R04-1O#7F8QnLTDT7v*SDmA{%M@^8yC%@Dr(c?t`dVJ*3dV& z)PX_RoxS*b^%3c%kci8T8F|YNa!7Kalh>xv8+b?|Jn6e5DLMHil_K*uo{4PXVMb!1 z%^K~9-wJ8oGMN@k2@bj|F^3w$i6gI3!OU5;sFw__TN#Ic=a`u@sJ~8xF~rH(8X`a6 zG5x7X2{7BC&AmJV&JG%51(Nblr%L43zLy%tsGO}8+ddw#mXf)*w@`JM2 zIwlLt>v>oEYS!?)RjmB^x!3s)yPNsJb+uY=6XQJpGKUTAH)#PwRFVu$JLW%AVGvu+dt1}xRDQof~2q#xBHG#q&p*z$Wr$F)l9SaHn3 zh;|Dhe9sue~tMLJ<^>nl*Zi3ce2#oI^7|4Zg#L;Bx zkQQfJY);P{Dj?FY(*4Py(Q0q%APt2uFdN8RcPJ+Td>`265dbM%35fP!0O}8PXY{XO zqibMIzky9yVAsd*5gq_SosvociU@bu?2K5r565q}*((#Juy75@xhko+qseOdu>p?& zLEOl1L-+L?R!j4oy!H9;m;>4an66p}KxASm)~8>;92Q#pl-29yi%aVrICR+r%y~go z8o>HtH>$jPfv&Ra-zv@)r{&RV7Rkx?ACl#^17Lu30#n$Uefc?k9YgIzdP?*`{xk&r zA(0aU;rG{9z4hC_EgdXeDm05HU#I@GxQ<#*GoMd@(VtGQT~vg589n*%838#ZEOZQj zXwcU0=;Ot$#-q|(r(){iYSHU99*rFLiCS_2K&z2EYM;rPVY&IK1)sE_#gyp7@6TTB zZn!^#m6E(&2bL}fotb8bbyH%{6!B1JR;?8AYOeR0T${Q^jLr6706KS6z)hjMA}h?} zI*f&oCdJa_);QpMsJii`zz~unH<3^&m0!7seUWN)pz4!M{<8U0OI4N-Z8W-#Y55RJ zyZT#HpqcNBnDi8aa0F@1C9EBuIXkP}M!#XJ^teu1^&h+;IJ-HJ|Lxu~*^t6)s!vIa zD444;t}XQSPGyAOyY<~b-~DS792#cFgI6c;_EGxe6K&_TG!;#+73P6<`vC;mnX-7q zQk`XY32c&2mvuA1jXf+mVR!QWYmduCuUC}U@hy!=zHGs(&}FNYEfOXXW-3U66cXLk z2Ok+vVF+Q{`pb#0SFkIbm|&?*yvAoL*kGqxz~y&a^sz4Zu)z#gzZ~Q*GM)aiYg?8P z-Cor$MI-|{jj$dH!xrG(8G#yN;geyyw=Fe(u8TIVzfj_A$yuU48xy^Mh4AO~4za&o z(q6B(#08ojs5^Mj`+i6FS0snger1%R!(>!UdEZCCFqX@f(U7l>HZAL!LDl{hFms1U z4+IV^|1PC)AVT7L+sA1jV%&$3VOzg zHe0{JaOE=Mt;&OrrOZkUr~B5#F`%n+(cLo`0{Svvi`>|hPnCg*MWr&WfAuf;JG+>dIDsK*albBAyr#$^*op!`tMHEII!; zf1#q1zIp+ze?8v1(huTfk?Y z9{t&JD4o5`+e;kNWEpdEwaCR!yZ-%`Z9JMUf_EH?m&Dc0W7TRQ%jSTS;QiE<+|F@B zsc0I$f)o=!3?d{BKQ{!qaHDH1-}1b0!$#nvi-qfJq-}LX%AW)!nhv~Y!Ihumpl_Bq zE1{ADJ?lI>BkfE`g@o!IVG78C zjj8w?j~P|*9zHuxI##LFJ6zA!VNO;KcR%J$PfhAt-Je*=*?;VO*lPrb+Zpm~U&S3+ z-CFoVFSymfWN;NROduF-_4&S2Vjw^#|La@TmZy^%5x<>3f8`eDJvcLb>bq|HV@knC z!f@5QOM8kBjMQf~0~`i0Kty%teV|~WE%7PHCHHbMX2P?Wru36_V&=1}>D{q3YC)1S zvW6Ali^Upnt9f#K{3scQ@yRCxVhq!+Z>wck6bdnb2_PgMPB)csoyB%JU@DTlwq!Xc zSA{BiHo){v(c_`HsaG z8(Qq2)q+f~jvB&#LdAEoE9s!Esk?gYg1l@Rzou}b7)60<@o+F*?rD74WdVBrh%grehIuh!aZ&`H2I}0AIZe3S5szOEM3K^@9uSJ6m z<%*LTm=nC8uOW$UImbOZdezuu&zmXfelM5K3lHCa$Z1(8gKX}Z{}trD60V^h5?oZ9 zo|$J`YIZKCu{8RpeMP}whwxjP=-)Mt+TX8!Yzrz^oF?u0+Z=cLcg%f>O@d0%=pl$I z)M~aaX2NXxObjkHVPUIlpqdvz$^EiblVO(h)pFlw=F6Y& zH zdP9Tf%DFV#&~eR9mrG@630HGG92?BJ=-rd;5uQ+X-KyiJM~n7N$ZKVbT0Aw{#Ef%Y zh4kZ&mM=zs)-o&K$e$B&$vE*uW%s8d%L@Xbxn{}KoLjTld^*zO{2*wRf zRYFNRGmnckze@*&w`8i(AAfWxcjVn^+Xt=A!OKOsOg?>n3jdW_W>4`ac^!_#W0Cq;o=>qI*)M5 z>2cxFGFY&Ua=M?UTt?MeC6DgP7X&&Zq?3cT^dK2mQ-zA3l6C_pGLBkdZmDV z(_bX7omWmG(^(6B_qbPqcQS=^dE4i4POnB`FYszpxum*Oa=Kk=d9PggUK1J7?|pxq z)hpZtPf2VW9&OCP!cU1`lze6-#xHgxtPB26} zBXc(h#w*Cv;~gG_!dtu8zkZ_U0MlTb*IgdE_sj`GWla|+q5nL2cH zWI)fqm2?R0&!~%9Wk!3|gyj?W4lZJ!E$r(fzIPrmM&Z%RSfm=qWQFry{(ot<2)})K z%CQ~IrGs|imd?Ib zJ-GYL$n)51>`_M|kNGI>_U^gNyB!q)vyjlnCh z6>j^wU!0z1_W+mFe!D8EL1P%ZE_S|2kn^0e-Qtks?Av+vYz;u$;0o0+t&988NTHb9 zD8&OVqXRZjikTIQGxd~prL{&Hy8}UALO3DX?1<#zkQfE}flpV}9*znt_8*>_Q;~oQ zb}^k!>t=np_}@1zITrTxfL&Km;rbPmyzkqrRqCtZB~hG@LD@N`s#F*ijRptaAocQ? z?{UNdXmPVqSgfBzZNLktBcMM-*H=eeK4!--b~8=!w68k6gn~`rD%`5RKP0Z_qpEz! zWUZ-V^4T-@p|7NkqRhv+J%?53P_gK0beyWxC%c&3RgbUK3w37q-;}SbLriDa>xKg` zL=H2G@fF}c7;V|28_zPq0NFGS*+b-3??*>%%)Zu_@>1df4X_fYwD;gr7XbKTHH2-a z2{3IIMqlYZ7emsn!bL@6U6+izIpCX8BK#P6SW*$%gSDv%k<7c&4j!9pJk$Ri6qamj z!^z%0^jGc!K)YOIL2?NhUVFu)r^G4gxFDfh{tQ3)1iy z%yAPK5_elAWkV$377P98)Rj%*+1o}_WE|y;G)Fc%xiD`-Mz;hm%Fj0!)pbvhEj_JF z&DW4Y_pCf2t=*8meAg=+ZHM^ER+0rfay0(q$*}jxlow&Oyf?~Gqc}V0XQZIY>$CWI zn~_7QDLG;6=w(bSS)Hk;JAJR>#dB^(kfVpa!-CpXc8%3pCG!x>$7QP562je@dmw+X zr^HD8Hy(*AQf&p&i{fsSO2KZg1lH9{OvQG?81>gnb3WO#M|~zZ*Rbs}UADCgb4_Cz z8V6Wyw>;o86u|JlP)WyGQ!&r@XF2ndYBcsMPsP2!x^EgE(^u(8<9!<&I?6OmDhq7Z z;GAOCy{C_UmIlI(Ut(*#CZfNhc5J2%Y~h60UZ-(HdfZF>JHyt^Pu$^v)Z?4BQF5YV z-xZGIah|)sU4&|hp4O30)xV}MWQU|(QESE5R$yCK%ff>IU{*IrnDC1Mz4qQJGt8F= z*h#0^6pek!Z>aaoiXz-cvACA@gus7kAbAH|dJ66%vZ@$@M!-0;+-D}A>ZuJS`FD$Wr{l~3R=!OZV{upuo-b(7q2y0$%zL3P zXX1;;mqM(-b>gO{fSBvk)SaI-8lbIaEulQ;xHiJ)G!js#Hwax8-%43I6Lt%N4`&(* zx=>;VBv{cmSz+uVE^F#^6X)i+_{qQU3%+;MQLf$kO9Vu^d)8Y=Wwx5(2l60) zLlvj7vT+jM%tuCJ^QnO1a2HMCizfl)x})G-!E>IBA>p-ZacK&7bMb4NVq8E91Ug?P znj2rXJ|t^&yk8JMGqx_>MuJ&T@hL8xJtm%}@49(*=S(MlxowKupri?_zVX@Kq-AtK zztd)y94+yK%N)PZ`H+pNLcuopf);`f00|wtk4JHZWYC8t4ClIQh`0%9QPeeAe;8eE z_GjmBGnPFeKgUfR{!Yh}K^(~46d9?atHTwmI;Aj>&j#>YHj}8RZt1w-io2|OSO@{Z zG^iwQV^&HbZ4YPp&8TC*C>0Y-lVt0BqMUK66=sN{!i8_|IM+l=<+|>Nhj=&~S_U;X`tCja{J1QX(+0Zy&&NG zuJS;WQQ{ztI<&9&ZaQ)5J7*#NTXl}~=bpng0odC8z={?MRmQLChPvtE3$tmaH)Yo{ zG(T08EI_ReS{5_f{5u^JY+KN!_Ak+V2jiZUjUZ)QYz=n6z?1}_UdE4S-X9|^u`jb^ z8ieEfIuD@2;TW59?Tvx6(M6NJQ%#F5QVm2lKO5%GZc=Jwml}Ay`;hCT$?E>(&5=%7 z*PTJgbLEz;b6WiNjyZ_aTg=!Ld0F}CSgs4fU!NxiF;H6lQ^d*n`0);(7PFS5-$(L+ zhDiRgyCdmJ#_@6$jj=7cVSkRnX}rHx$sDJ=s-z*n83ZS%nMXn}TW zY^ydvjCJ>Ediz+yKZX0-q53(-y;di5dFRyG-c>z!XB`c!e7vYmg*2)oYGr-0Ofl;m z0hwGO{p6gke0e)g3=Wb^8)Eym!sGk6T( zr^P_P-n|_u;&6D#fqKYRYCFuNrWQKb^1YuJvKPt9abC79hKrTxtfSgvN!t{Di-CGk z3%d>#zO~>?hUR@S-j;yacAjzyY1<{KVp*txw$$U+YUjrE?|i-allIlTBL*#=ZQHxI zrI&PS32`#-en4ww5^S(6e1R+qq791gpyjul1`5O1r~_zo=X-;>c*Nvgky(ISE4R(=z`x+vH37pOA48BkPR;zRTw zFM!}fcI7+hGrINr=_~)$&=y&auz?nVewu&ewHNBRdN_jz6uUfXz3ohJ%UT?8G*5@g zc)ln9xbufVFkrs~8fx5qKC-T{NKkKNX)fT0JcUhLANKX*JYT+)}g3Ce|A)NuioJFfAy9z!Vy z*Y{_6v4c9+0d8Lb@2bM;yH-xCPoA57Q}-V2W}BlSOV3Iwc;w=THo<+BX!?2g67OS>}Ep2&$)l@JGPDHMUNi>#*0){lNtTr_G$EikjJ5LshuCkk^yqCLo*Le-+L`gY8Oyrh~ za;)GFx3#Hze7a4-i?|>31Rh_DOv?LobW<7HR=ai{HVyURrw!_0BvKhBY8dkW;xCpE zaFTOP&4@W&o@L*1AA!P#W}k;2ct-q{1>yUA)`B@XpmC7PE-S)kOF5B3A|%(=bsQRu z!2Rrp>iaZH~_oJKCp&dKe=w{lWAg;tv`z&MrLSn3KbsVdoRP{HhV zs1mf@Fpd89Z&8^q?LP{e49XqK6!gk(d)2EO*4C`M7tNY-WT*xU1x3Wiamykw7&=v< zXhBaP4<~`BOm5_&vpwh#ia>s3wQRxxjeK?I#e8Tz!53ox0WPGs0t92O zu`tQ`lHff(`J#uwi{fyGM87`_g>46Cq2J;Ql+o6A?pDzI1l~kL`A1G^Ii0GvxP0vc zRIeLCxl8L!!J9_G*&9n-PN6x~dk$!Q&)n_}OUrNFTV^*cbMwD_Zybn$F(4(}QVu+Q zxJX0EF?B&%HY3Y3PbTL*<+$C@82R&xJ#A)bJ$&rq=lbK~S%L!k2bK7fned4rVRuEPL4qUroLZENt7;4JgS zIzuQ{_*uZ9yJu7XSzprzcNcGFV5m5J zEa?YyQ2?yBQMlGu-u@l;nmDh84UZ4VXeeXp`90L$Ca-Qof$W(vHc;|~N>l!7jto%T zXN1HXi&p{~QI^r2Tdn%%-qqMNCSsNWWbM`*B%OsQf;;Au{#MGiD~=ifc2F0>cYh8w ze_{rc{{WR)fH}Q{LS(C97ZyQQ%st$4vE>JzUDuw6m_6ydYpfKo@`|G>V=@KwP?YpO z5yP@rGs{gH>lLs7-#AzuWk4!sY>D3_q9qMX|C)*)%xx%K&UVr@Gl!@#8VXW_chg$n z6E3)fgAv;CP1-1?G_72n-l@h&@K z?J3N`BnEFb!GK94-C`9FaO3TlLbpQD)XO*mUU>^GG&jIp?72N|e5DjCcj=AT9`IivLBz6uEhz%5bgIQtUsrZPM;N&g)NEZpjd&KSB~fQ`-2Jn%BDBIH2C1>3B3v6|*il zjI;cs0$)+TNf@>YJ+7zWa!!Y2NS)GP{7BE5z;O|8*3nML-mWT>c?hMlHKbOP192Q3 z>u*~68G9Htov?J{wRVrodt+-a1}`3@_UWj9Py_9JAKhP|T{?WeUpF@Xwzd!E?@9Z* z9qvYD;3LB0=F9A#Np!3F!=KpFIh8jqcOH+D`bAHyOahu9^$Y5(Hp9nc9mua;n5uA>BfqppI7v}zuzyFU6IAb=jtV=Ud*gl*`1Z+{UE zcj`on)c1@>&&uO;?;spbH!Cz|5`hQlPtpu5sK-(H6>0=`cxTbdbb%3My1GiAxy3#k5 z&-D~C#SXiY?}7f6Md7v?pic3-o6jR`mD}ho)8Ej+t8WkdVLYW zzxg^V-v3t>jDF{pXtDENQcBtAtu8jRRDZx;RnEf%JUQ?oRGUjz=QKUd2`*H_a(^x^ zDM))ohjNq23p0JD_Xf9UAASmTl)SXo9r!5I`c$818Yrk3kh*glw7XK>+9GI$mdX$#D=xE zxis8+o`)r~(FN5}6#oMpk^R61=YihYG4QF>sf}tV&SppURDE|Q&Q_yK)|$It1Sa&) zlcw6q-(`HPUh5x=m5Vdp5+G1YdWY~cAu@VKV}67W7FgMvP$fc=#wt;4crBmq*Z@O+ z@BZv)9(|o_cvQHIy)DeT#QUzc=Q;2*HBRqpvO&1p)Y{>3N*Vx6hvIXoxMTx1VSInx z7O=P*3caiQ#u4%p_Vm9=Z)veWJ(N=uNX?17jkjh(Qk~jB8Lz#j+$ES{t>8xn%@a`$ zVdp`u-1=+u)+We=@s<*7pDcBgt5zEDVQxOTtOnrM?}w>vIj z;;pMSBsO>|t|rt?WY|&JC2c|6TsIaW@xaq?G{x+-(aW^qP__oAUQ=P2Zc8(k%L zmpIPj53L*_3MK0?kp5{mf-VhMRXK@;481s++|!gAl|Mma@Z3PBO_9_gBa|CO<51s< zk30L1z$#TT$iyK~=6voKa@hBE0Noo0GiaR~J{gM3OGF zvh2aL@JVTVZ=atgC??|F%KNxk_8cVsy4;MS%Y1zQRG^Ru zwCCD+8;S}5-#`x$y_{6u>GDvIhaN$poG5EXavrbmyN8%Fqehk30=;~1Iz52m3;CRx zkL3@Q*s4m48x*Qe=_NzY!cUAoI(36JZ_^`#xh=|Vi&Wi*e-YVtH+&%Ifdi0n2h#JD zI+yqkG(QqDdx#F|&f_g5*P3rHe-58UY>Y}R92m@-`McIXWVHARJL(~ZKU(V4+Q^f# z`X^-jyQu<5Of!id50l4e!b3X13>1# znAZM|e?AtCeR~bA9i?!kZo2%UVF;GnE#+!Jx8qcRX6oP`-j}_{3GgN&n z+j4HnUvm=}&((W}v>m^OD)CR(>(@#;TW6^qhZsD*po-H(;bbg9Hx$y)8lLpP!5eH^ zJ68u6ZKJj(?stBU$}NbGw{qs!LVj>#HY2sx-rg9fFT7)fXZEpowE;&}I`OH10m`bT zx&wu{+#MS%%th@})k3(QaPi-cZrj z17Z6A;wDKM$1id4j;H4&k!y|eN8L~B`zUNL-k1k?$f_0k{w63zGN1cm!a8($Sssz) zS6m)E;xHPNxmw|<9UAhErZTBSc3%H zDWPl`)B66nFhHEt)u$h4$ALBpYG2j2cScdbtEsT9mz*uob+?*rvEYW zx1xW)wqAb+e2M=S_b5?xfDHVHQ=FAFKjwS$wAXZT`M;GY+IHK$bAnEl3})DWjPg({ z@-LG+jQ)Rl7p~`bB34I+yUE6&_VO2BP2fK+j0M~0;k_Gl^d&vd{J8>`k|*YDI32ql+Twc z#oAMd&T7p*1+-ccx!Z>#Jnn|g4h;s^`9@LsDfUQqnB2$9d%Lour#90oWR#a-Ql9xx zoN|VtrdV6&DJ!VBh_X__jb}`IA5edNGjM8~0ZteXp9Txp173CeQ)u^r-c1kMeP@nu z2OxPYh#Jid#wcjZo{Jk#oB5mDGVvL~j<)xYW|7%B&pq{8mpK#Nncx@X2eU)0Qv`Xj z2rRnpZRYl$*Eef*{!eKh&M2MrXO(3<>%}^7UA*ycjSclSto}PLo=huJ6ltoeLkg9l zqajFB1DH@C5t;Q)RQCovkOQR{mnsHOTwvz$?TEKVtWAgNN=+DQi>N1Fy85hLrc?gA z<;A%$uf%|1g|D2V^QM`SL6GYM^w8v V&+xP05X*7R7=N;cG0uy1-5=;N~Y^+OKn zKTx4n2FGEU?>N)kV-WfoUayaF{!fxN#E0QtzrG7$FNYXQl4jo20g*+5v;#T&VaU0Yv{DIHoW_Q?8pewa}HZFT<|;iJv3Bg z1{M|_H_B)gZ+#49qR7Qfuyow`~S_VHqdF463cPEF&=KmmYxa_dz9 zj;$M6fzEOd$4A z#_)z2g(Zcg`>5XalAl2%$-ehX5*bRki`aORbr)31A}c62Pb}Ibt#-ryHx7|1X@8uK zk_EKm(+Bg+E?d`f9QNWN)%$8pFWD!-_FJ@G%(dd&BN2ADTOYqO#d$v-tPoL=vpA6& zUyKK}eyKAj$jvWKO|>g;4Y&dAs|AmawQJ_k2%vR;f&@_UG02E-*3uOaFD(|-ipTDP z)t4xf#!H`>3XoA>urpNPRx(7e*$bB zSWE9fz%uIXv!G>0$A+dGz3?XGrfG&=>S2ELKFhZ@_X(|&aT3nc8$(~Mg69i&2Q{;^ z9MNDja8S=x$GySP)U%7%PqswKR}W{1k9+T&>!CNEhDPRLSS9$iOW)teBG_sMm_- zkXi38TH2>lpG`JiE4Aw8hm9clvySLK_FkWkkIA#tP!gpJz}oPJ>p=>T<&;~*fH=6M zmk%1cjF6?mwX7e|FGC=XRKMT>-({Sp6ez^;nAO_Am z>>5;$OE;BeT9!f~xjpnD^*gTKeC}xrCqr;#Cj)XYNKH%ZE-ubHPsqH7)`Mim5}1D~ zPs?K8QZ+cwvBR8@`Ogf?R%}5RQ;*ES_zoDmgmT}W23fl25r5vkzJc%misQ38B1ADs z*qQ&m?v-n_fl1h(XenzwTMMc-jv^(1nh|Rq&6w7+OdH+kY2Sl#7Ys=)wOK@j14N8+ zLvRZgyl61>b6X7030R&>q7gDn_U2gA#o&^l*=?x$3liUX1R8~nBEI$`>L+d(g~CC> zU3Mk6@8#{p^ao&8?HjcZMRG54eCq9F_oc`Y=PJ_;sRLs%mCm<{pQjjT{Yuq&Q3bck zA&~>H&=}bQPXL)4Q??krox&0OmP3HUqXHd43iZ-uPjV>zbMk|-6wl@>?9JoCek8kE z)#sYbr#`hwGS?dnF9Ua{QMPFj^N)p}$YhsiVBB^H%b8(_9yd7LU;(0j;j55_)v!1* z09gL^jMJ*Yw;en1{3$rM-(Ih~dq(gjWR-a9Et2}q8C6x&`T%MV_!j>SeJd4>nDBon zI;!TMv7MjN%B6LfGd`Yc*o*}M2JG012j#*XN!gt}nRPwno|Lp_- z^xaJ({&tyHjeoV?CIZ@}Tz_=W_(*=;e2w0eDwwdgB!tT`&82F|8VUoL^H_wRo+-nB z7C;PwQ=L0nVy2LJ*9SDQ-BcdSs?FffCj82 z+xK(}u?*^=Nj84^ooA3`1rSwwjaa13V|?do9QIdMOCW(JAZirN%W*)auCE~<0iRW>jBBv9H;I&She#mL|#9q}wY;nHpZLsmzcjAlrjAaM6 z`_7$Ura+K~DfZ`JMXE=O@c~c!lSKap8Ur(~khmvepJoILT*H!s)^$t3kD&k-*`Sk> z)pU=C^Xg(T+6eC!W8T8CS^VafrLJW;t2I!1oMEbi7&P%R!riCG_OtF}TXzjXuCxS0 zWAf?4OVSkZcf9TpeX=Y;Y8^lBv3b`~e${edZ*9)S$Rqf-#jBsBSQ`mU9s?W_;%5pL zh-x9T;ab(plD%#_ni6zI;t?UrxcR0WpRL3HXUrW3Ry>!isLx4-LHsADx3Um}bm%LM zw2l9YGV`3Tnlc>GG4HB7%M__mQswpu%m?ntZ1%f%`4J}c2Gn#GKw0Md(;zI`h;<0% z2Lowal>q@4{XHE@R-uG3Q%YU8EL48tb_NPLf~pT+R3Sb2 zv`LrbG%l14Jp%0pptGhq=e7L3IyEG0$4X?XTQ^1aR zq{8raw4yI`K&xtK^W>aCFip=J46=?Blm6%DxnQ6=vj23bk0s8VZDz5sp7m<%>Tm;e19s>JkMNm>nE zyoTHCEHI1*UBo)-6G_^^YD+qzW;x5n{oxNDBtMVv?BYm(8?Pkj`Zo=!yh0knhUSt9 zMUr2T4hxw~S=o5zKYf`~e-LUyO(^zqRRmdVT2>+N_$ajK(($`ciTHDY_@MI=*(;2E za9Q@!AsLDcl1~ktU(wqAvBwRmKX-!m0To}ld6zB5H`o`SKMR0)_iuCmj~&1Ce+8aB zJ{bHb3E;o70send7>w<3w#dyUtW8sCkEhBxXR^inCr2T9)au;s%D;XO+;=~Q_tFQH zoRZa>b`0hU8T8XG%H#DB^CZ`{aac-Gg2g)xVeq~$amXcoXl(arc4pDin!f)t0rsx@ zJ>(J$1GJk@7FDmIK)v5k834_w&DLULvvpZK_kP*6BMbGK46IV&+cqvWn3FcE5;cA$vnY0JH9A zE1GSl-PiwA3}<;tdSx&WJTPcEP#c|N>6yYiVSHFFkP!L%KVAULsrosg;>;?Z0zyB5 zbM}AxAX678WF0>;AD1PEz4Y%zDR%-X1_e!JZi&vFi%_6Y1d?-kae1@bnw2I^07BYp z^FwV$gG#>!dUYvhxQ5dn*rFbk8g~j*B(om{*3xR9ZIEq3!41|1k=p~#vV`)QZV~~ zfErzwJ6rT)IP7MivJJ@>8Fpy4UGR+FLoP0gXG&$+jLuc%Unq?ar4eOA)h%kvf5$CFvY z89UDx`~i<6HJq$FUyIJS=xOc#=?gu!E3uHAR`8&^qto0~Cf~x(`7o4!<>^d^KaQ*k zlv{UzUjNfb0`kGt|Jy?PeRRj-j_~qBLhHRf&CBVtY!M!=up-#XzG|^8Ke1AJ`3pQ2 zk}PgN-!b4<1d-jgO+Boy>uI+=Bs@3lB?B5Yi6n0yR+U#_h))SKE+0#)k7+Lvm<`X< z@p^<$k>x%9N!urfb~6CU~c?HCOWdYZvYE?KGJi!5qWaiRC_skG7q=t12#HbExYaMF}3auYpeGWJiEbs z+AW-Qm3Wy!^)m_mtKCRVB6VKStJDAWQ-t{X$FWdV?^D9ov$q+7>xDAiWtS^~qxv00 z9@_HfX-GWoSV04DvfER-xPdG3w7MsutPox<^SHX#hqNsFNa^FbA|m`!U8Vsx-NTzs z`{MY|Da&^OZ-l{&oo#aUh)rNY>!$PBT@H%~Z;{IYPXJIqE+`xMT@Ziqyj@$Y$E=6% z)EfHGImhuZ!uYYl3VVTw{5BQ5mlO!ygr5!;p{YW*X$#^>F>kpmXe9nT%=A5q&( z-w>8b%e}lF?X_u0c$ak^g&;1|lO*d4Cv<8oKAxjP3L>X$*!s=K>r7>m=?{7e_Ao$q zH^UXRwk;CDA6Ed@$L$KWEg*#4>!;ik#FWF8;GdZ|d?XwIwzoDDbW%NtS?H?RiK1WK z>!Br`7KVPgf#k!FmD87Fbkq&+o}cbeAAR$+c?WfD z(<#*Fw0F-G7iG1m%kFZVB!ucol&F%3;Fs_pOjEGU)jhsOvy2ptF!(M?qJrMZS=?-8 z)$8|jowpz|)05&(8YSr-3Hi2vxnai{bh|ua+R-wRCIRR_hzOL0+N-0ggXpeWfkXz+ z2uZ=Z8Rx^X6L?QizNd4MfF!20vFn7bmscBx(g&}*>3@}HOc{RsGsQ~TD&u9~DhR4u zFbRatPS%37)~oR}oAxRrVS0R&mmk+S_D1omhyKDa6F%9k9VZ+t9zNe9*pcf!{@`Wx zgn9RVVR2#Ma6W*;8?L?nQ={4G&m8bN8&7vjjQN42cFcakQrx(fSDL!^!ZDrjI?H+2 zq-8kD5pFRrfK|z!`Z%5S?BMkb&iKsaygsHUOzfj_k~1mm*`ou$BDX<{K)(Ox|7h(k zqv8tobnnI?Sb*RbAh^3j0)d2JA-G#`cXtB80|d7OcXxMpY24i{&_F}?ZE|MToOjJx z_uM=0?N7b-uG;1Gulm(fRo_Y=(@zdo+$=_+*A$xXLqvp>)z#6$F3+5V$!B5cB zRX-JF^>%(pLllXutQKpPhT+fe=Gj1h1q4r0zZJOJ>{Bib^6enmSA@>PaTY}?Wv^I2 zvSMURBPlw_^wDCc#IhgWpx8+5QSYe*5C^O<4Sl47yk?RlB9@5g#hn1fym>i@_A8qR z?7<50&+xfjG&`?x6Ir*|3vku}iJJHv^*na`p`Q)zNE8}6?kn)KhOFn0Q^4Yy z-LwMvIiPY*)!>*VcArA2t<_A%mMaDwojI^>^CmqwoYik}K>>J{>y|>6LF#_35e1pm zyO~_~_nAOx`H_s4My~=XFlcE+d@;f3h*O-`l?+r=aJF_ok6k8?wQ#>$|Iln&vp)hi z<7r$a+zgB^pc~VIkdlTqXit;@fxg-nJggV5!XCthzGe?xZwsaImWjSqwCWk798kRa ziazZrqzzFjvmoc6nF;Zh&l2$z8XK?Wf)MQa( zrr50<4^OaC2G)-%ex&9AuFlvkal7WZqnkmF&&5^Lb-I*o<3%(3ZEBu;%+=Y~TM=pt zN3>b|VzRiFx7Rba^)V{Jbj4t~bD4R+N&fW=YuQ%Mro44E|C^;fomkL1FCjC;lTb0r z$2PTNkSe%EwW8SOkocU>VyRmnd;!>4pC|P*2if~gaaPRb3Qn(M%mx3o+r~s8hCaW` zAt+EmZpvkab`yQKoTlCTQ^pUao@8`do$MA%t)nD+>Q0zkf=4$5W+Sk(0 z|F%3CLTH{HIf%aMflVH$f*UEqH~+fPiJ2j?WeIiK-_QJ@iU0iS<<`OYgs8D#I$W57 zaU&t!Re1vuL*!rY#8Pg)XH9EH?uOKMZ<}YJGk}eL@ny)I?FnZZrQ_e&Nuah=k&UC{ zd9b$~aB}$kuxWpol3YA;NRw#%aAtw^RT+ohxc2xRESw($2{Tqji}C`V2(LP$!k10S z+5%4Ur^->DTPlURg0aA^%i~8-cT^^&*RNKwCD`^6*cmk2!xk7HnC)|-oBs~g#wV}; zBOTa%_J6aXJk&_wZ!+d3IsZ2L@5jH1qMrvky*HmR_=T$V`}9p?TxtKNv>F*Kjw$Iy z; znCuqL2U-1!1%{X^H`hsrFu_ef+hR5##8Z{W~ z>%HfYfHI?C@t8~FQsP$)V5a0JChulW2yr7U(r+EmvKrth1~bFH;hh{IxANd;Js3O) z_;*G5QJult{;K%;7`f&5mJ>%`zKaUqF<{bT;aWrtO346dBGPWs(2hE68*n7VkH0Q)LJX^$uZh{Agvm}LJE(*hG< zoe?p4IVc)aN3!DF<3(*1qPbnwKtjrfaQ4FsLHVMq!hXQNuHbUO&v?q&8WGUwG-Z!8 zB)`B=n~3L5k7y~&mHjSBby1}vGU@2d&=;w$G!^ZBd=qTIAM z#+#ra&xu9#s043XyMC(d#{^7%>$GI?Bp@u`_)I?;7Oz}6M}C0lKf}v_WRH~8x_ODw z-Q@n8bVzFj5Z>|Oj*I0_KjyC*gyjl&e@gql$QL8^84JVYjq5-5?Q<}Pposo%cE7{1 z1%FkJ*yoY=!44I1BQLf`A(Bi_qZEg%ZJn?r3U1V0O%mLxMfIo{2 zn7G!M{q_}eTr`Tb!6A>-cLGlLf;7}gdUOkc+}%Q?yp|fay_*H|tt8E!d~fPdr{Y`e zaQ5t1oh))45t4*cfDJA-k1pf)shQ7hqT?eCUQeDX&6um|l+l{AihM)cBX{>=J&8DS zvj2&RtBmbaJMI*$grj`$to_^sUvVO{%S+Ggv#KKx2X1$u_gkrWk72> zajwaP{3IA(jsp}8sY(r3WViiW5K6*1H!ySZ|F(QdPk->H?beB+1`ooyJe+?L-PUda z95SFCipK6m8#zw>K<6s);*Rhxm^ zdanWgP8se)2*L$`&Q#622%_tU^R2vnoHMLO8ZV{`yl}WPWsaLpcT#jelP6OIe+KcB z6g2UT584|y)2~i&HrogTmJiNY%aM}CF1$#flL(z4-Q;sfWWz@+JH^p#0+>TJKWLwcP033{hWHJLyi#Vqwx}|Mu6jHTS4wOqOxx%CiMN5 zcYTpWdbbMgmW;g6)ZkwB?7NnLiaMv_)Bw(-x-x8E>Gxy41_|BD^=-nCLZdwj1sULD zd!VAD(u3{ev=EZL3i7{ z*;XWQg0>>nsRw^Acp zPt-RJJI^7UOE>NS)sc|#=kqas=)Zo@*Zy0q|7Az6->hpof0We@3(j0zUY^&eZ?b` zxwjFO^zxrgB(%<@>3)x<{8`WdGvNILUg1w!Fyr{__vO_>_IciO+5MA2|35Q?AO6Pb ze={!lSD#slFQ=2-pkKRfWeevV>T$YFm`bKlL1Sz-KnGfN16apq5I5$ALvN%tW zeJdG%{s=Ybt;kCyNhsRHjqOx?qlc5_HiZb-8`qLDYV5t*f`I!eU(Ed zr|e!|>VWr|%G=iZY~!V6cM%j{4!<1KKueYoJ0DWk{AS8$?ZZC4PP84KNlkyVR8^}d z&B|g!%8Ud1QryMra6g-du)-1h1s+;nm7uDPxsq)hoho239z8n&8H``rUVf;{YR()^ zfYuw9A_y#(VROnTDQ7WD^})NB1?DB{sTbT2T>}c^-X!v!sKd)r!g262#M8X-k$(Y9 zL@6(xHp-I_kNwP~2vM_J{Aof)T{fSr* zms+(X(rden)m?OgKz!{jysd3K*L}kCm)Wuo4_i4xk@|7OT~%n8mq5yO zq`Mh+w_5@+Yf8!0_4u_9A-V{lQ$=g7mcdv3PoQvJcyEs-QS_Nsmg-&|RRagV*sph0 zqI;j)TqtSjdE9atdN8lWD#-e*S;mCV2xp5-G`~_=~Cjz;r?w=?(`z1M@@l zfXd=mPf<=!$mxl;)&%(v63b5*iWCZ0BNb|qftxcvHcP^28c(V*38eJK4d^$44J7Jt?)>HRX)xRdrGR+ZqNc|4H(Dhk!H5#1~F!(j^FuI^&Y! zf%>l{B~^D9kA`dJ63pht=xjfq)brXlkII?Y$k?vA*zRPOy~6|isvqZ|_njX%@GYYj zyDv1}DH|2G{*%ePZg%yBd(cQ$)tlc8Z@MtfxR+Y3@$>tkhu4LIWOsV1$3b zo}!`#!v;d~5#^g(30aqpvHi1$nF2@s*Mp^KGDD&s@AfbknvvHq?~kwRqF7Ncya&g) zaTmsUkho)j5w#kkUyD9$DRoRuEDHK2;|Qt7b~ z-(R?Db~IUY3HELFGfNguw6_|G3s+fcppD)hRI${o^|H0>Y>qra^%su(>@Q+XcBxQj zTCfXZyb27QoerUsb2t#oY?+F|HgD5UM3f`X6_|4^GH*G>UK{@N-2=M`((&=;KJ56K zwc``0$gxc{Nc>|Q#d_?ka`;?Ehc9fF0E5HCT*MTV?z^#TBlO{7jOtEE-yl||g60wO zc0*XSq`;O`C|a(aWXyLF`QY98zWncUs_%5;8R=LIm;mkP5@F}Pp{szMA!p7a}&lh_oYa)d!G*3oJcE?14UD7wo`r^layFd+1YpcJNNF8y)W7KKbMG1K*P>6LL`C z!H%MROF{X!TThGgZY-@@O&qw-6N0@91Cs$d)nB2SAE()RESuO@^&!-AM|F746CU+~ zxOZi_0>a{gOCuW)GOW)^V^}cF1+xl}=zCERj(9>7`5Ev5pVkvl*Xr;W42?)X1oFyg z@}8dz>k!7FT@VcT#Zuty+)ge9W2F7Igod_YCmsov`K4(TbQvPA)PpzgxD%1s&|ZE{ zhI~e(W$Zw`u6`Wfg#(Cd)SHGL2~_Tly@dF$=ui;8joJP>yxj!nUo?UmN;Mke3hPeK zTDW-`X5wnXEtg8aRliagtX$czQ-RD912CkIzlqK$(gD^c9Hv|bv=e_97bzz(;=;Q~ z2~W#nuI%T-`*QY~mCVg0W<}1UMB@_NAXP2n=YQ8pP%B}KrZ8q-$glAOD%IoDr)=tQJQA zEV(3@l~`3kPZqA+R@?!=+^p)1s<|Tp&Jh7iPU2N~JS^4Y*<$6aVfw7GrQBZ?0piG! zCSLqs6UILY9KPFXPcYNmmYYltm28-={J7kLRbKS%p#(@ zImh@ZM1#^9J2Cskkc(e<-}%_-iaOs2yVons{~|g|Bc-xFb0Z%Yzq5JgJ3ep>)K5T> zJ1JFV0K5xUF&Bwv2xCY8G#IXJF1YQXQ_kTWFTiaAyNoc&f#z%n%s;D zNcEeXt)DYt3ejW*`h=Zd6Me{n?BL+PMvZ!LTUXksQ!y@BJPuZC>Ba-R5c`zg`fge) zT?xA)82V}(S3A3C^tZ-kcmtwfO3}G@Bx*Yodt0d>7qsF!5`ckuw8UL(jG_XJ#JgVu zw2#T}4QH>DReJObpQln2HsG6BQhnFw#J<65@$k-2|7x011sT`Bda;}WyxVsv;l{al zI69t@2XHvR6N;QS`G0ESAE~AKL}8%2;!mAU7^dAiRh&K01Pub!oWp`qIhGd5?fJ0nV>ka&)^N4_W`biM}hi_*)0i~wP z(-56Q3>yEmrDh>LDH&fRK&N|u6}WTT3ywkb$8cL6C)I)#kEKFs>aZjCP20MxZncSr zvT1%aX`%~tqqU2-+Md#4*CF6@Y&$EaVf@H7y8mP)t#@Tb;$>nb#-<=`G~P#cWjA5} z<0!(}5OhtXwp}?K_~LBE8aX@LaGkd}BE*T{sLjT$;J`<;7G*4kTlK&Z{nzUtL+{|1 zFZ0t6wrmt*FeeZdU$)jTF#be&znA4WvXJRw?v)ZokGfX99D)Ay!wYpGd!Z<5NG`1G zM< zNL_83ax!e~jYF-k5Eu&+Q(34v#zu*&cWXi!R91NNG2gMk_qT$#IJ<*#7>{GqE1`r# zdc4NC@8ogDlqD}-K`J^9r~Iye?(`5Z%QimlUVdZbbP}*Bf7MeY>*zUOnX5-CW+pgO zD*uz3{b1{ga8P`ikQ*iWF|pJEK1$nVdIR*W_7@y~B<_4i$6RT38sD9NP&PFp|1$Os;U+;7oR_iF$)yfgRDXs3* zL|w3Q8#+7FV5pDO>$Mf=Q!uu`$R?vOR5rK?pIq~0HZ>u2o=fbt5GW_%%pSL=Oa4e8 z*k_UMC8@&-bXg4wo`^S|KpgCmEGUjy=W+qGcU9r^g-LzDzRWwOdB;gcoXCmM6X{Am zC|V;@{Q6-cH3L25BWxkm(aw?!@%Spqw^WGXnn;M7Dkl^&|964vpLpYBoyy;7+PviP z{|TJ@AI-`BgK-icpL`n`IK2 zW7{+6e`*2NN;r-CBUO}Q1U<8#InCAGaXX@>XnR$g1vpZ2(-BcrxY&h6iRLy^{~w(B zspTV-LR!pXq%h28 zd0o-GMMKlt_;i1YO1gaByW}{2UNwnqAD)4sv$T><2;Jg~Md)h-HnHTJ@5j7X2VO-n zys$aS27UF@M~SuZ!p0YXs9~Fu8r6O<^X&6tCDn-&z`yp-*6OX5vKp|c$>;!7qU?nv&Cd7g)bsrT;d^4xfhm9mEu zRPnSder+ulE&u3aCFQLYK`WC1oIg*@(pZ)aIvxC6x1LHAt2JvtQb~Dhd~RtaQZg#{ zQ?@!i3md`G7MOIFDBF7yHF=(!5ZpGG*7bKTNsWW{_(*&FC89Rtt+vu1|DIQ9kMAvb z6_~k(L)Mk|>W9-c!WOu!ua8^E!X1GptaE~PBX734NV-%Ks&YZz2dl9f&5VjR&LUJ% z4-dFfSIdTWjO2-QWQv1^C#!QeQ8+CD+`Z$d z=J4_r3|F1YA?vy*sTno$lmLIX?qzEP==XOzw>WWmH&jDO^Skk2~*;gEBii6wHl z2%rn$%v@PZa(A!cxDBq-zh70Q9M`XFm>%Si`(WaE@%YopHN)lf{4TFr&A+dk+$7>^AK>YXVgxf=0y}CPy@tTC)+pJA7L!n;H%-j)v31GnFK59O;}M|ID-2J-4461-7-$> zxl%Qpv|O@ewRye7WaC}^lDLFE!kI1>3V=pPV`l%RQiR!-I|T z^vPKDByKLKhuR zLDYqSfcp5a;HDvtQSp?zKDi_DbULg*il#Q4%6Ez|W|tq@q&aX$$PHb+8D#REfQ_JF z9IBFv#w5ndB!82^|g}S@}8X)#R~!)F}spG18%B@{QCKBrUog?rjp2CRw5r zj(?F-3JF`4_d<0U#bR@kj?fc%*0|uwFIEWXYv{@~7+L3dZkVCj#T&bY zgKymct(`7Y?93AuHtf3Ubc8R&Wqt^#g|m+cCDbr;jjpG)P3MQxpagAwebO^oj;)F( zZFVv)qz7E&cKx0|K7!GE-|qrNvj;m1R0^LN#UheeueU+?wk*qRSR+>UT24WF)>np+TcOuRatV1nl>L*Igfg?pm}H(czwEd3-rj&=MvgXL>v9qdvYQu-rNclKtP z;kBM>It3*a{sqcUQy^g;!`{gn!B<)HQFOdB2JY;c1Ae5hGfq z;+9Ep{=^AP-+$KkW(Ck8k`0(>=#Pnnv)?>bmx&9{elqmKwr8z7k~_XCJvu6bJ2g4~ zu(R$b_%(Snf3G_33qSjLSpBPL_1;X~g$(T}6Ih;=MShCPMBi?ZDZ#eK8|D!@ohNO^ zT^G!5V9!y@L)`+l(cTc=-OCy+vR#TS_A1eT2`a16OUj2xEWpD}W>;Xma$j6)Xe8^z zcuV%A`l*l?HrbI_P4(agR7|>i`0rXBoh})#AFX5IED_q7+XhaK+#-v^ZOhXgfBZ*2 zg<&?wOx_oBfk*Sd_vwInfaI41gLr{$fa9VsRU+0Y^c==FS?!UU!%mJTrS8)W9i#3( zAv397U>U2Cah^1|8i;dBo=LiSg_tJWcRgxEk;HE@5%qn0KaVl!0I1)U&b05puKrq_ zSEl$~G;ChQ+oYtt54M`>1ZjORy*UhgYpdIO+Fj_nQD^^L^3`ld@%#@Ytt|s*yN7{! zyGwhUDsxrZp;aJyfS<{5*jn_Ig(VWi=?+#|covMEgcDpXB&Ol4u8BV9`4i4VcZ3K$L*e zwnRC|7)tcqqDsEV_km1(0tF!b$*hel zT$(G=-gAJvSRYh9#Xe?OV#t{H5?_fAZYz-ECGKGVvrfq9T%AB3)Q(f!FLPm*PI5!@Nx-&c?|E979oz ze-b&piqN{8E4kSJ^@t2af7y%BZ+PnLJ%c=A6U8N)4#oY7_c|?ne*g~en@EB#;zY=Fx==Qr%EHS28v1+e3LTXX}h5D37jb8caVyy70T zPYY5^{j&ONir3s3(`C+Y4S$p0{{8*%b`r4AthcNIp!%=H6Y)(B0* z;C>~`4KyzKCa+}+Js8|ksnf9$xxePn?7jMEGkuPYj_u2Iedc3#`;**y@__B$;zncu9rhLHdJrmG3Oh!@Uq5Y7T~XsS+z9pc#fQX zZ;NL?4X_|Y``EMaqQERd^w{m_XDePIn;Qj%Pj|kjotR#VS~f1}oSY&PsR8VXr=zMC zb;aGRXHv(&T>}kTO4b0^?1V!9@yf>{x!CKVu{tHx#F-TU;ir|@~gt7=<{*V z6NfA8S!>O^oEbI0y%f?o(S82$e?wl&-^C!WK>!Y^U>kjSu!f+uRJ`lwd4zS9c0Vps1HgHy-vk9*hahK^`gh2_p?iO@`eX?sw@9?0Aw2<~8a(^& zXug7@83`#>DR|0?y~}Go`Qxa?(???$djJmN7Jzo6Y3cAndfzfgwe?g~Lq9cd>%$O& zJ3##<4&!pBepIVY#;97O*5K2pb&N260Fit{qYjp3%o|m6dHk(4Fs4diYvC5MJQS?G zFvkoc#luDxlpB6LWD({9GGML5X|WYt5mZFH3Q2EoWH#^mH6X@7&xn`2nrEOHi0ft4lh0RyXU9^Tz)U~KcH*WMCqXd0eJ z#aCrxE;#zT2{1XWZ>lotKw4Uwxww56y7}#oFOheRlC;AW2^f5(X`!fv^BqUH89S3 z_!u|c3ZKPVc_MnkhIm68d~2Emha~lyP@bQaqvGl#ToYFfgMA|Y%s*^mX~_lF2?T8> zyRzB5J9Mm=Kod2zDtEgdpqe!^LI}=4CM*(yflvhmfwOmZ!~2LONAYi38N2fd5IXg^ zv_}N25Em!i&>K_t_cz;0?yhjflE0xDUj(2Q-5wv7^)T(Y+F`6jkN88~4Y+{CO64I& zWIyA}*a_GIy@#Jv91$~FyY;EHop_$QMyNoNEzpb(mc?raVCH&;%(z~LE!X2KE^O6WfWMNq zs}{312OdYm+`Ps(Ts>@h@@b4$D`-)3%xqM*NK`GGFBQ(oY?q%t5~3HMk(kRas-Wf?5OKj4 z{Ijdijr6wr+f{n^2b5B0puMf(>Uhg?v%f4)!ote!Oe3P#ZvbB!J04u%@8ucIijr19 z1xC?9CTK&Iia#Z$#asY`4Dm0PzMeGukF0i1FsN@I?^iu~05oo>U3t6qr9|w8_5!SB z`MBBUsjv0aIzMdP+v5d^Glr7{I1aXP9lwZkk_xMOXPaEZ>2lc6!eu4*$X^}agK5G1 z9$p-}f#8-X171b%)2%#(_N8#Ce@ETY2F)Q#rb4Al#bE2BlM65yA63ye!?n1~q z`o&@g@y@N+^bMU|Ppl)0)5n&hd8^uyJ4Jb9E+6KcizZzOXpyj6ld{i!1@7T`y@_cN zS0uTIZ{@z&CWa&WQV*HZ@+&ksUE(?33f`*N7=Dpzu>@E9Vz+Upk7;GO^xwC!t@sBA zIp}JB`Tg-_y2+A}1*Of@UX&Ce@^Z^NVrGq6HqG6tnm4OoLVvsRJhq8D%=)eAt!Y-# zrI7h>+kIA6ybhQU6{zDM1q`f~m=eyN_mE=11R47ETN0hXP;8~|R_`O6V zN{al>0C&L-^WdGK@K?oNsKqa+ha!xE{h$wp@|3D#-y$hyp}C)`$5cvSW0v)-a%+YD z^;?(&P5Sgd5r_PDvE{$TiW3@U>^ipX_YB9I5``wufnFWlyDL^foiKVhXug~!a~ezM zrVp%ttRwmhHGOidik?+4RR1N;`Bx&(e;aNLOuG8_R?)5IX7+b#F?QD2dm!S_?p;(* zSCwO)>;ovz3ipFJ=5tSw+?I#*`7Xqyi|G^<8GGDH$U+nTa zBbmRL9!X@DG~blRVh6a;(L2n=mJTR-t-`%w@cLyIkp*-yR9O z*kfl&~nwgIEG$4)de2rBXL#gvzBDqQaZoX%f#|C-G`5`X7gJm^Ra9# z)w3;53P6lV%219FCZ+9$o*9i)!5nYU~LVE1wwfUzUPG~K=yF4@UPeq^=ez+AuvSGm>kW~!Rf4by63 z;XA20)wDY|=un&5AqH{PS1iRD$m;m2YZ+TV<47lvX_4b%i!t^L zF#jQ3`OyFalq^O053QTD)y{vOn)MP}6_{W>)3b;L%L=R1XV^0iWYg_hFaCWqT|MWw zUE~60I+b+%w#Hepf;Qb!uCvamp(wF+g{ldQ;gkLGq}mg5?5<7ye&g%KEf}{IVSHdb>2tqVk6@AvT+JRBq0P1{c#m^*5!y5V*dY+m<;+RWHfD8qH?k!FsMt@BIYqj^lboBhnzrF$KBn*ulC`6jy7v zG5V6g210%7Q&TcQi(sn{d?A9b{%8pP|Hp~3?{3(Tzvrc0)zSf2hvj{VrPlL9WKVG6 zh+t|bR!ZRR5UnTRMv$rm-5Kb}cBYT}+uU?yFLG5v!FnBKM)+YS@!{iw*g6QGBF$|o zm|&Mq{LmHu3RqS4QPf)fM&7V`{@WR#F_4y-;7Ch2An|C%@}3}t5Fi(CiFFtc#UTVJYuD%L>D;YlV0hT{uBinCDy`Ru8xv!wiq{vfJ`2NKc2d6 zaOQ*9IP?i58Dzq}XiR-(u*0@|AKSa5OqTl$JunrlY$r>C0+ZaG0MYZ+1~O%9_igkd z4wDi;`FP-LZv5t1b=hwA-~oyZF{WU`XCAXfoDDtkJKoU87YkVJT>wRH{*EYg=>9TQ6oJJ|rybb{D#H zn4W(6H1FbRhCk4|ri-l?I^e$|7N?cbg6Xz!X##>c*f!&0(`s zw-M>O#lxto7HUmClHxLFdaQ$O8iXcS8JmRNqroVy5u(Tih6>dpOa;?|{#K67Xf7H+ zEw9>TmeaZZovO)_$30X&VQh0b!A_VygEw&V6YqLPC_M#ArqQ5(q5@zNLSE9|O+>5q z#Lt#i#_TFs-+N=`pc!%V;S_e2XU-R-*y+SO?#W>P?M95_l9UgZdF}f3H)f$)j3?)C z<#}ou7P^_Lx^29_p5<7NVD`|JoQKw^G&V%Sd2{FD3BvTaf{Z%3vhaAD>Y#m|X5*@l z6GA}vX+S z{#OyiUAhZ;-wJe0RZHMy8!S|_nhgz1+g1kaGFB3lPx6@;i-W}P{kWLuhq3qyZ)I?v z%%a$o9yyl7q6CiKTUNT{pG?o{qiVkfX#GhDfM<{9MNdLVhWnn=@d>TYly^?QP@CHh zc>|w>9lLT=_rI}9EYbfjt90xUZ7CiVt6?;%dcqiQr&)vdkfrdorh&hfGlQgyZ!)}k_cLNV-B|42YlWWbj ztreQa4dDI#VR!Z=P=MCRat3L5REceb%}9A&+B*m?r}F0w$17S(i^%L-&iqBE!q%`X zmD(v+YqvhvDU?0PMYdz3uxyW5on1A@Gl>FpM4hIm6K>n~zCXQj(gCNHs1Ub*yBZ~_q`y7$ybuyWzGGHa_~ZIpL7Dj?tH+E|zElwImu$wp(oEv2 zVLMBo@TnWDZVojUDy}ugf(BEhos4E@hJmD^56K_m4n}EWg@m z9|O4JH(@uvjsF^frk8NdeSK`7^wZCM`PL1a!`1*9_};Z1i%TUzb#OOU!c7Ax;>leZ z$sWTiBhy;?G9c^Y%hHRnPcJf1!FtA2cq{)|}#5&^dYa zESwU}mv4T#xR*K?&G=TJF0?pcnN?2laL~)up?o39`7-Zby>D{v7B2+O$!BfpIWv>L zD(0#Y;Tt#np3>ZCU}HA07{-o~+z-2UJ~AOpNf@MlT}~w z%HFE5u_vsDG*y*uhPcU3C<+)r( z0DMn4lQ*{5S|`Zowhzz7v0zT}V*sZoa7ApV}J_74Mu9+TowqL@e_09aOWTW0Y9ttLvb zmZ}-X-;j9-8{3(4s0lRAhJVnue#@>Y7mUkb_QsFIIOX=|yhuR=tYUDHTCck_qB?Ky zU4(l!yM0s)#-5x;qqLK|BV3fj;MXqeO{61G4_N#Be z?c*`YmPxbSuHw{YBA~<~gi7x_?zPz<`aSr^KEs84CSK;YHGy8Y%&0!qKJ6-b(snf; z&II(rnMX%*$K*)e1JL0Q?o85T$0K{FR})9EVR};y7dM}i(NUQDvY|o-j!NEK+U8i7 zza)p6iS_u_DVRyD)00-||B}r%2q(N|FK&Ei+`{U>aWnkX-y8G}>!~Yiyqd;1YO9mA zXxEX+?y~u#;oxCJOCSM;=Sh&`m+Ot0`_@5YTnZF_uSu&C;k6RWNStb2EqH-5S;;_t zpWmFNb7ljD1gDB${g|c4y+hEP^KM*b3m)6YOltBkq{oqFex;?r2RP$`5f4 zkN~=LLCfy+VUn8wU1_|HRx4}zf?K(@_xDA8X8;bRs|U+%VKWyy^bB1R6pjU%wUJ9} zc6Z_1P)vH*pkd4La~j*QYwE$5(T8j|eqb;&cDvydQIAmSf@6Kc-dP3v0Ip$N8B5W| z^3S8z_9`84hGYlnf0E#X)sN0s#tG$y%af`$?83i((5VRfu3V)OYxqW5-e)~D#s8mT+kuU66d;_iZ9-GfK6F+3J&qv$%V zEm?*JiyR&0E%iR?s7q_bj(^v|7QeVpUF&-#fd2d)e zrjryoix=kl4nx0Hu2kSx?TW67<6Ys+OV|S1W=qw1i4B}0rsts}2mK$egS`TRk$^%7ER70x~o9 zQiWtq6kUBfg_R?38%?$ViLAKV;nmk$Zh&mZbq^NbAKSd|AIPd2Ovb>EVpdSQRyTd7_9UO?dYlL8i^^vO)aa|Fr(QCcQbshyX_2#H zl<;BHTPjiKu}2ZZsYbxk)HBM3re%PqR?TFfRmdyf{;Ok@fK_#Ta??XxC02a@-o zUnDYp`@v0LMNrt|$@e_5iqd7T{wou&7PE+j7a$Ll z)zCiq#Pf=V%!S)w@6D45ihD^ETY?WaR*JuG4*nE~J!aG)S%(_HWJ!b5cjPW8z8#hj zx#w@^RF`OZA)oyQcXusJs(YKh*blW8_O{rVztN5`P8YW{+(6KL#tWua>Ethtqsucs z#Mmw(bE_R6A^DI(gto>RqnQmNEhm9BZ%RMD-eNq(%z))XnrFlnv9m zM7v;X-%iwZWGLVdPnMjXSxS^iR(h4fd+VARY?M;$E||ipj*H*2^RbhI+@&5XYDm;9 z1;=wj#w@CnuS8t!fr6&nGI@gFSqOE%twgu!1=B>0ttZd_#0V$eoF8rS({#$LF=1gj zWWLZ5thu!Vj!k432KQlvr_4i!56%`G*NylHx%C@Br+s2+`PUTDKOytLe?f~o8s~z# zT?hBJf;3|q^=M)s`=Za>HIoc7Q>iApKq%rvw^64r+WkV5=f8+1RZcWSpXu4%KPg`$ z7yd)~dNnxtSFiccFF#}aTSEJ