From ffbbf76f9b8d4efa12da7d7c01f202a3d98edee1 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Tue, 18 May 2004 16:02:38 +0000 Subject: [PATCH] add html version of tor-design, including 150% png's exported from xfig with "more scaling" magic on plus new pdf for nick's typo fix svn:r1891 --- doc/cell-struct.png | Bin 0 -> 6088 bytes doc/interaction.png | Bin 0 -> 29360 bytes doc/tor-design.html | 2486 +++++++++++++++++++++++++++++++++++++++++++ doc/tor-design.pdf | Bin 175247 -> 159425 bytes 4 files changed, 2486 insertions(+) create mode 100644 doc/cell-struct.png create mode 100644 doc/interaction.png create mode 100644 doc/tor-design.html diff --git a/doc/cell-struct.png b/doc/cell-struct.png new file mode 100644 index 0000000000000000000000000000000000000000..c0afa1c4a11f8522c9bba10f2f98ce9660297ab3 GIT binary patch literal 6088 zcmeHrXH-*Rmo7yiLKa3uKnx{<5~QOdB1O7Hq-kgp5imd~fzUyU^cH$kFhS`eMLJSd zN{|4dNR3D*6sZY+`x93wV4xvGKO}U-lLhMJ=Gu6(}HD8)PP5Dug4+Z&)Oq@C7HrU zX5Ge}AM)9k2$stipW>XI#lSnDK%?D4ow79frvP3yZxC^;j zUXhK%uNRbN40y&up-%X|K5Uf^@2&y{8)C&{LvyWDQAdViwY_A=kY0hE-d_p}vLqlU z)0kJg%r_lJHIUG!!E;J8=QgqBSHhEw>w0nq&ZZl8=V%8y)qWq*gT2F3$hNad1Rx~# z@|c$kxvM=p<)z(#nro(UuG7j#Hv{|jwp{2J9)5yuN`Cp81aSbW1t-_h&8ALJl}a93 zzclAM&7WpGC(fIr4oI`ImkJomR*Jn$uJf9fW~CbrEk2G*`ZgKtHsFQOl%4l|Z^q_V z%e^#kiY4Vnjb2Llj)TUVc?AVF=DQ2<=(h@tDeW@NArO3g(~kw?9=nnz5ZxhLwQm}+ zljnDe!{d$M8A#)vkQm8AH8(jn?=+F$tp>9OCnhN(xr}@l)P3<$vN}dwh=UvsjrV;&6 zPV$x6`aZ{Zl$bl1U<|vqDA&vWqBJ!YtsbpJT4^&2h$f zwHL87M*xD&6<16cwm2@lVSbV^z}?5C6;i`9%x`EM@NBwkyViQ-&ki*5q8=RXpNtkl zWx>S6<}AOW>)Rz{t}}A@0jYW&7)$ttNUz>gD#{j&k=9bFg)6geZs4MlYXWl!<|w5| zKc)}*1rkIN-K<@Vox`~UgoE&u!E85ts1k{)WL4VV>>O*&4VYsQt@}R; z|5fdOMMkSZq)F7HptcET31XFmQ}qNmkx*ZM>(8F2qIt$h<2&QCO;h~`Pur$#hYOE_ zTv5*Q*;8mAMO;Y<-*ana#fQV$eT8s$JSE=@PpOAv{n!d`x0GCKl=e&@aLQL2mRu`HvWO%vf}!$ zJkFd=eysr$UfT=I_sQSGUiG>ag)ME^e4;9?q8jxIxPA@r(iO9G#Ir*ZI@2+zc6NVRepmjK<8fXM{PJo@xLt;V^LUW0k-2fEXQhHnkE>rWu3rReaZq&3o>Ib z8ZeN`&ZX8G*HnGbskB}`jiV}w!_EYzORzH#{i5L{D(fmX5f1Ofl;)f#Y;U=w>xgwV zGbrnmsNXT*={>5_Ep*6n*)=TBGg`Mb`tC{e84At$PPRx4UdCoYIvg4s+GRN2TJ2SR zr`xs8p(d2;WtW5Ls$P*b!60zCDD8`|PnOLK!G7s>x1uqxco)vcd#_rc9-&}6i7;)y zHxw6tJY~^OUyz^hS>{^8ybQ1)4Gv%Tz7wm4r{MI9DoIlQ+b81{w6G~9VpYc{kYnOx zscWcBZ}sphtxBTOx-M;KFYu>^yxM-*f(#CLQFfQ0KM$T4j-)*@c?et4nkf8J&b>Q7 zwuT*EO%#=nCoU(VVlS${w6|{<4ikFQ!IWx?K-9Dab7Zz-kps}pgO)TyG2z?Lo`egb ztW$T9+ACOlu^;>|3s=Vb{t+6M2Ss_8=>?;5`PABdEZ_FsueXxhX>O1O$SEwsqbTec zgIta3@OWAZet+FD8I{$AQS#PVFp8C}P#a!BWkp&SpM_f3cSYW7jR6-%u|v)V6&Ppg z!{HhwK)_x9mI{gcNAsW=cZ)kiBr_ah%nK}zt(7;ag(RxWBGd?&t18NXE>B~e7T4ut7L2_7d5aA z8ao@yh;Q{}WKrZ-Rpy)o^70cp%F~Qb-bHSk6})S%bbon92yJGbA?a8D!NfP}dZcyN zmpiXzfz^uiVnN4`|45eRLbEpCK2ZohIog{JK53b77AU)Sr|sw$*_4hc4wAf)vfE0e z64fW`pJag49XA`IOm8f`di*!Yf8!$8)2bw>O2IYU9-k2y6}z*3a5z6lRG*!#`KWgj zV(HRLs?zkjx2vmbqRBHw18Yh)h_H>WC(<+QwfQCgXkDu};vBQSN){Pfg4U~aY$8^9 zH{s50Clcnpn`-|7SsYO%CFPDy_=_ZJmBjnCMkpI?PzbPu_TPE0`rE~lq&-CWiK$`Mk%HRLwDTn`Tdp)IgL5W$vDw440j~LXXc;pP4A@}`*%A% zsQ{_NV%iGQ7JM|@#R-$t(H*QKdx{&0YUkn^(cDb`R#0$orty+r!rWv~TTX4)$WcBfoyQevaNj8P^4@1PJHz>$sT69Yb0sJs| z_w0@V^N&Gc4uM@fWlAUHc@{0bF*iYFGe1hHB=z$1zA8PKZj1|JOgE*WJdPl6y6@|E zQk5ELIV1qptf%_80ar9g>;E0lnoZnr9?D#aRiux3nJF)fc;S#2FK4-s)j$df8gC_I zFGDm_L||fio|d;qn^KW^P>cP*eZC{--`;qZ4N%rM<~_{B(Srj%#2|x!^AOgGmu3`j zBcnR{y=d}=^#q-X%q}wxm-8&!)0Y!!#;9UiVEM>HwC=3z3cF`#9L-WVJiUXT2n?WXEc)9B2HfHhXYRf~ zWma{oa>c1N;GBhBnaASXN_H6j!K$(aPE08RSHWt{@h*Pzuv$AO>Lu-T0G-@Xo(4b9$<< z^ZSF2*m-(pAJM5n>;7Dvj`&djX4}c}Vy2afMcnghx1t)koPPGoF7-=EoFp{kBesr@@s!`9e_1&~ z^#CCe{AZhB6G7jwNH8N zxLG2al}LMs%HA>c|3Bln>Aki;g|-j;FuggikTCDtHvO0{yU(tkjMEpj6{QNyDU4px z=$>`s%T*JrCcnm8Y6Rp4q~K&+om&- ze$=b}XhBE+>WLaYd6LJFB#BBsScDadJ%nF~;K0pqJ9v3039$Bj)XP8~9je=8Um#!{ zvTJjpTg*2DI-bm(e{yfS@xr^Hg#Z;DqXmTo7qV{3!0jVN+f8wVa`RLF?$LlQpQ6EP z4Rz2db$})Nk3EAs+{{Ot&*dg~Iyw_>XihG)dM2B+t5dQSTHx-=GrvA_%jeoYH#xXc z9OTwuC8fCNukDp`U|Zc-ct?pO4EK5kdnW|QG9A29#A-IL-W_HshOFjUCC3;PPUG&< z0gG!=zA$g2{9ryvpm?hkVlbU{e)%zjHKJ_tzE1(T1e)LR2ipz@xrM2moc2?W(Nr zdP46@mA-JN}L+dTud%rkeW(rX4ELDx5Zypp*T7dM2)zp3T>WkRFOFuMu{l$P}P z78!vF%+q_A$8DCniE@7UI|=iLL3oNbsl&7p(C+r;HIb&u>ZVW9P|)QJOiQpX1LZ>5 z{M}Z_Rk~ukOG0fExr4E?dYA6JdC@{60Iu+W-k(j}-JH8I1SZSdn@0*CM6Mdcs)jl{ zxH;tUfBY$33~y0irD`AVO2jg?i58VHC8G@s4eY(mgQBIQ&*Uj-WDRDnCgyiV^EecY zaQPdw@A8pF`1m-$i?wy>$cq96<{8P#UxiO{G!Tt}-EzE9t0r)mwSz~zm4IB&nsH&d z(_etzcO`k(9BuGQ5uO^_Jg;0opgxOdJKwrFKWYqv2+VWnsJ_vc8NhXIhxpL3)jR`o zQ$`&-uQ0&4x^g?>2Ppov(FTNv&oo&irrhAzwf-?GsbRXXcZ%3nEZO$s}7 zx}(PJ)(|@W2?p$bUhOjnx3~DgQ6kA%4mVHRfL3hD@^t|lj{Z-(*W~WBM&w@jiBd|B z`mU1nF!%|jY)uiU;hE_4XQw!6%>Pe-N~&C=eH0NaPMEQSkQ4~}0G$+l*t>EFJUH&W zxqdisR9NRtdmbWs%cwaTskg2@w!Ex;an?SXSL0Xy&Hc{EpXJtbA!-?%$GJgKn z89(J~E19E6ws88t$INyvbSAUBFe z1Vi`*bX~~PfT)SD3JKZgx5{Y6Qw0>T9<}oZ>cch1Ckm{Xd?FVwM-i%V3T;r7I?1| zEIvHCr&nRfaxgC~mya!wXEskq_EFE{BGThp^()=oRS_U9m zep1>0S5x6`n{A+)o|(i%n%(O#j1&F&eEUqXtj|nTI@8ToytOIY>m#a5H&rUK8B%}t zTj4to&2a%~U`;+Iget4~3L2Xw9CnbWG7u1;Zb#iWyUh}&{sb`w6U&d9Vs!g|3H zZ{$gjO#b|J_hEFR<&Z-8rBTD5*{-cC=7-wDLVb1j$TC1oVv>uO6Kz_hMoOpcM&tXq z+<~HxvAMi!ndTZl?jjAVxhH#p{9}ib{I_1~hd7tMHi-xm`cNf7=fGww^=^i9h|vC~ zDg8tVWmdMWY%3t+lJQ1s?`+!eN;pPVQly^>PK?j)&Z!WV%#V|zS8)cX0RI|3gWj!} zxU1}9*QH;z&w>b;qvRz90w#kh&bM@NHd815>Vt>PvP`M@i6#`}=hEqI-wsekNy&`| z+xPQy-ghapZ&aD8~i1GXPvN!tBIp?yPrc{ zdY{VmmdzLmw9ANxYW$U7da8hJ+5t6Jh4**qJ&oUsnJ0fJs(*>cU$WA)+4{VOd(UoG zAB9xG@z}&i6jy>uN~&DQ#;_@m_w+8xOC3nTA8GA)nyhUv@;klN%Al*IuUW4CG&JVF zxmU|r_|IPLH(5poA>b#OPi>T0ri80({$8YBCI^K!W`-Y?Ny5hDwb4g!i40qKMyQlv=-=`~a-p|?nvq9Ppxq=YIZGzronNKv|o zbRr!@Y7mqz2%O3Dyzl>?|D11~<60PVlg!*R_sli>+IwF{Kh{=(GC?5_2vki~Ne==c z+JZnXy&@$7SDs`hRe_glo~ouk5D1wT;pfum*Gg@0k;PZp#8=3ds3KuF@<(w#pL$Zd$4lDvU`_EwJ0yRAoWE(Y3vB@0DoG_h9)=D#v$ zhhC=(a1XD!!_<8B#vtF^O&T86*XFNH>~@liW$ty6Y~6rnz9xwe628tsVX$DHslNLYxIuB~|1U|_4!*cfcWJwJ8Axfo&Q;sDWBgX417`01{1=I#BN-TP3( z7Z6#)Co{Cn;xC&w_R+gJuE41TyDNPp?IE5OA94fo_hrh#+CiX9)*wtPYtSKgZ2}qc zqT&)RuAG7FtzkglUhu7JOjl+a810mGOXbuYGtvDFwR{?b0hTp<4;o1qs|*a0o?@bq&e+)q{6i+NAqEH9@p!ZPG(!dyyp%7J6GD0RYe zTo8YL?AU(s*!$jlx`wRD98){Rym|UG%0qUy`gh1BcZ zW*UB;*ZRVD1Or^yUf7#fIv3cRjz1nR-+Y{E&nSoU%EtRAMnSXe8ADkTwG9pTd(x)| zy_f@cVmF&k-jB4KpN94EykXeito5nM)y#e;N3XmjNe(TBJWDaztkckXIL| zRtlcwu;!+;ZjV&l{e%b<@v1qupm}-BM}d2mFc{sNp!;p7+kdOgS0r*DTV9TJzlXDa z^w_q%+?)9oTEKLMCYIYJ%|3bEi#dhc;x<;%;9aWZ9kpatEB=-QHM?lGwEo!Q{oDr} zt?$vZm9K(Ze2VZ$<`QK5?nBizqnU=o>-;e+GgINEON>uO3IXFjXg|_3=L(B zjcKlMGDXTuq@N_=u?9S}3hA0>ai2?w{(R=lQ8oTZFTyE|LYI}t=s6vlr)H9=M_MgE zERvnNpw>}K=18!^N_o{Rbug(Aw+8xGxuYCZd)JY{r=P<6&Xm~;+-%PT0~#S`)F(~Ct*50QZc<_ZAn#C52BixzmIvFeWZwbUEmrg zJb(8ObKJ6|Z>yf8(dnUQ{Std3G_=esB*y)hm5-nC7oE3x>+>9H3Og#l-|)63lJ^Rc zZA=wzuFG(%-;89_a*nP=OV{of+$~Zd5pdkz$FBK>;JH8T?OEE-h|AosG*-F4QLw(m z0TolDlD$Bf(h0`beOq0vO@#8re1d7U1rH07SQS04tSil~G;X|i+PZ%~C~91PIV#`S z51un!k(I?dvryd9#1-)H51AK0y zGz1|TOrFSUD9d6(qs$OlWOPWjqBrzIlqu5YS2tte4c)P_64i_CBJscVV%-7KZRflJ ztOo|O2U}$%zg)LyIqUVxT8=oxCHCeECTI1pTr_Q6JkiZ6sP|I(Bvf=dC#dGLTz-2L ziJbMUx{=1gDZFmErvt4|LL-tn-m1VgU1=4AuO2LSjNd}^PvBXNE3fWf7qI-*d_?u=sO!oZSIpWAKJAqARLGtt6t!^yi}{A zmYj4TZ1?3Tq)l&9G*yHC9@-Q6VllpIp6mBQ&Uj=Z-`BDdVVgUp?Y7VOLJqwU2@<+x zPl+Zc=gg@$GSF>7taiD1mY)koY>l7Qmy~;}|4K9-s4?5Q^JdsNx%nX3+=r@8TTO!u zK6MOV<>~BRSG%7rps2d-Ibu)B)8<~}bNV_rf<4?)=0|di2(>d|@lkK|cSWCy&ars) zoPC%_S4uebd8NO_qI~wx*;&cx3rpr}JL;h`4G7t2VFwgf-o-lO=LzFGXBz63$sECN zBj>)vss86FtT3Cg(}XS-M{#M$(E9KcoA=#CcC9_Jc=@Qlbm3$>C1FDi>|zZe;ZR+g z2DhWEuWEjEV#Ns550dI%li7DLcy)=`uX@E3NO&;kh-R6YWW3EN_IXD9w2Jx`m7=f1 zYhJ0I<>{5=&&C0U^kf1gJ9V4WS`?eqL1e=few!0o<~w>1p1M@!s_Lxj<l-s@%T>WiFz}^@Sx6lgONTE7-k>SvN2RyyR(K&dySQ8$uukw;6VScp_bgRjDy?yB1`O! zigRu&XZk@pg^Dc4#ZvdaD&o5Bm~{7&)AfCPex8X6k2}dA%l;x+^$hw`I9_u-1EH|w zUU6uE9JSn)W9q&&bZMHGSOyyLNr(nIuJ)co?bs{L{(}dt^2fxA@;mW~w)aK~@}JBI z(v8jr<5jUANC#y`yLab#DzAH&QhG~M&pgE&)5yHCn8s94`y}fUr7Pw5r(mLX-`~vQ zQ!hI03u@qaXaS(MMabM`g{Lt)hR zwr@lmj2R*SXyPU|(%TtYrs%!$+|O=)v3$3q(o^ZEBiy;ufUAc5$z6#vghJxfZ@yP2 zHx@>SANc#HL1&$(uW<}lP^fHvJ3VmT|DiuR@pEW&wQ&E|wd#(0c#ZuJe$9%kh|LrA z)QpO2A^vnu^?K^eD_$#2^b9Zew(^Z{MNL;z>`bip_c}<;oim)N5QiXWFiOz~ci#>l z4KJJFI#!ClzB2a$t~fo7G<)2By_foM#Zh6s-L3hGkrbWIsg|?XCyAsdqb5%A*7}#- zZ`zv*&|UYcx)$M4uI=)3jS?DmhWPnyeZu3zHM&dSY7@gFBimhRt14XWl;#*rYbt$ZTU4ap``{R&}2`6Xc$dJCj zpmi*ULYL>5Jlj^<&a2RPXpe7zO5%qrCn?cDO~dA$%7{!f!Zd9yz`XbhXr{wSoow*q z<7|g%pKM_VQ@RDMAh}7r*w5kCTUd;T;e)`%nWz$k8SY@RpzpzLwd6{7A~Q1@AJ zKwy)H%HC8j@=tKvlq>m%f*QU(>ASSNF?VDQ+0|=I_~>G%v%A|kGekBmm)e^eyxuweP*A{4*0~r!)|oHu#Vpzr zQ{c(0GTl&T_`ZN!bBy_pkYrNsIax<{_&FK+vfUTtoW4Pw{&wq|jMc)+4RwwpXEc#E zV=!gisQZ7s@H}@4VjdgPHVz=38rUAU+c0=@KH?3pFfH=dwN2*uF7WevI|k1bd85}$ zCyPw&>T*Q7Y!laT-bY`_Oe)c7Zz@xNGT3q@-V7_v?EuW;~DU-HjzwV-@Ih5 zbK?S>5AV(%HgbIuA``KB9T&SS`E@T?JgX9i7b0s+qgH;6$I4SaOe8GG9$Oe^PlH>p zR{=LPBFu#X36HHd^vBwpB2dZvLMtOk`1t)UJE_(K8eK@Qm-G<33|j1YUs9A{Ts2Iq z|KYb9KH*SG;yUqE`>9Euyg>&$hRB^$Gy;ReSH4*dm@n)nbh0S8Rd-y69285ilZD{1 z+mhr{=wBO9_au#m#yH`bhJHwzwl8?@*})4QsK|u=B4Zh4+C&kPv~D+}K8(=^6Ooo1 z@t(@pia9x`*vS;7ZWr0JPkeis!V!(Z*HQLV+`jB+C?wF2NTa&sO4=dz&x31`?3|Ca z!yVSUWs#ScLp$G>^NP&HFPrSYkYdJ!huisRoiRcP+g2OhH9Ojx0=6E*kv%B}ug5pH z;@!U%#5XXC4C$J!;P?PM=WAP@`%xA3BK!2bFTyRDDUuTro|hbdf! zKybaX>SXsfAVQ|&)`JBKK5Jid(1`8%)}WpFR#DQcAXIQ1>e^E3&}n8%EClZvx1YR0 zogXhJ${l{Q(~&tCKRZ3L3RrpLHy^O}vvEPTo^Xech}6lN6mo-i)t>$BqSl#h_F2nx z%&q3bchg%H4a@G2b)2b#Se72iSRTyzd2jAJKcCn(b9q1Poy z7@maC)?zR*1kxC8j`gD=OpO2ww=m(gNj1NV@Va;h3?ICP#S*KN5iST&{qGNiRVdHN zgE{IDyTs|>`2Px->SOz``m6FnS%Z;lI%B@g7OZ-9rfDcN^g~DZgq!$HXPKcr?!$J} zCx+`0w}*V3Jx|0)iOTI|^M=-ZhW47!1xD~R&J{3Go;k3VMeH`F#DdX=L8Qk5#~%}+ zm&_qd#;%sE7*kme{)A_~T8Jnw2U+#6wEGF58++4bqmrj`Jl)7Sz5%n)!J02MeAV69 z@~<@@S_m+L?fvf>gr?ptB^4EZ@KB#9VfnbtgMoz8ENw;dYdB{W4sX}hheMuqe57JSf6}lXfkML5?eE7JfcfFNlA6JiUw_Te{;gXp z9*Zuf9NKg0zB{zH;;p8k9X!DvQ}8EPfGaRpC6=d-X*AFXj!SK_tTMO1H;^pyWo>WJ zp|*G8cOZRiw{7(>EM6c}cEmQ(B zOnlC&oBJPM`_Nbbv=}s!i?AQPm{0l}+}fB6@lr!y=#~7d;f~E14SgTAVNtnlDGlavLq_J_ zrS@c`YP!MMCw;aeYcVYl7fOYHg)U33W=^ez?6wrNgpNs<`M!?f$0>07sLGJmz z%V&(5uTpq~O|+*k)nFIfM8RRoKc}GH$TzU}LEv6IruK8qmg&Rjf~X5@qYd=hBRUQP zqN%+Y#&xTi252W~#9~(i7ZRSrSl=`ZHtOOe5vRk|bw$Uf@Rvo~!%6KXe0>X!CAD3b zY2i5KvQ6x~U0mX_q`g7&OcCj`GG%nXHI_zGVZYY6W!)9wjLTY<%w2oU%APwB z!(ExGJ;`sH=9V+y#jJumkREDIpTtZY*qIvPOtF}hwt5r3NbXbsE=uDF+btu9F7N&7 zG)#-RH~8^5a?XocWMr|HzCcXCSl-`)Q3{8IqdI?uv?G|LxLl?tYisz}k>T#)PQ>gJ zoFtDy4!>o5+{$InJYtc~UdgPsisi-NlS3#R{gF>{zr2Wgpr_6dIWA&A3Kz4Bi}Ut( z`88=&vHHU1TRklHzo3bMEJ&Wdv-3Oh?IGA}pM>6($Gr3Ff7RShY51DSa*on{R)gGV}N;R{Jn-O?y?%GeU zf~d8CAHvV9?-RC9U+-6bh@@C0@5^;j0N?CQ;SH_wl>WJn3_V863%Q$-59h}bsBO2A zHQhCGbE6bIO|Hl_kJt%xxCVQ_ESXQ8;t$WEEK`l}%Hg&{=RsPu726k6{1 zBSqU`eU%MOvn==4d~-4A5%NgSw&{B^dP6Yu&w$+d@5J_tvz_+cH&t+|Y~Dg^MMM(BtJ>7basc zVdit6AsIiON{IX23?5?Z+vavE;V$1J=Hp*69il++TE$njf0ZpC{tLdtATLE2N*H;M zZ*>|CO7TuG;Vop}=bg1*6y-nRzA&OS1zfVA1<#Lwfu)BA_WpML8_l&XHY%?WPJ^(D zhzELq+Coq4FX52Nx9B|${*Oark?!@{AMfUIm|L^OE)R8X69GfML?bHikHO$oI0Q;B zkdpYrH!Oz7tJQK(X=u-=VggaM^YjuY*sC3GZ!vi8m}CwF>Jbi!vGLEPCqTLew{-g{ zn3jw7KurNR?|?|cGT(p_Cl@Kv7_98Yp2bY%50iN{aN`~0QSM2jfZZh!tC9(80W$Y_ zDD1w#v_=l?Yp0%=_ApQv5}mY#zKDf{u6z*{E@`}3qHco}yJ6&JdF~oun32(v7 zkUj=Di$LpwqiBlAZ)K~1Pebo{2M?oG^pb#Em#esW70%xD@P}2U5s27)mz117)*O^{ z+rD1Aj}%jL_^Nw#Bz)cvfx;M7Ou3@PS0~W`g4dxRUd`YXr zPT}ug!LKkV7#hM#B#Iu@->|?HD-UBnRg_CT{#0qq5(%c!H0?Ld!VwZK7!#2`JTb1U z+l0~ZmP!!)LAPHQhQ}5#R051{o_pwsr{WtB+3+d3uig82V`m6VLN9&@oE8)tUAhad zrr=~v;kX8fpEER~ynHt#&vFBU-=*gpd85x~B;DXP3&V1^rNvmhcMGFkN%Jo| z9^uV)c*zz=hv%V@?a2hqOhe+`oANpdzNZ^y`FD#p+%|>Cn*aJv8rfjYZmUsQ+R-cP zGDMER;%yjYK3lb0CoHR00el77f~GQ%=c&KGJqE`i5hC*qZs)5vpr(8SG0RP2cX6&U z1&h7=4g)oD;xlh=E=dCNy1~uktRsu*vF-Uu6$bxzfp4HR9l+JAqQapdX#S~Ah9v6s@`aZyRU(+o3`&fkK8*nxp=mBx0i7UTr3))(>ZtsNRGTq5BFRk@5RsV7InE>H~?xq7EQENU}C_3(o&$+?Hl81x2M#<^)%Az?SzZqf(FJDNU98C;`- zl6~j)vgI4t4Ur=y64o3xva0X4m47B+3y5|acU41KUpW0h6&@>h5{tnD_;=~8xiH!D zpzC9vGsVi)EG)lB$oqYZLC`!?gAz|ok8eHdobgx_ohKT#o864~rffV0rEzVx*nS%x zt`_d32??_!1YHb%x?!+UzLD>qmVOMW9u7%KT%LQcZTDE1G5ALSCc%-$_%+E6MugKB zzHnlzHI_;fMM&dF+#-0(Wi7lIy>*#q8UnP>8^wsPR~9Mha-7#qxjH55^P4(5_b}97 z!}*uaS1wtO)4k`@kOqu{8SCeocUIRooUuk98SDabH9ot*ar(zppZ9`WE%obIr{(PH z&2oh47NXf9)gR@<%&xdVi9nuUS2Olqe+YGNs!FJ*sWHURFw({|OTXVZ9=*k2HyaZX zDGc@|Z$!&s6K2Mq_2U4IOm2Dk_fMsxHHp)qk6DqKTxwKs9HKtTk^P<-SCfYY0p}@=?uxJEj70j=XYd^Ts#_@_t{* z-ko@_0-se1^`%$3p?j6{E2iu52c?O|Sen^Z7wN8*rLG%cC@|KOEBenN;q2fLiu+{G zBdovB4VJ2xFNDA*<y z;*{FT{S{3zesLDbpehBg3HRF5S!VqYv-LvNyhMU02Q5yq0*H|$F&}m`9>eL4@a9;KzIZ5uKvY0J!RcaHw1V2{TpMe z5M+~t(Y+tf#NNM{{HN2(lBoR`@>24|w;PNp^UsJchl#!{e&T7WX&imY+5=?S{6l+f z`^ADGf0u8CF1@5beC)Jd__Rs*6_aqO*tYHk&-Zq?P10A^OHoMTOHxWgo-AZuTaK-5 zXRlgTG(;X((LLa8gp9%5S}iMHcWz=WD~(?Dd5QpJQ5+R0o!=E!u`*Jq(tbL(!z%6n z{*{8=e^Go#J2?*%rCd%)<0CTX_@FL#-}FlPNVCq{$Sc!~{<^PJAhs;>VOU~2H!wl< zpB{usc5^E??n)2Uyu-KyNn!AM0_WwaqFDB`z}8hRzXrDo3T+x?pb6J3ed>OXiL|l) zzGoMd?W0O@d6Bp@Wi*jh#x_pI|JNd54E(ld0YKZHYdPAU!}D;EDek^|OJ0SSLWrXg zqZvS42KkxR0K(zZo-`n0q$g|M{R!6gN_42r+&T5t6ot_+sYofm%c0Yg83J&G=FKbS z2nIU~Wd71yJ`F&P{7TFF>gct)*L*Csn$=l?_%cb9j7{?*c-hC0+v6(Q8~pmEiM z4k>GY=Gp5wo}&?fe-vo75ZIIUgExvnP8@34XkX<83Dab%QMUI%C^XG@jM2wZ zHJ0ADllbKFyrssLt6F1yL;FbzB-JU5LQl`G(1%NQ?*h(7`fPv9Z)ZN_&r15TWZE65 zrAlbRvcKvv{06HA4yILY%5AW35&@07PWH$KIt~~ov6Q^SG_%f&JB_97SWSVf0f=!X z>C4ogV8btn(zDb0xgDgeMD&ZNKidb~m5;t;+_!Kxw}9jkxC658TVh0y$8HdlGAC|u z3;(qmscuL3H0*fe6o(JVZhT*3@(#LUiJPy;1=;pqA8#i!d(etvxUmWNWE zt?E`ax5$oLYw7thX*TBJHQpb}w92o`RY#)DE0;MF`(~Ewi3zy}*WjyL&zk(+ht+nn zoMwKXS=hu3Jwgun!PB#PMS6VU0PI^-=j-ML|L*%{B-O~L!P5u5NqH-LjEP(Ro!OT% zd|>Wc!LB^^#?NssUWv*hkhIT#)jKB;ZXl&1d!-~NC0<}BM4?JX%?MD%i? z)-CHp3WFW2xGRyTJYo%;43$RrgkP+>iWkOP-*0f!Fr#@XlrgmS!&51m25r-7xfY-u zLo*kML+(kJ96#IYsckhZzjra_cir}Dd*v&kcr;;!ew-Gv>s$_M&1vH}!yleMberUH|v#4VQ>Q4eR? zg}h|yHN>(lkP>H$Lwjz9-__a$;#8twFm)!#}rE~WzMb=CcUidrCq1hu0mU^!mmD?gDW z9Zk21`irFv&&3>oZvJPI6I}oQWcb3m?s)DmD4)1~u<5H}sC8_b;V0NrZuj|tH@63B=} zO3z$4j!C91#t%Tytm>t5@HMJ<6Nqel?LhD3x09oN$+{+AZtN*P22ZCf&!d*i5c!&; zpRF6XLJTK5zFhW@*QEjUdVj)l2D&-VHDTEV5UG<*6J=HU{|A#gZ!2TyXu67ZPbd2) zL);&qdC5WMrdf%XYS&vh>J-|N!&5qCsm(Wb^A?$blvLIO#nrB*mb^7LnDFBGNi(LU zSBvq}vqtj>OTNOs+Twy7@8x0&OtkrYUM-(p-2DXh;?uU!d@8${!(W8kVu<{Epk*_C zMEQ;z+9`xWPnDPcG=sNO0UmMu>tAEF=Tm0&%aWU=nwl2T2o%?V2pm^d$~Q3Hh6|jW zmrMYXhgoc3ZIgEg1NDO*MC8)a*8Y>9g8<)|XcH}_DYyVXmFh;_4LBSJ8`=qAtvvpf zc?cv1D9gVRS;1NW%&y%+pyg{h9!1rH#t+mKk?s8nuANHC4&G5b$=_+0vfQz)&M#)f zK4IE`gB(2mHmPbu4IiUjYG~r-NpwM9gPT|@fzoh_iMV@c>}E=*_AELBy@7S7B-W(~ z$i2HgBP|7}azL+^E(nzHX|!#DsRw7;z*AT{I~#HXriH@;4l9*g;7{3{N#HxPmRtOi zXoUJ%!$Cjq!04XzW`(AIJ^%%40ddu=Wq=Si$TdG-fnwsoq@FH7U{{kk)R31i3W{0$ zHcW8H+{~d{zieB+eivP;Q>-!*%k%JrrQwAOfpd8 zkFa6r@%o^GJQFmT{-HCd6GU@FQ(*+BQN}U#?mOC&jwZLPru1Nm=iP(1Ro*EmWv5k? z$2=VsCsTxPI!j?;c5$miPUUJ}c#w7*)y~t{TPtsgHlFU0eNW+(eL&#e7hqb+93buX zsxVM&dY8!nRFy;Tfz!RoA%@?^2Pvte8_HHRFEcW4`Q>nuZF%|URtdKZ(Rw|X^z>`Y3 z5d(c(RhoUhGsOcyr6^LFe;0LaIUWJOYikocs0GfBPmnq=U8FWt8}v0oGvBrOhRLV=1*!|k!$_ajmh&_q~N%3{V9^? z-h<)=D$dnxapB|&pw9v{SO@#&^BJt7>*4GQF0U%(q7x#{wgXgbn{IAulUMLwZq-ro zld9-lUHegQ8bo%^N{6{rUY5x0(X~C+&;-~DiiZ{6h@#@T)|i(ZG966T$OVVamZ>< z=hm4|+Pp*Ss5Zdaj6uB+H;p4#9WYfDCX;93%AQ9ba(5}R`xu|~zk+?G+!-5z>txvl z<{dWn@aF+rf~-l%0{vQR$U@1?M`BTWl*`+X&v!jN$WLPIZ`DV?{gJfkyOjdmClJ4N`S~k;^z7J9 zSx`!V>U4d)%!Gbu87t5jt?NU+RO4XFRn%2_ahNSuKxQ60Cq?2hp-X-g`yiZ3bokWQ z0ynnWH(&DDwt=cwI8S8+nPa&!I2e?7ZERy-4~>)Za3qKU7z!~7?2Wlef)Y@esEoZ* za1drdzXO5!MyUW8#rih73x})7b`n<>d`CP_H zx#1r6lh78^P4v62;TI|PrnWS6Sm*xjwGNH^n2h|IB%+TDqFO22SL(}QaCwP7n3iyk zY-SN}k-*>t)9;L#Ce=BUkazx>qY?B->wex$IaAZL5l6ZDyBkur=d5Lsb!@2_A16e6 zWXrpvNYr7G!rj=IJOw&UTM}&5tZ;a})=yv!=w^y!Yn#Rj#2+Ml99KqVrE?8Z=m!(2 zuL<&P)^957o^z;i=d^D*!87M1KOVv~jK3NkZ-9h}kF(e(M2<{x6dMU!H7fKgYaR!z zBWF&u$gthi#kg91uh%;)+kQ4VrvsGP-3{G#4>*59(*Kn-k}7j5OR#Klv`dO&Vk?@a z(f1EcmlZq?^rz+3=XO5CLpUAMH$7xkoNm*X>|(P;Z+3H-qh4?OWo-SPpH+)qirS;A zi!`HAHcs5aa!;;a$8APVn<=z+mcQ5xoZiBR1UBIjK2LV^xrL2&n0q%*5`b~6T>XMe zZL~^}Mp^iAzf+|<>DkApSMTtDC~wzRkKPb5*|ymcilmR9J_9`2;}PxV#GqwH<8fWQ7Y-(T)G@f{kGW52j?W zZNB7HOKt=7OV6I{Pe0rXDxXTvfyYm&tt(w%#aB0f<(AEU$giEw zO=qy5gdPUv3DCuYgFgP?X=O;W#i)xd#YgV^V~S_Lp2M_44{P(h3OPNshWS>3R@9g} zxsCI!`gHltwVydZuo$-)>ENh;To^u~a2&{a6<@D23bLjI0O+^bv`tVQezYwZzKi-1 zx}c6i*9rDG)C!Yz9)*m-iW#nT3dSgU(Hs|#EKE|F`P5`B-qWj=ryQQ88tmG)VsdfO zbe6$<`wbzhoN(&~97C;Y^q0NhYLj14*WvY|J-gEB`*B!|->5ZEEnUT}&NhwZ4$5>w zPR8<{Z4{@s0fOUv%TaD-BL=|N>?oiO_vBzWg06ENa~c`iGmuE^80LsJTV<|Oay0vS z>$b$P88kMQmp2J*UWwt6*$#l2Kcse&zS%#u<2Ai<9k&uWJg`)I5hmzs@`~(L)N;W@UH*6Aljfg4IbG@ow}m%_cFss4A*mPu1fowOVx6?!M3m z;fYNW1qX?%PyKl1Q+@DKw|~c4{f!V#Tl;eaguz?qzg`hELNP7?+JYYn$;W)MA4~Nq(Lvj~?MTew)ELUhD zkcSjFacV^_49ykyE|H@w>x|oNI~2EYi6a?shDfhIw0-60v3dOmGy}&6I4eg9QJ6>j znRp!|1d_qDd{1~*_`t>Lbb6!F`eo;jsC?nf_xFL^7gi?x)myK^Zj%$!4wg%X?7)iN z7+{beh1W#gCIwUqu)jTV3p55SnsYr|oQ*x;Tt^vm08Nk631h#C6MMTKp--&>vU zriT(}J0MLaa)T}*!|KevwNvjf_zCAX_Kci*`6EJPI?cxqf?1^1sIPUt#cmN>Gnw1GI!1&)q z^-*o{B}W`A1F;#O(nNZ|?P+UYYs?Nw&F}~TQtRJUiCVs(i?bs@Y#mgE&Y^yupPdfL z9L?H%zvQU|gx1zq6t{BCp^y%`&ovhR2$HJ4+lZx8*((B#d@eK>&$(kFZgUSL6NRgv zB=J5nP1B_TMqhhIHQSj(huY|Z((-bF>Y#k-3-)Jj<>21Y%hw_7*GL(jI{08>6&~OMSlL4P5yW5?;(D z8gdLEzJf{|B)r$_AGXsX&xw|O$VaaT5U+dL!k~ypl|xLEmpCq3hlV+;8~Y{2}ZAw-1ys*PgEdmknM! zlmT}|xbVM?qEXafzgS-n$PLQ%bLZ*cDaD^e5N#_GK0bWawr^fsz-f=`ABWTl<&iUq zwO$9;|Dy#0SMfh}(QlQSAw85nV4u78_tj)7K@_3UVfCleOA;BR*>^0m(1)Ig>IuMB zDC^LO$hAXhLDGo-tCRW{huRTh5F`Ry1qN#FUO3mA@zL2`yA2!_-p#IOh-wp{VBrIe zzXK}T8RU(y~Fw2t*=l|~h30!t4gZV$uURKMDhs+|VuN`QnyJ$qj}L^e<3 zWgQn0=p=h2m0_k~BcJdD31+BLN8dU(kTO;~)0g3a2Ntt)EIq{1yP>9;{DOR40l1j7 zL`frL9tCy^k#&AMc&FuMu*^a;T(^!{FNee?|#r8d-i3juSvqe6o3R{Ao3 z6ri-3$PuP0QpF(OSE!zHP4K0K&F(hGPhMY&CRo5soKQw-#cKf^J}5N)07cgf)4Cp! z-`-Qhhr=J(R^OHZ?hMpbFeY%yIi#RB0PRr|kU5geq#NbCQG-#B^-8o9^O}Eg-9Y28YxZ^FX<>6<$O<}L7*O%@MDPF zr{=#iTk*X}VfG}IacS~^grlZ?0}4IFf7I2dvSpktgrCY8#fK}a(6 zgM+Qh5xsNzSHa0XCY>?T#?a6-O|2k?14PdT3?8sd>@cl=tf(KnK&s-4Lk1}oFoAN1 znlD0RpEUu!)N?)c#a6p!@^B3wRkX(XKY&Ze&@jz@BsJq(k>2&A*@)b(8~^$g)`zU6 zgnFEY?*}SBSYa&y%JoMTK?S(sQpqoA*mpYRkJSB6k&o2t?*k{=b8eoi$wK8XOw*#5 zy^IUEL5&qK$e`6$jx0#8DF#OJK5{7_H70Lb?fo5+*9c^WB1=$jR6dc^5Wk!;P7lX5 zpNz6UG0wCte4RTztyNL(4NngQ2mCnKnR=YP>E_Eut^`uc6F`9ibKKGsAY~7zwe9o* z8%ML#kS?y?S7tLh%^om5)85k!ZVZnoi7QERb!mRDl(Rh*s)Mnc9yD;pBwg~(U8}Pg zMY3@O!-2(Q+wpY@f!$45_M}E6EK33=kYo&oKyYd4f4*Pj<~D=oWFzq1fFwKj+^KLwN*ZO&!}#sR}kvK%8^gyi^_SCJStiS=8+}7a8=+s(cZg% zQ;n>_jSKx}eLvE-^(%C6aFfbdB(lzJ3>GW^ycMHzfiJdrQ%F1CyNs%~cJK{+i&xf7 z<`^7&lGXHg90t8Fpte%Sm7uBha}L0?29xu3C5$*XudTg4d2|Wd;FjPay258L5Stsioo69q5Tcd zEnA-WgOawU`!8X2dn3ldKbe3h=8~AiQ=xtBw+GkNG6dKfxzy z%L&JUr|^K2w@Jp$drM*$quyMnIvw~qV|UJ%#5uUv%ivNV)?Jqd*8T0|c%OZ4SYPA= zRGF>VBjXG>E}=J|xbkulvgcR<fb; z(P!8*;;s=)GG{v$fp#$q0U%T6fxQ`>CNEHhm4RYBBsq$IQ9_v}SsT#M!HH&Eb4<_L zl{l7xZ^mgi%s^OH=$BHxkB&vO?!`|jd)N|)#Y`e3C3gL@<@JvY``By~V^5T;sZZ5r zy99V`Tr0|}%d*8Q$lO(~; zlBij2NAUa4LS({QF)s@N?k5k&V8Hz0196VGaQHg84smu0bEsN}RKC50YAv|@zF`f6ucFO8=W-P%YP*z3_ic>uRR@3D2{EfqceKhL=5Sw#hif0N_$_-qf;9hamWds zzmr`f__^{fO%6gQ-_6*({Cy#lH<%uNNIMs9xeI$(YwQcDhI;Ak5szFN2mOe1u71;n zJO##Z!i}Q}xUrv-Aj3L|H(&R4tZDEhfeGESdrH(V9 z#FNlIMQmvX+-B!aZ!)=FsX8Xp)Q78+@j&6?mcc}kLk?mQL^xi(bOGgr81vSP$PA9V zYPKk}RK*ihx)70(2zs8VP4DEo@^ALzp@BeM-vFyN?CcN7JWqe5=sW|t(|(9m&gi0r zdLIP&GkWd5kkmtCFjw!X#`YsgoSr6<-!^0`H|k9wzip%iW-Cj3l$K@jpYiMf-#<`m z-pc_|e7WMzufbGZ|ue!h8t>cGoSTA`j@Oi1WS3ZJF5CZ#9$BibbC+Xh5tM-mcq+* z;MTOMSn|Oy#%{7$>+L9h__rFQP%K78ks^2PihMo^$rWq8zw0V;C%-x=TAoe7DiNp> zAZh#Loz8Z?qVNkOCUwB^WetKNj%j}2$2$ldl)y5*#$x^)#Pk|> zu>F*i+JBatAiXGFh+w+!$lOwp_|q%l1WDRabo|9pc5l07Cx%By`gd2(1HasWRmOoD z%i!P2yF~}mJ4>CfN@(5zgNlk59Csw(*=*sh!`x#6>Yh$yZ*;eCK}pPwE_pr$g$9r& zQZw3gpKH{_;cEd;^rUR7Z5T-8JLn%jRhadjfNAa0vFbKd+$D{m4t64f1pZSkKyT?E zF8uUqw{lm*&)cMZM0T^b6K+FSzn{wXEGj<4gNDH~zxN|vVqUV5RHUwX5wIlm{S{Sh zfjjdu12uhZ3?Tg=)DNVrR)PwOqdC7kP(iWq*V)yY?Y~}tRSB!(PxNhnR|FN`UJ3)< z0=V5#sFKKF2MQ^GKjIP%6ND5<0S(Im^C0ufr;`zf zk)=z9h9HEv%=J1=ojtuhR{LI)gU?m6CQk?#5)Zu4_I1-F!Kf%|i z*ZS|~{pghmzs&8#25E#6u)7cfG{3h$rlZ60{RSijY%Neyfg+Sn)Op~VuUxYB{@dO>V}})yU@S7 zG{ERzO}x$H?5}*b5(TR7i9bI6<9_v@>>!&F6h`pM#cM7d9aK``x zEy2&JD~?0QK}`?=<0qX)RZXg2Al$m}M7G|Hs!m3Z)-1#fcTG z`bg{2j4&C|C_gad03LA1T1Gd)A$nX~hoJFNoTHb1j(&dmcC0uXg9rbG06{J)5K3hm5Lq}n zDvbipvf>F?a^ACgx0xC~OI=+WG~y8UiN-ok_Z~|t5E!kt6^X(?64k^d&?x5@-P%Z{ zcuxzB=<%AhVv*y5mvF~ST6Np$t|X^2=vkSC&Y1y_0zj`1g8!XMkIjk1$rE+5w0~UD zBu^x2#l(fR9DtG7xU4~eq*l>Y>vN4Oynx^vjOex%e4w3LN7|Bq>E9!cG^^1)k&4abSzaUWm6tT58j2OPg;GaBEJp7bq zUyS&C4;t}smgD+^Hn0D*2D6Uku{Ygy;`p50Q^jEfDJUyJ%T`OaG z3vTM^?4DP(~IWoonet}}FR7|e_=#|gWYyb&MTi@4qKow)TV+N@8S@7D-PzNatANp76^vdQUR zE#m%tq;cPe{R%*umdGBIO}Rcjc|e2-lOA%codR`VmLUfdfT??_LI(D|H8g z_yg?1+f)mFy4Y^v7jNMRz&OA-1nFX>hq`x^rzMmAnmUQ1CY+J^W}XHSx4{=|fo=vA z;t~a=?v=5;^L-6qhML=Xb_9;bsnX;K^IpI|9sL9>*BfKYW?%@KqGbZHC+zL7;}RML zQ0T!ObD|hD)eu5fMLo?bsFqw_&Nqm!UmvgD0)K%Xz5)Bg;R|W?uLaN|#AklykcD(E zekCXJ9xvvR8KBl7@BW~EZ&{W2Q}yo=V32@G?F5uM%>#E2ay#Ms^VV^{e+CdTy0{M-U6os?#O-G) zJz3J1H|RhP_e>&A82M_xfV zcOqJdE=rUo!m3%(qemwag6M+S2%`5yXVpYYh~9}3qVtH}d9Rh{nRm{6X3m_Mcg~zI zk1rPYy05+VzOU>5|Fsp&%vXyS)l_i1_lo+Nn!p*60~M4m1P4n^j|JffvU>V3IomODLradY|$33vv2U8waq#8 zUARTv%0CLBrP*7SnNwhl0!`&mX@lmFK73JvfNrWs5qf0K3GL` za*wLE$44ks2*j&`ES901H5Aq<{Sd3>kf>Vx@2Id<&?OZWc9lmOPNK$rewJ9esi7yk zKyki5WWy9LX%bFk3%3FLq|6+~N5YJeLuI|VXu#crX6YEAgmtpqBAyIj*-8VqYV#lz ze^qqtb)O5ZOXfX)DfLtBE5ydh67McG;U> z*(k>mnN5)bf?(2?)o=={9ce=4eLM5>6m{B`Z>hS)2LM}JCxBQ`o;g3MI0O5#IArmo z7dFZao!3JSUr&!1RQhTeDm85-BfY;mb^HOY0o;5r!4e&GA8aBR>mop*)3q+26Ia|y za0NaR{Yl2CEJ;)~yD9q6HhF!Op1;6cA_;li#Bg1nR7qNAkZkxBKs_X)vy_o+Dqu<0 z_ccb0wR0=tGU$@F9Tr@Pu6xx*?=mH2Bnhkuowgh62{fo|l?P}*t@?3hll58oU0m^>ES!~ryt7s zJndgXi`HnYFFw}Og(q&Eu65yAMbi9MubC2rxln~E+&8R@)P<9!x8SutFfk_Tamblc zkBH;E6|Q1gU)tUMfp2~I-oq_d-Sv=~h#n`6$ok2yYRB@#xbLBlKHhia1Wr~WN(W2! z=sj+Rd?NaSec*^t#fpz)ewVxLf4Qd~={VIYq7Z%u|A)+5`$jmND)h68{a**)H}!$3 zi!a@WwC8heX*U_ZX>GoS>TkIPeldXYhBf7Di&txGYcX$QTD{AC zv&$TIS3UaGFUIY;5i8;LGHl(#D4P$xT-2kLrpd$V05)Nk3r~?OBz6nSS|t=1%AFc; zf6BIGGLyF!Lc8J*Wm|&A;%q3?Mo$%1A@tE_rNFS>azIBUobb`zezs^d(GU9NTFw$Tz5wTIE4hjDX@kF z0!u}ep#TBB>K-e-dmf^Wn$oWiS4Z(Dz$m)+_nedU`3J@BX4%FhbFG8t_V8lHkk)>>_Y^E;HKt!nXYvrGd9P}-BWPAZkyf!m z=uVSyQ{3YOXsv;m(fYc{7%(h9eUCH(pqo6QV8%ofJU{LcUlbr8Ynu` zR9XWK%b4RY22iROsTiYR%TR$cn!M8m2)=TP^rRFX7%zZ5$ZjlT?{)^@663fW$0w-~ zs|fc^NW(fD)WH%rr1)eldJ-klFr&2{S}HSwC)RS6zG>dKE(p&%l!Xgq-vRe^k@3MZ zL+)3TzyA{jH*SxkL5pc#%=5~_2T(JclK}t64>r%!YtbqmTPGUZ5i41|0CywpAnE-v zrF}Er{bk^5OZaEupXCMSG>X>i*n(mKfLd$%JYV~1VE?I zX9KtR=+$mu{#E7~qFNqX(*$rDD}ctcxO{-Mr3 zg{NEx)Mu`eFXj6^!q5*k8-od61J~vI3%8!-)ZC+4Xx#0U@<4E??M&K#l({_H?UUa9 zo@4I|VDxr#c5C9;Z)>%tx%#~Azot=M1MarmzI`A|Nlg-3pYj1y@PFt5$mTGmSvbHy zHHR3^=5PTAHkMmqeAvb$FywY0>k(tf5^&r>AT}1XY@s~-wkSYlH3KT^@(8%>E_lq2 zyEsF@8v=pkZ+vX4V1FW?XdJsGWOI_`ODZFF#Px@C_#SU0;wi%kKuce?Lib**jKb72jKGrqSN zWTk6J!3hr@Gq3?;4seJkMEhpiOCSDl3oF9Pg;_(fAaj{_hCdm4D6@qu0V7~5-XI2% zhqw#ozOKsd->C7p3O;Kgj3(P4_yB4qFkSkeHZkA-gNqyU^M7gc{{KCox47+>cROAmYkcZXIK`x?C#GP}3<^2pum5cdA=8JcXoNc=)9ULtN+6`1$ND(ED?Ru-`^}oYazV@S2=hdia4) z#Vz7t#@1=1(2(dU{ttK%lRi8VX=M1VWK}oQiwRh%U4WI@76pgzk4>e2AR7{WooR#W z5QJ5EinUieb_wKSBG9z@v@O-)aCZiPlE1v!8jHzt)8>l!0-)D&^kX-~ZMFD|!b5vp zQxwX(*lB1s9jlfX6EI;OSy$>C5#iY-^Ea%z>1ub+A|{E4S76UFk=TA8wF}DQJHS zwGixBxlu_5hCc{qRaceORx>K;`--{}td;Rx8L$Q6r#%po2-4j9UrWME_*mEr zGo2cfe!`mdWS%`Z56^p0FVt}~y(+0Rj95uhV~z_DF)5UxbZtJsF)RH8sy|2krJ;e! z1s6k~o9sj3j!e#o%&2urvgy`ZS02$~%AgzIU`$4z~AXX~x;6?dc! zmvJ7Eoa!h|i?teL&j^x(SrC7>=uO`#)GUPnc0eCWt4Q);)(I^^drPAvJNPsT58NHq zLQTXArvbFUck7$hNrGwWg!dJ@%cc8B=ukG{OnAWt0-#o@4amUg49|l{JT|@4L|s9p zmex(l5>fykE*TRhvY7{lRgZ}<>Ibeq6vhwvK(gKpyULft^K#ytBnQpZYeP4woYe{G zg1DlBJZFe=!kni@gGt0WR{2t^{_86@}ckBL!kQ zj#REwKYbn+eBfX^Ad|`{BEjh%vT1Id9It z*JZyJhP8T3kJf9?IGYsZrVgj)+>=m?-_vhYVR0_!O*q@of+QuhxSJc!y?>11d-f!= zs_1v7OA5OV{e7TiG2B>wa};K}p%#@*555wF&J6q#=e>EwAFbZQ;NS}GWlm&?LLHry zVlO}?hBwS+(JXB|;K_JcDgU;_^i-r;O58%yL-Qu!P#9)-p-s+J@BTCw0QRgOojPGBV$|>nQHd4mM zzKqV(W(E#6msia(z+iiV`h|?&$6*_+e;26pjiSNvfxe?XNbNC;Mq~~OHJ)a}%q~yH zsH_y4zI$ypP>sA#l?93dKG?NB^eqhg##OIetvEbWU$@-#f{eeH) zM^8QQhHg=Tt!})m=HLnZYsmoC0Y0>!Q4(yd(;u)vCphO>;ZaOg0$_{uMJ5;8CvU2- z=ks4!-p#AaB2jGc2QOGdJ)9_+?)W4uU+(pBt01dmjBsq1lM#7(rd}T0rk_nrXQ!QI zxV^tbJyJiJH8I;=z1g!0_W6~!2YZ%TTH0PoNGv-?6*k|m{USQuG9{hJ`GM@TF1w)%ZfQrT6A^ z?u#2-*(Ol(>*P9bwix$xuHWcSwVmk8%244~M?B%ddM7wys4b@d;eRg%Ht zn;u#osn!hdfoL0GTxqI2Qo}vNoyMsy*(D;`u*`iN`3m{M?FSkfv? zH$X>TeV|b$T27eh=FMF9ySqNjxD!=amD z&iei&M#l@{s8$J4xk4RnXO=+Tb_N&75wUpTvrk&^uqsJZGr2owLBgbt^-5ZkeOmZr zpo3uE;2C1@AgdZ%0tfKbBpqcuC*$e^fnjgk~Pnty_g-03+tz-Fdx*OM5<9mZUENPcKXRA*X6LVwg$ zJ^5*U#8vWcZt$-XyF6yI;n8^8kChjR#ry@Vo{qSJE*-NF;-K)~|Iv~xbrm{c$Eg`~J$Ec#u(_R^q2Jr&(P7c&F80}* z9#mGkdJf_=2Rc<{G|IbT;`iu^B#t2tSm+&}j0xO>XhjwhO8e}E2_0Z; zjkoAQJ`teL>z{3ThN#$u^x1)?NPc;kv;(|}Kj@KlCJ{3VC3jt9ti<2#dyVTJ>yU!@ zs}Z|)r}>lEc1nRHnEjDaLnVI!xYBObj(NaJBmL*wQYDVCAS%HpBKL5D!gmMn3!I-V z-!&X!2t3>Fr1#wbMkO>51oC`r*y)wp@>`&pt?k)bR+v8ta!GMdrG%8;y#Dn1-=Kd9 zQOpWQ@!Ji$FSq&{ffqOFk_D|Tg4N=e`50yOaZV4;vnQN;{z&Ig#P zoTWK?%ikP@Yx~V(ihhv#aTtR+0niI+7+Xd)arsbOkqD4a*d-C&Mpw8qBxrL5eF6HW zbc74h-+@k>Z*z~q45b=J!~{wF_cNa`uk1f{3!%DW`*li3VDSZi4JrVs7HP}NNtrR_ zye}9fYDfdIFboPr@TPQM1+P6b(RsZf#v0JK+slV%_2)TUS3XmcF>|~j(RDO`_s);t zE8+seE=Q_V?KlM3t^YT{P7I^8e4I$E6qjqedn_Hn+y#(Jz(DYlTZ(f>^}g@17JU() z%Z1E!ckx!`uCB7{c#AZWZl(J3`cu;Za%=mR5pNCciKyX>K$m85s>f&BQX|F;i^xDR z+>mQKFTvjaMKF>xqN^Mzi?n|7$X2Q=rDS1J*z{w|c|l}bxrV-Fwxw~Ab!19zO77}6 z>bwL@HplcnDTE#WPa2K@-ReR3r-3vE~fieC~!x_i-#{-jRPa^@P~0aZaNjm_FE!09^LjvdpGR zvyAt?iPrpT^upd$xoUg0feeN-{e3wlWkpdJRTC3q8bFB0mC0w)&NPsNXX2699?N~b zGBCJW=y`1%YIwl2&UFMWL`*sF2@lQwU07@Xg=}(?znE>kHzX(MGhwIK?EKHrGVAQ= z5!+`~lUsR%JyFUr%6)e9J<@$52*wCz&5W`2x>Dow!iY>83EG3xb4NUdq8$znjvFim zvs-=EB8ag>;ajg-9Y2=W+zm)feEDe&9pLI(PT}3+lrgJBb))fp-*WT<5Cu`l)P;64R3Uc$a-sUkw@5p*~EANWGExnG&v^wFv$h5^77wz%rwKIqm)sz8CB?v6( zbb$&B+I~q*erzP3qJfEQOwf+u`Osnib;%pVyNYT3kWq{OTCqKHtH|oa@8x(k-x`Ni zD+c;w`m=Oq;=hG&P0CBP!*yTcqfK!hV&x-}AW~!_*{)* z$3IXueb-88CH!_#gJ{B!*uxHG_FKIE{cMuCeIaI|RvLRtS$*u7%X(fE=WfW4^ERmH zdn>@qPYI0-1NdRM*n%?Qn_`ms8w;a5BrN1R_}_E~^se}5LaWpH?W+qm>|ZE$ClkCbGr5fPGS?Mc7VRHVY1|0Nv0N>dCwzE@(P1TU*30C9RHEJGv0RJ%mIp8YKx? z5CgP2z>@I#4UrHO8_6qUZ03Y-FVjtHQ#mVkl)1Al8B}z?lD(k}{mk>=eAOK_ow32- zH2b^Gz2hO_b)%#lTRRl{dw|u$GrS0$KK|}fizl5|Y!mOMhaxgF525auQ7sD3pKNGg z8I*qi5{6~I4t{65!C{ptcvM2dsz$Dj%AF77NVs{M;Fn?if<&efWAm`X6g$bQSc(Bd zY9aN4HY?-}w(|3~nC_D&J%k3xGrJG2M(@aCl#?dPd7a*NVa@^So8vb>m7RwgT;iat zYUP7mj!%?fewL6G(uHj=;gkoN+NQNyv8;}vy3Sudf!Gq*BZ*{ffDD}G#xCj~eO&gI zCJ5Gjx~+5~>@`^mEii~^2#Mm^(MSNUx<51WK_BnekJA;YJ0>*W)&%b;Npqwv|5}TRo*VT&o!#wkV^Tb zF!H9GTrK$Ifg#Li1ehU`csWX_n$f&Q{>Dix>mo`emw<*h^V@EJ0+a)QssDZZl7Jjk zx2`gflAXF6dNM^nTt#WgEzb?r1j-5 zpro_N;vL_(rP#KEMBM?Q-F?TaOTM$Iry%UMvQ;g&%vm}n9KdS%liY9CZ1zl8b9a7z{$uk62!xS*59|mZ zF}4c8q0OXa5JRZ3L_obDR_%D&q)jzW?Vxu@rCbEonolv^`jXH9q}ftKGAmo`v>69H z^(iPQHmpOJc6NwIVJkRq!z~=NjlX}l7CH9SH^P(X>g75WcKY=?1vi)8LX|tGRwk@H zdAh~_=B?W=M+75>hK9fxd}f0o{V;@xWhUp~b)Uwxbu^hbMJ6XT!K?FtK$VQ3aXe_G_q9ncTyC10ZbLn z0x>OT|C4^Ccmz^1ELMNJX@y01rbnY47 z`dU<8Uz}m4*%wh6UQT>ofTwnY5BCH%i9H1m^XT-qaO`_|;cryc8N;yEl0_0UX@Woq zt%yhnOFFd?&KE*Axkx(8kVYZ2Fh$DHNhR$s->0AL-Vg-k!L}`KU@-Ko8U4{!F zN(BJb8u7mtyOUA5jo!P;Mw@46XB!*EaXi;PK>=63zc02&Rf*+29cb(z`qWLXTWx67 zUGlwTG>dfy@6^6&1J`71QZ;st2M{$K8OalBu#;@N4zn*#WPg8m!=me@iBZ0voaG1J zwJu+-7bX(NbUL`!x4*tu=F{sk3{d~GC8$3yc85~&cfaEcTzzY(6|cA|Xb z67#>!oOyISlN;C~%AIqFSYD%dOuJ$?IRc6|M4h5Jqd3Y9R~}aC*oYTBs5AEn?@5vo zFfvDRCu|iJr{<47ae*9xHEVki_v)%>?Tvg}s>I>av9SGE_(MCMX>D)mVG=S*nMEiA z2s&B?Z4k<(+V%T`+mZo--f1z)S@#YEkso$U*f-*MFlV;Q*btp$t()EAp{e10-6Q8kyh8eW2}Kv4?h#b2yosv`o+PC z9*K(V3QTi{6Wh_Q9z$S!@l1l2?Ln>w+O;8n*%r49BjXl zbu5$#M*~H4nTf-L3EMO1SGHec%qrvq&ZIGQ+L1e@_?Veq9DL`eN498^b}uBNMZaNB zzWcfCivtKtF1s}PZ6B(Cyl*q|OX=Y+1@4P%u2#vI=nq8h$J^#6K{X&`AL^& zXQ|b_SQ+mdyte1JnlD3TUx*WS3TZYzJ-w$A$FXz(B4VZcXnqK5j(OC{BP}W(1d}f| z1GMe*b{7*FQGEW};>op+jHZAdw3 z$4EgGepngJ&}t=bJq`pHYmbT+pN3DiYL+9{1>~zsctfa4wbW;qN6VvS^*p1%i@0DE zPrB9#!`ytHwZ0q}xP2SwF^+fp?lQEQN{>9?p7Osx;F&b-ksu71`91ftha1L(5b7ZD zxM@Iwi7JaI!)}|*OI%=793VL}5Nvk9$`vI_&=UPz78}wc|6n#ur)h=e4J-(8%^wHs zoLSLCFG^@}G6O&IdxIsXxBgRMvslRaonp#}N z1g6n>h_ko%F@R#k#w8$9x#s2 z1y*h5MbG-7%2^;M{WJ+2ET_44+Viw7Y>92b;i# zH`5$wX0W-v&^aCpt4t{>D)N5~4$F}BhV~`=l`AO;G(|X-dGNtN~-Uq*T6gIX52Yb?jQtk6nnWp>7>LcSQ$U1 zXsCrKm{srE3E+X6VPVXV5UY*L1HP+Aa&+cbh|3(~b0Q2M74+h|G6ryf5D-&d zAsZ5^|HT2m>=BtD@K?)1=?;Vs>jXv+7o|_?GsSJ*wgJ><{0p-<#y$mEqsz@PB8USiR=Q Qg@f + + + + + + + + Tor: The Second-Generation Onion Router + + + +

Tor: The Second-Generation Onion Router

+
+ +

+Roger Dingledine, The Free Haven Project, arma@freehaven.net
+Nick Mathewson, The Free Haven Project, nickm@freehaven.net
+Paul Syverson, Naval Research Lab, syverson@itd.nrl.navy.mil

+ +
+ +
+ +

Abstract

+We present Tor, a circuit-based low-latency anonymous communication +service. This second-generation Onion Routing system addresses limitations +in the original design by adding perfect forward secrecy, congestion +control, directory servers, integrity checking, configurable exit policies, +and a practical design for location-hidden services via rendezvous +points. Tor works on the real-world +Internet, requires no special privileges or kernel modifications, requires +little synchronization or coordination between nodes, and provides a +reasonable tradeoff between anonymity, usability, and efficiency. +We briefly describe our experiences with an international network of +more than 30 nodes. We close with a list of open problems in anonymous communication. + +
+ +
+ +
+

+1  Overview

+ + + +
+Onion Routing is a distributed overlay network designed to anonymize +TCP-based applications like web browsing, secure shell, +and instant messaging. Clients choose a path through the network and +build a circuit, in which each node (or "onion router" or "OR") +in the path knows its predecessor and successor, but no other nodes in +the circuit. Traffic flows down the circuit in fixed-size +cells, which are unwrapped by a symmetric key at each node +(like the layers of an onion) and relayed downstream. The +Onion Routing project published several design and analysis +papers [27,41,48,49]. While a wide area Onion +Routing network was deployed briefly, the only long-running +public implementation was a fragile +proof-of-concept that ran on a single machine. Even this simple deployment +processed connections from over sixty thousand distinct IP addresses from +all over the world at a rate of about fifty thousand per day. +But many critical design and deployment issues were never +resolved, and the design has not been updated in years. Here +we describe Tor, a protocol for asynchronous, loosely federated onion +routers that provides the following improvements over the old Onion +Routing design: + +
+Perfect forward secrecy: In the original Onion Routing design, +a single hostile node could record traffic and +later compromise successive nodes in the circuit and force them +to decrypt it. Rather than using a single multiply encrypted data +structure (an onion) to lay each circuit, +Tor now uses an incremental or telescoping path-building design, +where the initiator negotiates session keys with each successive hop in +the circuit. Once these keys are deleted, subsequently compromised nodes +cannot decrypt old traffic. As a side benefit, onion replay detection +is no longer necessary, and the process of building circuits is more +reliable, since the initiator knows when a hop fails and can then try +extending to a new node. + +
+Separation of "protocol cleaning" from anonymity: +Onion Routing originally required a separate "application +proxy" for each supported application protocol-most of which were +never written, so many applications were never supported. Tor uses the +standard and near-ubiquitous SOCKS [32] proxy interface, allowing +us to support most TCP-based programs without modification. Tor now +relies on the filtering features of privacy-enhancing +application-level proxies such as Privoxy [39], without trying +to duplicate those features itself. + +
+No mixing, padding, or traffic shaping (yet): Onion +Routing originally called for batching and reordering cells as they arrived, +assumed padding between ORs, and in +later designs added padding between onion proxies (users) and +ORs [27,41]. Tradeoffs between padding protection +and cost were discussed, and traffic shaping algorithms were +theorized [49] to provide good security without expensive +padding, but no concrete padding scheme was suggested. +Recent research [1] +and deployment experience [4] suggest that this +level of resource use is not practical or economical; and even full +link padding is still vulnerable [33]. Thus, +until we have a proven and convenient design for traffic shaping or +low-latency mixing that improves anonymity against a realistic +adversary, we leave these strategies out. + +
+Many TCP streams can share one circuit: Onion Routing originally +built a separate circuit for each +application-level request, but this required +multiple public key operations for every request, and also presented +a threat to anonymity from building so many circuits; see +Section 9. Tor multiplexes multiple TCP +streams along each circuit to improve efficiency and anonymity. + +
+Leaky-pipe circuit topology: Through in-band signaling +within the circuit, Tor initiators can direct traffic to nodes partway +down the circuit. This novel approach +allows traffic to exit the circuit from the middle-possibly +frustrating traffic shape and volume attacks based on observing the end +of the circuit. (It also allows for long-range padding if +future research shows this to be worthwhile.) + +
+Congestion control: Earlier anonymity designs do not +address traffic bottlenecks. Unfortunately, typical approaches to +load balancing and flow control in overlay networks involve inter-node +control communication and global views of traffic. Tor's decentralized +congestion control uses end-to-end acks to maintain anonymity +while allowing nodes at the edges of the network to detect congestion +or flooding and send less data until the congestion subsides. + +
+Directory servers: The earlier Onion Routing design +planned to flood state information through the network-an approach +that can be unreliable and complex. Tor takes a simplified view toward distributing this +information. Certain more trusted nodes act as directory +servers: they provide signed directories describing known +routers and their current state. Users periodically download them +via HTTP. + +
+Variable exit policies: Tor provides a consistent mechanism +for each node to advertise a policy describing the hosts +and ports to which it will connect. These exit policies are critical +in a volunteer-based distributed infrastructure, because each operator +is comfortable with allowing different types of traffic to exit +from his node. + +
+End-to-end integrity checking: The original Onion Routing +design did no integrity checking on data. Any node on the +circuit could change the contents of data cells as they passed by-for +example, to alter a connection request so it would connect +to a different webserver, or to `tag' encrypted traffic and look for +corresponding corrupted traffic at the network edges [15]. +Tor hampers these attacks by verifying data integrity before it leaves +the network. + +
+ +
+Rendezvous points and hidden services: +Tor provides an integrated mechanism for responder anonymity via +location-protected servers. Previous Onion Routing designs included +long-lived "reply onions" that could be used to build circuits +to a hidden server, but these reply onions did not provide forward +security, and became useless if any node in the path went down +or rotated its keys. In Tor, clients negotiate rendezvous points +to connect with hidden servers; reply onions are no longer required. + +
+Unlike Freedom [8], Tor does not require OS kernel +patches or network stack support. This prevents us from anonymizing +non-TCP protocols, but has greatly helped our portability and +deployability. + +
+ +
+We have implemented all of the above features, including rendezvous +points. Our source code is +available under a free license, and Tor +is not covered by the patent that affected distribution and use of +earlier versions of Onion Routing. +We have deployed a wide-area alpha network +to test the design, to get more experience with usability +and users, and to provide a research platform for experimentation. +As of this writing, the network stands at 32 nodes spread over two continents. + +
+We review previous work in Section 2, describe +our goals and assumptions in Section 3, +and then address the above list of improvements in +Sections 45, and 6. +We summarize +in Section 7 how our design stands up to +known attacks, and talk about our early deployment experiences in +Section 8. We conclude with a list of open problems in +Section 9 and future work for the Onion +Routing project in Section 10. + +
+ +
+

+2  Related work

+ + + +
+Modern anonymity systems date to Chaum's Mix-Net +design [10]. Chaum +proposed hiding the correspondence between sender and recipient by +wrapping messages in layers of public-key cryptography, and relaying them +through a path composed of "mixes." Each mix in turn +decrypts, delays, and re-orders messages before relaying them +onward. + +
+Subsequent relay-based anonymity designs have diverged in two +main directions. Systems like Babel [28], +Mixmaster [36], +and Mixminion [15] have tried +to maximize anonymity at the cost of introducing comparatively large and +variable latencies. Because of this decision, these high-latency +networks resist strong global adversaries, +but introduce too much lag for interactive tasks like web browsing, +Internet chat, or SSH connections. + +
+Tor belongs to the second category: low-latency designs that +try to anonymize interactive network traffic. These systems handle +a variety of bidirectional protocols. They also provide more convenient +mail delivery than the high-latency anonymous email +networks, because the remote mail server provides explicit and timely +delivery confirmation. But because these designs typically +involve many packets that must be delivered quickly, it is +difficult for them to prevent an attacker who can eavesdrop both ends of the +communication from correlating the timing and volume +of traffic entering the anonymity network with traffic leaving it [45]. +These +protocols are similarly vulnerable to an active adversary who introduces +timing patterns into traffic entering the network and looks +for correlated patterns among exiting traffic. +Although some work has been done to frustrate these attacks, most designs +protect primarily against traffic analysis rather than traffic +confirmation (see Section 3.1). + +
+The simplest low-latency designs are single-hop proxies such as the +Anonymizer [3]: a single trusted server strips the +data's origin before relaying it. These designs are easy to +analyze, but users must trust the anonymizing proxy. +Concentrating the traffic to this single point increases the anonymity set +(the people a given user is hiding among), but it is vulnerable if the +adversary can observe all traffic entering and leaving the proxy. + +
+More complex are distributed-trust, circuit-based anonymizing systems. +In these designs, a user establishes one or more medium-term bidirectional +end-to-end circuits, and tunnels data in fixed-size cells. +Establishing circuits is computationally expensive and typically +requires public-key +cryptography, whereas relaying cells is comparatively inexpensive and +typically requires only symmetric encryption. +Because a circuit crosses several servers, and each server only knows +the adjacent servers in the circuit, no single server can link a +user to her communication partners. + +
+The Java Anon Proxy (also known as JAP or Web MIXes) uses fixed shared +routes known as cascades. As with a single-hop proxy, this +approach aggregates users into larger anonymity sets, but again an +attacker only needs to observe both ends of the cascade to bridge all +the system's traffic. The Java Anon Proxy's design +calls for padding between end users and the head of the +cascade [7]. However, it is not demonstrated whether the current +implementation's padding policy improves anonymity. + +
+PipeNet [5,12], another low-latency design proposed +around the same time as Onion Routing, gave +stronger anonymity but allowed a single user to shut +down the network by not sending. Systems like ISDN +mixes [38] were designed for other environments with +different assumptions. + +
+In P2P designs like Tarzan [24] and +MorphMix [43], all participants both generate +traffic and relay traffic for others. These systems aim to conceal +whether a given peer originated a request +or just relayed it from another peer. While Tarzan and MorphMix use +layered encryption as above, Crowds [42] simply assumes +an adversary who cannot observe the initiator: it uses no public-key +encryption, so any node on a circuit can read users' traffic. + +
+Hordes [34] is based on Crowds but also uses multicast +responses to hide the initiator. Herbivore [25] and +P5 [46] go even further, requiring broadcast. +These systems are designed primarily for communication among peers, +although Herbivore users can make external connections by +requesting a peer to serve as a proxy. + +
+Systems like Freedom and the original Onion Routing build circuits +all at once, using a layered "onion" of public-key encrypted messages, +each layer of which provides session keys and the address of the +next server in the circuit. Tor as described herein, Tarzan, MorphMix, +Cebolla [9], and Rennhard's Anonymity Network [44] +build circuits +in stages, extending them one hop at a time. +Section 4.2 describes how this +approach enables perfect forward secrecy. + +
+Circuit-based designs must choose which protocol layer +to anonymize. They may intercept IP packets directly, and +relay them whole (stripping the source address) along the +circuit [8,24]. Like +Tor, they may accept TCP streams and relay the data in those streams, +ignoring the breakdown of that data into TCP +segments [43,44]. Finally, like Crowds, they may accept +application-level protocols such as HTTP and relay the application +requests themselves. +Making this protocol-layer decision requires a compromise between flexibility +and anonymity. For example, a system that understands HTTP +can strip +identifying information from requests, can take advantage of caching +to limit the number of requests that leave the network, and can batch +or encode requests to minimize the number of connections. +On the other hand, an IP-level anonymizer can handle nearly any protocol, +even ones unforeseen by its designers (though these systems require +kernel-level modifications to some operating systems, and so are more +complex and less portable). TCP-level anonymity networks like Tor present +a middle approach: they are application neutral (so long as the +application supports, or can be tunneled across, TCP), but by treating +application connections as data streams rather than raw TCP packets, +they avoid the inefficiencies of tunneling TCP over +TCP. + +
+Distributed-trust anonymizing systems need to prevent attackers from +adding too many servers and thus compromising user paths. +Tor relies on a small set of well-known directory servers, run by +independent parties, to decide which nodes can +join. Tarzan and MorphMix allow unknown users to run servers, and use +a limited resource (like IP addresses) to prevent an attacker from +controlling too much of the network. Crowds suggests requiring +written, notarized requests from potential crowd members. + +
+Anonymous communication is essential for censorship-resistant +systems like Eternity [2], Free Haven [19], +Publius [53], and Tangler [52]. Tor's rendezvous +points enable connections between mutually anonymous entities; they +are a building block for location-hidden servers, which are needed by +Eternity and Free Haven. + +
+ +
+

+3  Design goals and assumptions

+ + + +
+Goals
+Like other low-latency anonymity designs, Tor seeks to frustrate +attackers from linking communication partners, or from linking +multiple communications to or from a single user. Within this +main goal, however, several considerations have directed +Tor's evolution. + +
+Deployability: The design must be deployed and used in the +real world. Thus it +must not be expensive to run (for example, by requiring more bandwidth +than volunteers are willing to provide); must not place a heavy +liability burden on operators (for example, by allowing attackers to +implicate onion routers in illegal activities); and must not be +difficult or expensive to implement (for example, by requiring kernel +patches, or separate proxies for every protocol). We also cannot +require non-anonymous parties (such as websites) +to run our software. (Our rendezvous point design does not meet +this goal for non-anonymous users talking to hidden servers, +however; see Section 5.) + +
+Usability: A hard-to-use system has fewer users-and because +anonymity systems hide users among users, a system with fewer users +provides less anonymity. Usability is thus not only a convenience: +it is a security requirement [1,5]. Tor should +therefore not +require modifying familiar applications; should not introduce prohibitive +delays; +and should require as few configuration decisions +as possible. Finally, Tor should be easily implementable on all common +platforms; we cannot require users to change their operating system +to be anonymous. (Tor currently runs on Win32, Linux, +Solaris, BSD-style Unix, MacOS X, and probably others.) + +
+Flexibility: The protocol must be flexible and well-specified, +so Tor can serve as a test-bed for future research. +Many of the open problems in low-latency anonymity +networks, such as generating dummy traffic or preventing Sybil +attacks [22], may be solvable independently from the issues +solved by +Tor. Hopefully future systems will not need to reinvent Tor's design. + +
+Simple design: The protocol's design and security +parameters must be well-understood. Additional features impose implementation +and complexity costs; adding unproven techniques to the design threatens +deployability, readability, and ease of security analysis. Tor aims to +deploy a simple and stable system that integrates the best accepted +approaches to protecting anonymity.
+ +
+Non-goals +
+In favoring simple, deployable designs, we have explicitly deferred +several possible goals, either because they are solved elsewhere, or because +they are not yet solved. + +
+Not peer-to-peer: Tarzan and MorphMix aim to scale to completely +decentralized peer-to-peer environments with thousands of short-lived +servers, many of which may be controlled by an adversary. This approach +is appealing, but still has many open +problems [24,43]. + +
+Not secure against end-to-end attacks: Tor does not claim +to completely solve end-to-end timing or intersection +attacks. Some approaches, such as having users run their own onion routers, +may help; +see Section 9 for more discussion. + +
+No protocol normalization: Tor does not provide protocol +normalization like Privoxy or the Anonymizer. If senders want anonymity from +responders while using complex and variable +protocols like HTTP, Tor must be layered with a filtering proxy such +as Privoxy to hide differences between clients, and expunge protocol +features that leak identity. +Note that by this separation Tor can also provide services that +are anonymous to the network yet authenticated to the responder, like +SSH. Similarly, Tor does not integrate +tunneling for non-stream-based protocols like UDP; this must be +provided by an external service if appropriate. + +
+Not steganographic: Tor does not try to conceal who is connected +to the network. + +
+

+3.1  Threat Model

+ + + +
+A global passive adversary is the most commonly assumed threat when +analyzing theoretical anonymity designs. But like all practical +low-latency systems, Tor does not protect against such a strong +adversary. Instead, we assume an adversary who can observe some fraction +of network traffic; who can generate, modify, delete, or delay +traffic; who can operate onion routers of his own; and who can +compromise some fraction of the onion routers. + +
+In low-latency anonymity systems that use layered encryption, the +adversary's typical goal is to observe both the initiator and the +responder. By observing both ends, passive attackers can confirm a +suspicion that Alice is +talking to Bob if the timing and volume patterns of the traffic on the +connection are distinct enough; active attackers can induce timing +signatures on the traffic to force distinct patterns. Rather +than focusing on these traffic confirmation attacks, +we aim to prevent traffic +analysis attacks, where the adversary uses traffic patterns to learn +which points in the network he should attack. + +
+Our adversary might try to link an initiator Alice with her +communication partners, or try to build a profile of Alice's +behavior. He might mount passive attacks by observing the network edges +and correlating traffic entering and leaving the network-by +relationships in packet timing, volume, or externally visible +user-selected +options. The adversary can also mount active attacks by compromising +routers or keys; by replaying traffic; by selectively denying service +to trustworthy routers to move users to +compromised routers, or denying service to users to see if traffic +elsewhere in the +network stops; or by introducing patterns into traffic that can later be +detected. The adversary might subvert the directory servers to give users +differing views of network state. Additionally, he can try to decrease +the network's reliability by attacking nodes or by performing antisocial +activities from reliable nodes and trying to get them taken down-making +the network unreliable flushes users to other less anonymous +systems, where they may be easier to attack. We summarize +in Section 7 how well the Tor design defends against +each of these attacks. + +
+ +
+

+4  The Tor Design

+ + + +
+The Tor network is an overlay network; each onion router (OR) +runs as a normal +user-level process without any special privileges. +Each onion router maintains a TLS [17] +connection to every other onion router. +Each user +runs local software called an onion proxy (OP) to fetch directories, +establish circuits across the network, +and handle connections from user applications. These onion proxies accept +TCP streams and multiplex them across the circuits. The onion +router on the other side +of the circuit connects to the requested destinations +and relays data. + +
+Each onion router maintains a long-term identity key and a short-term +onion key. The identity +key is used to sign TLS certificates, to sign the OR's router +descriptor (a summary of its keys, address, bandwidth, exit policy, +and so on), and (by directory servers) to sign directories. The onion key is used to decrypt requests +from users to set up a circuit and negotiate ephemeral keys. +The TLS protocol also establishes a short-term link key when communicating +between ORs. Short-term keys are rotated periodically and +independently, to limit the impact of key compromise. + +
+Section 4.1 presents the fixed-size +cells that are the unit of communication in Tor. We describe +in Section 4.2 how circuits are +built, extended, truncated, and destroyed. Section 4.3 +describes how TCP streams are routed through the network. We address +integrity checking in Section 4.4, +and resource limiting in Section 4.5. +Finally, +Section 4.6 talks about congestion control and +fairness issues. + +
+

+4.1  Cells

+ + + +
+Onion routers communicate with one another, and with users' OPs, via +TLS connections with ephemeral keys. Using TLS conceals the data on +the connection with perfect forward secrecy, and prevents an attacker +from modifying data on the wire or impersonating an OR. + +
+Traffic passes along these connections in fixed-size cells. Each cell +is 512 bytes, and consists of a header and a payload. The header includes a circuit +identifier (circID) that specifies which circuit the cell refers to +(many circuits can be multiplexed over the single TLS connection), and +a command to describe what to do with the cell's payload. (Circuit +identifiers are connection-specific: each circuit has a different +circID on each OP/OR or OR/OR connection it traverses.) +Based on their command, cells are either control cells, which are +always interpreted by the node that receives them, or relay cells, +which carry end-to-end stream data. The control cell commands are: +padding (currently used for keepalive, but also usable for link +padding); create or created (used to set up a new circuit); +and destroy (to tear down a circuit). + +
+Relay cells have an additional header (the relay header) at the front +of the payload, containing a streamID (stream identifier: many streams can +be multiplexed over a circuit); an end-to-end checksum for integrity +checking; the length of the relay payload; and a relay command. +The entire contents of the relay header and the relay cell payload +are encrypted or decrypted together as the relay cell moves along the +circuit, using the 128-bit AES cipher in counter mode to generate a +cipher stream. The relay commands are: relay +data (for data flowing down the stream), relay begin (to open a +stream), relay end (to close a stream cleanly), relay +teardown (to close a broken stream), relay connected +(to notify the OP that a relay begin has succeeded), relay +extend and relay extended (to extend the circuit by a hop, +and to acknowledge), relay truncate and relay truncated +(to tear down only part of the circuit, and to acknowledge), relay +sendme (used for congestion control), and relay drop (used to +implement long-range dummies). +We give a visual overview of cell structure plus the details of relay +cell structure, and then describe each of these cell types and commands +in more detail below. + +
+ +
+ +
+ +
cell-struct.png +
+
+

+4.2  Circuits and streams

+ + + +
+Onion Routing originally built one circuit for each +TCP stream. Because building a circuit can take several tenths of a +second (due to public-key cryptography and network latency), +this design imposed high costs on applications like web browsing that +open many TCP streams. + +
+In Tor, each circuit can be shared by many TCP streams. To avoid +delays, users construct circuits preemptively. To limit linkability +among their streams, users' OPs build a new circuit +periodically if the previous ones have been used, +and expire old used circuits that no longer have any open streams. +OPs consider rotating to a new circuit once a minute: thus +even heavy users spend negligible time +building circuits, but a limited number of requests can be linked +to each other through a given exit node. Also, because circuits are built +in the background, OPs can recover from failed circuit creation +without harming user experience.
+ +
+ +
+ +
interaction.png + +
Figure 1: Alice builds a two-hop circuit and begins fetching a web page.
+ + +
+
+Constructing a circuit +
+A user's OP constructs circuits incrementally, negotiating a +symmetric key with each OR on the circuit, one hop at a time. To begin +creating a new circuit, the OP (call her Alice) sends a +create cell to the first node in her chosen path (call him Bob). +(She chooses a new +circID CAB not currently used on the connection from her to Bob.) +The create cell's +payload contains the first half of the Diffie-Hellman handshake +(gx), encrypted to the onion key of the OR (call him Bob). Bob +responds with a created cell containing gy +along with a hash of the negotiated key K=gxy. + +
+Once the circuit has been established, Alice and Bob can send one +another relay cells encrypted with the negotiated +key.1 More detail is given in +the next section. + +
+To extend the circuit further, Alice sends a relay extend cell +to Bob, specifying the address of the next OR (call her Carol), and +an encrypted gx2 for her. Bob copies the half-handshake into a +create cell, and passes it to Carol to extend the circuit. +(Bob chooses a new circID CBC not currently used on the connection +between him and Carol. Alice never needs to know this circID; only Bob +associates CAB on his connection with Alice to CBC on +his connection with Carol.) +When Carol responds with a created cell, Bob wraps the payload +into a relay extended cell and passes it back to Alice. Now +the circuit is extended to Carol, and Alice and Carol share a common key +K2 = gx2 y2. + +
+To extend the circuit to a third node or beyond, Alice +proceeds as above, always telling the last node in the circuit to +extend one hop further. + +
+This circuit-level handshake protocol achieves unilateral entity +authentication (Alice knows she's handshaking with the OR, but +the OR doesn't care who is opening the circuit-Alice uses no public key +and remains anonymous) and unilateral key authentication +(Alice and the OR agree on a key, and Alice knows only the OR learns +it). It also achieves forward +secrecy and key freshness. More formally, the protocol is as follows +(where EPKBob(·) is encryption with Bob's public key, +H is a secure hash function, and | is concatenation): + +
+ + + + +
Alice -> Bob : EPKBob(gx)
Bob -> Alice : gy, H(K | "handshake") +
+ + +
+ In the second step, Bob proves that it was he who received gx, +and who chose y. We use PK encryption in the first step +(rather than, say, using the first two steps of STS, which has a +signature in the second step) because a single cell is too small to +hold both a public key and a signature. Preliminary analysis with the +NRL protocol analyzer [35] shows this protocol to be +secure (including perfect forward secrecy) under the +traditional Dolev-Yao model.
+ +
+Relay cells
+Once Alice has established the circuit (so she shares keys with each +OR on the circuit), she can send relay cells. +Upon receiving a relay +cell, an OR looks up the corresponding circuit, and decrypts the relay +header and payload with the session key for that circuit. +If the cell is headed away from Alice the OR then checks whether the +decrypted cell has a valid digest (as an optimization, the first +two bytes of the integrity check are zero, so in most cases we can avoid +computing the hash). +If valid, it accepts the relay cell and processes it as described +below. Otherwise, +the OR looks up the circID and OR for the +next step in the circuit, replaces the circID as appropriate, and +sends the decrypted relay cell to the next OR. (If the OR at the end +of the circuit receives an unrecognized relay cell, an error has +occurred, and the circuit is torn down.) + +
+OPs treat incoming relay cells similarly: they iteratively unwrap the +relay header and payload with the session keys shared with each +OR on the circuit, from the closest to farthest. +If at any stage the digest is valid, the cell must have +originated at the OR whose encryption has just been removed. + +
+To construct a relay cell addressed to a given OR, Alice assigns the +digest, and then iteratively +encrypts the cell payload (that is, the relay header and payload) with +the symmetric key of each hop up to that OR. Because the digest is +encrypted to a different value at each step, only at the targeted OR +will it have a meaningful value.2 +This leaky pipe circuit topology +allows Alice's streams to exit at different ORs on a single circuit. +Alice may choose different exit points because of their exit policies, +or to keep the ORs from knowing that two streams +originate from the same person. + +
+When an OR later replies to Alice with a relay cell, it +encrypts the cell's relay header and payload with the single key it +shares with Alice, and sends the cell back toward Alice along the +circuit. Subsequent ORs add further layers of encryption as they +relay the cell back to Alice. + +
+To tear down a circuit, Alice sends a destroy control +cell. Each OR in the circuit receives the destroy cell, closes +all streams on that circuit, and passes a new destroy cell +forward. But just as circuits are built incrementally, they can also +be torn down incrementally: Alice can send a relay +truncate cell to a single OR on a circuit. That OR then sends a +destroy cell forward, and acknowledges with a +relay truncated cell. Alice can then extend the circuit to +different nodes, without signaling to the intermediate nodes (or +a limited observer) that she has changed her circuit. +Similarly, if a node on the circuit goes down, the adjacent +node can send a relay truncated cell back to Alice. Thus the +"break a node and see which circuits go down" +attack [4] is weakened. + +
+

+4.3  Opening and closing streams

+ + + +
+When Alice's application wants a TCP connection to a given +address and port, it asks the OP (via SOCKS) to make the +connection. The OP chooses the newest open circuit (or creates one if +needed), and chooses a suitable OR on that circuit to be the +exit node (usually the last node, but maybe others due to exit policy +conflicts; see Section 6.2.) The OP then opens +the stream by sending a relay begin cell to the exit node, +using a new random streamID. Once the +exit node connects to the remote host, it responds +with a relay connected cell. Upon receipt, the OP sends a +SOCKS reply to notify the application of its success. The OP +now accepts data from the application's TCP stream, packaging it into +relay data cells and sending those cells along the circuit to +the chosen OR. + +
+There's a catch to using SOCKS, however-some applications pass the +alphanumeric hostname to the Tor client, while others resolve it into +an IP address first and then pass the IP address to the Tor client. If +the application does DNS resolution first, Alice thereby reveals her +destination to the remote DNS server, rather than sending the hostname +through the Tor network to be resolved at the far end. Common applications +like Mozilla and SSH have this flaw. + +
+With Mozilla, the flaw is easy to address: the filtering HTTP +proxy called Privoxy gives a hostname to the Tor client, so Alice's +computer never does DNS resolution. +But a portable general solution, such as is needed for +SSH, is +an open problem. Modifying or replacing the local nameserver +can be invasive, brittle, and unportable. Forcing the resolver +library to prefer TCP rather than UDP is hard, and also has +portability problems. Dynamically intercepting system calls to the +resolver library seems a promising direction. We could also provide +a tool similar to dig to perform a private lookup through the +Tor network. Currently, we encourage the use of privacy-aware proxies +like Privoxy wherever possible. + +
+Closing a Tor stream is analogous to closing a TCP stream: it uses a +two-step handshake for normal operation, or a one-step handshake for +errors. If the stream closes abnormally, the adjacent node simply sends a +relay teardown cell. If the stream closes normally, the node sends +a relay end cell down the circuit, and the other side responds with +its own relay end cell. Because +all relay cells use layered encryption, only the destination OR knows +that a given relay cell is a request to close a stream. This two-step +handshake allows Tor to support TCP-based applications that use half-closed +connections. + +
+

+4.4  Integrity checking on streams

+ + + +
+Because the old Onion Routing design used a stream cipher without integrity +checking, traffic was +vulnerable to a malleability attack: though the attacker could not +decrypt cells, any changes to encrypted data +would create corresponding changes to the data leaving the network. +This weakness allowed an adversary who could guess the encrypted content +to change a padding cell to a destroy +cell; change the destination address in a relay begin cell to the +adversary's webserver; or change an FTP command from +dir to rm *. (Even an external +adversary could do this, because the link encryption similarly used a +stream cipher.) + +
+Because Tor uses TLS on its links, external adversaries cannot modify +data. Addressing the insider malleability attack, however, is +more complex. + +
+We could do integrity checking of the relay cells at each hop, either +by including hashes or by using an authenticating cipher mode like +EAX [6], but there are some problems. First, these approaches +impose a message-expansion overhead at each hop, and so we would have to +either leak the path length or waste bytes by padding to a maximum +path length. Second, these solutions can only verify traffic coming +from Alice: ORs would not be able to produce suitable hashes for +the intermediate hops, since the ORs on a circuit do not know the +other ORs' session keys. Third, we have already accepted that our design +is vulnerable to end-to-end timing attacks; so tagging attacks performed +within the circuit provide no additional information to the attacker. + +
+Thus, we check integrity only at the edges of each stream. (Remember that +in our leaky-pipe circuit topology, a stream's edge could be any hop +in the circuit.) When Alice +negotiates a key with a new hop, they each initialize a SHA-1 +digest with a derivative of that key, +thus beginning with randomness that only the two of them know. +Then they each incrementally add to the SHA-1 digest the contents of +all relay cells they create, and include with each relay cell the +first four bytes of the current digest. Each also keeps a SHA-1 +digest of data received, to verify that the received hashes are correct. + +
+To be sure of removing or modifying a cell, the attacker must be able +to deduce the current digest state (which depends on all +traffic between Alice and Bob, starting with their negotiated key). +Attacks on SHA-1 where the adversary can incrementally add to a hash +to produce a new valid hash don't work, because all hashes are +end-to-end encrypted across the circuit. The computational overhead +of computing the digests is minimal compared to doing the AES +encryption performed at each hop of the circuit. We use only four +bytes per cell to minimize overhead; the chance that an adversary will +correctly guess a valid hash +is +acceptably low, given that the OP or OR tear down the circuit if they +receive a bad hash. + +
+

+4.5  Rate limiting and fairness

+ + + +
+Volunteers are more willing to run services that can limit +their bandwidth usage. To accommodate them, Tor servers use a +token bucket approach [50] to +enforce a long-term average rate of incoming bytes, while still +permitting short-term bursts above the allowed bandwidth. + +
+ +
+Because the Tor protocol outputs about the same number of bytes as it +takes in, it is sufficient in practice to limit only incoming bytes. +With TCP streams, however, the correspondence is not one-to-one: +relaying a single incoming byte can require an entire 512-byte cell. +(We can't just wait for more bytes, because the local application may +be awaiting a reply.) Therefore, we treat this case as if the entire +cell size had been read, regardless of the cell's fullness. + +
+Further, inspired by Rennhard et al's design in [44], a +circuit's edges can heuristically distinguish interactive streams from bulk +streams by comparing the frequency with which they supply cells. We can +provide good latency for interactive streams by giving them preferential +service, while still giving good overall throughput to the bulk +streams. Such preferential treatment presents a possible end-to-end +attack, but an adversary observing both +ends of the stream can already learn this information through timing +attacks. + +
+

+4.6  Congestion control

+ + + +
+Even with bandwidth rate limiting, we still need to worry about +congestion, either accidental or intentional. If enough users choose the +same OR-to-OR connection for their circuits, that connection can become +saturated. For example, an attacker could send a large file +through the Tor network to a webserver he runs, and then +refuse to read any of the bytes at the webserver end of the +circuit. Without some congestion control mechanism, these bottlenecks +can propagate back through the entire network. We don't need to +reimplement full TCP windows (with sequence numbers, +the ability to drop cells when we're full and retransmit later, and so +on), +because TCP already guarantees in-order delivery of each +cell. +We describe our response below. + +
+Circuit-level throttling: +To control a circuit's bandwidth usage, each OR keeps track of two +windows. The packaging window tracks how many relay data cells the OR is +allowed to package (from incoming TCP streams) for transmission back to the OP, +and the delivery window tracks how many relay data cells it is willing +to deliver to TCP streams outside the network. Each window is initialized +(say, to 1000 data cells). When a data cell is packaged or delivered, +the appropriate window is decremented. When an OR has received enough +data cells (currently 100), it sends a relay sendme cell towards the OP, +with streamID zero. When an OR receives a relay sendme cell with +streamID zero, it increments its packaging window. Either of these cells +increments the corresponding window by 100. If the packaging window +reaches 0, the OR stops reading from TCP connections for all streams +on the corresponding circuit, and sends no more relay data cells until +receiving a relay sendme cell. + +
+The OP behaves identically, except that it must track a packaging window +and a delivery window for every OR in the circuit. If a packaging window +reaches 0, it stops reading from streams destined for that OR. + +
+Stream-level throttling: +The stream-level congestion control mechanism is similar to the +circuit-level mechanism. ORs and OPs use relay sendme cells +to implement end-to-end flow control for individual streams across +circuits. Each stream begins with a packaging window (currently 500 cells), +and increments the window by a fixed value (50) upon receiving a relay +sendme cell. Rather than always returning a relay sendme cell as soon +as enough cells have arrived, the stream-level congestion control also +has to check whether data has been successfully flushed onto the TCP +stream; it sends the relay sendme cell only when the number of bytes pending +to be flushed is under some threshold (currently 10 cells' worth). + +
+ +
+These arbitrarily chosen parameters seem to give tolerable throughput +and delay; see Section 8. + +
+

+5  Rendezvous Points and hidden services

+ + + +
+Rendezvous points are a building block for location-hidden +services (also known as responder anonymity) in the Tor +network. Location-hidden services allow Bob to offer a TCP +service, such as a webserver, without revealing his IP address. +This type of anonymity protects against distributed DoS attacks: +attackers are forced to attack the onion routing network +because they do not know Bob's IP address. + +
+Our design for location-hidden servers has the following goals. +Access-control: Bob needs a way to filter incoming requests, +so an attacker cannot flood Bob simply by making many connections to him. +Robustness: Bob should be able to maintain a long-term pseudonymous +identity even in the presence of router failure. Bob's service must +not be tied to a single OR, and Bob must be able to migrate his service +across ORs. Smear-resistance: +A social attacker +should not be able to "frame" a rendezvous router by +offering an illegal or disreputable location-hidden service and +making observers believe the router created that service. +Application-transparency: Although we require users +to run special software to access location-hidden servers, we must not +require them to modify their applications. + +
+We provide location-hiding for Bob by allowing him to advertise +several onion routers (his introduction points) as contact +points. He may do this on any robust efficient +key-value lookup system with authenticated updates, such as a +distributed hash table (DHT) like CFS [11].3 Alice, the client, chooses an OR as her +rendezvous point. She connects to one of Bob's introduction +points, informs him of her rendezvous point, and then waits for him +to connect to the rendezvous point. This extra level of indirection +helps Bob's introduction points avoid problems associated with serving +unpopular files directly (for example, if Bob serves +material that the introduction point's community finds objectionable, +or if Bob's service tends to get attacked by network vandals). +The extra level of indirection also allows Bob to respond to some requests +and ignore others. + +
+

+5.1  Rendezvous points in Tor

+ +
+The following steps are +performed on behalf of Alice and Bob by their local OPs; +application integration is described more fully below. + +
+ +
+ +
+
  • Bob generates a long-term public key pair to identify his service.
    • +
    +
  • Bob chooses some introduction points, and advertises them on + the lookup service, signing the advertisement with his public key. He + can add more later.
    • +
    +
  • Bob builds a circuit to each of his introduction points, and tells + them to wait for requests.
    • +
    +
  • Alice learns about Bob's service out of band (perhaps Bob told her, + or she found it on a website). She retrieves the details of Bob's + service from the lookup service. If Alice wants to access Bob's + service anonymously, she must connect to the lookup service via Tor.
    • +
    +
  • Alice chooses an OR as the rendezvous point (RP) for her connection to + Bob's service. She builds a circuit to the RP, and gives it a + randomly chosen "rendezvous cookie" to recognize Bob.
    • +
    +
  • Alice opens an anonymous stream to one of Bob's introduction + points, and gives it a message (encrypted with Bob's public key) + telling it about herself, + her RP and rendezvous cookie, and the + start of a DH + handshake. The introduction point sends the message to Bob.
    • +
    +
  • If Bob wants to talk to Alice, he builds a circuit to Alice's + RP and sends the rendezvous cookie, the second half of the DH + handshake, and a hash of the session + key they now share. By the same argument as in + Section 4.2, Alice knows she + shares the key only with Bob.
    • +
    +
  • The RP connects Alice's circuit to Bob's. Note that RP can't + recognize Alice, Bob, or the data they transmit.
    • +
    +
  • Alice sends a relay begin cell along the circuit. It + arrives at Bob's OP, which connects to Bob's + webserver.
    • +
    +
  • An anonymous stream has been established, and Alice and Bob + communicate as normal. +
    • +
    + +
    +When establishing an introduction point, Bob provides the onion router +with the public key identifying his service. Bob signs his +messages, so others cannot usurp his introduction point +in the future. He uses the same public key to establish the other +introduction points for his service, and periodically refreshes his +entry in the lookup service. + +
    +The message that Alice gives +the introduction point includes a hash of Bob's public key and an optional initial authorization token (the +introduction point can do prescreening, for example to block replays). Her +message to Bob may include an end-to-end authorization token so Bob +can choose whether to respond. +The authorization tokens can be used to provide selective access: +important users can get uninterrupted access. +During normal situations, Bob's service might simply be offered +directly from mirrors, while Bob gives out tokens to high-priority users. If +the mirrors are knocked down, +those users can switch to accessing Bob's service via +the Tor rendezvous system. + +
    +Bob's introduction points are themselves subject to DoS-he must +open many introduction points or risk such an attack. +He can provide selected users with a current list or future schedule of +unadvertised introduction points; +this is most practical +if there is a stable and large group of introduction points +available. Bob could also give secret public keys +for consulting the lookup service. All of these approaches +limit exposure even when +some selected users collude in the DoS. + +
    +

    +5.2  Integration with user applications

    + +
    +Bob configures his onion proxy to know the local IP address and port of his +service, a strategy for authorizing clients, and his public key. The onion +proxy anonymously publishes a signed statement of Bob's +public key, an expiration time, and +the current introduction points for his service onto the lookup service, +indexed +by the hash of his public key. Bob's webserver is unmodified, +and doesn't even know that it's hidden behind the Tor network. + +
    +Alice's applications also work unchanged-her client interface +remains a SOCKS proxy. We encode all of the necessary information +into the fully qualified domain name (FQDN) Alice uses when establishing her +connection. Location-hidden services use a virtual top level domain +called .onion: thus hostnames take the form x.y.onion where +x is the authorization cookie and y encodes the hash of +the public key. Alice's onion proxy +examines addresses; if they're destined for a hidden server, it decodes +the key and starts the rendezvous as described above. + +
    +

    +5.3  Previous rendezvous work

    + +
    +Rendezvous points in low-latency anonymity systems were first +described for use in ISDN telephony [30,38]. +Later low-latency designs used rendezvous points for hiding location +of mobile phones and low-power location +trackers [23,40]. Rendezvous for +anonymizing low-latency +Internet connections was suggested in early Onion Routing +work [27], but the first published design was by Ian +Goldberg [26]. His design differs from +ours in three ways. First, Goldberg suggests that Alice should manually +hunt down a current location of the service via Gnutella; our approach +makes lookup transparent to the user, as well as faster and more robust. +Second, in Tor the client and server negotiate session keys +with Diffie-Hellman, so plaintext is not exposed even at the rendezvous +point. Third, +our design minimizes the exposure from running the +service, to encourage volunteers to offer introduction and rendezvous +services. Tor's introduction points do not output any bytes to the +clients; the rendezvous points don't know the client or the server, +and can't read the data being transmitted. The indirection scheme is +also designed to include authentication/authorization-if Alice doesn't +include the right cookie with her request for service, Bob need not even +acknowledge his existence. + +
    +

    +6  Other design decisions

    + + + +
    +

    +6.1  Denial of service

    + + + +
    +Providing Tor as a public service creates many opportunities for +denial-of-service attacks against the network. While +flow control and rate limiting (discussed in +Section 4.6) prevent users from consuming more +bandwidth than routers are willing to provide, opportunities remain for +users to +consume more network resources than their fair share, or to render the +network unusable for others. + +
    +First of all, there are several CPU-consuming denial-of-service +attacks wherein an attacker can force an OR to perform expensive +cryptographic operations. For example, an attacker can +fake the start of a TLS handshake, forcing the OR to carry out its +(comparatively expensive) half of the handshake at no real computational +cost to the attacker. + +
    +We have not yet implemented any defenses for these attacks, but several +approaches are possible. First, ORs can +require clients to solve a puzzle [16] while beginning new +TLS handshakes or accepting create cells. So long as these +tokens are easy to verify and computationally expensive to produce, this +approach limits the attack multiplier. Additionally, ORs can limit +the rate at which they accept create cells and TLS connections, +so that +the computational work of processing them does not drown out the +symmetric cryptography operations that keep cells +flowing. This rate limiting could, however, allow an attacker +to slow down other users when they build new circuits. + +
    + +
    +Adversaries can also attack the Tor network's hosts and network +links. Disrupting a single circuit or link breaks all streams passing +along that part of the circuit. Users similarly lose service +when a router crashes or its operator restarts it. The current +Tor design treats such attacks as intermittent network failures, and +depends on users and applications to respond or recover as appropriate. A +future design could use an end-to-end TCP-like acknowledgment protocol, +so no streams are lost unless the entry or exit point is +disrupted. This solution would require more buffering at the network +edges, however, and the performance and anonymity implications from this +extra complexity still require investigation. + +
    +

    +6.2  Exit policies and abuse

    + + + +
    + +
    +Exit abuse is a serious barrier to wide-scale Tor deployment. Anonymity +presents would-be vandals and abusers with an opportunity to hide +the origins of their activities. Attackers can harm the Tor network by +implicating exit servers for their abuse. Also, applications that commonly +use IP-based authentication (such as institutional mail or webservers) +can be fooled by the fact that anonymous connections appear to originate +at the exit OR. + +
    +We stress that Tor does not enable any new class of abuse. Spammers +and other attackers already have access to thousands of misconfigured +systems worldwide, and the Tor network is far from the easiest way +to launch attacks. +But because the +onion routers can be mistaken for the originators of the abuse, +and the volunteers who run them may not want to deal with the hassle of +explaining anonymity networks to irate administrators, we must block or limit +abuse through the Tor network. + +
    +To mitigate abuse issues, each onion router's exit policy +describes to which external addresses and ports the router will +connect. On one end of the spectrum are open exit +nodes that will connect anywhere. On the other end are middleman +nodes that only relay traffic to other Tor nodes, and private exit +nodes that only connect to a local host or network. A private +exit can allow a client to connect to a given host or +network more securely-an external adversary cannot eavesdrop traffic +between the private exit and the final destination, and so is less sure of +Alice's destination and activities. Most onion routers in the current +network function as +restricted exits that permit connections to the world at large, +but prevent access to certain abuse-prone addresses and services such +as SMTP. +The OR might also be able to authenticate clients to +prevent exit abuse without harming anonymity [48]. + +
    + +
    +Many administrators use port restrictions to support only a +limited set of services, such as HTTP, SSH, or AIM. +This is not a complete solution, of course, since abuse opportunities for these +protocols are still well known. + +
    +We have not yet encountered any abuse in the deployed network, but if +we do we should consider using proxies to clean traffic for certain +protocols as it leaves the network. For example, much abusive HTTP +behavior (such as exploiting buffer overflows or well-known script +vulnerabilities) can be detected in a straightforward manner. +Similarly, one could run automatic spam filtering software (such as +SpamAssassin) on email exiting the OR network. + +
    +ORs may also rewrite exiting traffic to append +headers or other information indicating that the traffic has passed +through an anonymity service. This approach is commonly used +by email-only anonymity systems. ORs can also +run on servers with hostnames like anonymous to further +alert abuse targets to the nature of the anonymous traffic. + +
    +A mixture of open and restricted exit nodes allows the most +flexibility for volunteers running servers. But while having many +middleman nodes provides a large and robust network, +having only a few exit nodes reduces the number of points +an adversary needs to monitor for traffic analysis, and places a +greater burden on the exit nodes. This tension can be seen in the +Java Anon Proxy +cascade model, wherein only one node in each cascade needs to handle +abuse complaints-but an adversary only needs to observe the entry +and exit of a cascade to perform traffic analysis on all that +cascade's users. The hydra model (many entries, few exits) presents a +different compromise: only a few exit nodes are needed, but an +adversary needs to work harder to watch all the clients; see +Section 10. + +
    +Finally, we note that exit abuse must not be dismissed as a peripheral +issue: when a system's public image suffers, it can reduce the number +and diversity of that system's users, and thereby reduce the anonymity +of the system itself. Like usability, public perception is a +security parameter. Sadly, preventing abuse of open exit nodes is an +unsolved problem, and will probably remain an arms race for the +foreseeable future. The abuse problems faced by Princeton's CoDeeN +project [37] give us a glimpse of likely issues. + +
    +

    +6.3  Directory Servers

    + + + +
    +First-generation Onion Routing designs [8,41] used +in-band network status updates: each router flooded a signed statement +to its neighbors, which propagated it onward. But anonymizing networks +have different security goals than typical link-state routing protocols. +For example, delays (accidental or intentional) +that can cause different parts of the network to have different views +of link-state and topology are not only inconvenient: they give +attackers an opportunity to exploit differences in client knowledge. +We also worry about attacks to deceive a +client about the router membership list, topology, or current network +state. Such partitioning attacks on client knowledge help an +adversary to efficiently deploy resources +against a target [15]. + +
    +Tor uses a small group of redundant, well-known onion routers to +track changes in network topology and node state, including keys and +exit policies. Each such directory server acts as an HTTP +server, so clients can fetch current network state +and router lists, and so other ORs can upload +state information. Onion routers periodically publish signed +statements of their state to each directory server. The directory servers +combine this information with their own views of network liveness, +and generate a signed description (a directory) of the entire +network state. Client software is +pre-loaded with a list of the directory servers and their keys, +to bootstrap each client's view of the network. + +
    +When a directory server receives a signed statement for an OR, it +checks whether the OR's identity key is recognized. Directory +servers do not advertise unrecognized ORs-if they did, +an adversary could take over the network by creating many +servers [22]. Instead, new nodes must be approved by the +directory +server administrator before they are included. Mechanisms for automated +node approval are an area of active research, and are discussed more +in Section 9. + +
    +Of course, a variety of attacks remain. An adversary who controls +a directory server can track clients by providing them different +information-perhaps by listing only nodes under its control, or by +informing only certain clients about a given node. Even an external +adversary can exploit differences in client knowledge: clients who use +a node listed on one directory server but not the others are vulnerable. + +
    +Thus these directory servers must be synchronized and redundant, so +that they can agree on a common directory. Clients should only trust +this directory if it is signed by a threshold of the directory +servers. + +
    +The directory servers in Tor are modeled after those in +Mixminion [15], but our situation is easier. First, +we make the +simplifying assumption that all participants agree on the set of +directory servers. Second, while Mixminion needs to predict node +behavior, Tor only needs a threshold consensus of the current +state of the network. Third, we assume that we can fall back to the +human administrators to discover and resolve problems when a consensus +directory cannot be reached. Since there are relatively few directory +servers (currently 3, but we expect as many as 9 as the network scales), +we can afford operations like broadcast to simplify the consensus-building +protocol. + +
    +To avoid attacks where a router connects to all the directory servers +but refuses to relay traffic from other routers, the directory servers +must also build circuits and use them to anonymously test router +reliability [18]. Unfortunately, this defense is not yet +designed or +implemented. + +
    +Using directory servers is simpler and more flexible than flooding. +Flooding is expensive, and complicates the analysis when we +start experimenting with non-clique network topologies. Signed +directories can be cached by other +onion routers, +so directory servers are not a performance +bottleneck when we have many users, and do not aid traffic analysis by +forcing clients to announce their existence to any +central point. + +
    +

    +7  Attacks and Defenses

    + + + +
    +Below we summarize a variety of attacks, and discuss how well our +design withstands them.
    + +
    +Passive attacks
    +Observing user traffic patterns. Observing a user's connection +will not reveal her destination or data, but it will +reveal traffic patterns (both sent and received). Profiling via user +connection patterns requires further processing, because multiple +application streams may be operating simultaneously or in series over +a single circuit. + +
    +Observing user content. While content at the user end is encrypted, +connections to responders may not be (indeed, the responding website +itself may be hostile). While filtering content is not a primary goal +of Onion Routing, Tor can directly use Privoxy and related +filtering services to anonymize application data streams. + +
    +Option distinguishability. We allow clients to choose +configuration options. For example, clients concerned about request +linkability should rotate circuits more often than those concerned +about traceability. Allowing choice may attract users with different +needs; but clients who are +in the minority may lose more anonymity by appearing distinct than they +gain by optimizing their behavior [1]. + +
    +End-to-end timing correlation. Tor only minimally hides +such correlations. An attacker watching patterns of +traffic at the initiator and the responder will be +able to confirm the correspondence with high probability. The +greatest protection currently available against such confirmation is to hide +the connection between the onion proxy and the first Tor node, +by running the OP on the Tor node or behind a firewall. This approach +requires an observer to separate traffic originating at the onion +router from traffic passing through it: a global observer can do this, +but it might be beyond a limited observer's capabilities. + +
    +End-to-end size correlation. Simple packet counting +will also be effective in confirming +endpoints of a stream. However, even without padding, we may have some +limited protection: the leaky pipe topology means different numbers +of packets may enter one end of a circuit than exit at the other. + +
    +Website fingerprinting. All the effective passive +attacks above are traffic confirmation attacks, +which puts them outside our design goals. There is also +a passive traffic analysis attack that is potentially effective. +Rather than searching exit connections for timing and volume +correlations, the adversary may build up a database of +"fingerprints" containing file sizes and access patterns for +targeted websites. He can later confirm a user's connection to a given +site simply by consulting the database. This attack has +been shown to be effective against SafeWeb [29]. +It may be less effective against Tor, since +streams are multiplexed within the same circuit, and +fingerprinting will be limited to +the granularity of cells (currently 512 bytes). Additional +defenses could include +larger cell sizes, padding schemes to group websites +into large sets, and link +padding or long-range dummies.4
    + +
    +Active attacks
    +Compromise keys. An attacker who learns the TLS session key can +see control cells and encrypted relay cells on every circuit on that +connection; learning a circuit +session key lets him unwrap one layer of the encryption. An attacker +who learns an OR's TLS private key can impersonate that OR for the TLS +key's lifetime, but he must +also learn the onion key to decrypt create cells (and because of +perfect forward secrecy, he cannot hijack already established circuits +without also compromising their session keys). Periodic key rotation +limits the window of opportunity for these attacks. On the other hand, +an attacker who learns a node's identity key can replace that node +indefinitely by sending new forged descriptors to the directory servers. + +
    +Iterated compromise. A roving adversary who can +compromise ORs (by system intrusion, legal coercion, or extralegal +coercion) could march down the circuit compromising the +nodes until he reaches the end. Unless the adversary can complete +this attack within the lifetime of the circuit, however, the ORs +will have discarded the necessary information before the attack can +be completed. (Thanks to the perfect forward secrecy of session +keys, the attacker cannot force nodes to decrypt recorded +traffic once the circuits have been closed.) Additionally, building +circuits that cross jurisdictions can make legal coercion +harder-this phenomenon is commonly called "jurisdictional +arbitrage." The Java Anon Proxy project recently experienced the +need for this approach, when +a German court forced them to add a backdoor to +their nodes [51]. + +
    +Run a recipient. An adversary running a webserver +trivially learns the timing patterns of users connecting to it, and +can introduce arbitrary patterns in its responses. +End-to-end attacks become easier: if the adversary can induce +users to connect to his webserver (perhaps by advertising +content targeted to those users), he now holds one end of their +connection. There is also a danger that application +protocols and associated programs can be induced to reveal information +about the initiator. Tor depends on Privoxy and similar protocol cleaners +to solve this latter problem. + +
    +Run an onion proxy. It is expected that end users will +nearly always run their own local onion proxy. However, in some +settings, it may be necessary for the proxy to run +remotely-typically, in institutions that want +to monitor the activity of those connecting to the proxy. +Compromising an onion proxy compromises all future connections +through it. + +
    +DoS non-observed nodes. An observer who can only watch some +of the Tor network can increase the value of this traffic +by attacking non-observed nodes to shut them down, reduce +their reliability, or persuade users that they are not trustworthy. +The best defense here is robustness. + +
    +Run a hostile OR. In addition to being a local observer, +an isolated hostile node can create circuits through itself, or alter +traffic patterns to affect traffic at other nodes. Nonetheless, a hostile +node must be immediately adjacent to both endpoints to compromise the +anonymity of a circuit. If an adversary can +run multiple ORs, and can persuade the directory servers +that those ORs are trustworthy and independent, then occasionally +some user will choose one of those ORs for the start and another +as the end of a circuit. If an adversary +controls m > 1 of N nodes, he can correlate at most +([m/N])2 of the traffic-although an +adversary +could still attract a disproportionately large amount of traffic +by running an OR with a permissive exit policy, or by +degrading the reliability of other routers. + +
    +Introduce timing into messages. This is simply a stronger +version of passive timing attacks already discussed earlier. + +
    +Tagging attacks. A hostile node could "tag" a +cell by altering it. If the +stream were, for example, an unencrypted request to a Web site, +the garbled content coming out at the appropriate time would confirm +the association. However, integrity checks on cells prevent +this attack. + +
    +Replace contents of unauthenticated protocols. When +relaying an unauthenticated protocol like HTTP, a hostile exit node +can impersonate the target server. Clients +should prefer protocols with end-to-end authentication. + +
    +Replay attacks. Some anonymity protocols are vulnerable +to replay attacks. Tor is not; replaying one side of a handshake +will result in a different negotiated session key, and so the rest +of the recorded session can't be used. + +
    +Smear attacks. An attacker could use the Tor network for +socially disapproved acts, to bring the +network into disrepute and get its operators to shut it down. +Exit policies reduce the possibilities for abuse, but +ultimately the network requires volunteers who can tolerate +some political heat. + +
    +Distribute hostile code. An attacker could trick users +into running subverted Tor software that did not, in fact, anonymize +their connections-or worse, could trick ORs into running weakened +software that provided users with less anonymity. We address this +problem (but do not solve it completely) by signing all Tor releases +with an official public key, and including an entry in the directory +that lists which versions are currently believed to be secure. To +prevent an attacker from subverting the official release itself +(through threats, bribery, or insider attacks), we provide all +releases in source code form, encourage source audits, and +frequently warn our users never to trust any software (even from +us) that comes without source.
    + +
    +Directory attacks
    +Destroy directory servers. If a few directory +servers disappear, the others still decide on a valid +directory. So long as any directory servers remain in operation, +they will still broadcast their views of the network and generate a +consensus directory. (If more than half are destroyed, this +directory will not, however, have enough signatures for clients to +use it automatically; human intervention will be necessary for +clients to decide whether to trust the resulting directory.) + +
    +Subvert a directory server. By taking over a directory server, +an attacker can partially influence the final directory. Since ORs +are included or excluded by majority vote, the corrupt directory can +at worst cast a tie-breaking vote to decide whether to include +marginal ORs. It remains to be seen how often such marginal cases +occur in practice. + +
    +Subvert a majority of directory servers. An adversary who controls +more than half the directory servers can include as many compromised +ORs in the final directory as he wishes. We must ensure that directory +server operators are independent and attack-resistant. + +
    +Encourage directory server dissent. The directory +agreement protocol assumes that directory server operators agree on +the set of directory servers. An adversary who can persuade some +of the directory server operators to distrust one another could +split the quorum into mutually hostile camps, thus partitioning +users based on which directory they use. Tor does not address +this attack. + +
    +Trick the directory servers into listing a hostile OR. +Our threat model explicitly assumes directory server operators will +be able to filter out most hostile ORs. + +
    +Convince the directories that a malfunctioning OR is +working. In the current Tor implementation, directory servers +assume that an OR is running correctly if they can start a TLS +connection to it. A hostile OR could easily subvert this test by +accepting TLS connections from ORs but ignoring all cells. Directory +servers must actively test ORs by building circuits and streams as +appropriate. The tradeoffs of a similar approach are discussed +in [18].
    + +
    +Attacks against rendezvous points
    +Make many introduction requests. An attacker could +try to deny Bob service by flooding his introduction points with +requests. Because the introduction points can block requests that +lack authorization tokens, however, Bob can restrict the volume of +requests he receives, or require a certain amount of computation for +every request he receives. + +
    +Attack an introduction point. An attacker could +disrupt a location-hidden service by disabling its introduction +points. But because a service's identity is attached to its public +key, the service can simply re-advertise +itself at a different introduction point. Advertisements can also be +done secretly so that only high-priority clients know the address of +Bob's introduction points or so that different clients know of different +introduction points. This forces the attacker to disable all possible +introduction points. + +
    +Compromise an introduction point. An attacker who controls +Bob's introduction point can flood Bob with +introduction requests, or prevent valid introduction requests from +reaching him. Bob can notice a flood, and close the circuit. To notice +blocking of valid requests, however, he should periodically test the +introduction point by sending rendezvous requests and making +sure he receives them. + +
    +Compromise a rendezvous point. A rendezvous +point is no more sensitive than any other OR on +a circuit, since all data passing through the rendezvous is encrypted +with a session key shared by Alice and Bob. + +
    +

    +8  Early experiences: Tor in the Wild

    + + + +
    +As of mid-May 2004, the Tor network consists of 32 nodes +(24 in the US, 8 in Europe), and more are joining each week as the code +matures. (For comparison, the current remailer network +has about 40 nodes.) Each node has at least a 768Kb/768Kb connection, and +many have 10Mb. The number of users varies (and of course, it's hard to +tell for sure), but we sometimes have several hundred users-administrators at +several companies have begun sending their entire departments' web +traffic through Tor, to block other divisions of +their company from reading their traffic. Tor users have reported using +the network for web browsing, FTP, IRC, AIM, Kazaa, SSH, and +recipient-anonymous email via rendezvous points. One user has anonymously +set up a Wiki as a hidden service, where other users anonymously publish +the addresses of their hidden services. + +
    +Each Tor node currently processes roughly 800,000 relay +cells (a bit under half a gigabyte) per week. On average, about 80% +of each 498-byte payload is full for cells going back to the client, +whereas about 40% is full for cells coming from the client. (The difference +arises because most of the network's traffic is web browsing.) Interactive +traffic like SSH brings down the average a lot-once we have more +experience, and assuming we can resolve the anonymity issues, we may +partition traffic into two relay cell sizes: one to handle +bulk traffic and one for interactive traffic. + +
    +Based in part on our restrictive default exit policy (we +reject SMTP requests) and our low profile, we have had no abuse +issues since the network was deployed in October +2003. Our slow growth rate gives us time to add features, +resolve bugs, and get a feel for what users actually want from an +anonymity system. Even though having more users would bolster our +anonymity sets, we are not eager to attract the Kazaa or warez +communities-we feel that we must build a reputation for privacy, human +rights, research, and other socially laudable activities. + +
    +As for performance, profiling shows that Tor spends almost +all its CPU time in AES, which is fast. Current latency is attributable +to two factors. First, network latency is critical: we are +intentionally bouncing traffic around the world several times. Second, +our end-to-end congestion control algorithm focuses on protecting +volunteer servers from accidental DoS rather than on optimizing +performance. To quantify these effects, we did some informal tests using a network of 4 +nodes on the same machine (a heavily loaded 1GHz Athlon). We downloaded a 60 +megabyte file from debian.org every 30 minutes for 54 hours (108 sample +points). It arrived in about 300 seconds on average, compared to 210s for a +direct download. We ran a similar test on the production Tor network, +fetching the front page of cnn.com (55 kilobytes): +while a direct +download consistently took about 0.3s, the performance through Tor varied. +Some downloads were as fast as 0.4s, with a median at 2.8s, and +90% finishing within 5.3s. It seems that as the network expands, the chance +of building a slow circuit (one that includes a slow or heavily loaded node +or link) is increasing. On the other hand, as our users remain satisfied +with this increased latency, we can address our performance incrementally as we +proceed with development. +
    + +
    + +
    +Although Tor's clique topology and full-visibility directories present +scaling problems, we still expect the network to support a few hundred +nodes and maybe 10,000 users before we're forced to become +more distributed. With luck, the experience we gain running the current +topology will help us choose among alternatives when the time comes. + +
    +

    +9  Open Questions in Low-latency Anonymity

    + + + +
    +In addition to the non-goals in +Section 3, many questions must be solved +before we can be confident of Tor's security. + +
    +Many of these open issues are questions of balance. For example, +how often should users rotate to fresh circuits? Frequent rotation +is inefficient, expensive, and may lead to intersection attacks and +predecessor attacks [54], but infrequent rotation makes the +user's traffic linkable. Besides opening fresh circuits, clients can +also exit from the middle of the circuit, +or truncate and re-extend the circuit. More analysis is +needed to determine the proper tradeoff. + +
    + +
    +How should we choose path lengths? If Alice always uses two hops, +then both ORs can be certain that by colluding they will learn about +Alice and Bob. In our current approach, Alice always chooses at least +three nodes unrelated to herself and her destination. +Should Alice choose a random path length (e.g. from a geometric +distribution) to foil an attacker who +uses timing to learn that he is the fifth hop and thus concludes that +both Alice and the responder are running ORs? + +
    +Throughout this paper, we have assumed that end-to-end traffic +confirmation will immediately and automatically defeat a low-latency +anonymity system. Even high-latency anonymity systems can be +vulnerable to end-to-end traffic confirmation, if the traffic volumes +are high enough, and if users' habits are sufficiently +distinct [14,31]. Can anything be +done to +make low-latency systems resist these attacks as well as high-latency +systems? Tor already makes some effort to conceal the starts and ends of +streams by wrapping long-range control commands in identical-looking +relay cells. Link padding could frustrate passive observers who count +packets; long-range padding could work against observers who own the +first hop in a circuit. But more research remains to find an efficient +and practical approach. Volunteers prefer not to run constant-bandwidth +padding; but no convincing traffic shaping approach has been +specified. Recent work on long-range padding [33] +shows promise. One could also try to reduce correlation in packet timing +by batching and re-ordering packets, but it is unclear whether this could +improve anonymity without introducing so much latency as to render the +network unusable. + +
    +A cascade topology may better defend against traffic confirmation by +aggregating users, and making padding and +mixing more affordable. Does the hydra topology (many input nodes, +few output nodes) work better against some adversaries? Are we going +to get a hydra anyway because most nodes will be middleman nodes? + +
    +Common wisdom suggests that Alice should run her own OR for best +anonymity, because traffic coming from her node could plausibly have +come from elsewhere. How much mixing does this approach need? Is it +immediately beneficial because of real-world adversaries that can't +observe Alice's router, but can run routers of their own? + +
    +To scale to many users, and to prevent an attacker from observing the +whole network, it may be necessary +to support far more servers than Tor currently anticipates. +This introduces several issues. First, if approval by a central set +of directory servers is no longer feasible, what mechanism should be used +to prevent adversaries from signing up many colluding servers? Second, +if clients can no longer have a complete picture of the network, +how can they perform discovery while preventing attackers from +manipulating or exploiting gaps in their knowledge? Third, if there +are too many servers for every server to constantly communicate with +every other, which non-clique topology should the network use? +(Restricted-route topologies promise comparable anonymity with better +scalability [13], but whatever topology we choose, we +need some way to keep attackers from manipulating their position within +it [21].) Fourth, if no central authority is tracking +server reliability, how do we stop unreliable servers from making +the network unusable? Fifth, do clients receive so much anonymity +from running their own ORs that we should expect them all to do +so [1], or do we need another incentive structure to +motivate them? Tarzan and MorphMix present possible solutions. + +
    + +
    +When a Tor node goes down, all its circuits (and thus streams) must break. +Will users abandon the system because of this brittleness? How well +does the method in Section 6.1 allow streams to survive +node failure? If affected users rebuild circuits immediately, how much +anonymity is lost? It seems the problem is even worse in a peer-to-peer +environment-such systems don't yet provide an incentive for peers to +stay connected when they're done retrieving content, so we would expect +a higher churn rate. + +
    + +
    +

    +10  Future Directions

    + + + +
    +Tor brings together many innovations into a unified deployable system. The +next immediate steps include: + +
    +Scalability: Tor's emphasis on deployability and design simplicity +has led us to adopt a clique topology, semi-centralized +directories, and a full-network-visibility model for client +knowledge. These properties will not scale past a few hundred servers. +Section 9 describes some promising +approaches, but more deployment experience will be helpful in learning +the relative importance of these bottlenecks. + +
    +Bandwidth classes: This paper assumes that all ORs have +good bandwidth and latency. We should instead adopt the MorphMix model, +where nodes advertise their bandwidth level (DSL, T1, T3), and +Alice avoids bottlenecks by choosing nodes that match or +exceed her bandwidth. In this way DSL users can usefully join the Tor +network. + +
    +Incentives: Volunteers who run nodes are rewarded with publicity +and possibly better anonymity [1]. More nodes means increased +scalability, and more users can mean more anonymity. We need to continue +examining the incentive structures for participating in Tor. Further, +we need to explore more approaches to limiting abuse, and understand +why most people don't bother using privacy systems. + +
    +Cover traffic: Currently Tor omits cover traffic-its costs +in performance and bandwidth are clear but its security benefits are +not well understood. We must pursue more research on link-level cover +traffic and long-range cover traffic to determine whether some simple padding +method offers provable protection against our chosen adversary. + +
    + +
    +Caching at exit nodes: Perhaps each exit node should run a +caching web proxy [47], to improve anonymity for cached pages +(Alice's request never +leaves the Tor network), to improve speed, and to reduce bandwidth cost. +On the other hand, forward security is weakened because caches +constitute a record of retrieved files. We must find the right +balance between usability and security. + +
    +Better directory distribution: +Clients currently download a description of +the entire network every 15 minutes. As the state grows larger +and clients more numerous, we may need a solution in which +clients receive incremental updates to directory state. +More generally, we must find more +scalable yet practical ways to distribute up-to-date snapshots of +network status without introducing new attacks. + +
    +Further specification review: Our public +byte-level specification [20] needs +external review. We hope that as Tor +is deployed, more people will examine its +specification. + +
    +Multisystem interoperability: We are currently working with the +designer of MorphMix to unify the specification and implementation of +the common elements of our two systems. So far, this seems +to be relatively straightforward. Interoperability will allow testing +and direct comparison of the two designs for trust and scalability. + +
    +Wider-scale deployment: The original goal of Tor was to +gain experience in deploying an anonymizing overlay network, and +learn from having actual users. We are now at a point in design +and development where we can start deploying a wider network. Once +we have many actual users, we will doubtlessly be better +able to evaluate some of our design decisions, including our +robustness/latency tradeoffs, our performance tradeoffs (including +cell size), our abuse-prevention mechanisms, and +our overall usability. + +
    + +
    + +

    Acknowledgments

    + We thank Peter Palfrader, Geoff Goodell, Adam Shostack, Joseph Sokol-Margolis, + John Bashinski, and Zack Brown + for editing and comments; + Matej Pfajfar, Andrei Serjantov, Marc Rennhard for design discussions; + Bram Cohen for congestion control discussions; + Adam Back for suggesting telescoping circuits; and + Cathy Meadows for formal analysis of the extend protocol. + This work has been supported by ONR and DARPA. + +
    + +
    + +
    +

    References

    + +
    +
    [1]
    +A. Acquisti, R. Dingledine, and P. Syverson. + On the economics of anonymity. + In R. N. Wright, editor, Financial Cryptography. + Springer-Verlag, LNCS 2742, 2003. + +
    +
    +
    [2]
    +R. Anderson. + The eternity service. + In Pragocrypt '96, 1996. + +
    +
    +
    [3]
    +The Anonymizer. + <http://anonymizer.com/>. + +
    +
    +
    [4]
    +A. Back, I. Goldberg, and A. Shostack. + Freedom systems 2.1 security issues and analysis. + White paper, Zero Knowledge Systems, Inc., May 2001. + +
    +
    +
    [5]
    +A. Back, U. Möller, and A. Stiglic. + Traffic analysis attacks and trade-offs in anonymity providing + systems. + In I. S. Moskowitz, editor, Information Hiding (IH 2001), pages + 245-257. Springer-Verlag, LNCS 2137, 2001. + +
    +
    +
    [6]
    +M. Bellare, P. Rogaway, and D. Wagner. + The EAX mode of operation: A two-pass authenticated-encryption + scheme optimized for simplicity and efficiency. + In Fast Software Encryption 2004, February 2004. + +
    +
    +
    [7]
    +O. Berthold, H. Federrath, and S. Köpsell. + Web MIXes: A system for anonymous and unobservable Internet + access. + In H. Federrath, editor, Designing Privacy Enhancing + Technologies: Workshop on Design Issue in Anonymity and Unobservability. + Springer-Verlag, LNCS 2009, 2000. + +
    +
    +
    [8]
    +P. Boucher, A. Shostack, and I. Goldberg. + Freedom systems 2.0 architecture. + White paper, Zero Knowledge Systems, Inc., December 2000. + +
    +
    +
    [9]
    +Z. Brown. + Cebolla: Pragmatic IP Anonymity. + In Ottawa Linux Symposium, June 2002. + +
    +
    +
    [10]
    +D. Chaum. + Untraceable electronic mail, return addresses, and digital + pseudo-nyms. + Communications of the ACM, 4(2), February 1981. + +
    +
    +
    [11]
    +F. Dabek, M. F. Kaashoek, D. Karger, R. Morris, and I. Stoica. + Wide-area cooperative storage with CFS. + In 18th ACM Symposium on Operating Systems Principles + (SOSP '01), Chateau Lake Louise, Banff, Canada, October 2001. + +
    +
    +
    [12]
    +W. Dai. + Pipenet 1.1. + Usenet post, August 1996. + <http://www.eskimo.com/ weidai/pipenet.txt> First mentioned in a + post to the cypherpunks list, Feb. 1995. + +
    +
    +
    [13]
    +G. Danezis. + Mix-networks with restricted routes. + In R. Dingledine, editor, Privacy Enhancing Technologies (PET + 2003). Springer-Verlag LNCS 2760, 2003. + +
    +
    +
    [14]
    +G. Danezis. + Statistical disclosure attacks. + In Security and Privacy in the Age of Uncertainty (SEC2003), + pages 421-426, Athens, May 2003. IFIP TC11, Kluwer. + +
    +
    +
    [15]
    +G. Danezis, R. Dingledine, and N. Mathewson. + Mixminion: Design of a type III anonymous remailer protocol. + In 2003 IEEE Symposium on Security and Privacy, pages 2-15. + IEEE CS, May 2003. + +
    +
    +
    [16]
    +D. Dean and A. Stubblefield. + Using Client Puzzles to Protect TLS. + In Proceedings of the 10th USENIX Security Symposium. USENIX, + Aug. 2001. + +
    +
    +
    [17]
    +T. Dierks and C. Allen. + The TLS Protocol - Version 1.0. + IETF RFC 2246, January 1999. + +
    +
    +
    [18]
    +R. Dingledine, M. J. Freedman, D. Hopwood, and D. Molnar. + A Reputation System to Increase MIX-net Reliability. + In I. S. Moskowitz, editor, Information Hiding (IH 2001), pages + 126-141. Springer-Verlag, LNCS 2137, 2001. + +
    +
    +
    [19]
    +R. Dingledine, M. J. Freedman, and D. Molnar. + The free haven project: Distributed anonymous storage service. + In H. Federrath, editor, Designing Privacy Enhancing + Technologies: Workshop on Design Issue in Anonymity and Unobservability. + Springer-Verlag, LNCS 2009, July 2000. + +
    +
    +
    [20]
    +R. Dingledine and N. Mathewson. + Tor protocol specifications. + <http://freehaven.net/tor/tor-spec.txt>. + +
    +
    +
    [21]
    +R. Dingledine and P. Syverson. + Reliable MIX Cascade Networks through Reputation. + In M. Blaze, editor, Financial Cryptography. Springer-Verlag, + LNCS 2357, 2002. + +
    +
    +
    [22]
    +J. Douceur. + The Sybil Attack. + In Proceedings of the 1st International Peer To Peer Systems + Workshop (IPTPS), Mar. 2002. + +
    +
    +
    [23]
    +H. Federrath, A. Jerichow, and A. Pfitzmann. + MIXes in mobile communication systems: Location management with + privacy. + In R. Anderson, editor, Information Hiding, First International + Workshop, pages 121-135. Springer-Verlag, LNCS 1174, May 1996. + +
    +
    +
    [24]
    +M. J. Freedman and R. Morris. + Tarzan: A peer-to-peer anonymizing network layer. + In 9th ACM Conference on Computer and Communications + Security (CCS 2002), Washington, DC, November 2002. + +
    +
    +
    [25]
    +S. Goel, M. Robson, M. Polte, and E. G. Sirer. + Herbivore: A scalable and efficient protocol for anonymous + communication. + Technical Report TR2003-1890, Cornell University Computing and + Information Science, February 2003. + +
    +
    +
    [26]
    +I. Goldberg. + A Pseudonymous Communications Infrastructure for the Internet. + PhD thesis, UC Berkeley, Dec 2000. + +
    +
    +
    [27]
    +D. M. Goldschlag, M. G. Reed, and P. F. Syverson. + Hiding routing information. + In R. Anderson, editor, Information Hiding, First International + Workshop, pages 137-150. Springer-Verlag, LNCS 1174, May 1996. + +
    +
    +
    [28]
    +C. Gülcü and G. Tsudik. + Mixing E-mail with Babel. + In Network and Distributed Security Symposium (NDSS 96), + pages 2-16. IEEE, February 1996. + +
    +
    +
    [29]
    +A. Hintz. + Fingerprinting websites using traffic analysis. + In R. Dingledine and P. Syverson, editors, Privacy Enhancing + Technologies (PET 2002), pages 171-178. Springer-Verlag, LNCS 2482, 2002. + +
    +
    +
    [30]
    +A. Jerichow, J. Müller, A. Pfitzmann, B. Pfitzmann, and M. Waidner. + Real-time mixes: A bandwidth-efficient anonymity protocol. + IEEE Journal on Selected Areas in Communications, + 16(4):495-509, May 1998. + +
    +
    +
    [31]
    +D. Kesdogan, D. Agrawal, and S. Penz. + Limits of anonymity in open environments. + In F. Petitcolas, editor, Information Hiding Workshop (IH + 2002). Springer-Verlag, LNCS 2578, October 2002. + +
    +
    +
    [32]
    +D. Koblas and M. R. Koblas. + SOCKS. + In UNIX Security III Symposium (1992 USENIX Security + Symposium), pages 77-83. USENIX, 1992. + +
    +
    +
    [33]
    +B. N. Levine, M. K. Reiter, C. Wang, and M. Wright. + Timing analysis in low-latency mix-based systems. + In A. Juels, editor, Financial Cryptography. Springer-Verlag, + LNCS (forthcoming), 2004. + +
    +
    +
    [34]
    +B. N. Levine and C. Shields. + Hordes: A multicast-based protocol for anonymity. + Journal of Computer Security, 10(3):213-240, 2002. + +
    +
    +
    [35]
    +C. Meadows. + The NRL protocol analyzer: An overview. + Journal of Logic Programming, 26(2):113-131, 1996. + +
    +
    +
    [36]
    +U. Möller, L. Cottrell, P. Palfrader, and L. Sassaman. + Mixmaster Protocol - Version 2. + Draft, July 2003. + <http://www.abditum.com/mixmaster-spec.txt>. + +
    +
    +
    [37]
    +V. S. Pai, L. Wang, K. Park, R. Pang, and L. Peterson. + The Dark Side of the Web: An Open Proxy's View. + <http://codeen.cs.princeton.edu/>. + +
    +
    +
    [38]
    +A. Pfitzmann, B. Pfitzmann, and M. Waidner. + ISDN-mixes: Untraceable communication with very small bandwidth + overhead. + In GI/ITG Conference on Communication in Distributed Systems, + pages 451-463, February 1991. + +
    +
    +
    [39]
    +Privoxy. + <http://www.privoxy.org/>. + +
    +
    +
    [40]
    +M. G. Reed, P. F. Syverson, and D. M. Goldschlag. + Protocols using anonymous connections: Mobile applications. + In B. Christianson, B. Crispo, M. Lomas, and M. Roe, editors, + Security Protocols: 5th International Workshop, pages 13-23. + Springer-Verlag, LNCS 1361, April 1997. + +
    +
    +
    [41]
    +M. G. Reed, P. F. Syverson, and D. M. Goldschlag. + Anonymous connections and onion routing. + IEEE Journal on Selected Areas in Communications, + 16(4):482-494, May 1998. + +
    +
    +
    [42]
    +M. K. Reiter and A. D. Rubin. + Crowds: Anonymity for web transactions. + ACM TISSEC, 1(1):66-92, June 1998. + +
    +
    +
    [43]
    +M. Rennhard and B. Plattner. + Practical anonymity for the masses with morphmix. + In A. Juels, editor, Financial Cryptography. Springer-Verlag, + LNCS (forthcoming), 2004. + +
    +
    +
    [44]
    +M. Rennhard, S. Rafaeli, L. Mathy, B. Plattner, and D. Hutchison. + Analysis of an Anonymity Network for Web Browsing. + In IEEE 7th Intl. Workshop on Enterprise Security (WET ICE + 2002), Pittsburgh, USA, June 2002. + +
    +
    +
    [45]
    +A. Serjantov and P. Sewell. + Passive attack analysis for connection-based anonymity systems. + In Computer Security - ESORICS 2003. Springer-Verlag, LNCS + 2808, October 2003. + +
    +
    +
    [46]
    +R. Sherwood, B. Bhattacharjee, and A. Srinivasan. + p5: A protocol for scalable anonymous communication. + In IEEE Symposium on Security and Privacy, pages 58-70. IEEE + CS, 2002. + +
    +
    +
    [47]
    +A. Shubina and S. Smith. + Using caching for browsing anonymity. + ACM SIGEcom Exchanges, 4(2), Sept 2003. + +
    +
    +
    [48]
    +P. Syverson, M. Reed, and D. Goldschlag. + Onion Routing access configurations. + In DARPA Information Survivability Conference and Exposition + (DISCEX 2000), volume 1, pages 34-40. IEEE CS Press, 2000. + +
    +
    +
    [49]
    +P. Syverson, G. Tsudik, M. Reed, and C. Landwehr. + Towards an Analysis of Onion Routing Security. + In H. Federrath, editor, Designing Privacy Enhancing + Technologies: Workshop on Design Issue in Anonymity and Unobservability, + pages 96-114. Springer-Verlag, LNCS 2009, July 2000. + +
    +
    +
    [50]
    +A. Tannenbaum. + Computer networks, 1996. + +
    +
    +
    [51]
    +The AN.ON Project. + German police proceeds against anonymity service. + Press release, September 2003. + + <http://www.datenschutzzentrum.de/material/themen/presse/anon-bka_e.htm>. + +
    +
    +
    [52]
    +M. Waldman and D. Mazières. + Tangler: A censorship-resistant publishing system based on document + entanglements. + In 8th ACM Conference on Computer and Communications + Security (CCS-8), pages 86-135. ACM Press, 2001. + +
    +
    +
    [53]
    +M. Waldman, A. Rubin, and L. Cranor. + Publius: A robust, tamper-evident, censorship-resistant and + source-anonymous web publishing system. + In Proc. 9th USENIX Security Symposium, pages 59-72, August + 2000. + +
    +
    +
    [54]
    +M. Wright, M. Adler, B. N. Levine, and C. Shields. + Defending anonymous communication against passive logging attacks. + In IEEE Symposium on Security and Privacy, pages 28-41. IEEE + CS, May 2003.
    +
    + + +
    +

    Footnotes:

    + +
    +1Actually, the negotiated key is used to derive two + symmetric keys: one for each direction. +
    +2 + With 48 bits of digest per cell, the probability of an accidental +collision is far lower than the chance of hardware failure. +
    +3 +Rather than rely on an external infrastructure, the Onion Routing network +can run the lookup service itself. Our current implementation provides a +simple lookup system on the +directory servers. +
    +4Note that this fingerprinting +attack should not be confused with the much more complicated latency +attacks of [5], which require a fingerprint of the latencies +of all circuits through the network, combined with those from the +network edges to the target user and the responder website. +

    File translated from +TEX +by +TTH, +version 3.59.
    On 18 May 2004, 10:45.     + diff --git a/doc/tor-design.pdf b/doc/tor-design.pdf index 19dce9ba44f49ea3776ceedd47408a2326d0af2e..6db122d7d56c8d362d61b41e038dc9bef5f85e84 100644 GIT binary patch delta 70366 zcmbSybyQVd_bwmGRZVufbB_bu#UD74pY)TYqkd*H34(V>BQ#f=t9P%D~-|rju zcgMZ|T*eu&_gZVOnDsn!?nA^JYWosOIpo7LPL6nZ{Actr7)o>u9Rig!Ch9Xj_dQai zG*h95=^Sp~(2*dRTEddYio)3^61ivK?^Rz5-D7l>2mqd1w!KdFX@P5(4@w4D0|;yq zZhS;3ND=CT#u1OuSU>HRFx{zsIul_h^f^Oj#Tw#Lm&n%-gr&NoWLS^4*W~3pN(JTM zARcm?6_Rj)k75V&b}vf6e=@d;YzPY*a~tYP8Kr0R+%8c}kswtY3J zNHA5SsV7Xx8G+K){_}82u|W`z(wOkc(aqf$d>)cNuWk8jmUeYF6?^kj|2U{+(YW&) zKfW0;Y(^y87E(A)iq1AtDqU*0$8VJPbcY6`y+HdtxgpYG)W~8+H1!Y%i_pipMzT*6 z{$Hvwv$$gUAvGlK&a@B*(fX>W52A(47-#QFzWE|YRGGUsIpJ?RoEQ1`N?;=FV)Y<= zZelpU6Jw+RHBU|FCg5%sYtqh z0RaGo+HQ`%vb$&2H3saMK7lNI+sNOXah5%=5A*)2eq%Hm*d#VI-4V%wNT?m44&wZy z$n*I(m10=0Vkrck$_V# zBvVRuhG)omR??ZBIj#`2D>e1)+9}>>xg=ovwC+s!4HXJbbW~`dc?i<}#M15e>$kyo z`Mxtlcx8!fNBBfC<_4GsDewn?JqrpWnsMgZjH5C_rUCPwT_@(V4V3N8jnbC3gYmkF zprYaiF#$Ngynv5lJ2!FL0m8PRLzfp)dP4#Fq|U6zlIEF#wUlD2O1Ow=mm6rgR(OCZ zzvAN}2kmDWx4L%+K7THm`SEKEUI{gw3`po&5z;SU+Wr!yeue$ENG=>sf`j;16IS`A zzDwUJv=07=Wx!ulC-{cj#L5?L43XczU+8lhGs;-UukDWJS~i(z0g>1g7#Al)LKe3 z$V0x5VpqV+_-WyPImP;z$5Mc`&7ut@?X6tnyjna9oTo7VfKPR;1V0;>N3i)Bv?=j= zvLE~Q^k)CVSikLghYLos&9;^uNw5s`>Wlz8(i?K(_Dy~)UeOJe3mwn4$X}ZuK+krC zW8DisQT{e;K$slN{QI52sw)p$KJr}0F+tx}Xzw@`2l>ucr8piUiQgH>;rSy`4k2Gl zXq*On$UW)$xBfptN}JKbek;*HX{`|F$r%)luql?!(^h6FHou4yC*(}|(-{Y%!Iav? zz1*Z>xPZeL=r|0=~irFOQ^$`8V7O~%w;a~K(!{@zz6yTxT*^6}+hVYpmUToWP6Ti76 zb4%|;LVGhR%=`^5-F)U*NXIvV&;Tcj7RqN|vU1WU_xp`H&pwtL(+i@HU;=QpspHrg zoZ?k?xHqbLIN56{1_aRuY};DsLU3}g(S3iBL?6WH9E3mr`YTPRGC}%;GNhY5;Xfxh_{;ULF*zADR@}6g_Ov@)v7V4=^E&xTHQub=YT(D+br}y;6G1qmHvc zMgQ~pBs0h$5{pLdL&4*;o2^@GKvzmYs|M8R)vQ6z86;STa{K=HOdV-#%b8c~gJZea zuR+ogzW3h;!R0^ZDcFU6lLrIT4SZ z=BWkz_amM{aIgd^8`o<`k=%&BSQaT~Y4-&A?=-Pwx7z17zsRCo5ya(lF&}4m-6R|v+#z(e z-*8lxZO8*vvny?ut)QQDug%b4Bs3arMWseqY;&Fp7z!ErlI{^DH1_f$B@&I0+5LKc zY1vbt$hVc1ueN*N`l7@nvFre9w6eA$gcj4!uS16SDhl`V5=fAKTw*l$2>DU4OtsPc zKt>7yt7*Frw-AE}WW$i|b+rcz>nh3Jk$!q8j@2i~V|Mw*6y1Ct@}sM&LCQJ!JmRXv z9@5sb^!uQ^1MX^mKXQy3tz$@!->2idNMg)z!lZc~D|#KRDd0d?3eQ`e46|g`$K%qkvwF-t&~5ov7n6dw za1-ofUDyx3n%L}%U14p z{$#1iw!Y)sp#R6N!HF_)Ij}yh@}@zI-=3gwh$dfCpnpB#&u+dJ%7-a?J#y2}7+69% z3ng)k6`_*~U%(~r2frH!OC?1f&!RRzdIi=%Ib1k3zTV*jE-GMYTNHrseH%~NNeQQI*6-a748 z*Hwj~HL&ds9FF-${}jo9vG16Zh|`G-gh3BTr?ySH?w}6yda#MC?;4z996Q!5;$^zS zJ}XOgHi(coAdwQO6O6yqkyguYOG?HwPkGldx=n+s31^O{0cjd;}rf{f0V z&oTAzVqsr6KFaXx3Lz12)4RW4Fk0Cr@|%7S@)WX<>OM7k|IE($UB8jIP$+Le*yVC^ zq|l43iSCu<2cNp^((>*b61X3>55G*f0UB9~S10ipXe{eR6hBp>npegMzaku0Ii+YF z8l`6Xlerq$Q?3g@zItpgJ4W5E+u$f@e%7F^VM0g%CD<33u+035?VK<;QurgR4<}Q4 z>Pu_zIyQ+CzNJJD54HWoW49^jYg+#Cnx)Zw0U!VO0Av!`je-{OYqykCYu^WJTHroh zrz7$O@jIab`ttQ2QgLKT`A)u3Iz@VgGwN50=0W{9{x2vdCqvuEbv?vAASfqP;o=*Q z=XlF(hYnX?=r5>5scw83+f^q81)0nk==zz^D>|gVz1-mLDPI4W)+@Kwrv1yO(%3oH za?lEhvEU&b(RQz}6EcOTV^d|ON&}jw63EHr<~)uj4sLAF_-}oYICDJDE;Ou-D_`ew zWLm$z4?)&OiQDy+A!=N)KY8|IPc0MFIPQ)YRMRU=aF}DUKih;ln6^13D`b*u#@(-? z$qhgAA#75I#;`D6Mv)@s^60Z%8^IUn+^BfQ4Z$%LPsTZ72OBOLBz!_#2qF+5GlKt8 zfWVo!MzZr7+-E-W2jqe>j^x1Bvbsz70H+WaJ0GNkyLcExCpbs+`Tp#P!E3`%Cts=o zyM;fTdnY~(%k(@ooBZwJhCh?|9SEJ=?HpZ2eJB_H`R6mWaP^=~i3zXXQ8BT#*Kzvl z0irH+f%vh;Z` z8Rb3)$+W-ox~|ur=e{va{q2&qFQ6__!SGAsd+rQ@K)+#M(!2$t0Ao zed-L9RR(zGI)gXCRWEVf*tYK1bFUOGuaC-IC4TXFBY63wh=cVeB^Rs^^H3vCq1A(z zTJrgsYp+vP*3$$NGr<1s5FxXu{c-kVsSN$8!OiF}x0m*7Xe{T~9nO?+V_G|98YHn( zUMhOmO)p=XXZXGZ%Lc#$Xo2YEw?=2v_G*+VWMsMBsd{aVeOGZ6F;jv_dLIwHJgCc? z!&JVwfBLn>0Xj(WaKfjx7>R#fSQ6Lv$(uF0)QbOFnugGzD8vS2>qT!kP1~1RhtVt@V{c=18Si_D!pUzIr zp{Ay$9uo+$^jg^2*$L^s*JDdfOKYdwZ!kZZes|;~KpG+KQMOOx^bB(!B5)fH*`C`u z_`_O{qY;i63U@-v@~r#K&;9}A+t+1GI^M}IetTxMC4pT7GQXb$-muHE9-p=Fe_ws! zm8u`QHbx(co_8woZpyT(5fJMM!C>scnMT7z26J>1kmvdB_1TF%Dm0?$gmf+!+`V+_ z9givgZSbhEz0~Cgod>@?Zyv6T!JTMz~G4o4Ecp9s_%;{Sa{ki5Q=V z5Yw%p!#LUtmi+d#ZohIf6@>2;ya+xnkrkQv)kE;~{NP} z$%hLx6+Z5l2yU0_Qii7^iu-HgU(t+`Ffiveuj6+_WQi-I-4X-C>c3bBcbRr#^iy|E z@y~U|Oa+qgF}z`jRX3FFuuk~dE*=9h0ES`~WXuTSr6K23e2$J?m7I+ATXU{FsrCu$?{`Q4gH8Gs>8cW$K z0fN}ee?Nw{$FCswg~#`|S6{z=HSKO{ZCye09|OT`7-r_}ZZ?O)N~Sw;CescKV&-wY zU2aA~VlN@VCtYs-6g@bw3k2AqVHYU=07x;E?uGyV<9A1OXzx|#?b6Ua@k2v^%u4+1 zamgeC>=VnY>>Re6h2GuU-PXDq)O}$ zHFyLff+7|s#2znmts;q2{6wLp9q@Jx>tr-1fS$7p0%H9f$?lcla9DhzpdwAm!CocK zHn_dZjaZ^(Jd7?zkh3Fe=(ksjIrk!4RwbFCZBG@;xUu-4O`*tamV@+X3)?(f&v){a zoP%A&v-U@MhW^1PJVS0KSwD9OQG0YhXNN8#qYNkW@!mx3OIO~H35Yi@q?9M{tIU5^jkjuqzjzu8?0UcjF0viY;rWx`{S6j$g=EJur z@I%t;<;@(_o8B9(Ue8cgM{#JgAMWow7bP+LDkukLUuFU8O>CpD*Be_$V+}fE=1V6; zoD5t<4*1`Jm=QVFS*fq9huH&Ci=s9B0SLszls%?*f}(1;*KDN-1qksK6|oXG-CCB&p5O#Ch3WyC`Wk5seDCL*xP@7O#<1Bv*Y0#n;aK=i#FouZY(9q2NpJ@g6Uc?ukCob~Y4?+_{6C!Jf3%;KN?#o?Iy&09+IBzf+NAr_&PsY=?&vD= zgNH3S47|J&S!~@s8JB#Srr`$8uimMO3Jb4N*osnk;RZdN5Lo*eIWBlp!_aMx0Ky8m zNtbZ<{N8aAB0FN$C_}3$+mfMwQ5Phr+p`s~zQdzaLF;cKYGhi2iMW#Cau)(xcBJBe zdGng4*30Ul`}CL`+c_Y!bbeSZdn?Kb*;+4W!BlAW74;@WBhcpB78iLKLWfCPGhXko z<`f7z>bVdCg;wGZF6k;g4aAfc1|Z#6gIv#A9fhpgFB_5A>Xk>Ajhcxk&%hLmm7j=^ zB|*2$iOc#QbBLejrTSeqh?xfufy#ZEfs?KT3%Kg)sFxyLq4h7w3EB1!YfYaez+t6* z;y=G$Z|Qz#ClhNMdjhttVeRB3YrQ2APlt~r8*XWw7SS z@9bbQV}w8%=tkY*s5Zv%(wfkOAQ?iQEqGx%ZKEu95lw`=Ryw1~n#k~-Mzq=*IX^!M zZI5jk1mN*qhXf)mOUQWfni`8g&+f%zwhBI9X4O#tskP(g64O*#c-v@W|HL-u&^^(TXVWz{RwDw9=|?hZRO_Vwgxg-a{0|!L-cAM}m1&)X@q&>gnkv z;T@fvoZMfI)hpr0HN3JZ9;ZKBbrXs{SG$@n=rLJd?!+Vp4|H$DTc}Z#irns$@(YYdTMgPh4e@L=O&ac>l+Noo_azl|DxI7n`I-HySqD*hLaYM zB1g!H+OV4!VNDCdf{O;Eb&II{BD&jCS}9 z6+K+Z+C)CNdOD0tj)e%o4Pv4pk`!>SUkv~KVjyB-@I^yabFse=D=9&KS6&h#o(MeIfBCn2?v z1Zo%YR*P%u-2u|}970^p$Auz$O~+DPH?^L#pLRsZNmHNm)E7el#{`xjc0Dtj7&FG` z@7#%IM$H48og5W`AJ9-7%XRThn~AD2ox!-FR7K(`Cp;+)9&b6wvJO8v1qSfkyg=7F zYU7^fTH{VZH`lpfZGnT#;RjCQ0UYnKScOwjH*32=J+jk0?!NIV`zoRF#J*LVPqW+0 z@Qkv%G@wG91ppLj0Y9^wH2V}8TE%J3=o7ac@sw}6-rq(N;tD`}wRaCzeA}?RW0>OI z-a>r>>FG^f6k^duMTKa5x12*GJ?h!F6&}*Zq&NZT8j=nK`Gq`55Ls8!P;kl*oHT3u zxU_YR&LF6oLnzBzj?^-iV;bUdgeLk^Mj2H%MaVtUE$|u%Ta82SRO|W^bpTtgV$}<) zLu-*-!nYZEMSLA?rlGo}-ERDJe$Jou@9N4Atj&;BG)E13m}Vf-mT^CPLDri4h71|p z?q_~C21Dd!);gE0#R-NK*e2<2K5tgpJ{fW<3!Aq8Vf~z^mpYP&W+f<=Miyz4-tRxl z&o7T9A_erP6|Zdhe4R6*hIFG|nV1U_g&PLwQWl_ojO-5x2u*X0Fa6Y>7?mCL((gl%s2xh-r@G^3ifW$9-6rbns_ zZB36>W7kZ$UW=-KebOsZtz;H z)@HChr{Pd!@-)K}+d%@8IX?71OCxaNNp@o)X{P57WL{)uLYe4@RV#0B5ERzy58#Ls zt#F)M#YZrX7UH+lOW;Ben!N~($7!P2A_*m!g=rbFrrYG*rcTX50jl{jCZMHY42IY* zXa8YI3042?B?L(nACTqVJ%H&p$XQUP34w$W+c-9#+gtrQnUUR$T+ixvuY`@$H;tRv`$@wT{YC8&eEE?3QDc z``9A4>&ode6=)7|^1lhgfSFmNa;4}RL=#Mc^i6}%NM)%ZyyPSlTo_eK-U+(GZ_asA z3RZV5UnGLIUZIj*{01Q#1A5v>AI59QGUvMztWq;L$T(%W`W;1dMCY7!Lp8G=ioxLP zgoC^c8~j*c5v6?Kbq$ zp!ptAO z{P5~`N3D-WbLc$JvGoVDHzZVZ6}6khl?I1<@z<}ltKNp~-4L?g?OVlb5|(`g4XPs_ zJnL;)K`Nn0{kRWk!@Sw*-T4{2_4NgrM@fRkp*$I@#Z|?`gvw2at_A-r{ z+YP9BLQiUU6>!u*>vT3f0S%^xnL!ke@ix;{QqAi8xAn6W)tg((IgoTIe^!43~9^>5jU(x^o$rn3(x4vreA1(+kXV zKIXuIuZtcdIZ_l_fCz4P0C!0it_*U-Xh;mMYD9uCw{p=`Md7m^%gA`|rYX#{loX2) z?+;bU8sbK6%V@J-Q%^-)NHnL)$%fnXf%!cUa+sA@;yd?>QOjN*=*_opNrf@_F2n&Heg}D?qg#; ze@R>bh)FFu`}u5KGaDkKQdNv2PQSS$`!AdC??l+IeGUDzyJ3 zD5K%VwUnfluK@Dy4#yrZUh9?h=*Kzjsn)4ELph`KPqcoDZqI3IT1BWT<^}8d z{au{4$IKm*y_KkH1vd{EAi;oC+E{!f>eCN)Ng?WyWvNdA!T5r9Cx#3n98xk_(Y<9VK1&R-E{jd3 z7jey1*9)1O-OwyUK-G7<>uj*1jH`krO>oODN=>RT@$!Y%GAg&0XNqg2{y6Ey<;g=;KvKh5M zptAs-8F39+6x4D}-frpf;eCAeMyn&GsJnFW;KKubTF4>5vqJ_F{83t$K{LN)39(5k zVpv)cA?g9J?ZTF9xg#p1Lf2|na#RrdJ&T|H0OS;>Qk=EK4FMW}`7RhCTGjcgjGxoF)QbXKehBqAQAI0hpV z6PtpLxE266OhbouQ??a0ou!%=lFaV9m-|zEUtT4fUpDGPw=xZJ?Tm~^Umei#gw_~M z{yj<`9uBhpBBA+$O^Av~7Ly|LZ&D(cWY9(K>Y(H$u8pV2+{+X0Q%e#YJuMs_hAgZ(Y_d8o% ztK_a#H{&s6y!aunex_e~6Qa%B)ik~Q`GU>T$rQ7uX9}hVk4V)kuKi3^#jfZXlTjk( zgg)FKi)|i0tjk?%saXq(i+W6NJCkWSBIdoNU38P&nCJdi!U{}3`y(lC92G{WKLZ3D^WBkh-wy{h@9l$!lJc?Jwf3AfbwlPw2v+3I8A<0@R&vJ#J;WRh-bZk8F`}M~i<&vgCt}q0IDl_-WsbO|Pj5Q#~&iBZ+j~ zZEPDz-%HpncT6JLez(v@>PISqO8VRmErZf0Q-AMK>0AC!xY&dQ zHR@Z=IYn;AGvRl>KXgQo#<3_|;2>*haP-$a@mjAll~*}zx6CQ@4^9oH^ufUGhO=*%$luNT+Px5F7yOmyI>YDn^Oiws=w zAFat3tBb|&s_^7I6d7WY1DD9WSoOMEUeTC zt|kK!05+LJ7unKxx7SX^v)c`ZbluyBJ=4y3_UFp6<;{fG-HZDbM2>)|HL+v7@$kf& zSln({d*Q9NGqc>nle!pW^%8{%dM`F#4CtlKNgu`NP;&St8Lso%Z>Ad0DO&#%e-LXY z(?0Rh#$(i!>eNJmvaPUqjmwU8gs#znWDuxcWe&`Z^kqvCN7!WVyG^M4xdz$Dx-X}h z^E0&;>(12C!isfXx#FsN>JNLGg9O5DyR!`xUKP zi+4~Od!W}Vt7{#{riyGU8wnv;zDn{SEa4MsIllI zcf~i?4xgXQ^UI}YpGNCHn~m16$aRpeaOk&dP=4hhhx0_@8v360>Y`7}OUS{+rS@A8 zp~=p219vDBeN*7wgo9kO#mPD0zyTv$lK%ouJ_x2$QTYJjuqWv_1F69s%9UbO;!?i}^{%;BK>)ZH` zvHe(5T?_gJYzLV{e;TzHuh$#>6~&v*;(fyY6i~2)M3toN;pe)bi;HOb34mw* zH_dnQs_U3_+{5@%0kN0qqe=A1LDsyIcX1P$-#=A}7p_N(yNqV&4`=TdV+ z+z|eqR8Fju`o2buC!)`Fd}%m%7*M^Fp=LxF=FuF(GTyMqh#_fLjl+%S(OX`-?E*@c zv1dLs8E{GdN4l3lsQJ4b_C4;0<2{y!M=?k95Te}cnAH1+#WO=Mz4w*(*Vh`+{iSsg zqmmuW5&Ytv{}Id$yWTMk43C&0& z0HS{kn}p`R;b0RX@O&Fh6TQ;>MDo-DM}%bX zvDphcfqqf9;^TR~J$`$2WaWYMpFV#g+K-c*PksjHBH!tSn7}idD%_;Lm6zt@as0<` zC%N_U;U^FI7#L14$B-31cbFWwQ&M3AL?7?YAiWX5a zbT0V?hGD$~=C`#xefF+?V%0mbV#~y{YgR&wYb{RYF)`n<=SCU20O;lOvb} z^VXf$g*|+&@$qWcHoaNBjG|0_Dl96>EBunTP^~8ClIb=*j7XK?JH~+la%+8kf`rPo zdxY(H*}jvS0iL$_Ai~c9TEp~v=@~HeIQdtNM>*w`ms+>7w#_6N&Ab;(#_5JGTe)1U zD*|f6#0?Fd!YI>Jw;G}AVJ?@yX0fz^+o>7t_4K~MbbT3>dVeBDMxD6pAH=R5FK&xT ztrgj_Eq+3&f489eluG8;4_Va*SnjeaY5r>f<_T}f83Czf!NHP@;7TZ#RqJ<*!Ye!{kWC zT!YEA!?ffW-GpfExu$S3TBDEWddNV0b8DFWW&fE~c*u6lc-N+?B?yJCKjGoba18v{ zHjYF49wSG0N-Pqn9$OUkNhCD^qQ+>X@XIk^XTv421_uCUEZ}Ys_1G|c_D&v1V zvJJo5M?}EbgSJ%SNBZ_rcf9&`07H({h|zA&0Yk?>R_?dd?(~K7pXlk!@*A9_3*Gsh z2YvhUA9?`8L|~uLe(4kzS?=%ezhaSlyg>QK{mm0(gsG&Ku*Ew6w|l$gX7`)(o#o}_ z0A#GgDd_QPr@Al7+2w)ulcf(y@+TR%YAhnMn_xIPJ71hYdezJH4vvm~CKOmCJiTIh zCI^a{GY7$jc9F&X{;jMPN(!v*?_1kLD;UlUXu3?sv0o#)$5Sn%c{e?p9{ z;VJO1@7|u>)im}lEcEZ0Cn1lY?NhsT?qpM3wPQFlg zIb*Eo1sP|#vH6vkH!yzr#0ZKH(!**4(&l#$*4Gg*Bz|K3WnB1^;9M>_rOA6620{#Z&F)+ju6a&!9ymw#GPsP723JVj4 zXx^Q{sz9F3Aldm>7*#if5Yh&#T*;HS#ms`RQoO|?X>RVT&u8N`}3!5U#zrY{sBhu20hmnkKzq_+L(29uMY3(M^)aSSo} zB-vhT&p#GfmVk>Kl4^Gx(TKRm=$iafHm>6?ZEFDkxf4faeR;IM3OzIjSy^(C&TOq| zX@4T0%w9mGWm~Edwj%0T7T^ZnW-0m1h7}2L$w?rU6&EFGcUG$o&{tK>tCt|tHQaj8 zd--c-6>`rpKUi+Z9CD`U~C{pPTAtG{7kCCaBIJ_S-xh&Z28?rCb!pNsq zio-R=I&hd|p4CTbHkztIGreN1Z~>l}g{g_gZE<|@pmwp87I^&dtzyHXJq8tV`N*Jk zn^`KC|75fRi^nQg{{Wss=0_(v29kme7@x)w)EUOBfXFIriL&WUrk6LRhDUjMW))Jo zpm35hgb{uFz2Ee4KSR*a3pn^t-1xTLdQ>t!^GOCwo%7^YKbk8hoVtJ%?rhQ-a5Rog z{3P8w`Id6pZ*TEdv%dH57(LPtgR5|U&}F;^6{C+^7|_WJ3E6M0NwJW*%;sH9D$~OZLl@;vryN33 zZ~sZIElzvo1YL{5DPYVZ4O&Mu-2XK>TG)7nQ4H^E;Mz!ch?da4?U=?#`_s^(D3Of4 zFrq$ZDQwSKin2zR_R~36D6ZgNN;U=_oCY6e9jot%h*^@k#?-@*t3pr~=|glweGPgT zG*X%Ufwk}lH3j|jTOXy6uS-*(WEN-hEz9bXu(Bf-q`85}NmVk>S)SPJ-FZaW0RvH; zcF&hYrUj8-P+(w`fH4I=rE~NBJW9bm1FpCb6cS<{*;6AZ__c6(#LwVlsuPV2(NHf6 z=xtlwe$DV#3tGFeLbY0ns%z#dC50Df^cE@|^9@AY24BNOcaA^|YPux`x+bA^s5Za+ z+3^y9^u&dJp)I_swINa6qjk}4f4rDS7}p#F<9NMo9zIVU5zw(3(=nwMv$R|>I?H#% zUyzRyT)vr$o1c6kY8vWXiB$n_XAX*JJ&XEam{*V=|50{k~9m_|2*zsL%TpwyU~{dbD6wqeV5&@l3j01hrbgXwqxz z^lE#fn`{%)PlWWm@}PmIYQA>1#%lj#EEP+9p6L5iQs|CQ>j!q@k4ASj=h923oR3at zw2v~VadeOHT>FmIyR@oTh2Dn{$nUh1(^PXRkdK0%3xI$UxmgiutlO{%b`OWBB` z=>7Sh_UFI(VcCmo({SCxy#Cy|c;58r*|OVF@+Z_?MrgQ^PsSY`6oUVodP%5x=HU$XWk0RWv{K;59kR>&&MuKUvk#B{C)YBBrvQ$8Y}!(4lE{Wm{E^9A-mC|P zBMR8&;TjT==>dgqrICyJ+}*-nlAVo;PAdb@QxmJZ?-D;lranFFyzd7LT)E^zw~u_# zckQ}%*gz3!A#vstE_%0hJVrFUS?BJZwr5>08c}bH4t(x}BmnW~L@`_P2#oXBx}@>} z&E0qCN%mVl)GROZLoVivVl8{Q(QOdrlKJA!VQdFRk_g!Jyl&1Ja_i@4JyWTmqo^<; zwp77)##tm7NdobR7c*<;1fjhV4ed2*?>K6PX1e=0+nR23Ug2rWhNe63aq%uIGp!S1 zM-QPdEoFNESK7Po=UD|jUSAW^UI(GiVn)+D#5L;l%YF&UDDe$G+e!nbozO0mo2l3s z{z~q-;KtYBSNFOWF0L#JKor^uy!>9JmDW3}2^vD$gWzvgi<2IAT1J6hmp&{K;ttLe z4u=-~S5eFi57UofIja7{S_Na^YCN#L$7Sj)Ct&@3e(?iF46X>99*cs$=gpW*DIt+Q z6uE(c=n$8@z+U~WL-pE6@0!Hw2CeOe^Kv1TBrW|(@X3l)ZI+?=nctO~FW%XVK2TGI zAg9^s8_8F>ssVd!U8F4h7O~mFH?a7&&eCoaCz+w*in~BLu zc5+pcmFRX>Q{6O?2i%0%-(UmiAzcv9aKS5!1f=rQ`ZzuTf$!bF5x{t~jQBE`^4NpD zr>9*nSgpB+hm>V$2(cSKng;0vzI(oI|5mqeG~LUW)q>jjv_9JiCR8}>EW>bEW)Dl} ziJ{?#E3I|_0NseMvs+OBO8i8W?3ljws;7w*@Nda{o+fJ2f+3g>0P@{{!kqm%k5Nl@ zqJ^6)C)o;@YUUwKMNb7d>#!h;PXb!C!VyiI#?jZTN_>5B;myBgBH=7p(1pnrHrG?If`#C}HNkY4;$XFqw$yPj@Rv8w zd%>!TFkbo}F8m)d{V%QlryCX<;pV-3O~9Of2MF9lW6e!_19E6j8O{)`QOnTIPC?wX zs@_;kOiZjZjhUI5%WkTmzK#wolVM=LU6kF`(bvBkT3dc}vM>2`kZ3pFt+$kU0etZm zGh-TBWzmvoaIq{=ZWbfzVQnWcn#LY#q_mmj7?8o6LtZeHoQh{-->IV&qcuc4&P-kA zn4`N|$A2R1u=E;#PkwSzWAt!Xz0zsW%Uk-f?kKgc?R`G$a(Qa^O)qr7v~|j843etQ zqGv2y`NQx|?LK!#12TDlh?5888b)^{xbf9@mrYV9h9qZPjw!!h7+mOooNHW^UljjdGAa7y4zpj z^I%$G9h{yiVJ{ekC2;RJkk0C3T-E;+zHFFY)#7~xt4Vk_G_IBH2k=;`Gi>fC zd9W&l@mG{|-67oyNQZR8duQ7)5mGfgx+uB-NN5Ink9!_;8JctpR<@GG(!@xwF*WMKQv5RwYyg3FyCuh(+H?h1D zJ59yp)9$RKYNboNZPo4Z3J;}x|D6%!wIdae&c3*~fQLUS`kZQcVL`6Xx?|IjCgcP> zFw#?l7b(83?3wvx@ieE};5+HyHfU6AE6~#Dh-!UV$k(K=6{a0l7ma*2ZMUtxJY#o| zXBzc#W*FM*DHcJuCAvU7P_{7onclYv|-1R-kIpw z`;ae*D63`(B6gC-CKX{4yNooPZg#vPd?t#aboquvs>}KVDaSDn8-6;^xYDNBJ36)> z8L5G=#jtXrEBLE$rnJ7G&f70l5au6bn&?V(33cQ>d(&CdKOO-Pc)aEmi@& zw8UEeO)BXYD-Qils|CA`CtA%K=x5!bl1^Ut^^fu)H+pC3S^oHJ?Yylt_&RapT|t(G zRoidQkfxtXQ#TO=If;ULS%?-t;^_f;J7c0SJ z$gP9ujv`oS+G-!@egX=2vEeps?xOFd&J$L%t(yHvHhlZ?%RNxz0y zy=Hk3_~WHft&%<~^w6G7E1{5WN?+WO^eJib@*5?~Q|5)s(Y+^=ZPnDW8^w8nQ>yl3 z-9Tc>eb$$B0Rf`tFIl^42?V3KRZ6YGwsETJE~-ot8Ef+5Pp4L^sErbZz=dE0lWl;$ z(SD6`OrvQ-Ns-Q9IyVXpqf8kCXD+loyU%3VMbkJ%qFa4(#U0YIv_HE%%20!L>p~pcmgsoklk|+tZkmO63m2md-4n=g zf8W{nf-QHRwu;94t(<(Y0>2jdG=t+sRdaBeyliV9TiLsvtt${8$in(6(>h;A8~G@cJn_QlnWyNLft-01uL|Nh9jWB5 zvm87Y=IhOpPtmS-E}5Tr3Q`YW^=J$AYRNfJM$^~>8{EkXqQ#}oX>gb3YVR*b@Ry1) z*>_EZ%ltIeQC4ULaF^r*#j{0o@t0osb|kJuy+yxdPA(iwod5kf2{Q=`$D#N7`nuH@ zOEnVt0f_s7bKokbU&|5txoWd4QNwRX%etB_i}rxCjc8 zyOHP?Jkj5d8M#s4=O^y25;l;llf~rQPS;Bo0vfBToNlhK++?+zJUt#k^|Tw^{oy+f zzDewLc!Y-<|H)Bp7otaw2_%lsIpjE|%dU=Rs;qbC8!nC}bbhb2VBI|h0dxR_9s3yH zie)U5Jo%_(_1hJEDH6!xCCZEjMFrs77&x9F%&~)3MXMOmllW0Udaxe2@jS}=2B z$`*~=j3s`ov<_6>I(Zg79Ew3(%_o=$&y4-g(Yk)-gMyR@*6)?da#rg)Mh-h@Ier{F z%KKv4HZY*Cda$d{PZ?edhz#|<;5a_`Y@$m3aae*uXKO0bLRT^-_nY$s-<9nqXI}!h zb+VvGZB^CD&+nham^VPgxDi<<7W8mITnVGhAJXC0ol%r{iZeF^eKinwG=4m89-Eh! z7fLSF=z3%Z01It0AUOt(9JX#tY##{K0uZBf$jbS-`du~~Q7x@}cE8#g;5&pzNJw?r zDA^)c?a{a2Usxsl7or$mxm4|68JiJ;L~H~p#ORB0M);dgCDfBsAe)83fuD&XlWj5| z*!ziIb#bv6ecTH(nR)sLz0dyV^K+|>Q>&e>lieJ>@tJ4a7MdVaC!fp@I$RI{1#CA3 zn|w9Co+K=2ykx9xy8Q||H`l`;5IB5Q?XBYm!1^-zsoE0_Ko=Txb%*BPuQ+bnfMUEa z(H!Gqa+YWLt4hQgZZ``?@D;g#YottrLCr-gq^{uwoKRb}$P@XAGxY z@_zPy-EJEE=m-K))Rpmni}AsNHa`$PqpnF~=}rzzl+Y7#eEgY@2EFiidv$H?k2}#G zU4dV=iYOTu=&m=3XQb;>|MCC1rGZ+@Q=+6oIH$wkAiVU^t=;{_udAM;9~m`}@CpPlFCG@iZpc`&lMAG>VNY zi{BAxXto}n;XQ}T4z`HgeC7`Slfe9nU<5E)Igmkw9!_NbB7)PQZYW@L{?-Znzm+1G zUqpBWCsF?)mG6P}!IB^(Z*0iIL^~;IZDnKZ$4$%nMj9-Cl0zuPr@Sl*7wM9Ak{Kb=t@n`Osz-K$#UiF>Psj0Vv zwOV476&W#o%}nFmWMpKtRn3j1!Dlb`gAr5kRWEukD7!P%Bm3x@gVpZvRs7^oTHMuO ztVIxkK6_tV?3D(N==O&ClI+&os**77DrQf!5whnYa}Offo|js}N({*jiT%+F2R&|y z5{xorjK~|HjvZq}aQ`(1xXeXUcHozM;6;k0~ha?L&{`xUr^(Cs-R;NvR9)qL{ zNU$4~Ld14|w)kRi6*X;jUV)ig+i&KaUKbgsa8kU1!{UPcdIDP!upm6<`H;oWryc1U zTc4u(J=54V7A&dGAjde009-T`k`0Yw6chmz!$iAqE5hWgxeRjwjmNad!w zJB$urkLU(6}l1T)eZKYBDOfJU3FUwVUS&1O-mn_f2#5{bm_A?WlP? z{_xzb%E3|a8BXZRC(KHPq|EJ=rcz-VM$yhMEhQgC8(;xG{&sGcqZQ~j1@9Uvb^OMF zPvldAlQbrYObljip8CEOq>GP8Hg{;;lz9cwsL)ME3pR9cq|3|XSR53X4KLX1>T1Lo zBVwS#(8{^v61$qM#PxJx_`?kn=@Cup57XFh6S68RC#GW zu2j&$aFrZvin60{T3IHJBvUDsG9a%&5AT&wWZbB_hKQ9?KIhh_{Ot+YpsM0Jcx;T{ za7t2qCZf^N?h-5uFMv8Grpb4k2`lNqe!ja|F_7%WD&Vgj2BnKN{V8&Vchr!W9^8n7 zYlqPhxaJ!I{*~mkjhHFF7d7&gdbx84SsV>*@^gFj%>sUxlkN+0FHFXcXw*IC^Q&Et z+y9!{m}W;+Ge5#tTL+|m%hod*FCgK$-tO*}Obk&Rg|-`<%jVPs?V~FP#WIUqHp2AS zfyu(>yMBShss@82-FOu8UzP0(!z-CtUfd+!>7_ShqkEw$k6!%o4@jqgLZ>vn(H1qO zuPUnZc;xNxt%ZM-xvdgwXqnRl*z`ln6(b{j{{-=5ao0wf5deyI1do0|hsmSt;~|fJ zw43z=17lfM+g|&eX9)(D&3QIWkNWEd1XTSOI_Un`I~^3#;NoepFi9N_-dk;zp;Yw> zdKqPX97dpf@dNp=sC9S*d6^ff_N^%r?Kg0l1D}e^hA}rgfs6TrT%B?B>g}(l->$88 ztivl4Alke4ECK0lkA+a8C7Uf_cYm^6y-^Q7-zw@Q{k>QFs=5w)o*y80f8b4BU)Rhn z=Y9{eb{PlO>1;D_H!1NYpCwV7NH-!kF_eUz`-=;#c8(S>oDW92G(le5oqRq)Z!B5u z`e_f7smjzuibvg{WgAJ(3d7eu0-G29Ljz zl`cADyH_+Mjj zz9ulSya4C1Dx&<3i=0>74iB8*$@H7oDELm~wBN+Je#YFn*zs~KZK6ZeNMVOv#o!Fx z(`IRdvrokKezy3)QYF3&`s?0@Lr2LyV_p9;t0AfG#ZT8PgHg71`*d&}5|ymfMtk1V z&D;z62I$qAE~6EPuq$w;XWY;JeQ&Ku4+4%*%@5?!j8U}Par&XA$evL>dRyLEOn2gR zv#5zo!1WOH05>&=c{R9bR9^`GS-xP7#s3D7Ue-gm^P?R5HGfCcvx@60uq-)RT`Nc}*@ zwL`Y=FNf=cf=8g8cScq~V*X@fwh36czTO9VS*;fu=Xx}e1m4QZd0FL+AcLFqpVm9f zGgt@ziFkM4{Z+-O`a-_zVR1DVxZ;6#MW^Zo)V|X?t_MqBksI40Gf$E|fd$}3_5u_-!5(dW@u|5N%LQESi7PZ*ULFjBzUKAS z$-)gt6o9)it4`yPAZQfhE-1UoMvdjMVa^F>`=@rjI{{^j3H8$2XKIi2fuKm{iWBUvZ zvbwrzP+)0x--;yn#(%og-=xOzudZP7AOo#Pgga9VR0cGVkK#??6A%XZJ5o=`afw;K% z@poUNfx*Fwpo_gdpu{I7BY&&Nr^;RaLPcY1Mvb4>Z;RqsZ^%E*rzBXNWL!BQG{0S- zu5N4tt{i-k5Gru@xZW{eo^?Q_pHpVINOAT%CVlX)fTueK0WFTu@SkYnRoeZ_y9h>k5PziJ1#5==l< zP%st`hoNk?jAT=lDT#?BWMl(2X$c7l=^D!cC3Qrdq4w|pJ&DDhO>625XxRO>!~8gw zC0IQyOG2irAI+H}-Q%V9r=*ykMD>~OnRZ)-$}WjSu%V&Eq<5fZEgqQ_vfc_)NVc*5s~Me*S8PfuWc|+Tz*7%mrAr3MknMDSPd4L_+`wvT1XN$Vx?Zi%RWfNVd7a{| zj-YAap@KG5LWHLyno|wiH=@6+z$9?6F&u_*Qc`fp^=?Z1_6dLF)>!iy@+tMOiUj^e zz3gsieaW*f8FJB?WX`g~kt}&u?fTbZoPF3U&{rJEz|F-%iV(nMXU4A&_u*a4+N!az z9-6WW84D@Ycd(!Qan zH2T+peNKCDFuHs|6164MbsKs*aL>ffgphR*458;6+)luK<@^D}lTgivd`0Kxd?H;u zv~RL+c~M;fF|zTHm3{nv=w2KhWZdTW&yCMouV%q2Sy1Tyt;tZfITb<+D45qIzie%O3dzjY zz}5gmH{HRJQRv1O9AAHa#_%+9G0cF|f=sjvMW>n$KdXTH?=tKqba~xpgHoGmRLnI``I zu_SwF2&x6BVbYEp7mV$@j%&`&cI$dnt<0{7n=DXmjw~5`D~Vm}R@hQp8qVwgwqB$c zK%mX+ctNM-F>DCfF7+915oON42GOS8jHfc3&vh;tL!sN1Y+L2{cF)C`84o9*J2LO> zet0)mmkHt8Fn6yuP%DazDD1D&W2!m``5Z6bm7fME<9(CI-Q}$LJ--~(}{stB^;6z5iFPif`Kii;ied!64&S#a`~#EI}%TMt1$7aTWWM&MON zZRz=!S*grNdWhPXi)eIIz1K+uPE~x8()3h5xlw2xs?(WIxAK`g%vOFHRA3{H?1~X( zSnF`K(|TepZdvL}J}&IMf9f}>yHYhKRj5?AG%6kgYv2l%R@^K13l+RM0dAZchqLym z!4a&K%b+Vf#o@(r;GHf52XveOXH(TsXp%;2KGPPgDeQi$+%Qz* z#Sa};;W2A`7fX1Y1CB?wo>&mn(l^Gj|G`KNXPOk zCITUjh8T%paOiuR^3|7{i^Yydyjm_p&wT8tUKb_`76aI_0z1=MN{6?}oY11Ndo1IE z{OugzzQ9*K{0Zn>_LI!uKR+s^DR1DDON-<9e8iYteA1L<#Xetc^yNV?xT({IC?ju! z!fR(Sl}x?by{9t7zrJa4w3It5MLZZ;?5OZg5_CJxccu*VP8#pP#P=5sHeU^&zy)7t zlUSf&6gubpB(vhrk3urNX%;AXriS?BdJL;h0K7-*Y6p4{^J_S|1xgO5kfRCorXR3w zOQptd*d6$DUvbJ*g%pomzN&3+ks}y}V$8KbTo5ks3wg0etlLF;T;a(zP3I=DtAi=K z+uL(ZKvTol%gu?RP$b$uQ0Q$6q#%K4%3FdZpBTreDT)~aNA*BnQrtjw%^3orM?ZZ* zZ~8^TJ8$sfgOP1?zJm6|0n$MAQ4Tm91NvYTzJGpnPnR9`fns#krWKw$@NochHclT& z{@opsFgW&%GYF?X?2`T!(aZcHiX#dS@Iiv_6#(d~MY@WC!p?)k^^t~#22?CEn7)FL z`{^G%-IjWfi|Bte>xG4df}WSB8)JFksbe@CoEUHkhqTv21NMK(+83k6R4_UsZsp~$ zJ~4hOg+XxfyoYi3FM`3fL&PRf_O4s^0|L65ypI9geQ_Jcf_nSE7|ShOgV3(u0ywu= z6kOMy`~-xE5ES;{gZ~pWx=jJNP0sk22>x$5gwyvgeLu==D**&Dg%H8hUI&4y&w^{l ztqg8%ZV#@)h@)hW=WVXl_4R#D^i~c@d6Z?eFG{>PrERO^^OChmAuYLpJ- zmNywt+A)i|xjK5&j1aSTWx{bj;PVGow+1x*eKx>1JK$>03?_5YCCn*fKTy6a@$BLG z&w0k(of!yiNCx!`vCdHqUuA-2_ZweBnQc`?t8Jx0RZzGAPRtP0d=x79VrUK%$)xT3 zb#2qr9l+DGkn+(sg?xyI%7n_{Mz-5nm~VH`Z`0U}JCX_wM()5N^+Kx8$$kyFK_lx-Hy@I~8YmajC6j#JFfzfn{Pq=XNd}cx5p(*va>G?&)QPf_; zJW%-T&0OBO$4o!)&R0q~ASCD6AX@ZcSMLzCk&Shu&z#79Gcf3zp0f2ZZ``udL7#|a zG;X*3v>F7+R3QG_co4#j!0{gxk&CJqm%D_zVw?m+zT1e4+dkj)(;_p$?CZ0VYy28V z3?@p}XLA(2%l3I2K`u5=S;yy3kxwei-naXzG*oM)lrv~9-u;z>4G0T@sfFN51|}(8 zUI|3sY_e<9{(&1LoAelDWI9!#&WZTIm z1IrXHYg5&bjvlJJu{AazfoyMkKOY;6N~56qC7}O%C@Dr zHIdKIo1+D6`=b<$iZE$chsGF%oIxGmGYJP3Jj3UF&bCjw72(#H!TP4Pyv|dyqK$2A z92$QyDp*0AS#1}|&#qAAh}7|Ms^e^q?g%K?Up;Hvg# zenSw);p!O&HSg&4B<8qFj?SMd=Z42qR`E6){o$554btaq2B)F%JJZUOaUS}KT^rVh zC6@VkZ&Jn%Y4|Qzg>L+X6)-Nhw1dy^cc%kbgW8MqfzRdJQU$eUZ{8g{xj5hm=5*}! z2(=Rc5@84;;2{<8hEyZ)ll&zsU-rr6+gwac?8 zn*r}2Mo(*y4PSBS9Ir~CLsjIwLg2AF$TX0;TC;F*qMP}<%jw!s$$X!WP^h2o0AC#t zL0R)ml*jgX`3WYYom*myY@c!eG`xfz9+ZPD%%C4Mp)TeUsARVv>B7@(&`UGx zkow2G5WC9l!{aOl=w|&J%(!smnao^9>q1R-PiY@P4vIqb*HKt?YkGT1aOr&}8Q62B z6*zFwbMPOyMZ1%9$1uJ;`p^J;%5+D|@0eSpbgwGqqk^w3s0tIo7T~zjL~_XhsIY#x zgYX6~(w0VlFeS?iZa`7pi?ecY`5p@^J_sL9`sqp{aE=+ zkZTGX%u>MucjVZwJ`5Yt4pRq=cK4fc<9ootVlMKaO#!gLF{ACu(m)^?GKF_yGkw<6 z(HtpL;1??E`cc);!Qf^Ghm?x}V}xfHc5ns~AfPt@eGVbEG<-P8jKR_GE{NFk?=VY( z0<(KEuUjoN1hBA}7hBF3^%DP>OC{4?Y%9qS>p(2Gh%~WSTrh9Um~Z3>e1p8zxrKqOiC{YABnLBb z!6^d30M%ZT%&@(Sg`4XW&=r}H6d6VkJjcKzr4i_&PSxn)BLtidVjb}yvb0Hr2nC^| z$)QNm9iYFm+plkJy$hZLhgdA{xcT^B=v^Nb0U!vr2BvH*GI2l|R@! zaH|G=^iSPUK32CV2B>Iz{`W5Mr3N=+;BU5F-K~oNAKP1|<=L&DPtf>i?@39kwik;{ zv~)XHer-OzL6>w9ObXEtMp$U0Ba)U@my6q#2+%=ptvOk>Z-egfG|@$y(GGk2`JMvG zmJ2Fp--JfQm27bAJSb`0&#HFxUObM6NMdU6gC`!`aU+9MRi|l&fb46xjwDYoo3Ato zQcPtoGOvAt9c(z`5hlP|7S-9Lg*}3$xy@LTSE*1mSUxx-br`)2=|HvdPPV!*mk%Zu zyYy$!Bi}5c64#qOZl(4uNP@tpDf9w+HHPZM+Mv94Fk#eP?ZOCelL{{GJ$bpHe<6KI zXel0yDY!to0QfbJ6=K&-H@+<&ObF@rF-dXco*Q6gW%XDouq?+qp3t%zUU>Q;HEVF; zK_AzmaSE0atN`A1Cnp>a_%nR42BE!idIu3JyQgIVn_X&u)x$etb(No!lCGP8S3Mo2 zuR08!2^Qen0hHc{z4~wopWR9PGJweEGP`mZIPyOZ-4nm2j_0MZkyNC0q`%3h;}){; zG>ZzWrUt*$G(HNC!s{WM7dt9VmkY>=?_(N~IidJY}k#ly5GZjz%ON^9L z|ID$wug^XaZuRt0h*tky)jHQLvq7+fxOD+OQ}5hS5K@%ZZ*H_P%11v`+mI zVon6W8Wgt}Ax4{VaW{@nAx103%<#!g7H*Z0ruNWDS(A83w#mIz1(~uzm9Q1tbWdmO znkip%*^#=t#=$95qAUqK5^WStS@AIXX*R*z~_CV&Mp48;M zaR_-WyUvH9cwR~j`0Ng*f(Iak?@W3f`iG2aYF=^K=uA3#@U49tbe+jIgZ+$fw%ym( z*e>q%($863RWAWgP*A@*4AR=h8G^id3l7L-m#bva=Y*rGRiK7WwDnNKi|4aZ!)L@A z0m30bU8vH&k(ju8=f;8dzGwZUL&vY&4C6l3rWdQXLTi?E`UC;D8Xo z2gLGAjqy)2PlaxOl&P|oMnRABLolsvtiGT%1f3E7Lh+}7{!6D#e(y-HC(H9vCee2* zIMP6V6-(ok>8upHSec=guZSg%Qd0S9>*UKVO}5HfHO31PQmQk|c50|FIM&Qv<#}y| z_;*#!A(>!Zszk2DhJy-KTf4hpyfmaUHVpDTV8AAGZ;)UW6K5T1g3!f2BQwg?DRYQ$ zMwTsB!MRPamfk>LCiwYp35%YHGwN<2*)fc|N~1*iJU^%S3^SfMGV2pD4PIsV z+D&XgS|E^aAX22v_Q&pf^O#jZNuEnfvyT7(ZsQ&o$2)U%I>6N%IkHQr7dZk3ulpnx zkBNmPzP0SQJ+5Ue!=4{4ryrVt@`QDe3PIWHtt#lqv&a0Rsy3Vi|I>mMc5FwI zbeepP@d?gKgOWMbp2H|s<(L~oBC@-i!sg=7tgJHzUNhO-OV229IH3&0ZR*H~cO1$S z&H$LppyXxReUbtLK$J!YOTP_!cOPOD(&(^a>uftvj$zRF7`p(wnn7NCM?*uT6%3G9 zz}!hUH#aOYev`H|&(lA@n3}yo_k`v65e^t-r}_Bvb_Dj$(n)ubl98Qb?k`Uo58jV= zbJ$`c9r281MFsDWL<_?mvkn{N?Q=4rCkI%ST7Wk-eD1+>89%-}?ZYhm#WDjXY?6NO ziB6QuTW&kl`5_H4k+#jD@hzBRZLb6)m@Ql|`@#KaBdVcLeM!gspb3-$J%sAXMC%Sh zpA13K%?RJ5A4Rc|8(GF(7@kG#Jo8gTu;4waABNe!y{{k9$@TF^pQRQ}a$(_=;SvGH zQqk&bsES|{U`n-C-oYel9-0#SHO|FXkMgb}!HWS$Z#9E6y}%RcEJ7#dZW<+)JQQ%$ zzm`yM5rIjHCKyz_;fMAW?{;v6f?OpRvY(JR*)K0aN>1c6zl{FiT(DZNz1-8!$MvlVJ9BH9nX~aXVjuD1aj!tcMnq?!0r0UCg$V0bNGYMY5-4|X zwC*5D+xAvnLA&+Lvj%`Sy}Ann77LZD2-Jm3s}+u#O||hhj8m$MXP%r-v!6)DY+QN% zIKz(w8cc@ZYmeTAv*}7KR{A?X0}F?e?D$dDnbc^c4l@R;P*i4>cy6!Zg~eW)l;mWw zIYOZe_t?cZbl@{lv{uY1E=cK?NkLHw=(-J`{?Vy))dW5l4s!qXA?KNhGK0L+BK2E9oypE%t347Nq2zysKHBzMQY(pbbE z{=tIW>(=EnZ_Y8^g|f;9lfhtm<#`RgPnXb1j-Q~EmIq?`oS&cMBwRJRQltczyHG8+ z-zhFx(P)Z>xzK-o#KP4o#dNU!I0YOW3B=&MY|Yk?r*(cYtQpAwBc59UR=00J?Ck9- zL9ww{!2~pa8*^rK#bB^l77jp}mLGs$Xbgd0fGhi?6-MjyPO+?|Al%jV(i%eC{T)>G zl^9R5yJeo-gUM*L7FY6Fpwdc%4)@=$0390hx>l~U`4VGY=7;d~q=GABOQ*?0E^;>% zP_WRvV-ouSen-Vw`>ZRRr!5$UTSj1J&6y^IrF2Oo}RO}D&shHE_ zb3WUrf#VE!z$B_Qj{mqy+cLd#3$1}sNcYjd3L*rQ?j5WU6a?f0;$JeCL=0k#Y>0Gg z_`w3Sr$K!|#h^CtudE471plwZZ%D})NYk96LG|VvJ){vyJ4rvF;PDW*E7REZb)$b= zyw4f9579Jxv&G5&bBm2MmGmP6$-jV~5mj<{wlR>*@AB~$iUjc^;*+4*Mc;S1z!5ED>6E*&1<--QMoLf?bym-9FpGwF91KA=Y{+=xyk3B zqyIXvFs1_uDHV?uab%$|g%+BiAO(2MTHg$fBc?eY3Af4*83}~|nS&=Lj0lMWhl7^_ zN}-6xs`$>%+QHV~ogD>7bPEz~d~j3S zcDdLPc2REa#>@&M6GmR}q20gjIJpQCY0L!@68e9&nd`RAU8+bexG_;L|FMl2zW*Eu zF4%wBZsI{EjF|x^;XjPUY&-);)yxtJ4GD_)u~#5iLppT1@=4=`>J|$`w|2x;y1P5X zk{anF=hj18wcQUaHnsk5q)8G~4xWeR$n_+L={g}s>@}6>EzW)mR@@2jb z6K}tMyh@(i%e^4ranMP=bSO-?(+j)$bJ*9AydnRxGL+o$*RS^v8lA3$)$Ub7>aLIU z2)_9OKMABWg#X|H7DD{)p67hBO78S0H2s5RTWRmfNBUwn#V4?qb__LU5{4aEWEDle zcRDg&&(4WWBxfkjd{3H2isCs{=11dvC?x%hYf@dRaE??~V`=mB>%v`+;)*5o@$n-a zGDjQy`>iG&GhVhNvxOBz+kdirwIFmKILF?u0Rk)^kK3;R0g}bSygeEiQPSse8tS;= z9j-=?lI_!C>3#6$VlO*B5TjC-k0%Xu7LuFDn<}HQ8vBN(uTMLv9y~_L@`Zi%H&1<@ zlw;6byl3W-g7T9CGVr$7142Ju3+u)00JF%2LW0?EHU|t|%fQ0hL*ddQ}^6AuI>YRVKM&R2nz4$VT zpHBV2>zziFAF9SLU5PRRSQnkz6?26xrl$vi?f9L;T$YA8#SqK`UpC1%pF$|BmBJ^f zJw*%BIm0}u-N)S@7qKrd7pIxdiLfo1pk?M4qz&=9hd+z zKNX9w$L~gwdau0~G$m9HjvS$wj;S=bhE)nq2?&PYzj37pe;{O3Zhu-*66-^d%AZ`z z&K)_xo41q{zf?^w(9>LF>ZpUN$$GArA&2)iu*I6C!jbfU(WwbeEEZ zF@!M6^t8nPgh{9s|C+#PJaSyKY6!r1D^rntgA)gpG&+f4~5rcl74`@G$Zu7(ol5~1i$MCA74kQsZ)jKrQU6jVo7*6Q?|oMiZ0IZ>G~swiZfv(6kQ)VsSY zEn4=6seqK?j$}3(-YQh#QGCH@(4`Cy43!>|JFn$XQ1dh$<2PfgM}%lX&yiT_q6K-T z|1n;@caEvFMTW%C@!M(@?(Z*&`X!-x6Z_MT-koj5KX`f5US~U0x2ix{h}r)3CvY-7 zL)w-g8nj`HOCKleh-u;WN>3;bV$&v~hK3?D^a@(7rS^>K)X%@N+&&c9Ozl<9`lQ3s z3!_uUPinf{_kvDNQ6J>GQe$mobkMVpy-6$nIq5dPreoZzOaH_=n%T)`qn;z@#Qcyw zze8?1a6dbjX>3)F4!V1u87lONsT|;~JU!G%D)^cOySw%jVD&+F;C;ApxMw{0m<+A@ z+2e3C^bqqh$8;_GtnsVP@e2$=K&Xs@c|v{AyEam%qmf>w*ucK|f?`hn1|!>+MWnQ{ zDWV#O`uB#n4|f`-s;~=#9NX6Ts&%ve!&;<@4J%oe_Te?hn(@>Fd)ryh@k}6!?8E!R z$fNQ1{73kzIx=|{K|OpnsK1nOJ$!UBW4EmDh34mwi$=^y3g!?rf55DsB@|IuH~Br$ zjQ9ExcTwFqrp9IX65acUHs3yI6CkM(Ur}}aHRp9*YAwd60BZV}fhx(@-u5!zO!0ER>`n!T7IVHsLE1tM z$-&}HKuYUAb~WamrhAo@l;!*&YF_(+^sZ=6lVwFGF$3z+@7V@p82u>8MF@x8L*%sd z3I`O2cdglPiwE>j8hvSaKJku!xUNoYd1LnUZH>jo=JTJlyy~YO^a6S*Wi^;FN)AX= zfRv%Q^8CH4p67;lA6%Z{@CR+-J&q=EZ`4If^Y9m}p%>~kX_$jPQQOm2R1iAV#_rm; z&Ul}EM~~?&vFaD(scw3@N;rRKKRUkfQbEU9p~u7B)(jMwf~_DtEDV&6>rY{Zc5 zTZu}jgYfb3?F9|O`g5vOOp@qKV|Hx!GF*;`9-nJ)-L#V%1r_fwKYQ}-4IN{!fOR+! z__42-vo?!ymi@*|e8CdAOIgrNr))j4>pHnE(-SqgAPg_?UQ)i0-^n1(qX1PdjIkpk zY$Wx>w&AA@UPDC_!vqn_KB3s7#vwQgB!hFhSr6xV7l7)8pF+H}e$va_fC8EM6o+U8_6dpHsyC-e6OJxP3vhUVh35%svYZ9MaGDb%} zFe0=fAg?B2j}ovlg)qD~LW^$I3id-+7rm#D=sS&Zz(vszNxk@GuZ};AT2uT+LJ=3Y zFr0N;UCj1A-5N1dQdD{mS6uUP=JSWQ>w{dZqJ}1Ui=2Lc`t-0ofq5QfH8O}b22t-6O&um9Wy1!1`oB!DoGN|{;!GFGZFpb&IYjJ1o5i4-vT=Az zO!^}N3){L5!T$0H%fWk`OI7085BzF-CG0#YyK*t!Q>eqPMr+ulhq^k#*9OTlI!#@w zeB3D2d}qeOJ+URld!JVNist1O>O4xm{TD? zCSSHqO=QK=*A@+=`Z-GSAU!48fett}!;X@+FWbkMLSAf^EfP?yevg^mJTYY~>(sj) zJY<8Bl`-GP>q;qbGAAk(UnbKsv|3EQaDb%{UFdEZJ%2x6WayMb`lLwbO67QKTiZX)aa8p$sdCWMJkWr^LHBSX zl$(2A4V;wrb+9YXT7;U!f$1V4wI<%6uxgS;G+OqAmzNnd^?)yZnXlUs^d7<*) zhSzT-I1tY(;DGPo#kL$Ur4hJh+6Ym8D4@`CzlQcAG&su2o#hgfVi?^)y;B=`nVdLB zYI@pKZYCk#QH@YQEw<_sRxf5$JZc>X3)U9j9A*_rTikJ zvqS3KjlPteXeHwBZ6MCp)nxtLF)H%=Bir`Ucgk|Ms2{g_Sg-G;6KOr4YWr?{DBN8P zMJjyNLqeiBV~_WK$c^fmm04^HMT49MnMcGdsesj@YeNQ3Ow{|3#}4{vKxg}6j^F#O zj*=3?;6{lgqPp+a^P=`QlU~QgU9zH=Y3bsxgY81lfB{On?WY}b>5qf*KHC~QRrjax zIsNHNb5K25FL_s;Q`;f;VT9GvX~{D8?t92(PPW~e^(y8Fw29amJ-%{v6_vrNS(9&v z^LwMGk#ORSv1nId_fbxN6`)l4E)M-%yRVgR&?4gM*Xuvb3sac~#S{t|qD|f{&oZ-$ zUu!E6rWUdbQoLUY@EoHNkP?$s7GfY0`?X?BnBh4tZ%OKwUbp&3zfx1tM=X54qGDAb z%b#@@>R+iUf}H88|CJ}~U2HNLL;4qU>mB~_&2wk(F8NS-3I|1q8wo%zsodqr@~Sx% zOWDM1rmFRtWwVuMn(kep6Sb3F!WoWIZo&qhIM()Z!W9YAZvNimq?AagMA8F)&3N;$_=;%<@LxELcM>hG*@_|%y#v8BtC54P{xLc%AwK6j$29%)rt5>=oY6*clI`PxCMz{xfHUv}V^U>lnCa6~ z!on*J43|K>=m-*DZRu?9FEo#TSqw%`zxO+4AS(Mb|C;yvJ$5PTJ8vId;YBswc;S6{ zg0fL>dIB?z$e(=CQ3W($kL$gD{cHdT6F0YrG+55{HTQ)vj~v`#wLaxp)Fef7c)qd3 z?U$cEFj9W<@bkLO!xg}Ag<`{_r1N_)WCCZWJXmbd{SQ4!#olbV6_*N414U3FzZ4HO zl|Nn1Tw`Y(FCm&-3kRJ?YrCoZrRKv*iC58(Jw^F0+lAx{bWhx~9GY@GTk_8CMCTWI zBEKn<@9uCBy$;^Tq}Yp7UCU?Wc-(D0%{ag$N&WF?_wJ?KlR`=09?gq|?oXs17gS5D zPC**tdWB5we8u5PzXs{FcFCn z2k$TXPy(nhx%Xn#bEm}CrBeC%p&gR}VHd1~^bt!}P7Qp+S89`IlKqSA)bTsoG7+CN z>viErKu5NDW_E38$eL7H8WvqLzCprJ`|9bzST}o0z4=^NJ)CTtCT^BFNk7AVD;=9%GsB=er-t9QyP*j+tD6QO)&_}*2g z9;GK@?h#F0j`gPCjZW^Vu*PnORhG8b)8|eKtloY_F(-_{f*P)QVG1>aiddaS3HTSA z9ACoN>bsaXlbLd+?ue#+F( z%9zq?tWHXAc6+mK0z^Ka9ZCd9^-V^qgvo2=SwzR2YXgDt^3LBWc%u`Gti?au5huSM zi7rCM@OX}aJlz#dX!I=Eo&C;lVG+~m<-<}YY+rQ=Tl6MI94Y>p8zf#{W3x_zUM$;h z&o+`|e(?sB7cFT2E)=246&2FPWsPA(A7(il*JU!LWt3C6DHs#4ixYw|x?f5vCT_7u zV~osZugLiQJ0RL zN2EU+@EuQ!zU zYiJ;-He!LTth^zPmE2Ic(HO~CBwix!e=t%uC^Z z&3#)F0zmz*n!q3S1#3d%zU>x>ipGQsBjJKzBg1WrdDyE!C=?A3nTHJl=i>7GPiuK@ zTZ?jQBSsg*JHhgJfAK^(N{h_HdE4)t7NiDTWFFXGQ-~h?XLEQsZae<(=KMvLc{sq1 z{|83PblW?{Nu*(XWFGFn_Wq}PJh$D$`Cofn2;liYG0zDyWSpwIe~^|QAoD_R4f3-6 zzrZXH?=5)xx34xIkPzT01viKd^CB>3a1z+rDR>bmGx!;SD#NY7Kl4(sK@k`-{3cHD zKOBg;iivDN!i_mULt>5@`hd&?nDczugv`VAWfO`?RTs+)Qwcd*!-QwzG8b(FqL!}v z+*@Pfc8NL2`;gC-oK5e~b%zKyBXKJ(pyLBoQL=R9j~O@W1w2X|4l{OPzt??95{vTGi_cH= z1@l8x3`1l=dJG?^AkuqXcBI`gV$Eja#aD@hesax`5_d>5^-eI2D zRqCTsUD_L+J73yEIw&xIhWwz!EPb+pRbX!CyY?PtZV(mlK_+&^%bSC;+1pT#BED!9 z-17Q9ttCUn0`Cw~M4}h`ru1%9@NaA6B+Yy#r+slr;#eTGrQVO@{iF|w8T7fcxcjpr z_Rx*F#P9Bb*NdkgB&a35BCdYp)~CjxzY<=DVq=Ce;NR)`<>k(=@JclEwU-+99V&Z2 z)EE5zx=P3&^&^XYZXun;&TFKbpCvG|X|JXXKsJgagU56Rm-QC^YU4py2Bsc^o zz(7Orpc5y!ySoN=CpZMx;Lc^OweQ*co_$|wy|*zN5B;n9tNto=f*mp?!%mjGXCpef z16ChHw#So~v;tRXOYz!yvI>s*0nUS1wZgV=)lDdpCA?p*D&Jhe8xD_JT7DN1su^ffI)$Wm15xg$i83llZo~gp+VE@X07T>+Jp{ zia;+iI?25l#!%;OWVp!cF}{0{?Ow377IdqaQ@SPE7+!|gdm*r~U2R~x64+Qc>prH9 zEqg*UCo~@pbYK@e`FPGA3i6PJjIzf>0VFOTj)*;yluC@X#L2Jr77KO9uQordGW8wvs4>|_(;gDs)@cz1ML4hdAuT*}XZ8eshZ)1A{=!#e`8w8y zk?E=$-)lHxNZ7Qiul@Nrq=cgPNMn-kW6Z!4$#$aCopIstn$6R@r5ZhP(d1R$Umr^A z|IB2D=#_nR8~1`^JoBUHM~m+pdj+ICxi=14C7thJ9R_W`$jb%bk1X7%i?I|iWBBY! z1}^j+7*PZ*kNg?Uk7d#~?vB_)NGw7LT_K7ZTb$jvD63p|_W1xgpE7RPZoMw_S%n9k zaz9p^Uc{R;=4}*|Jo9|};>+4bwxY?$Pf=stu^E@z!}y}DE-}G`SwcMcMH%>?6)5oT`5J)Ud~1YM z$6L#>@14-tv2Z!uUW95W`87xEAd=LN_z(m1KB-@(QNITISHZ|_tx|u;z7P>w%19|= zTOO}x)qzv9vy_i&I(gf+rHfrSL1JAj+_sg}sC$<^pZL*W{?%ejEJzCI*ZFM7VaX99 zd>Q}x6n7PW6MX0&Cikk%TPIjmQ#Y8p`_ToQvnhOcp{Z9+qBHet4b8i?mEVWvmFM+` z!bJ57;pvk3A9~H3lS`Srh%~)l!OLG1U4MJKrPGpwPqA)O+B;Xa_nrm&NYX?Rj14Sy ztxlb0;`d-8&+J>;JExQZm3y=MhjL!J2hGlt2aC$PTu2`v&+Vc?ALbWHWN^xNnI2Ta zn%twxFbxNJuf5w)2Gmb!bk73 zyd8dTUEatkfd3payXlgIH9pwQ0j~&lwZTLux7_Cvb|dOC3i18eIND9oa+cpjr!9;( zt6uEkN@S$;a@ZjPQ1fGCtKss>*Akz+wa(dJ8JJoVY1|V z^8!K!#MVco^C^iDGHrB^TV$ApMAeQ)F6P{oil?9HIVA)%S1=6OOJ|iA;&i!N>AuJ! zWVC2B$#)0ekuX2K!oASIeo}z_Z9RAe}ygLrY@G!jt;J*EK(AxAGE|6Bor0pxWNHLAPl&F0*AlCDdPnQEO06& zhy(HeIrWDKga=*%fmAVB{|Tu6U65vDd$oCx8;@E>3wNRTCH-wC`82_l2Y1w%oB1Rx;5Vo)Fw z2v@Kv6o?*>M2Mh3OO%C=BTYfi>^9X9T!utjj)d~|QK1!K9Jb%({-_s=8d#F!7XBKc z0(kggrTZ)qrXt$+AHHx$(3>Ed&s9V^pgj9eDzf&q{mLL zv0epDcWt&<_`oBTjwcS)AC8_^B(D;fer{mcgd299!^`R6^G#{)MiQS^`?wAxneKu7WE zVLNsuaKU1w^3%MDhp(?z({9Qab(i$o*u#3Sst4mR#zskN%TJD2z2CJ1=D7D;w#Ers zNqBKv?bD7M`xragALyDsaB*BPEs`X7!`bUArtPePdc)smF*(;<{%|-pU_PkJ;YGOt zJX6PiDs@)qUo}%sWG@IAJ$Y}eO(GR*teRymb|mQbrs+)1rwD*8Bm@Y00r53}C$HC{Oq@cskU>6A}l-@NAV8lH~RM#W6|6YF&03p^L# z^fv8~pRkam95L|_}l3y#~{6Tv4fyigCCxlAK0#nZ_$zP3NZa3gb^Se&>owf$qd z*EM!~BJ6%@&#QVCRd*ILua!mg$m;nRYMaFGj_XtSV20E(u;8nUmh7?EuJ*GSNb zG8&%3EcynsayY{Q#h1+=e>Bg^V@3#QhQG`h*B^@X*e7wtJ`OW%DRLx2XscBYq8}RO zXnFJI2*uC+j!<}Z7;wFHsoo!N zg4-96Z)KwI&PWu0IjJrmDHl|>cTPA(5Rnke=B!&?wUi>fM(Zy;M|KNg6i_js z$ZT+GZqqzqNHm&;GCcCyfZ;`~Ks$h|%5zx;{?WM1Pk$~k zodc-5DF2B=DX)L&bHQwW;~5=mX2oMfdF}FaXOgh*Ptn18l*a&`Pn%J)wa`)?fZ@q%M8K_XCp-vJLJfE+RT{wG`iA4c(jl@LML zZ|yoN3LtK98X|}o#K-*)FD4K{4gijM8)gpJdN-19G~IkWy_+&V!jRi8thKMny4p}Z zuA!i&WtN<3^jCpas$@l+k4kvi4spxsWAn|#m)Dl8$8;cb{r1+kW8&5)D{GG0swo2p zW*OztoYoX(N#eANhBp$K^b7sZ;bE9iUC6-f4n~kW%=a_`$hJP`u2^`|7N9jgO<*q8 z49cfU5-z&$53I?Fd9Cbc2qO@#%pxNuWGyT)BPrJ+qcH5iBCLY!aR5#hN)NX3H&I;1 zz(179=E?!2U1E!nizowRv_DO!l-~{i^dHerrcm-(_z>ufW(}_sPi_CsIyNZV2X3Rw zApHG%inBmDnpY(Ck)O{$eT0D^DxCxxjt50BmFQg@aK$E;lkD$|8tH68Xs8qwysn4v zmG7HQRU3h5)gA0ILezGz{{yzTbJU$2*<~T@}oP_n4;6|RL zI2#$I)C`KKgpieVe}t&io3lP5T5`-@hz@`0d^JOZ)g+Y$+yT=Bom71GA0AvdWZS`; zn8}INHCqu_#| z_zjs-+Vx4wby1lXdXLhAUT56}SPN!x%mxf2IjxfS;0q560PuUEC{#54O4XA}xM$~9 zV>-pA=;l$tDXjlkW4}&0PirKkUu>w#OCrEEUCY!jS&(xk-Kufx=>g?K%)sN=T7KEz zHe5Me!8tlMKTOy_pMgn2#3Xj+ISjAs+BuRmpwS3DPt>NuTtDIIw09XDZ+(Qlc6|L( zrT>cybJ?}{8R!>_fOq+5^+EZikccBSV_`2vtJYhuQGXy!-ztyDy#MfpVq79sy@$KL zJ!ZyxYNkedGrk}l;}L;Mf52l^qm?l2Z7YpGae_|O>PJ1~dwd3_asHNY*LJ$;i(6wl z7>VRg6yKS9AAfcsRCYXqnui?&O+ClGr1ujSBCvC^wE!pg0v-qAGziU!#GlN&kXLqP!k^gAU**$BtmN&cVwdYGd z3NkyjWa(OyO{uL>Xa{$z&~qV?UVaCWn{HtwB-Jnd{#?dua+}7>up~$FJ@nO91onCQ z(uh*yLV&@Khto(yU`9iw93zWah1KEn0awaTp|mjZNBQwTHC;j!n?(B4JI7sowqB-2 zW*g5>NhH?UjeGVY;}5o{44sL&Ty7r2lu5-k8Q-yMWBJXJzaR@ytPvS=rE>`DkX4F6 z?rOUpGA9pVYBN}^+S5l#^1&1HTu|0V)E+FXt^v?wq0E`BK#l2%;R3G)H=eJw1($=j zWoov)05kCqQ6A1wB&!%>`qOaQi0j%>?eP+f=v&?lv9c3tZyukS!qG2zCk6NREXr>4 z+XJ8Sbzc)Q!eVt@>aFzymDyy^G($ZTgztau6PC;4wtA1i+G-F^9H4 zQworX+~Be}TCNT1fS323b6!V27aKIvcI7sm>K>I$3Ee7X>`vRwDx?KKDL(un>0oxB zQ8>a4>o5I$Sf*tV-@iYsj$MJ0pZcUb@5n3Lt{D;ZyL}h!X%BBqHhtKOU$!0^!1bAN zQ*Qh-ym{Qq57%0tqn?C~O$2SrT<6tE(gUnE*PFdFNo4kx>DcEIBQE9<6iJASx3%HD zbbTi2SO}A1LU>5UpXOaKjP~%hdAi!_oi8@ddip$-8{#pTGc2jh;2~SIH8&9jg=IK( zYp}OiXB)HTBi^p{*pPV+4nvW!7bdmpXcZ%AGw$>~mWub=5N%f#;f%fBk57v!^9A&N z`98Tqqoid#m(lu4-pcn5m2Px6(ag9~1PsAnhrrp6DdV7d4eq{J&D1T-;XywL1*_h- zc}ZFv!bO1DhCCvbsb?06TZD+(0L3d@?p_`?fE#S#d4YmWWM#e(D#ITjzY4ec?-J#03!W3J1YW zVzmiLZL$fM(D@$CE4TaKNCmV0rHnpefT%&Nyx@$qzi9d|0sh}KRZ!AVQv92y-2Y9} ze{!||pefg1G!;hpk4xYQ1P~7R3=^aV4tUGB@c#P1U){|5+-z)b?alv#SYEKI0*DJt zlmQ}!;P?lv^H?Byh&M?X`z^Kd71X#V9>~?`C#S0^BAHoP{>~QE9XXr9=2{Mo$GuH9 z){BSCu@~u8BvzIqS?8`lQngj1Q>GIL9Gi!bCRyb?DTlcQU?vqafg4d64qhBRSRRaj(59A;YsbaqY-J2_vs4~#G zut5|-MgEf6yn!CS#Z5k5lU3(-|#1(kB;ryL}RZSKiuXvg81mn!Tv}?0iv!tC%tMY zIuL(+P4QSju)N}Qb^2Npd+RjZR0cY}@hAGM=;~(mer0OK47%=t_uRiyCSu;>8Hzx?oAv-pOV| zH&BrlDYQcs1%<(YGy-)yG|`8U7sJ6{lGlOv8PW7xcE_|`{n2IIRQ$047%8}~>pkxv zqmv{u5k;x_1(pOV0jrcRs3qOYNCRXhh)Ppa?zs|!upvTMk{W* z2rOLcNmT2Oyz2R`WRXH{OTQS353WMpmGIKpz6CQh_y}&g%_XsrqNHfdD6K`AFJ*e! zIca+kypS}PDaN-|f6q;|hbkX?$a$K@DKYHb!ao}FJ09Km13;JChDysRNl{~16AY6G z8Qf8k9kxf4B`P74JoXMGPX@L~=uWm$1f{HxMw3WJsA|fkIm@0#ZsrWOb7r_F-LCpf!K&iO}?JYliXIcjo7b-utg93zw0 zKjy=LWgsW%j0-ATwNzd&;-k+q34Vnl!lQh~nMso#<6`^bz^&{4<=J(IYu@Q0Ip&1Y zj4{qk?c%FMt9Rny$ZEB@RR~rZI6Zk7oD;+|#rUeLsR~TI_n5&Tsrz<0GYUg}6u-`% zubplMeZYKh;8A(|#~3dO5umsirL5Wg5kntBu7!1-Cptup{VKL+U$nW)?{G zdo5*(-Icw`6C>Zf!?q-xndL-Z#HGb~JT&{an_+$X&1}c~b>GQ_BaAxx!(K$@NxS;; zrepg+AOP^RHox3Q+unCrNwuOvkTr-KvHx6Y4eAPEgAYDsA^f8|i` z+`ub+zt}IOr8d+mMjgF7Rpj`vlWGz4MQpSa`q;ijLb!q;;g?JWoB0_y)CrPM=5g#f zUyftVa16$Qa~qyVz055K0aB#%Sv9X=e8_EXWeb>Rw4C$Y@pab!roB2_K&GgHYs>Ct z$$X=eqx>axVLG=msjT)~q{O>AEY)ocqOn=`zUcXFT9<^uOu|zYNym?C=#zv!@;^-T zyVCB_c)xbchDn)|UpKD_xF%9p+TyvR!Pk&KHAGgl5)G@U_MQy$V(@pB;Js!YyX!p_ zjVFQi%KT-+=#P zVH)e9AdP^kOZ9A9z3*L_+4tdoEY7nJ@lDFsK~n0Ms}-aDOMSl|w<{UETE+^u`CqlR z>`hS<&Dc7z1ea`_ulB{$<6alLy@D*&ObdYO!*k9d*=>V@uBK;*>%gS`d*{+S{Id=L zQ?SrVc7n#?@mQ)sQf_DKda({p!$SG$tKf}c5%UOjN9QRRlbPQK3DZ%sy zgYeNGu2;NSnXTj|8AFkTVI>n1_Em4|a&VgXlvlmWeob$;by8;=PjziJKiKK%{LT;P z1XHV~cx%QlawMR-KSA)ZcbIwL z-Zf5eaPJ$m_i=PxDob3%7?_t~P%dyYXGy#*;6i^LfVnK}Ch75~3Fbw|qu-LvVSR;; zXH4b*@0CJOf-BWQq#!m{FfS2^f$xope>-db&0if|F->vZztzwGPdfWQ>Lyr)8ie_` z5(@p#4e${W$N`h@AM?w<3C+gF26i9@VgL2TH{f!DTZlnKARf+th$b1eC})vt*pO#Rm8Gn^z;5~`tIJnsX%0;NvTPOI204OyY_x-% znw??&;PTQuS1z;GuTe2=b$WU2p@(Y|^}yQW!t;vD3*Y+Q<5T9DOXk@`+y#TE$(L@w<+H1Z)zi4=R+8C?g^ECccjftPk}r1uJzUltHj~7qBUb zxPdaz6{mw+LpAy7UGO;@DJHUnO5kcB6*4{Q`?6bB%BY9M@DM7tCOUthW@8%EB_wX9 zK?_5wBU-f`{>PNnVW)G`rkGcs9`m!HD$UMRWVdC7JN%XwWR0sMJPMIX)emRa}+(4O5&WUB8ajs_838~dNTwinj z8k{I6RLB)9bz(G?=E;P`00wy@>am@Sj^2~1tqU* z$bjVDB;ik59$LFTut3sIY-w}swYZ=fM|Aa^ak%^prFjS1+wy*4*n!l>ES8 z9{9_|IK$51miFhLRssXZj3Kfu<;;(TZ<`g}ue4l7Dx5t(rBW}vS{kZ25!4yE3a=j4 z5X*Fpu?gB$0p{jUn~{hsf)l>psjr>= z-9(^mj0UG5^lY5tZkU(!aHz4QyCyNzk8a2zM(;jktxv%$;?k#cNOiYq&+CVE{KZ7l zbKqjZB;W>}55;$DgvR@Pgm@CPF~o;MwKux-D6+2Yov zUjc9XFgr6ka;L2f8^YR67g&}1YU;+dl6ABQMte*~Akg^DEh8go{m1i8bSY=8mye{`w=-)rF zP#tKCt2G-{cd~=R#vXC^qT^e17cgn)0ipvZ`{An0k{oE`s7=grq4LLEAHM2Jml$$o zrIiY$VRl^JC5&}!cKu{zp}tXJB83jKLu2m%SI0Do)qsrtaiWy7mAI2w&Q2Vt86euh z_g8BAa;f)nrrHAVxys|AxZZ%T02kZsd& z%zY!St#_7?dnFnU$gn#E?oeM?&Z$Jmx^Q}aKw?CQ%295TxL@}Dm8<^0Vl)reKUy>! zJ2;XWM8nPYFRSUl>8&a&rKPL=MsFz{HrD^jpLza14;Es1Gl@dbfLIa!<2ZQ3?yZKY zNdvNG<@v{M`=1d1>*C*8G$$ADo1d5WKQigJAM*xwMle3@TUC{f^KZ&G2GD{Aph0gA z+`ntBZ-4b=0g;2aSpUMl1At+>xYqY0-H(^MXVd^6W4^(B(&m!gE9}EE*DcRByUSVA z>FnFAuqatot*Kba;&Sd{cdVs&e%dhgS(}5r=tf#O@nXYPoc8p&tXAM;>C0>L#O3o# z=K7vbmaXL}i3v;Jpwqq-dYw>@n1TNw4Jqa(L~yUUu5K9Zw`pEEPv8fqE5x^24p1;X zp6H!Fjg#|6^EnhF11WhTK0H`zvP;i`!wUUfHb|`rlFA?DgN!H?heY78*gLvzvhvM$ z*#^j3(HY+$7)%lKxJ4s-#Zmn?(eZ;N@RX{W%q7=?6CeY_xC_)e;<-iXzXpKj5%Z8t zP}$%6c$o|^uH3kx?VMgvj+Ce6NR6gp@P=GHUHrzj7v(3`Kg`Y6huw8J7B@h}MeFn&4)1zozk{Bp?lt1zH89+@Rthgwt z10dsZ`}%*wg`hNTD(rvvTmS3|X|N0bdArYjUBF8z5-Y!-fJA2VRH?-LgeX0ry%rBhk8DlQ=@Q7$&HRB#iq0UN{VsWsu#{t8lZwiRklm5wv~#T z;_LSq201~|sHC)a7(I)5&3R;iOsB}}Z~h13NwB&(lG(>#QY+4ADB6bAh}n7dqv*3; z+-|Gw>V|2MI#u!gfcTBwrnZwGf{ATIzLhVxP3w8Jhb7>8{<4zS;Khuk@nsxYzI9h@ zWQ^;M#f@5yFx9x}$<)f=4xeVR zgqT(BgD^|E4I8f3+G%HctiesL$%a{8Z|O4nM;?Srlh+QJO5$`ZyJhvAy}UHPCMhFo zn`S`QyG6JyC_VSK$fO)Dxkfv;#IUK>Gs6^>o&B=EsO(R|rc}?IQ{5|S1)N_;r)fiM z)Z2pWhK|K~hsm2(EwgRHqHF*5A7N)H$J=M+Hs3@}))*=dM{eZD@EZIwcrfkL`Ff`Z z`8D|BDsMf#d7afqTDWgVh5MR#S5ITQ850513B1nXJX^!q5+3fBg?tYgAsC_YagVqG zk3iVIzp-Mh8<~8Ew|S{bS3Sgzj%v~2xs&a%2=_vq| z#+pbLSIO#u6UWo32GpZDp~x@gLStMMzx!r6bZhmN>Py=@9GGf+&<+>YJyWmF%jj;A zXN4wR#Huy9+c+H*x!GGucP!?+e+pnE!HV}L+0)NFxY1V2-`)+K5Nm&2G}Iyu{QfN+ zVo^=aP}*wkSEp2rPC8am&sO$cJsKfcc>zkZ>V0CVgFw*~X z4g7z5Xb8a5+#qdCu7Ace{3nFC!9qNsGY}isKbfQ%FX$5lC-?`;TOzv73$g~74f~le zdYev)29v%1%#R90I;T*o($SMigbY%d;xrRw=YBJc!{j2!Uz96Uv>BwHBIeI{7C4F7 z^WpEj>@c3cd=)vm7dg^JD3`zG%&uw*_)dYdnTDzWr_~iLog3$G5jK!J`ALAdZ==_s zFS9$e>|OWtG@%N4AVenYxdj72-W^U#1|i^3h%h;998-jM2=L;Y2F-ES-}^>@-ucF@Xf!*Zfgz}twi9>O z_!lDbDE3o)*G{nXIT`T}XI)g3`=pll4_i^t)f=$mjfV7D-ESjoD3g&OFalHP){f~A@*{EHwaz;JD zBGr`S#Dqxhn~Hxt1A}RS`_77|j+7mL)@DXrIB3Z@K9h4#LH^3De`{_u$)8v5)z}gd^=sq%GXV@aD ziEvNVIJJv7ND;XKi19t}Ols;E!;H(|&OQTltCdO^rCw2w+QFOiqsvTd6$piymF39? z2R)s<9@JaAJ*7)m-CN4P%QnX`9@VeaaalC4p-~iLvoc)Z)~i|-V}9`v^$2mNu;HlV z)Z7H0mQ*7|CuF1wd#E4Po11^h)0DMg?%y{sPvF)eVmV0$aw)y-RF{_HGj;VkEX(Dr zO`{xl5Ph5Y*B`8}$HO2cM55+rmRD>vtomy>C#LGmq%t*4lUXZQip$*h?`_`S@ea1D z6h72cim^D}4DRprK^%A)7CNibta~Nd$b&;^vaWZVMurG6@_T!)=UHB{>&B!yk>#x8 z$v-4AGz%;MlN$WuI~pUmc!YlKQ%`Nc@sSdj)?V%EJT47&G1BXCGoDqGscGuUB-2-WB5 z$0X7yPAeg&6U&z3&M%Q;OrB)@!WQ%_if3U}G`cY1Mo!Dov6Hq9v=zQ% zB34thn5IkL$9hwYG5IYET)o-Tv)nrv)Lr*r-QDncd@J;KKb(bI@f|owH1>P=F{kqf zo?O@i8O1t)X1%t+XyP8?sZM(8bV{zkwcvLTeh!rcc1>#<_++hburnbfH7K2ls!pt( zCY|^DR@aFW)FIcy7u72PGLc+!4h>8ncCp0c&&aol`@7!;m9|5SWH$NUg!fDm)XtT? z&HWocyc-Rdv$s}{4LKyXsq=_T&rwlJ-BTwAB-rrZ8$cnS8kN0N%(`6vauh&Wb8_b? z`jj!@YhHR+xnO-{!z6!QQj(MF%|n> zJksE1F)T1@j|F4IdkB1NwxG8akR?D~1^e#L&wAUhb&B3Jvsl;*HT>y*vC31uB(rKw zm_?{j__gUb!tMLTnt%Ik+0uga&=v9P@0Q33H;USJf=~GkVF?qRD+;i)*;T`xo#5F&ra#<|Jb}o` zQN7m3#Y%>JJ@?_=0IOG-1Ri*l$^FtLk9qp_%4q2|hoW3p*R*B+mGab)O4^uK){sn% z^;h2F7_}akKBcRtXHkRlF-nnjs)I*6 zg-#)nX{3MxnoZ-9%Yl~0TDMU5mkiyU;UGajiiDpGE4$e%$4P=H9gdRnIM5RD#TNg} z$*+>@kAogd$60mN3x7V2I-<(`OuwWE2hyiqydp*KFsH|QdTY6kpk_-SQ(6|CK^vn& zan%XBc6~Gq6E;5g)&3?yX4uA+^%J!RMS-8fXLmZj8Q7VL%3E_q{@M2tABqF~*?qlT zTaFgLj7?rkY@ww3eTi}Cxi*G%Em71T%iUG0^S0yv(6!>|m4dXy5VlPn=|;U&a#ZVb*@?t<<1?kM4>P6&9 z@UR$&UYzY;_N0GDLCO+}a^fm~E9YGQm3njj6EyuhoZ;mDyL65CpSS*rfl|alYM7k= zd$1K78!z}(9OMSxfq&~72CzUB;1UUt5Qy_%Qu>nwh#tJD@Mbu&*HPcY!!GRsA;He8 zooql!-K)f5V34ciL&hvM8YvdUjYPyZ#eWzXFRe(MCea z!4Ew&EU^e=>uxy2dDHT~2R3>;nDk|?2bafs+r4L(%)O5F$M*F{U!S($Y1*L_7WDMw za5h|+up$1i)`%p4Xn@_<80BE>5V}Z8a#MID2o)z*$R0QPF4On4v=)j^urOwK{;=$; zKYnW1z~4#VDaPNC8U)#}K`FeWQz%wND$n+Ju1e7`p|ymC+~h?zEAX%g#O1`8v&xnw zeINKPkdF3ycnND@cj^rVSpwxoryWJhm9`3Y$ylBugz>LDfaC`gIb{IByFhxpGDS*X z><j>)M^%+s59)H)nY${(*dFy~F0Hc5Dkyb-e0t0tU_Opz@lu!VZBV{_)gdl zOF#epMS05l6i`5VE-k2?GV`uVBpS4m;EXk@d}$ct{~${%3rVr>ya5HFQyPMV=*_$z z4&yHRjsjH!MMdZYj3xUWvmI(O_89a*Z6w)GftaAG$nJB?(A_-|BuK5(oGTPX%jFX} zq%*Jog!$Qn#}+ndWHLKWRxe^~7pAi=x+KFsu7Hx z@B6u5Cxbz7&5&b#UFiqEenWBdwQZ@n>6xFvQ{P+^-phMMIE?y4htb%3ip(XJB&*Zr zDvlQQD+xd8rR-&O3SByiM7}H*#VXAYNWh0%KP}!}pBIIR7!*(U8vXYRB_kM2#=bZE z7mIAoj)28+(Q~7b%dZBj3%enbJ1bAK0N@+vdr)1$<73>Za{Mvc!S7+@YX%jR zEfiF|hr!e9latLmw1Gm!rY{wBn2Z%24>0a4@Rc z_88TIk(*yGIW1k~n%VcRs~$UXTG}rS?AB-*#Fg4Eaav)dxYpub)(XQvpFl3pSz^h* z8LoVKWOsc$Un}9ZGf!fYgMRmBge%L(IN!Kqwi5w6I63;p9fNxXACyQ@{64d;SAk(x zd51U*uW4<4ZQ4Bjc6#A9PmG0Xf5}9#s?S)2fECw6?2Jyab5P9Q@;k$cBagV1JrDO; zzH|b971rb=is${PUaW>hty;cU4Y&10b3oZk(kMQt)XNlXZD+axPBa~xzrOb>81Y-# zito8i(?@Jn(wEwSh#Fb&YZE{AWpYL%{;G!|qMVEWK9zpeOu3zI(~}R)QIX2dprt5L zF8{b=KDm_nSA)5)=G9YZ?>Xv?n6~LO4!-JRlI7MkBbUtW%}i_G&-(d?yX9;)WuR%? ztw02R#zEX23gn<}lc8Qt#pzbYvRG9Qk@Y~yENSEdwB_Wz4e$TJrnUElQqy73&4*F{ z45Km4@O5RWx|3O>I(yGRFDJ=58yV7#kHCfrk9Xl-)y^H{enw>ML*E_6VKG!S0?qB! zYJ5G4q)3*A{qkz5E8)qceS@34&v?b8Gq+bu>pWp&lBdtp(a&`hJ(4@kKA<@Ip&|XS zjT3)<+y!Y>G5n`(pps?8Se>Q&&$zTu1K>o@zY*&CdT_ROaOPyNMd^f9`-))88cRS$U8uIp=?g z*MEQPZ}FPz&F^gp4_?22Gw~QGfTTg3Z2#1u8x`K*`IlR_5m6Cj0s$byqqc^^u4lGS z>C(OvbEelJdNiKGJGC2oHdg#7krQS@5Q+?z$2j<7gDw1#LD}HLpo#&qrw@()cgh?q zr%!amSt#x<5aA;xqmE@VkH*kYsP~jolm9P%#}koBKp9|uZ->S$mN6UVGT3 zF~Nw@XYuL>Z=*gRJDCV-4m$ntCt*NF027<1nmETOtiu%IIN_xG>!O_7c+|amdJ>sh6(lD7;l+dVE=oDs~PC zDKKiE;%EURnB+xNo`$Xu?JbQ?ytryKI!(v?Mj!45!&jN7?i8)hU5%dXBcSI)9C-k* zGoO>0)GnkD9(dZledBKlo%VNSqZ_99#B`m@{p$H7muq_F6%ritEZt$NiH^^;|&M+u)n>NZY8=jX`=C_7m<8p6>G# zYdG9Qo@PSD!1*lkrMtGesqdUshNgU^9VdfCrJ#_IYkd#8uCq2;uF+mQjfLGg(J~iF zFn3-uT(Tm5)&U8AJM3n7<1XCm=~Hg8L91ZsnA{>i7u$geZW8=(4Ru_FrA*UFE!b$W zdKlneZCe+#wX}ToaYott)woD1Pzj#e+iLlpHq1mP%nx%~sEf(>Uci2OEvKbcdLT<$ z$pRDJ2S^}1fpx~^L*Enb*o6ENaj~p109BeK?en?iN4}I3+vEj%!$<{8^NGcTAou+K zvA0NV`I(o8lhv9{`7rRzJ}T}4wmY2SH&&+6Ijv=%UwZs`VU zY%y}J+nko6TSxHPiuaA{n40-A(Vm8LNqc7yI+lIY9o<#08T&qbqB5&_S`lef^&81^rGPR+jDC zcg$?jLEQezO%;Ex|9;xt)j>d0--~xt0;x}@PXpxm*W1ka9)u5u(*z-d*xCNld{x0Vnjkj-^#B5r4g`m)mq1Ud znJ23mOld+&iHhzGb08Z}-VO&VdlpFAzO>(tb3huX)`zkB@$6)2Z@WF~)J1zf{^PUN zZpM9OimuO!H#GSN);cZ&q^O>7e@U^=@34q`QBmKaLxB?M?(Q^LofsHFQ7x7sAtMl? zH8orBxSF_LAb=4dfNG~}3)ANvR$Zuia0sMgNQQk`>V}yr$_`s>JJbg2oqRZY!jqLsUNg`ejlbqmwrG@ z1Iebm10sgZPLUi&n4%kC1+jNVl!#H{E$>a72;kWaIXmzH!pa>$VqPS^bo0BcAwy`^ z0l$2!8Jm zB%_Yo!1C}apag^ngBEqjGB!JpoiLBH$j>t#sl*h{<_(F=B{oH@9!3g3hKQOXtrEQs zKXBaP1ib)OJ|3*FJpO#B>qe-;sIQNg2QMNv#W_Dd;esp?P+{aD%2;t3Jm8;hHsBD? zAt6v{aaWMudGsP+V@PFJ-%-5tQEr3a{)G5*BH)88s4v~=6C-Luz7PI0nyC#NX= zcdP&^Y(i4von^=t>s^C6;2VCI_!w`GdIuHKySkwg9;V8PiEaVbAb9GL;kuPT3q#GW zu{Vr#&^%J%u-x!uBxCPX9+CUhF#S7^HzdF+(IRo=I&zG!ZRqG!zupiiO#U5vsR<4( zr6WeNqs~%yUC}1=>VS5b?kFL8sez(y;{bSVb}{vG)mS?O^6WCt zIjRNaMUiG2|bjng|zZ zyc@<;M6utBn>5BWn>AKnq#s4d&Mm*2no=)FhOgr4dZ#5vJ#_uZ3F5#F9GMo<(FB-8 zPT4xuk>;G2+Sev6dY&_s4`1wFYVw1tc5(&B{_J(NHyOCf&DNWLj=4k<-QrnFr!Mzg zFTM0@HLClwcwF=aJJ5=9WfsZ3ZPY4*u9yT@NR-ofI#MUmht`u2EA!>NkFH=v`(oUq zK$LMRW04La^M0keAn#+XHlbujXrFgO9n@RlrvPWRK=6xaZ*WE-#B0Lmkn(o2ynJfUGEcAA; z@)W;Nn7k+>i2)%;V;>&1OI9d=*8HRFW8U!pY3r*4qJFlw2?+_2PHB)5*kWk}>6UIp zX^`$(5TvDH=?>|VF6jnEx;v#y(s%XV-@W&%@BRU^XXnhEIrGfSCuYu*on>h|t=0%Y z)$FF7pQ`D>%t@`n{-m02L)axE@}3fw)cds%{sB3r&f(#n9L?8n%yI~d)5BPx<$M~b z7e8zZscma=dC1suGA1B&=_tmuQdr=|g=wMCXIJi>!I~s&*2iB{?(%tdPpsb$ObydU z9jW?De%sa^wO~NbQ-{;=m0JeZ4wNnLo0m=u1(Y9Gx7-msvVUi?g z#bFN><2lrQ1jsjusn>KGSLT+L2acbbE)Z^cJ&EjCG>DU)*B$#LoDg(g!ldn0=djvZ zq@C`bda2$HTMFz>vD9#?9%$or))Q=R*(W&6c@Z>RAsOee)kVKwQ-M5Ou>minYh59_ z6FoL>JbPv1@gRc~dxX;hvP=hmR4^J~aIgU7XVRf;-C+L;$%AZ`7Q%5V@HHk*)#|dZ zm=tsfvW@+9%NS+#k7Rh&dDvwH=Xj=EM0*JxiC?zCURM?@XL-@XXM&1^t@nFslJ4qr zF29$iPM^jJo2{`gO|rII2cRRl4p%76#$a?<;vqS$qn6H)&?`T3j&N`&lXIna2%XSe_N$y1&9SS!vcVKOD)I z7OHs!(;hx|?g{B{Kmwt5#BfTO%k#(NNZlm6;Iu!<`yP8(w9c3Y5>q-bKjq{$kZ5bD zcvu>epf!1AhhZsD?!6YzD7uDA67TW-rm-+*UIBzgiCw+^qK;!`4mmZHhDLJgWfJiG zB^O;)&-Qy5t=!>x0ku$ypj#?y2@hONmf+?yEG_IV7Cp9BG${Ml6}(rfUk9z__(X8~ zVR@kBO&DH`y(%9d#;Cg{J|#(}6^kEJ_DewyQ{`vv?}RdPKeH0>X`m4F%b1zKPuf;7 z1~-S$QM!;v9PyGN@3Y<@9tCFjlSugaPiS6~(2(|1WfbxD$%3xCO7l<4U~MFPCo?>s zV6RN{7FNE|zqzX6Tq{Txj322sA!)yaN}o@g3oyN&ESeX;9>zB07ypp(A5J@ydbTQJu_Oi#}90jd;;vGMmeyb)rGm{UbXDA4eu7-yzTA2%|h6sIEd+Z zFeNWAPl>qzCQbo#l&$9?nkB41Jert$sm;>FNLjM`z?SKgOK$8<1EZ{!ulMM~x0Oab`$ELtC>UzzA}+FLE#g?J8s0}8&}E%=?O;8Ne=?H4>P&h` zkF$ryvD^7n7AtWqZ;K*8RLEmWXhJDKV|G&Ck0@LtdM+vCWoXKG$4ZX@8`U{+NoF0Q z9ZGt93mJB)KDcbE?pN;KF|8|MW`X{sxL)0QeCv<#eWpR(!Xv8m!!oyp?l4yiYrPvQ ze|C&-yD^FQFQv_>hg*(cb$ethwr+*QW)!c@dt5c`Cs9MO`72A+ivq0s#qHw;YC4&i zib59Odc+!yD>25(=A9cBe9j7-b@_NX22#WdQKl5J7gns1qgmu@OExuP)G6kP>WI6j zN&1+3Nttys-%Fj^cYXZMatpSF+mN~lHPKIG8><{bWT*4yHKNzg2IL@Fbd!1>5NrfcU|Oq(j-ev&u591<;*vvS^;K0 z=cK(pZ!(~(`b_W1$g@NF=XB;GloZukCCcl0LDAg;>{#tIgNl)_zp=u?%qi1JkHxE1 z&h4hUG9GQ znIT_d!(2!{KG{2c(^m3ggHQ<2{vKj0@<@W(z0%8u(*+S(XR4vU`pWs#7Tc1N+yynK zF*2%7y1MVjjLMR7?&@b4^MTHv%eht)!Cv^kgcNv)f++OZFSnb4coP6C|fYPv};o!zHWPL*VP%gBUW z)pT;5!NjRO^#rc3vYfHS(NX7f0A2z20Ge+dMI4`;zbVNX>r~EeM`&OzQ6fUo~Qht1?PfI(!HlQ6b8H~R)q21VX zyXL1WbtN2lz^hMVbP(G#TaoDtwbfJ?SrqIdey3O4%!mCR);ET!=%}BNic`yrL2zg< z^W}qf1%oM-VNdTm`FYQP3Hs%xg6y$D5drGIbI#Z;-@8dBpx-oD`@U$jimQ+FM?xug4U?684E82*llZKLfN=eq)q@ja?x^XM z&<&TfJ4M3{STSanIR4Tu6K2CS{ro4D&j-^OKk}J8#X3v$SI7;wk0wtf3tb3mvXJL_ z6K1tOKgYI=fBAHMwlYcPGUgaa@V1Zh>Vs8zow(uH1~n*2ug3j`YJ|f25exR~7qTzw zNJC~?RhSutdmbRmI9a(!Y?IV!@#(wWwkA+BHA&o6C5jT9{@Ijux~EI-k1pxH%AvZ^MwPSWAp* zb((i5MyS&f0(h!NN2bbFb&1!{B_Q<)yFh&bdd4vF#24oglResnnI%h61i2d$d2DfR9#(=BGMpIy--o`7g#L&RgF)caq{k~583H~UW=%7yZ zYgkGQ30^$W%#$Eho5%4zfM{do_6w&7Sz46jrvh`>Py9yW-wdi>OE?`RucHkDdoKt1tzw$tjY$TqfGGpbTHR< z(`JtHnUVGoY?J53@{56A=O|Mr93|0Atr6_h-%{s@pVM=CN#JJSU5LwClZ8n&587JK zjH8=z@a8@UJKy%7B$xEnyz^yUB4xRe*DV_u`yR92!?uVs!?H~#y5dK4#DoEC z-96G{`exC^;HUBriN?m&H`CdgNLovaU@}#b9K|%|S4>VqXtK*}CdqSA^k|M&HqS*l zPh`b=lC71o4#~+HA?#A^kz$~*{Uq639ga8SyDT*#r`v#0xpMv0CIQwG;io6VcP3-Q zUmxb}>qpwp*^=;GXAn#3Hek7kHx6XL6sOpL5q&59u%3P6>ga>Eo98>6!_g-PHo`Zq zAFOfj6>q|b=kbOc9+~cl$nb>rGNN<1LaK+g8NIZ$36_$<2~S;7pVb6?q2{$T7B?PC zCF9Z&eo+=`j31AU^eDS|F!-}Y0Z60y?0exW{BA<4w!l?`tVwJnsLib8GstQlET6hQ z-fLRpKzg;;OT!Pb{V$zV=WE#e(~qgDT(i-Ub$DFmpH%oaXtY$dBy)#M%XA!fxzw5$ zwp#|PWR@DzlyAG=KOp70yP#@4?Lk?dl%gI>jJ{cQufICGSGec7xn=5$9Q+0_yMv?^ z#0nuN*5FpOzU>qH(MxAtj|<%&fW@NzINvpKiFfVBVH6#iX~t}FHZ1S@sB$ufxv6}k z?)nHyvHm^X>%yu03z6tOozb+bb9}{s)D7qbMi83EzI(>Z?wa=d$pFXP9?LbPoFZ@9 z2FU=qr0cq_*IUcivS|M06QBLHE>>h(s$)si-pAWq_$fAbq}M?oPqDZ!eK3)G zZ&f6GtBwP>Xc)C4{IH9^P6U?e)SLWxj6gZ#P!B-+uK$y@LuJ@V=%J66+T$`z%xt0) zm!`Xs@Nf0ccPGqVr?sJ=p59@^C{#?Ad5NvN6cUkkD@ai{`k)o zw3Qi}aq{6ngpTyFd7d>Ll9#Zh-&HjMJU@UNiN-$^^O4Z>1bbBqM||uizd0H$&acyF zIa-s0X{`)_=FhSoy;~{Y*&}Cv{p!ZS-v+w%~ygBD;aE!r9hx<_2(`J=@ zOJcH~&QVBs<7k+<#29=OWmoO2_Q}J*#&or8{+{0Fkg>ydD#aJ`V%i3W3%uV6hn+}!4@8*5bTQWaWa$}$J*AMf7$W+Ktp$UI+-6x5*?7hi zj<k3Eg##qaU_@N2{V*>l3?hN(Ydu zlQeM$JhB*!mHa5DJn#0Aw$NyxUv`$a0BjSh85LJ#3~E-a-M4{L)elt8`zh{hJOIYIfr=%0@r+a1=kKZ}>ziF5{>b zHVusL)WOsTmUHU*vZ{{qpbvqYTr@ARJ2YCf?C-34Z?&pwcF(#p107}{@4qTR0ulVO z!Wag#(_#JHu+IlayJ1TCJ7d7-Y@S>yJ)&i*QLZg3iqs(^cJg=rQO7l- zF1lQnbjh`x4pJzqOe=b)1oMwY{SLyh7TfoEo$rSdLfMjAbiyta%WsHCnd$Ki^pbz> zI%?i5?30i&nG8i*b+C8H-_-1JjFc7@eh25Idh@ZQgB-JJ*&@^`_wM!ZFrSIbzB?U( zG=0n_MfLsJ8MgY9@HRslNur~aTkDfQaZmcHA?Ar348CcFA`U0RMj?O;S|c7Rzd)qW zmBn8wXsW?&tWnJWFFkLKG6R>#LBWQ9ev2{%H^xEXsT;OINkWDt#PtllZyz$pnTh>g zWgG2{ji0TeEgKvlgZYq2d+>=i_MzIL_hqXPto6`vbgQ9kFY?rrs_m2)Hf5ihEk-gq zCe85`ZJdDsaq&nVz~&2tK-5q^%JEXMv4zt6nFAxFzlg?)sv~7(XJe9Gc_3FgAnD1d zi$+|FN+1(`74U@xI66K>C1B~Np=Ux0!I0s_Nk&S{?mwVS*Fp8aKq(0!qmq6Ug&bvI z;5!ldMA(;j8#U(kc?k}YA5sM`4!Irjg53j_??Fs2-m&8=UlaFSd;Cm0L6s3!Q}yjq zN{K<5U`&uc!a}OZWG6C}%uPpEX}N_>Usu-}augqW-O+CAe1k79 znEV+(#|5Lw1c>ChEOXiB(~@k3{RCM_OM0$wOTSAY#gt}PH(5SuTjiw@N)-vN`5X;6 z@MWJJ#JDBLcsMPRraX7~4MW~=Zs_y0^zPIv*e1spUX&T;&y)|A+qy-_k5dYt(XZV4 zRojvCQi&3)z?RxHx9)l6;J$RP?H@p&Ylz}MkCom=VoB9O1Zzab6hq=gAvwc%4l6QB z#PO5Pw?Y2+;UThK2;+8SAsZVK_j=?PE|mwbX4_;Q`exnJF%^ydfU=@;SHq;qAARPy zr+c7>=DPyR;ehP@6nTvN8O3L{%|$^sWt-*!My?6*M-iBxvY4{c`=DFfq-V&kUrE8^ z$VAHnvJL}PA~|G+1P>XbUDHRL%jk+jy@t-!O=W>jX$mwtO5=ULcU2K$fBL z`<{Z&rNe;O$Z4FwJi!|%eTiZHyj}f5+68a^S?!Qg4}`mLG>=#e8#bJa|`j(fOl!x}kE7ruk5=G#tBJ>8ghMBSiZ-3-PH>XimA8P*oGj zu6u*6NB9Q6h8qu|N7-_;47!`C4_kw)nRbSj7!~{8ru~5S);#6fTbRH$Uwd*Xf#EAG z_x%E3H=Qm&eMz!zSaDsdN8UNFYJPI&%%mE_Zq_4Mvie*2lTX&n8daHxU%%C|k1t{s zozfTsB03ENzu+tn*_mB9GBphw@^17pYNi$1wsIc|Q{$_a<{TZ{wB5cQLbL zn6fxulPIup7`B4t6jRO1Dzy&Sc4BgJ(fEf1U_;c-^9HUtmx^{I71Q!!3hFuho6KW; z&exa9t9(tn^X)qXl}sANH%0~(rGZQ@@{J^avfcO{=HKc)^23SW$)K;N9$uo03c_lh zjP|)?^6#BdTIJ~EFyDAbGy8)}AL{P;F5>)R`n34FQcZGGG<@tMnG2z;erz)?p9>2~{qR;AaKaj&`F`%Bc!=HGJlrKuHlNdKUN48S zHE9j~GV?KHz&+;`ZtS~YIqw9rH3$F0MaoA)C6P5Wk@HO#4zl*^!F|bcu{n3aZ|Hrd z3>yO@5KyRx4+pbxs`6T{qb-hR+|?k%~pcVn9aR?@|!4JK$(J+2L^ zljNRy88r9L=I{b4P4nGatQn6qR}b;4F}$n~2Q^#-yF@bx9GupHY#*%RXlEDS#=n zNqAS(W$tBKT-E2x2}msQBr}a}+jy$36`IeLX;zb77XNtfP#@p+ia+xkJ}wJ+qe@5d zkGZMWPpNfpv`M&GW~Lb-30(jH7c-gTp_#YhvoCR&r$+XDnQB-Uyq69W+ya_8od#rR zxh9gH;ZW;qturpAvF%GPC#NE={Z1w!{FzY=;Oe0uf{A780s z>I<>Bb?O%7$)B7`(W+^O$qgZbjT0X^kkyszRl|OY(`?m>B+lVm#>_bh7d^vqu+?Ca znW?E|4~leV6mhw`h-$^(!YS-I<(uvBf6926mwC`rY8FB%Rf(%LN@yU#MtKUOc*sza zU7j9(d+sLq^VH#HD{~OrBD*;aE%juB1bvrW?;HK_>Xx@iP}|(g&bDXHul$?Y%z55d zw31GkO+h^AUuJYejUj8?y_~tPc|pl>$T~yPl|s+R=2q_vUSwU-@pEVwZi^LLFsf;&b zp6f?^Z#ZA&ol;iMpL`JCuDj&L!&!Ydo~>^;K)8io&_DWVxFco1SAPk+5mvH}w}EZI zKVh;Wy0~x-=ALoyVvT=M-cp{gPBF=MLRy{KnW^?8{OlQ0g|OX`Y%7(m+Cw^{nD!kN z$763VfKo3jkpkvGz*J57Hf1D}L+r?oN#6a$m9praL+Oi`Z%Lb78#>ZI>^e&&60VXL zN1;|7=IxPnpXgrpvc#PSlE6yRIz!DX6I_?DlrT{IrK#4ptanQN+h32kn13;2fqsC& zcL=maew4u?^>r*MGK353xnFHg+ZqHd>nyK*uB&*KZB8mMdun?n53qNN2(%UberIrX z=_Ek<6d5<=jmE<{npF!_oNdJe9qLrMiHyZ^h}1@7>weW{{I=$|Y)@Fh(7fkya1ihs ztuu8l_x;KIH;0w!21q0ijkNtzcYxhM;hc+9ky|lc_2|mfBN}RkhvXP}+b{+oIO-{ zTE~Q8dXr5Wcjj)hQui=f_0llW85Aq2hPjS!JvO4~%%X?OyR&$nX*g20UrRnvWtyc4 z806ZRq*Uj(etA{z+BIXxn2+hKH#f9i69-eD|<>FD_aY!+N38wIQqfs+^G;^=p ze?T04QM-28sbGT>Y|I_UrR+*MbA;{JDB{iZKIeD?);=>9w2e6AyXuvR-I0GNm&d=i zhTBM&noX{HCsFsx9h4g*5E1#~p(a%qwL}=8=%%+np&R*9m{Aa4O@3;TqpKZmqA8vn zLBbBQX1Q>%885JbiEOiZ?4|6bwSquz+n4ScdwWI|SKc?A#wN?@iZxq(^NL}Ay@`l! zctzjElT>-&uCLl2y1t6)Xf)yhszp6F?Df=~;-{EXNiU`xlyUXs!r!1M_6}V)Hi=)0 z&lcZbWK{dyX~U__rv8Z9gHXTylb4`=4byYTlZQ`Mj|(u%VcmV0-O)G!SfP|Vor}7A zD%K=Zt3&=9Q|odo3ex0tZqu3>1!L`SmMlC)L)vC}#-6VTVyUBW!90k9Q$(pK+eIsu z$jOys%DrT@FFWswH{XhMPTmTod%6;9MD?|Xi(E3QObZHE-4}{<2sk9r-gIA>#$7La zdPRZKRJd;#Cica*6LRzI!$8;`zT}mYy`lOp%Hgmqq3|p58bw z-)Z+cL2i;untQRkITU3^Y^*8;>)2TCX75KB^4t6GuZxlvCR##Kp8V9IRtiDBU!W$F z7Td(?{a=Im;5n3ab`L|4l@q4W;ei3^tGQC2H=cyA<2n`D zRM9BA_`|}9#zzx#jX{CNPoEox#@lm&%Gm^|G=Z;($NS!X!43#V7g(_@IK@#}T9#-ZUI8)@`lb_;|n$oxK|()&%c+ zf7Xwj288Nr4eqV5nu)%_N@9*wdv1w@ZvN>Z0dhqvJ|-rS<#V)3F#UV$;5Ue`?M+2gM5qK2i6UR>hq(myT0q~Pv3XH~LDZo0 z2PLe$^wOuQNN0jV$i*2?n~~YSQ089yx}jkbJX{XprLZG$Vu+zT%1Dy$dw`XBP5Pn0 z^G^Q+xp1*W+4rnGk=vJ;K#9)t8rdxh$uC7!s}AN@!ts-`@*WJ$_w-19BO|g8bKVu% z)gt)%?QjVTt3ON;wGb)!9Y*20NM7x-;mQ}sI8&L8f6NUL?% zq>`}vo)YGlA+5d)V#t2as{%?c54pBPI6?GlEN=8OxXNl8$Q5dAlXx9E^du_iC{ak! z;TYb?U*Pd%WzX}!Xh|Vym~o;!z#=|zEF0KGqLQMEt`ONV3=gG8a=mHrD!I7pEJU&M zUkY~a*`~=I7|ZzaAr85I#x@uI^YBkm=?9@OlRHD&!JsorHhSdxC9WSC`{PpuKhXPf zh>+bSOePQM;>NY0be#9DD;B_G!6#tAgE)N4A{NMoAxDH_-aF&jatYH9ySDPQRr%QO zT4^5vg=O0<41^Hdo;2M0S+?x)Nr!a7d_OH=j^@r)`5i$P3VudxZyuwDdavSbh)8k3 zHsy?y<2#NYY`{BeJp2}rCy%}W?ho|EDoTi~(k13G3P5unz{c5&s4<4c2pXUL?kIgP z&dTeKf~4Z_>z=umwcMbX>Z6(Mo-H|Q(MW@c)5RXSAttd@5QWkr%G<@3;QgCcyVRH$ zjHg4v%q`A@ymzu-Wr1LTTwDc-CcyW%mr=1L?#cHu_Od*BDNk@`)|B` z^o;TCiN96(;4^4XUMZam)DjxHp>uGv?mYD#_0NR-0>{_Mn$V&!a3+XQt1S@y`?wS*_6L#xxo~!| zMJq1`CX<1zC&ui1jccjlUNhtS0)4%vRq#y#oop52Q8G$i#U>u3^!|&u@lTs%SP6P- zP6uTmo{{L1IYsi6i6ySGXDmexFu2m_4g}pUk{rgpPT92VBclBL>Za~RHwD|y3lZ=Z zI-!y)DDjFdh|_-feXv^>3&$&ClyPAPa7ujrwU7pT;jT};65GSbhjDfCCoG&`b{vMQ zXT^v0>bVB30qcD@&28D5Q!;&-Jt!t)rlQ5b3eJymw*9~lT$8Vb=G6TxVddY($0YM( z43}<5mUE_^1|+n<^}ltL7Fc3~axF`KSv>*ey};*ujJudrsqJjU#qhIBPFJ%n{7J#- z3FXAOKt${k36qkLmyB8lZbQbP68uXQyHL>rz24-trNWeoL3D=i!{=_ZgOXLFUO}sS z)iO+C%FSQ)sJ%;4&VKmWAU3fy^$#FBxVC7jB_j6gy5_Jw{fh3hbDn5Z6Uw{4u2YLX zbNx}Kv;b$WmUX0NGz7z-T%|l$L?}xqmfU|TX{gHXN6fkYUU%%_+2FgDp*|_X4=iBh zmJM_7L1z&^AN@vYZ>Pc0-IZmNoR2Y;n>f(d85^v!Y4gRwKO$P$uSj90Y?r}H33W3` zMbryt-Bxrz`ES1s6xJnU&|S`v`J*ZTU3QPeF__!#egw%KxTq9MHO>pK3rW8W3`yF( z^ogYaEeLNcoEXd&ywE-})=@Vt)CSalb6SsY0MrCUJjN;SD?2*qaWr8R@()lil|O%O zYrK;OuuV99N_#`&%_;^9eu63Og?*tTnOVjkF)HP~SHEni=7#Py#MdL@oFA9&lk7sF zO0rVSN&`WLvYl%?1#w``~NPq-WPkZH6R*V(%SO4>b+A{2WqjC2%#s=z8 zN5Yl{laj?6q#tzYBW zFRM*|;!iT;>54iy#MrRdAEnwvvA8v-g$b9y4q7BZ1)k?!e$uwQTTLasg{#LW;dvg z^vO3H_*R!&9*y_$Rgw4I$(Y@eMP4(#o|uJmu;NE~(W-=i(W1lZFl}AO=GQwRJ$ldh z@OjQ0gFJBzz3b3UODxg*Uxdv`V)V|s4by3$^0e;|!=hF-4Ht4EF`8F-rD^W!qbx{M zS6kbJ?e8us&gq`1wm$tPmQo*{dH#YpkVl7W2t4t2A&a$t%GDzMkaQ(k_R!xSc$VY&4qF{~=FR{pjvW9waMR$hEI-4~Z)Z2Sx}ITgE| zO*1mKPcBm3)}E;saj!%jBoJ+%+zm|Wt+Zs7zE&|Cox|VS1X>NcT320s94$Gv>iqz` zpbV6WxSxnHxLJG;lsDx3xOkw?nw&^5dgo(*r4D=h@McvCJIvcfl)Bfcx~sCO{0-3Ca=a}e;1q+93wx1C2T_wBUOQDNPS%g{eUfYY3N>Qe(oADXj4Ks{ub*MJ2 zt4_eo-mk4KmMA{MW#W}KE=eS5Qw{FrI7OGLMVe^lK}8nM)^|gnP+33GUiKLHEIGq@ zASd5|baFmir)K59aCED5sfbRQn-bEj7NAHWv@Se4;RA9H-fB5Wb$Lgz*l;VF$|)r_ z%8_t`q_*(bRcZbWxifRtPsN;D8~?_Y6vRusr-X;I=k(y>{3LL`1^N{6MibjGnL*z3 z0cvch5PT!?Rg*Lp8%`18;Rb2F3ix`0U5u6|<#NtM+tHH&H?N1`a`N5C9;IpJ%iHtK z+3cGo94yQ*6`+ZnQ~gEng@c!K!tL zV>6E@K76%1XBsfP{voq-F!46~TDY{^8w2MOuZAmBA%Ls*#sOQ?QVn`B5-MkXNx+$n z%hR?4F>qFCD4zDwYv=jcY4z0q$h#2_rrUOLhY=zgL9IvXsKH!Lr){tjez8Ek2Jd_y z$ckHOl;ut&(OP~jR5l{aWR=?lI#Bk51q0CqURd+VeVj1mY)abWA8GD%9)IZJXxLd( z7Z4iY=8{+Iuzzq9m17nvxAlTO;l+r$y2b{2byH|+p@sIkQq%|W>j!GzPN(WJfUPB) z+jMONGj1Fo$E9aHzv3Aah~cP?_7oh%-dY-mPd=fY*w7^+@q(5P0(9HD<+bHaVH~od zb^?VsFW{@F!o=x~_=S97;P2uooVdE>i+5d)=Yd9zE#5I%F;QFTXn}K8lNNBtQl6$>()1un}UKQwvVX7uv)7hy?CE({bSGTSLPG@_@F0PcXCpnj9Zp~y9cH2@H<^*@+};nf41JdlK(`z zv~V`St8@`xwsE`LE;o$tV>U|MS3mxo%GI5;eDsaSD^H$Uzb9L+ct%f@4vb+D-%E{l zal~!22Dwk%;#E7)I6YBb32!BPGq8V0o%+;(n&?iseiwJw?(KzGFL%Kn*v6cuSw4atMWpz8|Rz z(F%AOWO5NW`+BphE{AF9ww@aHcm#FAT~jll1~EqM zn3~VZKC7uEzj;>%u6B)Ly>PF!Bjv*rzW91B{`vGS44?=#&l*tV|B@L0QEBFlGlSW? z4B-rO6J-*WenAF@H;)XCr#K%|ZDtW#pzRn&;qR#}t{X{vc@TH=N;|FD!Ahy|;Dz4p zFJLQjSYN24851`;#$`1k38@uYAXUz-g3qkq*UL=^P^q&jE9bd@C;1sGOop0>B}XhQ zNp0p|azHvS+ONASrgFPdp}X6~v*H_{2KorMiK>;geMsA67mSB!mB)^66}(iB*h!Ox zrwGe%4!JttXM}5(sJwZG2fIG9JJ1rj7IQj3lFWU3*s@jb&hsb~@VMw=IA1VN(6wgs zLDzwrp^SR72K8lPXdLMr?v^*q-+r+u*Z;cv zW{0T}Zc&ina#pg$Tji~u_?ci60L2JMcHU~OcD$ah{1|0|iQ12o#3)Vlj6l0w?zwno zrthjzp$uIy@C#Iu$T<(mQXn!r{KT7O}6dw5*h(=r?PQNVT zD28=w#2Vh)j>1O%&KGHA5DAZjo@K_S=L-p#0ClLY;yLwA88OD1N(WH|y}S-;M>Z1d zg#;F@FGIgeD;WTrIrWx2f05K|P=emD%uUjVITvqM4?wSStN6LA(t$i2l|~+EZTn{Y z@sCm{RQ{|z?isKQbER523lsfQ-D7$ahT{rf|GpnDX=B)9I;wdQn+xim=ki#69+~Sj zOR0ko&&{Ro+t*{VVXJlBYdQxC>c031D-N-?W26rF`VmYa{y5}vVQS>k)IHlv-Z!(0 z9}$~4Y)ua>X&O5_+rQ=Ub7f>Iyk)nJiYLU~#$EW&8LRNbU-P=u<6i=KkN=HvkHrM1)YnV={7UQ(K&xC z11_2OC*DubF0>^}gLVmTXQv4<7>nl9p>OQ*-&}cerUY1?dK2YTntqcV9xH|{#47E0 z%pKs=B$(NXIJO*#K*8Nq?2(_3VQ7~MTj0QMb*PVbR6CBzR@gh0*a?!0{QJO$m=kc& zc>6-&jCO9j%f|io_jqpV;jjMkJ+~18e)#Z)5U3`O3%~c zR+`=JjsBq&6VA793z>&)7S4dNO_=^DpAt zYffwAIkW8P=@vS*6jSYrMTLpYxD>vb@ZF`vzY5LIT?T~b!>YLUf4n4pHX0o56QSn8HY5=sUiu_*UN<~|vA#i3ovHoiM?6YIF zCtAcoS`3%&)2dJ8N;LKk@GIxVhtO-6z9;i5flgIC$1Ia;YpN1M*pFZm83)*fxv4Q) zquMvbG>+Ow%MJRM*-atN$4Yo6W%k-PGwyr0dxC?S@6G3y&q+Jq_P7cZH8ZE=6owbZ zx|!O4{j@fkAjGOULPIaajX9TyF5wDjxqFZ=sjkkK33;UJh{?4avY;BpXhEu$I=s?}>b8 z3z~|mu(~(^UDPq2854{RwY2EAEDM8FBDhq*d~3-T8-Y zDD9}7GBw0TT$JPz7oX0i8PGs{9B&vzVsqhm#ZPfNt<+o2Yz}pm&|Sv0(mz6&&pFK- z+s>@h9?8=1%pnE=Ft6ckfHcpjOynTdZJYFk%2a|fOJUq+QnwM~!hY^0aYre{_j!7PVi*>qR}c;cY-{^jwq9X(SSQ|JQoX{mIgq3TK^ss-cIt7Mm_ps%s5mOrh- zCS8hI;Eky5jj^Iz6O5>)7e&t+(NRMVjNZ~GvOSHpkx}7|>8D0jvAOS1U!oFr%rVO| zojSn};koEbwO1;J!A)=qDF|>{!xOj0|j z!xPi(n#q}xdmG{0>t+8EykxXTd)u5DbEoeCw2n5Jcc>$5E@Iuy*rPaU*vnJ6?_R74 zGjC!{Lwo;3>Vz$2TO?mC+?Jo0D0Rb5?<9Pq71q|oKX6_n)V;EO4U$It&x%cr8e zgMWF7SOTY0Q69m+KSkk$d&{Fd{6)E=^ea%XO&W^UzyFiK7t>H){O1c_Ito7u2mp6Z zN8!W({SLIG59d@vgm_5FKp~Vu5CbV2IhY{0S^=Pc^B2e=RyA5($nQWAv; zzsU+{d47`y(enH*h8Fr;K_3edhzUNdflLiIOhnc*N^|Al>c21;*j*O=o0`C5I&cILPzv(oBtaM z3IGDZA7`S-Jpcf?0dT`i1X}_K40p{$u|$LLa09{c%}f*qQ3!+&glONd53LO?*6#%3 z4}y~ZcaqlhUorp$!VCT*9{_?NKLWvJvrvMbK_C#&|Ec`D7yv@@w+aLVg~IQ%P!vSK z+=zDn`uwL}ARiwT@e1M}G6**WjPUV4WIzZI!CM%bjluv!q<)b-{qN5JFfa61@BBjs z0YZNT4E=`;%nJnmB?AM&h+g?4A2$@yDgTs#Kzs=EVgC?!W-GEPzm+U;LNe|9}OeK%PG_$_<6`@%~u}!XLbU7YG6W(X-sV zAOyt!FoqYz{VN2*zYY8sEV!Y(+dH-;7{Bl3OWP|A7S`7~!u!EaXN+H2cFq1fw>h^ZuESn~#t0cYz4M{$F_r>KQQLk9-Ij!vFu( z{oVhF0>OXHe*h5QpMXQ?BEaxpC=l|$1^$)+L4dyp3;^(J3HtTAEZ z_n$&;-oNH10Po*21kQhPm;XZ-zzg|nIsouM{sb^0mLTZ&sQl&s|5yXy0sc9$Aw0Wu3!utmZf60C=?f8VLD&o%*%h{SRn<8Gx7oq5q!=_3v&1A=a}$8v=s-zHmVl z1N*Q05yHP(0)m46p7NoH)%p)Ffd4;WML7S@NeVF=Aub~RR~O-bgb@7K5QBg~+<#6M z5D;Sd`d?*)E(8KakU{)%$bTDxkb(X*5Q4zMU%EUH0P&w=8^VK_Lg4%*C{&0A28&C@ z*7ny`9%2;Js$g-+*qGWPz9CwG_$Dlj<>+MO;N<3DVv2>h!r_7NVKFgDC`n@dKPB}c Av;Y7A delta 86125 zcmce-1ymi|vNjq#K!Uq_@P$iocL?t8PO#t&1a}FpA-Dw(5ZoOS2p)oy;7-uIwb+|| za`rywfA_xek2e^zYj#ylt65#WdVWRcSH##kq^h+SDgI7S^odWEpV4(buc0>AobkKu zlOU#^jxx?=^9XwazlNeCAbzMMkbfjrc)}7<8(Qj{sIQC*G`Q1dbhA!B|LOih*$8zA z7G&zdLy!d@t2t~M`|C0(U|~YZ_sj4zbN2Hmb1&(Y6a)W4X%x!liXb#2^mek zQ!zGvVlO!NR)EMYKd^AWjl8bYKQ#M&gK6>h!uiq{b>1&ugDrE6ELa3|v-4h$8=~3k zQ*~hyzlCARMHDAW#vv)(ESz@O`9(x?}L{5K@vka(A_ftRg z7zhyV?o55;z#W|ZtB+*3cFeszGApVWNYm<2lUyFO^qR#f(wm5r*Rm=wX2+c5TrlutS&= zql5ad0v6sm7ChCQb9(Li2wDlDAh3qyc^>Nd)SAZ!Q`%z_lEv*}mw;!YnACOHh@}yE zv_IEVK&e2bdg=!MtxJDu2ldKViu%y_g~)ZSsX&QCJta+&ZN6dQxihDeZu0Or79DeE zSiFR}!>_(UoWEAdhqt~-wtS#PzAKiSdQYbd1MAN`fG)ooe{Ck?uW>GcyIJomlfeJ; zeSAG{)M`4(;O@tvz@z|P&mkSS02kh*C+PaqVuupIRweO5Ac}DAXbxkEo)!NY46841 zW|L{1U}rhJZnYo|b`G@(OagR0Bhm(Gz9OFr>4dKPF`t5YuO&(27Gk}~L>{B$;XCLm zCMD3w3d=~SXmJYl&GD7qyWGUDctLwQJPWh0#&|Fij}Nv$RAhc@M;>7cEN_%NkT{-T zJCp?iy1X&@uO2aHWFM)9jauRBg)vS_KVNyp3MxjJ>pH|8*ox}^L|#MmW2;6K8;&U8 z1g});j#HN1$t#Vq+63n#-vD}IHOaFyxpP=Qxx1$Mx| zR?$GRIZ{VyS^9NaF$^X3tBBh;{AJ8sQx!@kVA1kdn0!#J-z_3pFKOc3qAAOgUGKLT zpXn`Ig()bs6#sfpkX3D3FBA=-@M~X+4dHHqU#t5}=`_xai=wZlHWTG5j67nI2{iP3 zM7$jfucoV@%nkw&yzHtTJz4AyeEcZFowABH%A=P@8sReo#S0#tW|;~l9Np}cKw_~u zW5DU8PloCi%v zdLtP%`uWFZv~M3j2aUoEx5U(1Gz9e3yG9ln1#7kNE3^q(l$f7-KjjE?4dQ6J*q((!9fVK9`v@~rP|3M!bf5vG`QmFhZWi%&+H~xe!|+u z?Zo!UdC!sSDdwx{e9?pM4s_fm*H z?IewnsQjpUF&CjBO4NaaMb4fWAzI7X@(w%p!Vj}O0C>)@0`J*gUi7oB7P+OL6ZmYL z-o#h%J(Oy?yQ1UE5s?W+O@5j2%3$*9WG3(O4=$?;7R0YvG{$cnzovt5B-V>-U8i~Q zwT_ZR*F=uvjbK5ToMgPE69>BjG3d^kmqt#=d^!HnycL|S8w-asG-4OA99;fHhegAw zcqCK0AtMOsjWzo{Im4-s(gx`0yn*fk-of6D2`Wz)CX>PrX#B@8GnM{2y>S!8vWRb$ zFkrlygi!35gwEg8^n~apXu%oGm{bG^4~w87qOW^6Hc7CB3b#Jx-bxe3Tkqw;BoGBm zKO$>;_=k5?&wEak1f~1L=8`y4qorH@(yaSf?IMZfE{T+ijJf&4WSqr^H31-*TwZ$n ztfMao6#EW}2uhs)qSLy5mOOBI*USdj`1>rMvKo^-W+8eDLYmD-8;>R#6b77%W2Asu z{Z0SC%&SOh26-lD@i+0KUq;R!4{biGXMo4s5DUjv+iv5GAzbo~YjiopWk_L$CMcuQGgAI`w_H>74&w7D^!L<<=1>H;?zmd0#+p*!y= zC=$AsNKd}EEx;-`#o{lm0h-#u>=FZ=*M>BzTId@mkDG`Yc?e|!*N$_RFonlLA& zy%FCiApGIer0potrB0yH7P`WQd)Lq^2Rk{4r(~CHN4b$V<#c@Ubv*XqjasN1N#fP> zJUFEi@tebIF)WKF3MH!f4wkFyn-bTXL)$VEzwK|gw_m%zZBIE!v2tAQ>8HA77prY;L8}>B}f>90XE(^`#?+#DS6P7dkLr80!v1soY(H5e-$Z z=nHs6zpj;*3xC1f?MYqTHpQ?ob8nc4?G1z@+8t4NvvKm(8F(#@@8@`-s;b#<--KVw zkB4=d^0q}E^>fMkbGG_Q%;VF-Q`~bt<}~RLZt}_^J3ogPg4@XI>ljnCt!7U0P8B7x zh%dgl2$EVj?V<4JFI2>DS4DBu8y%Fy&L)O+cBrt7siVKtsdDX7q?i3f^we|*JuLK# z`ijtctNj@jsyfhT9b(8gHr0&8nKD!5VEReTyS9bM@ZH-K`6G{D=~YHw6(#-Ntww%q z@6H#F6Gv18c&O_*6Y`lm{zAUKo0aVIP$Nh*GDy`a3=}lVk`h=d_WUk%p{6@rS_?~s zNzI!C4As8-?q|g>{GbA$9?^^qseW~O92+3A@G-8JI&ur(2}t;0y^55;aeVnfc@_Pc zX2zp#^RlJ#UAgjh&#?djPMZx{XWp*``I;AI0!Zb(+5ruSR5wuuxpAAJ@H!(G7`9%> zi@QWiJj%K3^5&DeP(i(m&~<2rJG`||ZuQ3ntX|PseEIkWr&Z}?OB5kXtk^|}oBM`7 zqqHn_v?^L5(D8}|3vdo|m|g3!rv5d8C`zQOwU`?#$?3z5J=?UupLiQ@h@~)d{e5tt z9Jxd*Ry`HaHQbv?Nt2FmEPp~J)4?X;}OHE(AN!q&fr zjPYRk=hP2Ry~I7i!ai<)R++&^Rh3)EF$Y+v)*mM3qHv9X)@BBQd*)l?&lgKYO|BZ(72*!Qihn zb6EoaeH?I~J{X{W5?&S1^DYWnZhw)?mFzPIEH~wZGU++sQ5*_ zl);->N@o=QM8ja0FjljpNe+8>`S}6$iq|r_Zg5Ww=6GMHs;oO7*JxTDGT64j_BmqPLY*i`E9MEvgoNl8GZp zYM4%=Q_|7u82MgV>#%Ir7yEs%KFV5}=^iC2Z7@%B~#7E2+GawO?66a&mqMMY; z7RR;=6P#K!tpgm|qKHSnrBHcZN$Ce=E}OyH`o9=Y-wds=!IP5r=boMsvV=Jd9>waZ z0~Blw8sHz#cG)~T!U5-AOG;-qZG$Agh|e7c5sG5{$KShr?~P2i0xFi}mGeh_8lKPC zh+<=-vKC8AUMeZk&_)RZBq_XQ>oG9_Af($;!GyU zMx-`^+Zmt&aF8BDMRMR(2@gDKtC{oI0eF$)$55Y6b`{}Pp&YlG@0gu91f;y-%OQm; zccfG|CP_PJdLp@?3XFA8jb5^O#Js6A$cfC~(TUkdmw}(%HX-#R#1&1gK&;ui?cV?D z>5PdpAHVF#pY53a2rFDQ>(}Nd-sQ65-Rr@lqEHeEJgFb)B$dsTuBrWLL9I>sIvVuX zrO%sMXcBd3+RdR!<4Lwu)t&EtL19r*M?{a6Zbo!Snf*v)q&GKJ%I7=&h#fQbGa$=* zO}4etNPB%B>d|>6HIn4d?3e!I%IojnD-!knLdayeIZkXh$&-?FbhbwVL9S|^PUd8+ zNFW7cS7&PvGF?_O7VzKwRUZi?D(VR4K{#xj9Aw<=V3vxxi=&&fsksXoKYt?2621gT z!oyWc)z#S59LymDsc?|7bAubGkO>MxhH!BGgU!l9#?JG=hlu3O9V}g~$k=%y%*2;V zk$+)w!sSz6ae$rNsN}2CFvFfXVyM<~2 zXb>7tmd7g?!nsLDY^7l++wUK$#lMylP*6$H$?9i@`uk{U)>n6gf|%PiVb((miS z(l8{(p1vs;7rOxjO|r7jEj$p^)9BLTr-4-Pb(=<&4Tc!%cJ{|Mya$(q6O{^wk)XEL z<3ReLUn3nF3x3-M3sNV&Rjvyn&u)wuM1&tBOvmr;ZFo@YL#rtmYup=m zH`uS^yH?1jPqZ@Sf}Mtzp=!EDZ$DGjP;U0MeXX*{`Ll@s3eh9+TH(w$VNSVE48UWh zGtthHy~4m6X{D`Pan;`?qWFFh|IXk*z|U5O=KXQK=V`vf0Kj@U_WcI>oH4f6+`-Jn z)!E$G9tm7?G_gUtH$9}n&yNJU-`js}4-!bx*xnqnLtv2#8A!&=+`-k_)e{M%^g;pb z0{}=>fsBQjg$)V3JrDgsw(OxlRW}n?h`Zc(4E7mOV;A%L4F+k*h$uG-18waNV%7Bar~tZX~zcE zd1&(w3jEpGg8-s@-vHbR=bwdxgM*Bhjg^d>jg5?pi~GLZ*I8M~I61lQ`H=hjN$~Lg zp$C@n{8@*{9`qpXA$2aW9Kr`67hdoH5DF;}0i+|yBp{T7i}!x^_jRxyWTKD>Jx~b$ zACm{`K-xpB^B{Ym5Pf#=#O@c#!UEhYKn8wLfOO8m1MUDa5SVguu-=>V-jon?{$DM? z|E|N|SIY`9<=?iC6+Gbw>)fvtVjZx#Aq6t=-}Ubo0)UwuoM4lHDWt*u>i;w^D+{>y z`wK)BB7x9{ZvPwoUFY{YME|eOAcFe>8UL@F|6v{CSNCnW|5()T?H~LKqQedjzrV{K z>JT4%r~~&Eh|@m|{-@9U=@RC3SL&n6$!wNPQJ1h9P;{d;ZB<+kXUC7wMF-*k86db@HY$TAF zv6Hm9wWXCS85cJf5(qLTLdQAlFxpAPewY4`gBOZVqy>_5j_F1#++k3q?R;AaRfk zNFJmBQUR%g)Ii1{6Obv$9ApWy2HAn^K@K2iVUP>R734|xhY2LD?aaac1$oP={ASd9 z#)AR>J=ltYUywM!!#k6M?V;tL(cdG}T*FgMb*5Q}m1>LUrLKz$T)9kT{k-n8I-R#V z6;EP#SO$vOr2UPg@e2wXt>F^C-Be{DAuP z=18$|r}d&=mw|y{C$kmc`*v{~0*q4F;h-_%L~eN-jelxIn7NcT=|LoHS!aFAwzF1$ ziiC4J2JJ;nc+j);tN5-vzBb{o*c?;=^t(IZGx-p<{=_8kjx?&(5_r}2GO3@YUykA( zhQtBs#qsq*v)j(EgFy>ROG{;~<6kZ4P2reS@ob+6HbX@jlluF@%)|M_D}fQ45;bQX zEINglXj!!2kkH8PiUl9Bf>rjsR*VuVE{#gG)`KhVPdHNjqlBsNnfSz|5=?rIj?XB< z8AT})sc0fa%~$f?v91ohP?oo9oJCs3p_GYI!m)RIGjR9n0$oO4OC`{%P3IGOQ|*A* zI(3YELP+1QU)-=Fj|I-Dh7|!)ckGY7QZydavMs(S(qg7v4Zc*)&hCpX<_scsWE$uJ zJ<46tv(n`>=NJd*OFe#Fp+Dnz6p5%BFc!j4!@7fzUj{i*--$9l(+Uz;5pGdnr1XHz zL1RrMv%~WrE+;NOLFPeT#kuJb>}WHtjSzDxZ7ge&-M3c}MM-chemVuT2G0jiM)Kq8 z>${pBE%m;ZO9t^)=f4_6EuKi0G*UkM?8rFWmZd!wS#Us!+on^lFjf4n%Qqp*e}3HU zQ<5v<4?GMKHFW`|LdHfp3Be%_>&~onKFMQd|Bo7L2@)mJ7T&lQY|bmQW0L-GaHo?% zh3V*(&d(yGvkm1~Cn#TFMscur#ibpjL{#8wy#IUuYpuyV}ceSD-vn}&Y zydctLF8REKky1NMwOO%>Cf6!|wlx-}xlH{;3pGmSv08=^mi{^bUQH^nkAx$fWE;<3 zFF_VLEzTepq>)q_IVDU@pM>~{_y{J)uq{Bt5Hm0O)Js)L!c+CFfQw+Nb?8nx-+26j zi#um)grSO7wjq?7Z5qvsuoIa>*~u$QRRSz?n%hW@qzQ$$C+iz4Aw!C}lIi&fL0a;G zp^C&t`dAJ$Fp;VNgK?1P;CgH)_j%@j+KkbMaS z8>=;0T*4&V0m6A zo>s+P8y`t_0LVtB*9{B?Im9<2H-uy;H|{TwZRwlbV;2JOo>g5uI%tj~$wB{d;XjM@ z{E&c2{2)4(PVoZq`B>^k^6NMCo`w|K2oxW+PrcTAQ0Iv$_+SmtKGP5??X$XWDymo| zWW3b;hVu=5(zj*_6?$2`M$4Ikar$W{9ivC%(|93)ws0T}3MyN2=MsBz3nbq~#WAR$ zTjJSV#ykOHE(SY(#@nW_`b^CeP|xaX+fs*%7LNSy(74Kn2V=V2`%5i{NPYnariH$h z2iF+2%}27i9-NKJy}mZIa-jlK^3QUf31}Mc0-oFw&e|-#EdZer^kH7r9%;^Dif5q% z+_tNYHV`_2(+bOewe`LnVSKKj4yL`dim@G|xYnGmQ&dk{)W6e-HfbfLQ+}U8EyFld zRK~1-*-B1EJGo8tMMcE`2hO`4)7I+354RUTIb-;aR&$0bs$N8$0w$7Z>hL6@R)n)k=LAH6!qqA5={rs(c zr;*DEpw_;)dWwUEe*LYG0~^0M?1y491z-@bfY zJB=h;5qC|gp@GUj@3dUM!zd{cp?;C6;5Zen3ef3gBe-+K7i>ttCB1-GZ;DQPB5YwR z=e`$F!iRYwh50n@ZHy;LR@xfOY_OYT^(dY zy<*0ctbXI-o_!ZpZ*xmIsao?#%$>RWqI!hA8QZvgoQ_(Zgnjn(`)g6h98T{x7xC$K zQ~{xS*_y0)v+6NeR5~o-C0gMh9tp1-UTy_`Pw`n&vkk6BZ52STAs0p`D8a~#iX75Q zk(RAh`(LoOOsijG2g{pMx>88@Az^ zgClAa@8?O5X}Sq@+SM;tR8_GPb&EK8OWXhz%%I2C9{#i{{O2T;l{E!HqNmm)?-^M( zQUZJ@`8_$Q8n-9Ubw-sPX;85&-{}70rnrp{B+W>rP2r|$XyD|ktEb@_3Til2*Kf^> z6x55IJ_Ff$hu1kKpGaCAXg_NU%*aYjE`%3gNp^@Tj$p|SKzpnqHJq0}_;wkAFQf&C zAFU2ut*)wFWz(;Q#-Po%06Jt+m`G;g?fuE(hY79wl{4WT+6roho?yR7v}ZlFx?;QX z7hNwaY6sR_a2Ev7D$^em2ii`Z1!U`X!;}s%cQ&!Bzx>i)T)TJ~R{#(jk>5TcOd7+u zX(GZ9l$CR-dA?f}?8^K(eVHMG%YYI<$0bN0Jc2F_&j@#axk=NM=7C!jz7V7pjbjG$ zM*a8~s~vn~o!3ZF^VA;ilL=ZFwNw>zIFs_LGWy9AioQ}Q_4UZ|A&x%vO+v@LX7l7x z(2B;o<|bjlHtkF{+E{PAlU~`$fXRH81&u(2%J9l_iC@wdxIasJuUfY+Z_;vsz4YYH zSKjSn2Y#)Y7wLk|vG1n~Ev!@XIn5H?{iNcQ3R1;Re?dlGo6lI9DVhoTU!B0N9CJ1ZDNxeBXONXkTPgZoIOqGd{=k z(-0}9;aUqCGf3`~A(uOj%*85ht2uqKqQ^<+i+=lLZZsF}yZ&j>SD{LQRebznte^9z z2HPYVB)6~&ChimDmhGz1mH@u#@Y@^#^S3{)?Ogr+`lRj_ZD{Ff8TUNRQw&O#zt>_J z#rEorbX~RR4ZPO7F3%$}mC6yB0STM+eCa+Etlu9f%Ax&I@RT)>Jvw|tzT13$%HyaY zsDGTaK@T6>fT)r*^x5GHH&!DKkAX6DP^qN}m(+snf}UBYt=g$T#yOCF`zE%@ODQQ* zh{m0`TdxD9s(z!p(?5IJ7V!ffIJ_M{qY?((F9{MmkzUV=%?3`B6N=}Kj$)y7x89_@ ztNdx-LUt2&9oi3wXH??p?to{y?P9L4L5($*!(%%vJ_(Lt(su>pi5o4NR&g}=V%K{% zGaa}n-x~cIaB2mYfCG;Sit7s+r~_=8%*6a_B0-O4)Rz+pCEo2yGLna%58wvNE)6d^ zB?7tK4yQ_9f4qIx);h_;@=}I{t=GstEv&_(+t{S>*E#O%PVd(BqL!Y(aw7j-BHK^W zLedL$HOmNQKZAYQ!(;8_XP6A5ZgvK#ypSi5ka!(Mky%MWOF#|$`;G=wA<3SzfbF}o zK$aHbS_uzdqF{$SZ9&@F$;rFP(^FX$RxsNOEA}2m6FSZ( zyEPU#H&OCJx_dq02QY89!)TQpS!tj^up`?&$RJO{$88BLP?|2h&1cxgRX7*!10bYXp z^|y(MgdZHyS6gQj6J_~E-c7&beDz&vTkAW&3wm-M)}42qB?~SfxHZTdG`2>pYSsTF z{Nme+DGVzBB)MkPANkfbc;otl+O$&Ig^} z4s|)WAk04wbqlm@9jAD(ZnF)IkIZ$&1HV;&vY{sV5{Sbz5mU#&8ab7Pvd1|3$X?UG z^zNedyq?&yPlQU2nxOw8(>6zs^x3|pD4}HWHDbG_{#lck2jk$SoB3c$M7%<;{Q|~V z8ac56`==MOyiMhbrQB#rh`14=?@b%a^Xuk<51PxF0s6vxnoJwG0FP1H*CaGaHfA<- zOU*c(6gw`o{YU-2H5F#>x(4hb17cp(p$ENozU6Hpd`p4?joI2xnm9t$n3^BO8l*i& zHlmNehNopqkVT;OF{B{x;H7^cmBC}uIbKg_n#6pmR}xDiUh(MsAxcR-8FDQ4mz`n( z=0&M}2(UAs8%YY&-mgsr2A(k4)(D2uTfO#bocIY$p(SH$NKQn@p@s&OTy>?(uzXE7 zBdm~#u=5OsZ}wM9L+0tQ>THxgeblq7jakTWjPm&dwQV}AyGjdn@?rAL#vNbT;_UVdWDrI=i=u&W$LnB2R_4g6=MGqf7 zI@lNuYj%$4l%5X=7=_}~t{r@3t_{CEsI|im7_pzDn||gpQQK^L8^C4ny7?J}wIR5% zqiP?$_Cr9A4;*;oROk6=0-iY%Nrw1#Pb_(L*K=ESdjnj~KI1I>cK8+-dyFCWZ-HRxHy`E|^bNMX5vat;V z7(7+a@HDr|Eul~HEX7z0d9QZtT@c|;dV=kN@Izv78>}|l@)6U{;ArHfNjG6)UK%TJ zPpU{`htXKrkKTa^{rFdLB#Bh4oBl-_@IRyDtS2!TUA*mr6hsc~RGq>C@eH7F@#tY# zz4_EfG?$6gYVx=al}({kH{aua(_Y}uxTtx-CuQ=*#9qz(Fjtd(B9kLoZg1qo}xFt6Fz z6y@n+`w@9icKnd^2Aa}{JL-tneP`cFqIj3_O`MW@jO-=x2v)>qH$CSX@qm%@P@x7| z$&nA^eA2Np?!Bq7*_0u&?=!S);^QpAB)+<+MgH@ASW@+M(%id`Y>*LK9TcIJ{Jx5p zD3nHUsis*RfA~fhu7}}v1qWn|nCdjZX zhF@C^H8$4@DKR4vGG z%VzkxQEIPKg<*SpyV1G&!`As_v%tqTp4%z|l8~cQOnYOCdD#gA@1B&iZ!;MgXHJWp zyGIe$csj$rQ+qkD0Jqzp--F6Ol$AN=IB=1E@RP6mRFO2#B!ia`$*)7=qfat@b~Lz_ zWpuGZZJbGWx^d;xD&V~y4!ia=ROwks7e6!i0;-vd0uD%NyQ5aH`*KQ;<8Y%(hRHtn zxq)G}A0>mk_vslt4{4lc{|!_?b!PkZP)g`46nMvHXg6%gZGdl$;5WO$ago=CB=}yh zUj4*WbD+fcxq7ToXebtV^6DE|_sK@5V|)%`DxUmXoaYEfDmX$>TDm?i{oUc#U z+&>z01|7s{A4zs23^;M{Ba3M-v%?{kc3kY9Zk|Hns~H(3qqX(xBK4ct8hJWz8IS&S ziHIGHPM5`@clQJi58StShx%T?e?#Z|3H`ak@BNNy&AeWP0e?50_QH!%Bkbzq%wz=3 zogF384>K=zc&N!c%~Q9B8Bsfv>^v!r_y{t7`cIDc%)G8Gd*tC&FBok7$gBvBUugG6 z4N=R42Kl_YgzO~|nc!?Rfp|4uZ=iHQIZ0L4rLgoUi`!#CKqrnn>G~2?M#8}OpKo-? z`}N_#_kW4j{Rgn_{jz<)sN6eUF!RJ4CX>qH&x%>Kt<-95MqKF9uVSRLoT zVRc|o2ZDBRa&rC!xZEQj5XA0x*yJ9K;r;`p;QW*RiA(*}@OQ-K@AZeiAZ`CDV9W;K zWoP*VOamhw5Fi6m?vXnP>IMcl?qNePLIUX!QisU?0^uO{4|)(>41(7E*3bP)e(w}A z3&^bRmkh=&I9VRn4*{pZt?vP;Kk2>FpZvcXLBJ_+2N3f>^zWAmp$}~!Sk7-U$lwpA zfb`AI3r42cz%~a{PB3K!gPQ;EI2EMFznA;9{p$jm)W7cjYYj4=e-nb&|8Mudp=f`t zA7X<)3uNw)Iz-0J!A-{gAOmmfUp%mk1Hy;!Ai96*-`fieLP6lG`_(}B0C@W$9dd)2 z59R(IJkf`p`<>oT7Q(pq5%69=PzX@^d-4=(ceejrZ)gvSZ|;XC&OJ}Cb|e~0t#f5iVSa{PzD@jpQK z+5bSe{sR2~FuZ@C_VGWC7=LWu{|4QMfb$R7<%1O;C>T`zr->oF2U9*E`w$8-_y1*d zANUL2hwSTLfd%4V|G%L7z+dqGACCce;0KG`JJ;XP{d@Pne|Y{wNccbT|Mrmo6)u3k z3I28qF$x5q{u}#mw+~PB!^|HjBrgF{zmE)DkUjk~VuJVbPabezxepf*CPewq29Smj zxc{N^dp;N@hwvXF1%yJ(^w+}5;$kgux1b8nY`}t7*Whvl~$ohMuztCrS^hbie_6}+&tHq$54#Uo-SCl8dqnijDMXxN4WYJ?M+_m z3xwXI7oGiu4llzSd8fXI&DD%36dlEa;R1)-X0sHg;XAFi_4Q%i_7ebd$%>_dhIyPo z^;(syQc3YEc9O-w?q_D~HNwVSZStts6r;iGt$w{$g*iAhK}Y%zZqT}9}cDUvfD5{Vl* zW<@_Rxq;i(-xq214)~O7d?u+Y!qs0|uao6YvqxF4oHFddf%g;+jt03bBGxQLN~%8} z@0cx;hwICmqA^QV`RZK+yBbAX+M#Q}pX~9EYl5#D%=HsSoE9~#!-%U-O<=0y!)QK- zVfVP3AXg_!)2t#UJf;y1n-SLz6VCJh8K@S2{)nvu-$@FC4j)M7M_R;6#rpo_w4E{W zss;^pM>4>rGnDyrO2_av9TWZDSGZc1XPHkpm1lQzCYb6|_DYg7j7gOoZRzZ!e2XUs zFAVkwo(5Cc&{m4YM#L55(O(-8ms&9j4Wt^U7u`P1O%VvVvTPK5e2|;p)o`2<=;JS5 zB~2j?LpQ8)02&9xM~3PU(9Zjp*EjYn(}y$)-Vu=J3)WqGtgx7joi|CncWiEi4wYc+ zay01`!yd`Hb6(!(EZFmyc(O)3`}_$5f;2hN<{-z%=!Pfx5|{l*iSQMdQ-qRKYw)jYU%*b)w!bcQgcs#iV=@AM=yJ^+rQS3NM1T|uUvrL7;%4$;?z$6ni? z-JUZfk@WDVx7-~zoM&#AvmLz&mlBJb>5e@;)6`L<^{UuwsPuiJbSvPqGEUA;dc)oV zBU9z>HxT4V3aWh@F66fy1QlsWZiOD9de80Zqfk>PEsK{y3Ogj5(y2{4hZebGb>Tt z2}5;FI2(5u-2wH{Pk5~9Zp_-Bg8B!CbKi7uiZJOyzqFv=upeDwvX<{O=T~s#ElO+V zJs(5`EU`A-%PQ*@1J?_OOig7QugvsDNQE89`+QN8;bOblh){+u$zw$rFjhEX2;K{- zM6==h1W2YK*nDQdN3mISZRqyHie~B3dk!UQMn29~Q~Slcm3M7TZ0X1)WD;LixyU&s zj<&Kt20ssuh*R&I!E2=WR*K=qW_exHYQoYnfWuX5U#AGgV*-8Z>n5JH#bRUNJEo1Ni)5Y~I_Eod1rKAUl?w>iYCNA3fb1toaSW2TD_m7if zVA*Dy3}%;O*e7E=x8le4*v%|kh)msq$vE^WA6Q7pXU1zR4sxijv?!S%+g_Tvh>Q&4 z%}wZF`Ua2hZp3CKQ;I#TP=$&$Tz4(^_r>-)G=glSg$O`OT zqZnQx23&xbIbO*JA5b zd@<7L_b3k7>CP^*BJzw>`p(Cwn8@?ax7WJqGX+A)?x4?0j*(LsFQM?U?sJ&`Pib)AA8&uYX8%fqEB}a~Mc6;j z)xz-hs~ZMiIQCo@Pr_QGX6e)Y)>X-BRybhgVyHNCGT*|lpgDb zL>_zbkj#_lxWS`eG{3HscA{UqyT95@v$WVRTCDv@^|qTvI>Bdrs2k{~wyF-!iGBBe z(n1jAk8!}ET)_g%>e2Sjnc2>kb~MVKb{UjQ=0Qp!a@<6kb$VyYro=ijd+ibYE880%Jq^H)Vpm=+-gI#EVXB}F0_@jzt#E~N7vAuU)u@lc4QAvTV_;q zSG}sKm~F6o*1*jd#AN!cihb784*O&B*S>uVQcFXVZx+DVUHUCRdCh&^?rN2V>gwud zvCTNeI;~w%tKTo$uh_5MFZE1KDi5npd%26mR=^m07Vh)*?VG{3 zJO?g6GnIIdc_cH{GeucZG>%Zn>QAd2NR^9eRQP9-{Ma8oyvN_v}P^Ik>;XKGS_hvi$_}XW=R)K zdb%R&%WzNZxsv(@3Q8Fk98AQ12mLtsF;ka*$1TQ+nHGyD09eql=X|nEX17fpjp8*O zoMnrN;#=zvVpE|>hLXoo9eBgWDbGIH`-H71Epp`Prr=5HWx8kY%}_34IU**F4~y|O zY-i9MCXND2dX-7n72*QTZdw%(cniCQXn+a*EJ!IVJ&uLkUUXkl=+~hzD)+@Q{z*9# z%7|g3(8%-9(7Sh~eEajSldh27EN`QgO{au%!O+6{il)fN0l0iT!<*ik%~yQr^z7VIOI zT8)jt9(?e3w_}@e!a|NIxnwE+Xi|1&;4CK1f7 z&j-G1IKJn+E39dJmn)m|$I~B%k`>~AjKJ`tjKJzo8G-RDBoz^k&sp(O z?5$Xq20cC$7EU{AelcwG(Yx^wqFKAeYyZ(d<#7Wff67348r8ppM-US$_s!j|ukRyk z?ey4?2lv`*J+7sk!N!SpGyLe-VW$>CUzmk<95WxXH8EWWi%a*=;XXbV{DWm7onHmz zM~!-7{j4vdhlz5iCtt1%_Z1DB>4CXg@62%=FKn&Ym|c8WN1jx`2pqDtp<5eW;xPBQ zksbj3W-X*^M}ASsx>3fKdN(yMkJb`Rxt3x}RvPPGo~1-ba+2WMn%NwESbBPwVASZN z_w(nIwCD>H8?&L6K@USo0BYV(MS)deK}aT2A%TD{N)+} zM8Ni#BqOJz+OYk@9@ozbboe&)^T~PruxaL&rRFs@njX*H88KZs{t(ub_K5@jO`_L* zm0q#85x<(Z^6Xd3T6t-D_n3Z&I3~4zqYt%uv7Ps2vtqbShjU5mfbf$ex3_nB0HC8f zp@HJbE^LUpyO?Z?YBAsKwP*b9yh_G$m4d`4u(t-WL4sT7|7v zCePhjriVDD8`wWjb1dcxL=AGx=T?{)<=IyzndE&L(JG6qZV;lZm=2kT4>4ss?XnfLDt&-ccWI0=^OY=v?nt7*vC#6=`=ua)|txs#}`%cEs zIg=~cwVn2_Pe9CVZKn&^XJ6uN0X-?D_M3CQKrQ(ZD!Xuj9-1y7N=wv7b{5?`e6$D2 zgpM_GR?3cC1LLa4t}Ad>77xwkv78B^vGfRadDvbMI%{kdjXPRjkB^B^bs`Hn4jRH^ z7Zd#IxGHjYbi%NW9*R}6>Wo?GR1D)FZt!n>ib9M7<3dUbpRjj5Hi1g=R9fOZD{?&O zwvY8qFgj^^f=E{Y`Eu$)^aIT2;;<`9jc7ZM1y*4K#iYX?btP#j$v+dMq7{{e#c=2$ zUo|yh6TxH~$yr4778Q0v3<;wOL_}R>A*T|gpg~g>f4m~YgU0@tK4 zT2tlD6JgfLc*RL5V-ueZB(BpPbMVS%cM_ctd1ki=0|r!}_>@70b@dV6_levC8S6~P zT%MsVa!cJrr%;!1H&H&~eu{n~f;2fsidRuL2{#cwihc@yVt#Udp}gD3$JCb*Hvu>C zH{m`Cck*|lcd~bqcZ#Aa3Ndj&To@7cFREV>cZ4q53B4xO+RqtLB27Lq!n-WI(mJSF zGF32B08CoPul&!*H=FgQr5H(Uk!rfRxox_Y{n ztBR|JtD4J{q&2BNx<0G^b$z1w*nIDNwC9<@G$5D^H=JPJThm8${b)GEEzW$n#+2A( zt`@~~%r|Ib;Q5fV32&{QRwX0%NT+~SHX|sRdpLAs_}KK)RFPx=$po%eRO@XyOL7=? z46hfgTvtMkS-G?ZmfToGU#37Zc7KE=brpuTOt~3O2a#Y>QlG4)c@>+scDbDf%I2wO zIpCuKRTftO22LZisZ-a=vhfBNJ!$(yRGREngG3O$S-Xmh( zA*Z&Ge)jCEUdb$)R_;Fac^>393d`CqKg+$c&3Ar4Uhiyr}^ZY9o2V5f?Ej3Io}Ds8+^X? zO<$<1vrhApJ7rb`WiIjF&h^&{p5HVoEz`y!*#yf4X9Od%V_0JOv0W$b<(vY}mYdUQ z&jjnUd((R}>P?e(?6T&Nx8&1KO!fnt23-tCyg70NfUBF9OQ+5{I0xhu<~l78V_*d} z(iLY^he~(qgU9MBTx2BfuO{)veB;4!Ik#j7?JF2XY@Jhpi-rA=?dOnFuyNfdzjqmZ zt$p0`Nb<~#-i~w08-W{R!?wxo9Qu|7CVgBPrtS;7ml20a8JdDR^`>7^%GPFDK5m}W zCr*1++**JAxT7=e?J!%lGA8*tS|7;h;_e(B%P@2d|9X5m-K~4_!G2-7-uLWWj&FL; zqsirJ%;O|{GwWl+zE`6zaPdPx_kw?3w{G0bFuGShl39*&m_cK3`anll`(i(Zc$t*P zvb%wqB)1_KgMHv;k-F3E zqise;(E{g%_=Vy{KM5o1^2@=sf-PAkL(pg20q?X6?VPf<^EM_whFh6mxKK1uoB`DV z?XYyOaS?J5t5Gf~IT)j`3o-B`_Ja>_cEZLb8l?r3^^z5no)6LtTv5IfZ;OaXoIFnb z9{#Dw^t_MOPHHKS3n>VS1Z@lTpg$`0~1TJ48bs;<8Hqd)S zOy#vo%tZ9|wkJ2z3BA}X#VPJm|HYh?Vo$G{?8tafs-=c*c+`CCqwe|z$l6{{*X9i8 z{J}|CPiQ;-#lGyi>Hh&UK+L~>eSKAfpdq($Mq^vk%BHSnVRK>2J1tf%b}e7E4zwL@ z`?~#b``r%Dj_*4|y58+7?fRoTtLI41SG{Guzx3Jn-S77rm_Lv-@b#e0;EzL2$0ClK zA3uJ=4nY<|Gv2KV%o)< zm!y|HuFStue>LISC)bLuJ-=>${fir2H+S3|zP0DpchBG3aIfaR z@P6R~)&uc_l81tawV%!WtoqT%k1{`h@AH_?tG`(H#qq~xkB6Qtf71R`?`ePNGwNB! zmn*)k{EGio;Pbi9qraa1b^9zx(LB{_jn`Kl5VGi%T!dUj@9n^uy90l79U3 z$C4kv`^o$D#Me7sxBR@|=l)-o{Br--gTER5F8sal_g`SDdX>6+#Ox3D9}m%PR5H4F z^zI*$Nooj`qIUI9%E`}OPvw95t8c&!Jh6*3SR!V){?6`J;ih`qs135rW}(`L1~&@} zA7(I0)GVU!#1%-vW@dCR&20snrIHQtxPeIBOb@^foIq;Qh$~P*n@;s7Dsp7Ml6N>w zp6h-GrK&IU!zkoD8o3kAiHxvI(iK5lC2bd0P?Milm{B0?gA+JVL3MvF%=ga<08(8L zD2~~m%!pvNk{*@8Xda|t4P;Oa2Srem)QQOVvHHAr0oOMzNm#7yNH00%0r0FVXtN~D{r=21%J%*be zvy0R-d6{XsDS3dY$&uI!Q3?$#qNFwnj0CzXXq$9NK4@WJ6Ftydmfr}N!3yu~LgYdN zbD8*{rjoOQw#|sl2ZIa@r@wPJz24qiymPDIAsw4)8}1Qh6`_AC#(nOU-%@jGNpPR7 zo(c7NcAMRTEC8dw^D{{QeCp<-mVzkPTw!KNwqHqjDbTILhID#!|8iTKFt?+^gARUM z!72t#dAJ0!dpnBiTLje=%Idna(j5NSqK&ZdikXir;Gt*{buy_a76b!HRJgAj;vfOv z@$Bv=LEWHC7pQ*}*^MbRDSRb5C894UmPlS9AtaG89~mHP!%yN9Y!dL|N|p4!^zdv@ z4it*Y);{cgREdRAI^b0E-iAGFsJ7T1CpqFJ8m=*DD}Bl{>u{&y0wE9G@Qr){mjT7_67cOcNRI4iS7t zKL9sNTbqAc8dSYt0Q7`+c-Q(=`{(Z{I$ltkTT#kziz~|%t)0`Lj^P=!UVs`YXp6q$ zy##&nEfOqZIH=mmd>XJ0b#@B&3O^dN9Wb`ioCYCGp*wUiB)E%8vvL%I9tzUu?F?7% zcUUZ3gw0?ts8dg?Bh|~G9xpsyelRXVCf1dTJ)(bY0D}Y+EK|?tDA12|B6^2YLgn06 zD9!-}3Mix;ozIb|C(?ybkAtx+uTdM;kl;Bie9nex>LWZfMSmd@AiZzrz{zm(i{GFC zPF?yv`ba4A<2^pR5Pgg|hqtbCcCF|L75W{IxPj;Y`~C|z1sYk$L6Q0$EbS=_d(4I} znC8~oK@0>snUFKkAeGXI1h%N|FWv=*cent zT%%Oc8n8~rU^VKQ%I#IFqj>6a8l1~*RTdQH7N)nQW9gA1x-GFVK@qKz=D2}f40?Y~ zkMh(a4q7XsxKs1n~NiuDV4rU($X28^Ym(}K7E=vGnfhBb&$1Kk6_{QZ206E}?zVnZm@RIeL zw)>a@U2|ZmI?`q}==~f(HUqbR3nzcT*~7;}ojL>!UJ5_u4yJs}`}!1%OW?i+^`vu? zZ#;$}Pp5JvIqHvjIVo8n2QW=p@F@9$8aTL7+*rKOOfS)iwrcNn>{P! zT^Ne*d;@jhZ1}2G=46v2B0XZ9HVr zQYV1PW4`b@^lgB23#ncNO?h@}kNEBc7T`#&?{IiqY-7@S2A-#4F3W2J8+=;qOAmm9 z;83`W$DyPCn}8WMj$0;>{{HS+NOTDzvN-4hoXyL7(A0V!oCg(t1;z|ILTQ3zoBE43 zQhgI{;)yNgp2L@nNw8*Jwk+?tOQtwOEzKs2E{O{khaQ?$p&4F`uix_ z+KVGX$9NzpK_-t05qU;>18?A;8>aHA4ZRGmU}&AV^W;Lk=Qe)}o25nNfx8U63MVz-(VYNFSk?iDG!y*zHH^?q@Jo0Y_VB8bij%9r z18_38yW(6!%Xxor1$0T<{A-`TshdtjBcjE@)-HrSZ!Qel_n_! zw;8yDh9`8mFRQb%s-fP6L$em_J&5QqX-aCa02a{NOs*Ancfy=Dkv5%kR(}Uq^ZY1o zFd_~f2|}Oh`BS#QF(WoBJ}oH^6f+ROCG_V&AuBLt%AtQGn2J4`Ac>O7#C|b{@KP*+ zfmBUqX0-t7QP@S4Ns0}aN{ZW<2tVbF)?j`A$^pkSKxdJ<@91?G<64FqZobLn9TOS_wVdGjO1}0VD2L*Ra)|YCf-h z4IPF(UszU1Hs3$jKO+DzOV)4HH?MZN;wcn`hl}IlJ$+?iAPj`&M|Os7I^gdKT$%k3 z9KOH%psMS*psl{R0knY&hq~6MAzmhbe`;V3C<1?~#^&nmoaC(JG@wi>NX`VUphHn# z-B_b&21B4WzFgYCd_kdmqtkeev7f~a0_N*RncKd#&WK~QuePT=tDtL0m;t}#ovmr^ ztFIFK6bVY)^X-8%W9jQ|zsK?N3qhJDfQ)?f9}h9I4;k?gmA0~H#jn>2T8jHR?p$g6 zddz<>+oS1l7Iq$5_u(+V&g|??LAzr^*v+7REB>`raN-eY1Qgg8<8YQ)LZRm)9lUPP zCu;USY1gn2AP$)4JKM?L_2_|MD_{p4irpIa_j~;a-~{lZ_El$JXHS3W8SFX6kbV9w zXnm^=f)P9n89H)hxMU>;%WMr;GBjYB{x*MD?*CV?U~rp8X?)EXxYwlPr0o_1ec^2S z5h#}AuNaFgy7IC}m3oOvRyG-2fMz$Qa*N?Lc$LRplmMr5qNt>#=-6bOIO@g$d1_P! z_Db0yA?X2nt1N6bS~fU6u@j#0Yz`|90^Yg~UVb(n-UVeML1<-kxont;K>7t#R&IZK zD#jz%JO>memE*`%99L7FP@;GL(wQ4WL5+J_gowE0S0t$f)w&(^HGRW%9){%t1*J{+ z^-gLM{@vJv7{C|2uD-hBcEAi(x@{IBTN-SY%l5@-Gk)vbxNLBpfp+w-jwe^_bqv~L zFMz{ze40mOV2oviu73CTQhA{_O?wiFk=F9x^wR?z!0<@uWSar9U| zs{UEyS)ROxGL2{H9hs}-xuk{V`Zl4XFq40^pf10$x}i$h1^Pj^tTmvP;ok3bF|Asx z$L&S6BI<5TZWP$0T>^RJI!#JZhnFBjR-jpegY@ZC7>&+zpox+iwNvBSzF&Wnm)!wB zJac66!B9sxk-$E{J#JwVqY1n?j&-Pi?-)brjF;?@gYb7A$_}Tx6Y~@EV-(Su!Qcpk zmeF3j{WqfJb0GzHe^>K$&!C`Z@Iv)9a2gDX+TH5>iu@~g;}wsAZk!M*P82Q;1#%FP z7M^ujVV`{%!|D)D(dMEf^Q(W?o!%?Fy5)rnWPzsue%Rd6%s>YkoXsydlfjf=*Iq9_ zu70m!GJx@D7mg}VU^e#d+@I!P_nw=a7AJ^}j*E_!yI38ui%4L&PoiSuV&kWQ#FV78 zB!>Ib33QTLUU%f|U|YrUMu99ZG*B!L0lKb|>Wf0y{!@dd1HAI@Dw=;)aN_I97hW&J zef$bHYLeuoRvZb=Uh`86QgVQ9#h8zi&|srHYKtaL$QAVVjF?=_978%GjdKVF@wjUL z;9x($vf!H9^0L~R;BsFfHZo~Th)Rt*JyerxpF-(RQ@M?5OPn5rQrzjm2~kmEJvqRX zG@Icz7P`7-d+8kk4q|^#Uw7|tM{oeF?6HJ8dvCcMKU(RMBg+T{LCm&;_8Sb%Pr*qC z1;JDua_5v$TytegexX7SyZ;1bES4l`>xk*lgY;JqfBxL+GUDG9&OGDT15Prhy4o)E zc8T1Y1@&Hq0Y!VUHHSbC&R7-!2YXDJpGytT_ED&EEs>>%FDZ-g%jI)5q&>4 zFKRrL$s<>5ti4`IugkXno z{>{}vL%ev(J_>UQ?jiUB8PeQFF?}I1Uk(m3D3S(#@lt7&e~5Ra4`7_Vnz}UA9-=u? zdLXe-0_+)-L9c%ru({pZUQ}Hz=;YsIWM>G)4*}K%ONo4KJ7GL;xl@ zTpZ%n5quJ|&fbGFg=%}+28LpU{sR(lELXqkBB315Zq|PY!5dAa!Lq0*Q_XDkDrvKH zX#q|N)Y&I#NP)8Oa>QaPs5rQWGkTtiLu)t{R0Sl_Ri~w+jm%Yk0|!h<@@Hzs1uoRjF60NOgcFSrSU9hD3!Nh=4pvo*?tp+IgL>u8wuT(lqK(*1>Zv*{M5L#*tD3;@XVM@kO{I16s_#|NSCA>_uoS0MoDDVW zLUS6QWH}X(-L*Frsy=$>*=( zpFM0fROj=+>-?h6bMY)mMD&BWq7X2bL73TXjdh9e@weOQy$);wwiW*U;SI5^8jf>& z4A6g{X#m|Kq94X#KyP5sWg4x2WCqtj@^16Bc0ol~P9M0>KnyvxuCz`4ZzTy=;Kiy} z5Ane5yu3%6&5RBa{kgXJs1toSGBiLMmt7evkT*vZ;q1mgB-r1v)8`B%&fkI`3f0t@ z_S%)ZhF4BPH^t`00x^)p1x5KApg{g|7%YG80{|50g0j4<{w%z14idUGAwNoGoh8Z= zWrph`JN`Uan2?*43vzWqX?}K7Ivh?JPv3nA8J!GF*R=d5^>Sp3c(a=LH!DNjS#v^}}cE_w) zNw3yyHDYG5hpsC9ZRWjoCpUp0T_Bal`X$GMC@{7scScDcNRj61zeG})#)lSg@3qTC z+1E03l}I5PGhLP1NI}B-DbRmjL3x9)BJUpb5wzid0pC+r*A+FS=qiw*gsw}Y_U~D)^a_BlxB&$F49h${Q6f*NUDv$L{)Rn;5 z3feC+qaZU&QJ@k&gztZiW~9fZ#(_9p5FVT0nZ!u&)F`nV`S>__<1v3U*Zj{`s%P>F z(y}$%u~j({c0!b?ftSQG8N(}3LGMqMLhlAnSONcBmTm4J3#c$9|k zIGwIF=hquPHOH~>GXsX23(j!m@@c|=)B#&&WO}*eaPi1$ zUVN&f#6RYcOxIWAfihFlK^9;-a-toDqeZm$6VJ~e|21U6PvQG(zni;zpPOx%0G_20 z(rNE+IsRa1HJXIjc00`u94@aEV09<`u}O=>KTI`9v=vdu;xT^`{XuA4fZPv#h`!+? zKKw2zBf2a(O*gtUP6_frMS1Q?4H8u%dN?^Zx@l#j8Gi<9MzhrK#g-(D?UR)iW*tkz zRgy&Xv3Nyz>tbj<+N1&N67@=GJi3yjpq{|O+!{#2e&zAJoDRcASk%kI#tD&`nH@%ZSN}&e8R$@~uhA5SNCQ!~rHA|0k52gy>Tdgz0NpCCQ!V(VHbVM(Au)*5Pq7Vw*>K`7vGYhx=ENyU0?ptZ23 zqPb34-E>2i%|EctEpRW;5Z0iapI{Ha#91M$#B8}lS=H=cXQveQLp=_191Y>w_KJFO zBKi8{waVR9+oC)!|xh&6i=1<*8LTy4~Su+8CQ&;`K251xLH zUHC^E9wFKxG}gsjSPd6qM^8Y5s-z-5I)YB|o(_L)#86^6@7`=={T*C-EW1Xf5SA9z z=QL}$<9VQhhpv#&?+P2H!ge0=+YbGZ{}t$uFCjnZza9DGBqa^2rat^XxnRg@%KzZv zpTOQ_PNQ4}Z7U~VdkpvBWbjeF+Jtuv-J`(HD48X8LeO79Tc*njanypJKc!z}B<>fY zVoiT~5WOq@&Fze+0&t0e3L2Dw^3)RycMx*|?xR=--$W-pWYA54p0xUm;==Csx?WHN zl(GsBrGJ5DQ>s)^T-J54X3g4t0k&>JpQBN(aVwcEo|-j{sqz1!qy^gc!rJP|pz6t! zsazR+sh+??A5t;b5*tAa^JVj~bFC#}_Y{9Y%KmI=9bjrp%j!>9cC1J5uGL4M2BnHJ z0)#UTLxNJFxv63h4q}tz5@ST^ktq_uSiAbz3%SQ!s)IV4%N6|{0T-T>$= zZD=j6DC+^mOj=TELVQeolw9ED;V!WUw!l4mM|B09l#&6OlWX|ZaAGfwvQY!CqE>$% z6B8F1CBs6+(#W_ly&$ootfHi#QHT=+scJ-^BBL?)fucXRaIR4(d}Iq}+t^4|>f3in zwKaBUqZG9l%`J}UzE)Cj3g|)~3fYc+%ehQJ_mP>LBAjWY#i=5Gnfzn>RPK>4&?o=Z z-w3#+Uge?|tqb8ENzKAeMDM@)km!Hk)u&V>+y^)DdevN{4L%}&_ zc^d^edonfqLx|uPP;skyKEXlWK4l?w4drEZbwQOr!byKfqEwhEvtgk2j}2G+$nyyd z@b;|?tgWxAtgR2I@)5$PQ~r;xX`wi`0ZzMc+IyV(rF5vLEI-D-M8JLN zr!0sr*UJLwsTmmz`UFq^O6`9-!pC?a?Wxg&cqs=d^?tmR|M6H*?;g7ed#pg{HgXoZ z1wN%4i^T52KaFW`smxnop!HZIlWHb|dz`!C{E zOlG&kT%I{hzKAprAQq`N!Xy$NS8wEHbrjvpIR|QW%S0u?L89>B2*vzj13@W;R!{l= zy@$aes)qeF3Dr*C~9Jf0E zvdB!Fdd}9Li#V%~?Y-JmQ&3wg?CYz&1+Id^aoc{a1~h!qRG0ez_()72!EO1Qk^ zc?aylL@4128>fGrJ9xV^PkSZXG`uxYN$*UJC;>N^+i-mcT7QquD&)Ww9cT{q4K#1P zURQlA4=1PxM1^!+X{1OVFOC)qkq+`l@4$eVqWB^W=~0zr_iM781QFerSR8R`-uGxd zAI)-tE2%6gXD!;`1UFz^JVvId$Zy~f59eH6@Ke;K@kW2!)g)&RK8%w1Ofvv^w_2x$ z1mCdFhVYLKv+U_RJ31^tIQ2BYwhmBcZZA4l~xIhRh4sHgHGU2I6Zqjj z_>i%L9NK@Jg40gH9hmxg!3y47N(HBJem%8-s)L6)`zRlDn1ghw`mqyl&B;4fkVS=} zX&l5@{Z4rzZ_XL25qfjrG<;ukQm;87Pf~ou%9Pg5$xeyk5_q6U2SD$U2V|V zE=l6ZEIbW6%Gj_7&F8`QX#n3XcwT+Ow@x+;UNt8w61yT)vC8-Yz?2o0R91?WA(7$n zF=2ngqvD7Jw`6cKqe3~9t;{F}xlBcHSx``LNRT{3oFx*dY%+q9_j{y>(~lO1Wrt@( z0VY@+9^h9bsmaex%c&4{D2mgY(o*KhtbDvHx0ayyfIfrXFB^L-v9ChiRu5xqNpKau zy2(~=QZMA8$rP?%pOTk(QF%$J%F8RvECPQ_es+9pVp4o!oG?B*F&e}%;Uy8O%2HKj zn@imx$0NZm0Rk6Gv0cQc%nVA7SAb0=NustTC&XFC@7I-}b#lb`?>h{1Bcn63(o)mY zvxJ#>X;~nLDU%k4_=`jVPL00(r`j8DH45r)6n|C$ccm0$4`<=zza zYJPb`qlpLAi5hYqg{?LPvPn2y?eKSiVW#nS(2WOd*nu7WHXN+SVm1_M9KAX*`_3;- zkb1~guU04WAe;86Iigse%Utv@r_E#iqCEpV{KK5U5pbx;y~DNEuS{~&i9yZu;*|aU zLBBE*G=)0n+7XFu z1%+&u@JvsKRf0Zns;TLEA%nzpGopCk?kn{NyTEog*VPgRYIcpEj?BS&$E(wMXfB)= zUJ{)l0lJ~GNKr(dq$E-Zmn`6PP~%W5R3GAjlj#+zp{zHk2`LK<3i%Ie(u02hMol%NNk+C(*jZeX-jo9N zCj^Eaj1|R;ft(2{3#q6qE33$jFOF3T!iEwm!HJe+MM9TY8B-FEX>NIONo93Jad2c< ze5^?57$HgYNCdBPyXu>LTBCpZQoe6WEK2OeHld2o|Nq(qt}K>do6vY;G_Mq9ltOtK zOe>uXPRLF})61c1m!G@;+J)!|ss8E_1A7q>K@In{p#82~3T&`}?Lf~E=* z19*>n5eK;-7l#=pCJw(tXXxGw*-wR&M()T|v2`%Nsi*Lg1RgNgT-tXCvb=b04Q>t=fm>Y;3B8#cdx3sQF#1B!$WWz6ei`zmz2boB-Vl+P?gnDj(+)*;tx<*oSHYXnS)x_ z@-oBHBtXg_jv1m?xCd3Xbg8aY4+*%dpPa01YpU1F0I7e;nem0P{P@}!X56lIv0cL@ zFG~w@3P6#rN|qlYiH;8s7ofRlp2n_W8vGDm{Kqf~=}Yj`C35&0?7zkifdp^p;EPvX ze(kb8pxY1H3)*X5&F2pcEqqbio7)5ibits!(YO1>E56;p{DscdF8Ovq*A{rn5Bn~B z!9QsCYQBH3Q=|*9(*=j}U27fZFXY1-OwS%(-fFgN$F>z_+pm4`_{!DCxaZ)Jc`EYB z9X9+Kt>JAc38~Y(V6ch?Ux=#KDetP3Rp5)U^Sfnr*Grf@dV6v}oNu^qxWpM)FlY-6 zHirjq3%eRx5(Ks|Xfq8gi;mWW*MwKcT}j5(F&}@I0& z(`wB@yCHv~@TQ7<{ge%RG;gSE)8|O({EWQx^wg59;`Ch1Msp-yLd`pPo-x4@(UNFs zqN8SGtyV#=N{Pq?0~%TplggPiqLdv!a8vz7!({NywTIB)L^|}w>~zFVy@rRpL#d(o zLOFl%0Z06;cP_KM?sd%J>9vN+;+p!>@`7g2$lSCXT4l0ztBFgtSM@r9OUNg?Z8m}B zy4+)nE?fNe=v?KMyMl{51_RE3OJKOG?xrM<&y_iOg~;6WEWv?#`|~|#D_iSNR`u~K zI#u~YnM^4?I!(^=xhQV~z05#;Q(s?`o2`GP`w=q-!IllYbBJoT8s5xsj~&|U6z-_E zdGDqBm+HHpofc{!H4{VXt|nA`2v>4;QRoA-lG8-Ni9f?hvv6UO`ryb%Wg?}vZDeub2mhFFT!5W{3?_Gh@u8`__^%UM{%64_i6$%~Fc~jCL;hwtu4hhdcWvl(* z$2?hvtA#8Y=Nu@8f~(-BufA=+2OfXu{yfUNo|RuUGsk~4fX;zO3JU6Zc~MqW0nN57dRc!=~v=c5|Ftq1y|R4 zff_kaodLz1E7<(;VI!?JMV6!Z4;M8-sYU(uxyi8hq024J^Yq2=3*K2!o>URdaIaqo zX}8!iZMnsc_5NX56|MrG5^idP>;09jC#OByd3xzV2eFr%z{g(_5VA*+!0)`>+jtQ$mwO$|-6U>-fkGc2Kgrf0 zMmCnF;rt6=XEcDPe!ZPffUEr`WB0jZp^@7<|I68(c2yzAz4D9rD=+#r``-<^8g&o+ z2!1X2y!t}Tg}RnoXQF?L_!{8!oFwzquXxt*(n)klBltf%M8Ew%?GULGyI>%%-v8FF zPM2Xz-Sqg>B0t(C|>PAR*4* z-!~vSHa0c}69K+vJ2Ea|$6h|Pn({v^agw?X?!JMM$iD+=TC zCB?$X!uTAJ%`|`X)eW8-*uTwQW));5@Y^Y}mD?se=oVA4J2abUUcTd-Xn~c!Zutxj&(8Q&21gW8n)9 zdNB?oxaKLl4Q=M#8K|pj?YsG`dF*{B_>t>Nqt{0V0?L05G(<-5KQpg(uUS{IEpIKD z3qF;Z`tSBL_i@{}FDGIQM(OA7V?p&Ji+Fx(14H+Loxr0`dKEj86q~FdrC+6cho~Ps z27Sl!f75su_1-ry!|r1$*ZnoWcLG zSlSNXY4qxbsVcayelmCrC*D*~?3l`ZJhJIFZ?(IPY#U(E8Z-%h05^Qw^4;)R;o#ua z>f3;U25<^`AI+a@zF>QROi`bel97@rybQBATPT0IOGu|A&mHI<0qzkV9{cxuuLTfR;+_pw7}tM7o`4^J@Jl+^+tN2W_Y#ke-^B)%F!XI!h8Nj}OJs(}hALk|!r&*Po;tpPrcA&=D)^6hPYb z#4a$8S-5-M>M(IunUBD$JUBNLFuu~rK$rfYyN_>G9~%<(^_C8Ud*GI+@8FO_k3~6p zr?l${f1IYSQ?g;4+M1UlP7RIom3ipKh9`fBK@<~KBvzJ|C`&UF3*rj|vgX(}(9UGh zS&3!QrQy|{x|QC=ktH~>D^!$KN%9=BgwB~>`2j^S8T`Q-WmZpCTV_EXsAS3|MWGV0 z%r8g~=o1(c5*eGoucARkW=&pwrZT+<|*E7Q#_+vNjQYwEc z@@xsKh|G=vj7Sm@7Nn96L*PvVUM&A;U__jK^x+tBBnV_e3T0(QIT^}gL2YA3 zMs`+iPF6;98566qVz^?2#S07$4)7}tsjew6tF8_%_rq|S7}pAqwZeiHpO(o0>cFla zr*dD8JXDwPFhP1qhl1^?;VBIFQJQ~UB9Q8tf(-#ywmU6daTviQi>OtYS)`ER;%g zjh948B%yBdU4Z!%Mp4|Cr8#M*1;;2j6;wv#8#3k8=)%!yyiLBoo6w|fzd(Nr0rwHK zxvtqLy?P$Ne*A%b<)6j~?WX*F-0-4W&3Qj{Aen-d4zyVc-+vHoK(OG}eY)OW9a&VG4 z-^6W(gX2-KM|a1-;cG)p#iy?cnhvyu4ugKsS=7={U7@V0J{y_AM?duQfLo?(fon=K zHnwCYe215-t55sDxta<%u}5%#e)JoUyX?!1%9dfhlc3x+)tEsmG%rmdujbF%NI2~- z`_(*NR(y6^PD&ooZBu{91N=k99-$FwIetQ^cWq>OLIcpfKhSWz+pEf29+#XX7gk>8 zxKl^xasKntpyq{_|EISF$EmFKe@|tR{*?cg=)QU9<`w)GZ?!eYfqrn3gChRvZ5!A_ z-#@|Wq1Wu^K*d`x-el5mzo~-`YjBFpPLtp?8-{P-c?XE(*iC?Mq#RMg9en zCjSj+2EUcM4Bu~#D35Ojx{&+gS125i4g|FcBPwM1-es5Jhx`R-7q8YT&jIXY5aY0A zokwtfU7!G(z_WiGv;$T1{D&jYfa}b6{TFW5m&pUF1;_{ubN=FVBg=Rm6q+;(P5hbT zK|u|#yFft=%bPUfDz6H7gYU`Ux#qRom2ftXE82O;J;+Ya6}YRy>jL_sTN9o!FpEk& zA5$A#@7Hcueh^p#_pqau2Twbxc7cQ7h}gs1-obZ0Sj&HKdy(#wMR4M^&gyGz0&eft zx)%QndJn*0=W$3xW%5V&!*<^7PE#~rh^xNmZoYNZ(Wh|r@xqg;QbAc+h2~)Zv_K#5 zQog9}JOP-##-o-(e`HKg`a?4QEaeZ$;J+lAEIzt6OfkZ%o_zi>-2Cj&cT>5d+mEsO zV1HEP*f)QNv(SM>W}UE{53-)ukk z=~kNn8(%@FD`t(GnNdpnEuW|j2DaB}eD!4Y%pZTIawQ|fV{Ur%d>DN>sWKXbfVjk{ zxG0n~D&lhoJ$FY&9npM1B%-;4&`z059Z3(&0}4=9ai-%z%?Uo-gcea?d!%$vtmZ3` zBo3~s&Z4!Rn=3)AecoY+&|6FGNJtwJ!e}^~ZUfcwg7CbEbVJfq+oP%bUd*SPOHD3Aw@;4Kcig^aKf)T#yjQ7UL#GZ|d8IrsU^ zsoYLjuHMb#ddJ9P66AVONtv}mNYj_x8#eE<_j48(N=u3q`30#O&n8ID!1-7@lUJT! zR$d_S7x>Wnp0Zf~U_9-zsOYe;X-;*1oppaTg>{Vr9E&5XK^Z8_DlcbBXr$A?12Ks> zH511~CdvR4Dpplgl`3vj3fIv8^}F65-~*oVL5?l`Y>0za{_`ih+RuL7ovp%60rTdg zUzkn9rC)IdX|&Xk16Tjk7r;nF|LvoukvSuQJX>nxjGZlq3$|mcwnEd+L zps>WfD6Gq65fbtTsfUoc;MymDG&qFq75n4EwE-pfgpe6pd04{=7 z&=M_#OVKW2vLg?lPeC)#a%6_4AOX@x252f2KvTF1PKDE>ABAYBVM$dPzt-L%vP!|II9A zQOcqSR7(l@9|B4|9Ya?QvtQI)KP2DnQ6CKs+@OvD`qe~5qO&&Xt#85n~J zn2?`#VH5r*Fg7DUk$>d(X5_EfSoA<3X<)fuyX_zK$22^w<;=TpVjYHaB>$h?pv~F9 z5OD((@m0Rr*rt7u9xMiKmL4b7cU!A(8MQxKrz;HGk6^ie8Mo&s2obZKrMG{8t3g|l z(KUHptQ%@8FeVjcq~(90w({Z@kF@ZOsJ*z@rd~CCbghd@eXkrX-Ak0rFHq33U4eb2 zW`2P^=$QsuHjDdC)7Zb?@$q;(tn60EA4H8ai57P!f&HPyzY-Z< zm}Bvji^3((sdB;RdNo=3o6#<&Zh6^ELp;-$0#Uel3$-)XdC7uxb}J++;Vo)6Oy?(+ zU&Uka;x?Z*55^E5Hy2Ft%P#pX#ZWpb%e(|`wd5_yw zFYpC!WGOh7@;xJqN^Mx$JViWp&YY=l9sT&yS`ZUa8(2Np#Az*_OObvvY4( zvD0<mHkPb0L-v{9eP zG`xMGYdg_D0)3OnbN8{0AkRdCf|}wQA-;M9d-;C>rJ82%5W%L{%e-j6Ke8Jy@gR9)LCLo1T)wH^&5iIsY(}N1`yrvC-TF5yLMMt$@&Ntey8$j$G=j#>}=8W|56V#X2 z4j+HY*@AZKA2r(c_G+5|S64%KPpPNRvWI)ty)51fQ z|3ExcR$cH=<+t!qVY<0V%uc%NJlU}=Xq+DCGJ3E_u2Ch$cGxSUi zViF)y`5?=JUR@7O!M=A9WSDBc8EplM{+&aR~jMjw`fWkZ9e zm&7yCNUC6W1!&8)R3uB?xXpcUPCmK$rWM3zy ze8GFIad??HFD`B)7#?1BH_6ffvUh)d_Ida5=)Z(Sb653BMf2aPbP+IMd0_;51-|kZ zvyHNZI23OHBJ}-^LzlfW^;9%(ny|cS#wCYm{fdXfR2Qq)I!Q~rYm~BA6g9#ef};ZF zm0KO*o>b`O-ToS8ScAM)ZaBzb185+4odP;v6hO7=- zf!vuD8EZEcrRD7{2rKZfG4$UPnHXMPXk6yHmw1Y;1yx5F_VOpuIZnF_Do{>p$u=gQ zc6AR3@kNZARK7z3zX@nK(1ynv;4yyi!34Cmxgu~DHwZ9D8gGEz_hN*V6FQxQXeEgu z!Q7Ac+48O0*+WgCrJ6{-qm_RH!B?mw?(SO-1m6d#A|`TA^^`yjlq#+Hy!#Y$P%)`t zd#-zNfLb2(Q+t`8+Sw^y784kU@))>H`^Df#7l~Zy@)U$(5fd97>L$U7G;)=Ou8d$@ zU}0_tP93mNw9@K)s!pr3Tt%z1xd&RE<(kv#;OX45?(axliS8FS@xg!2p6UpH0wsEx zC{Yht+dwH1jQhOnoOW<&&_%9$S!fROQ(Ud*VtFm%-aM_{Y!0Kviy&z!g;!v?$P_*r zfBNSBdKwQKj>)$hz=tCIAzjVo-8Iy#9HZ3zQz&2>QNW(iLMjC$SrusCrv}2~JG-lT zw5XraAXdMxc^}qg+9!Xg-bs=TtCWw=hx<|eo(8K2&YlOCni_Cj%L}ifp?paLVidYW zOV@nE%gY^sSAgB!K?$GitrBus*i!5rCt`hhHE=d~kP^vZaOP)e+GEEK8osi>H2ihm z!**3GZdLB1jk>7O_i9ihk=%owf=wq3XMeosw=40ayG;T6bI*S;#x{*V%U2{?RNhfg z`TV|BdB+D)`7>N{-xV?1ob$Ct2JQ|EN&8RzC0n`}Klt@Ivvego}^rGC!)5m2G@gi$5WzYk!cTZm zg|a-)6bA-J)5uI3uquqaZG?hexj~xDzs-e)f8wK}w(2Zu1fzbe&nn;1ynXtopndfx z;YL>w={|qt$HzL&rd@weJ1sOUQRpVCn4#q=X6Uh9Fhk4llNtKcR%U3qX3Wr=LD}_% zs}^(+|NnqHI#zRKU4Kc0UlDk2IZEt!zNbR>)GeN$_+@USc*DNw?9pP6=ybS1=hAd&dV{L|#;=eTaVmia?<;!Q_9D{hVWCoos7>|At=1j4PhXETx>y zMW-p56a|xien=YSzvuDiSMtBTK;_{H-;9RG&^dIftnvU;O54u+)N&pgi)P*MgJ&4f zrSi6j@V_Wo21-Edd8W`P1$j3tq4LS^omIVAEv}@g>w)wabsCf#W(f-f_}3ORbv?HF zq7HwzfqyaiSPt#giXF~1Qn<8v20s7$4AGgrVzA|w!+hm(k#ZDyNszP%8n?sFom%KR z$ggPs+B`|TGq*6l5;3zoTcs&1)AeWUt9rMIib7xq(HV9g}MK028M-T^nQKsLi7 zj~l^%XDHu*A$`f+yKb|Q7B>JDt{DDuJ$%y3D#$&zGg$qTL zH9q*<5+tv=46V8ia_hr|AVf*SVi*q24a+04Xflhgpy{9Vp&u*ewNk!?y=8_A?q>c< zSRZ14v!^WApa7zpkNttzaT?WtmJtL+=p8thQwR~ zjdHGFl_mkqnV&3-;P8Sk`-~NOio}BITxcCr9C+C*HGv~eM3nQ6xi`f0XFbo&6*z%J zO@!Xz6QyEjT{r^aZFfQ^JCrW(7Vg5|Fnrf&1E^lCVr0k)-H>5TK8ur7tC1C!MD+3g zSmCK05y)ef?0wyKyysYUXIUKt_@5QQvFEH;x`)}B(4O?4ombz!HI}WeD;4~dKtMk= znH^Q%(FQt0&w@b|bf1g*cwy;Qlv)%M_zU+QucOu4Hsddv40BUy=McFz*>23!R=4KY-Lx1J^-S|Xgv^ruLqHF?PjPas0 z4L2aGhfF4dE~=y1N>XblpsPHe{=`>r0;lkLKdFwni^V4>zfLU;yxtVCNT|_VsOU|r zF>E*u|NZOe_Gw1aq&87eL@6`<^XPMb zJH@u49crk%iDq^e)Xqt*9dr$P zEW>!ru}pzmMmbt5_ZZsq(w<$>>HNTbiS@Q<#XPlO1?PkTNq#+h$X?g)@y`tVp-$WV z$3`gwQN{`#ggeK)^Peo9lznQSsZx4Nk9QJ&B z8oS&5z-y&R+|f%zc%l6B%N5)tceJxxcoMz++^>RI4^H$z4OZLiK(QZFj&f7Lhu9J2CGl95Y@LUMB1 zLK8uSzO03Hww1{Ycj4Mh*fW#s(|7Tl&Z^#NwpO;}0)}vVC$M8GC#eWaflU3EiX)!(#h99% zJuK`(5?YBPUwKEG2dY6{cwKmFn$Omf^b@kowVY?xV17?T-sY(e_dQa`+-4b5hHtV) z>Vjzp5X!+KqKP{-z9tN4&}*?NdyXiJC{&2h8CujEA^%<*B2fqcfFb>I*pcN}f-yh^ zh%Og)pPw8{wpF3`uDQp_+IZyxHx8xEIMY;rHGY9ukK~%`W4w26%x}0DxLPeh3@O@ad85L3p7LNJ2O7DiWSWK zHm3j@-`BQ~RZ`%%-k;Oaj!0ET84Kk33m@v#d9YTherv+j4oT6V^0-0KHsL({jP>I2 z#XkZ7k3D;uf@|P2Vm+t4vVJ#euAqwOQ!4bE5&V_F_hD7IM`Xg2z?$5TF~wIN>XrUu z6}ehQ7j*-eo%m#x z!3-6oLmN_R`&AF6Y)ycRlx}CK`X`g&%^*4LY$T_p3!H^0Bc5GB_p>6ENifq48}}tf zsVc|J74G$dkHnc#EK$yL?tTn#3IR8B?plkg`(e=MIWRB|45#5!1{&P zER3t&_SGi<`(u=TEC)pF#IAjlVt(n61NXX~^1fA=tcBF*Xv{k;){Zk6XrBqXD($${ zT3Vhpst`|o5wTE8rq3D88`%oSefYdf8ek}4l6hWG9=E#8j)WnF^xR>HQk%9p#b z-}UwFz?V3zQJPDi(3Aa?or=7gst5Q)+GXt8;i?f-EmG*`21J1So3K$GvI!3Tc=E40 z*Pn>kQzseq3kz($ax)mNefs7kI%YQf7|aez6~E7PO>i-~@i8#E$MK6{&Rj*rFY1KE z9g9dmPT&|%6_$*cCW~mWqryz5dLnOJ=`ZO3)l0s9W2;H+-q|$B3h9%bH0=hnvUPE) zkmuw`GA+w44&>h@W2Ni<-9vu;-I`l9>Y9Yr)Qes;GAwfVgT2(xR`qyIA00(Nnn=06 zvyN?Kp$Q&w`H{6yTv^VV<1g~Q)Ni-M?OH8Jrtkueuw~s794daNOt>~{p6n@Q%xtB_EE{(yX&ACGGb(_h z@-~8LQm4CU$8cv&(&zaYV$P_w@#M;Y$_M1TOe)pZ(~zu$v`~dAtm`d$tlthF98z^& zK+IjL8wvpTzTqafbE4%}e$HqQsQc}S+t&^0N~uY#w9W{AD|VpAB3kTT%ok=9>%HiX zUflXY`o=tqC<)&X3JJLbjjw}&oKGEQmpcv^Qix$Rzh0-bLl`*AA{c*h{o39Fw#iI$ z`!1R5e?1q4{a6svEqKAhpF&cUEY=d@`)LNkQ)#?p$sy0oR{AAiJ2DNy=UB?x+1y(= z^^_SLaw&y|Hm3ArgE-iioJRo;&2hJ$Fv89-Y~B=whIBk1r4F{({pHE?93+L-wQ4}e z@q=V`;DbcYevJ+a*)^95oWqXvoB2UEb?Ka3JxIe5DAh>TJi{Bk;xXmQCBt z>b9+>9?5X1rL_@4o%V<#pN|M0CCd@y@;xCqO^tkIdbq!{_H%^O;7_v>_Lt<6OIM|# zC%WEiRZJPA80|kBs^0S7+G>dBa=XiMZVfIkyfh zNN1lT-9-837QqvgM#dEVI0jP7E<1NL_C%fI2$qlzqHM{6P~@&1>l3P%NAI7{nIN20 zF&;><3rl6-Z|hf>R7c*m>{MG znqzc&{2rD)zetN2_6!Q{Ea7tXb@1B+9bg7Z(m9OsT@Aibi#uc&3;@X%X8v%_aFW1y z5oPU6(EZMU>p9EClkw-P$Zl>fEu|YmdNkvu#8bPbaGCLWVomw^9R>&O) zl0KeBH5qx{>(|XW@Fva$`9@(Dx#;0;!S{OzTC43o1V1KmUXuZfBBNq+wu^t;l*vt| z%F(i@lkl2i*zWG*pWw?ILwwjdWQt}s;WlE}IOSIW-1erkq1PaQ=&_)^>aM6pULmr!|SnfLs~Mh}j`_%5}stSmvL(WbjF{X`D3 zvWI6%aK@R_jlg1E5UB;0HBO>`tZmUu5jKP-gnv;yI ze~2#*q~hnUyvhGAi5@z?1=_$s@aAywwZ)I4gp*AukT8edNfBp0o_l0yTG&%|Y0GVN zs)C?vVdkyc@5kGw9E1AF`VDSj`ZJY?8mdDA6D>1vWlpze$f`KV8>KV1<%iZpv%Ka* zH}5B{=Z)(I2Iwp#8@31E(*5pzbCo262dWHCPxr2w1ftq@rE;gWuOs*Zu!0daNl3G1 zB~|e6IadTXcrm(RIP|R2q`epQWgAcAgCuCpz;LwOEh&LtiNB>mGKn0%YXj4)VJvHW z{H#8}FiJ}So>~|Gy%5?tdVS&+sW1sf_ohpO9r_8@@#FZ6meB!xo0%ncO{qUme73_| z{zOjAh?W7s1ou$g6WFS0WQee167hv#n1rr(UL%^*G)!7K35{Tm{-1sM@RwrcoRcOK zi4DnnHu$d<4;_nFYW+5{>G0t44<;^nW&4)EW8#KrLoR*Mn&>x+dbyKYKAVPhG)rVpldtnpckLmkz(iMsH9;Ei&I&oLb7?bH%w6R8?=WpIU6q2jg@I@s8N za|cLP%@7M!!x{*?7@AhJN}9|!iy+(2EEZBk{Jp4EJ?0m0G}y$8rK|uX+Mq!uj7%C} z2Zd6n5a;K8{p_l4l}67GW6>}zg$-ILu!r)z$=33K$<}G(dWLn-$9utK>)W$K$L%0K zPXkkn?uv`L#i~nyJzELlQc|Gogs76S3FGC z@!2V0CYI9mXCo1k_1M+WrR;@pbQ!2A zO)u$Kz;kEA;vzj*M*=sfEv4d=Y$*1~Qm&yphVd7_>vAzz(j9-U>MtUf_e0ucurlGb zhUFNQAh~W>0O#%JBGTW{q;|3D>{7C;Z`-L4)Lu~XXG%7?E45&?k0NSH&hEg>0I-m) zqVeaB?IT|MOCQ9!%{bZzNn0uK&$6s=S3Rt80{)eh`51m!Q$rd;+97K(^^r7AL$wkW zOl4{xFAh&EA0_+^@=rp`r9jTdEy5J`XID_9v-w9kM~7K4dIf!>3H7nGRXgq~`1~?( z1No7Y+VlgOM6`QCjg_zb@xb(-v2cnXzvlU+6f70R;>iF}u7Q%%0Ncyf0rPtP1Io_AjsEmWFzivcLX%K~*qDKTd1D`lJu>=*de>DArw^U(WE2tf8hw5y3h z(?A=s5cfOmts{(`<^^yO<_?c;04u?=M#R&!WtiqSXI$9reI#1ZedUrxqp%1nDA=yR zjdXl$>3L4O>B5k+_ZO3uDHWV#92HllQI)tv6xblEmv*8=4OZ6>HC+Ygf|7aXfa_uD zE^3)u61t8-o5|po6~)@ej&WGUUBAy^P!!js-e?^<50GvL*=N)Un zH5mx9p{NHx4;k5Dkf~X&+6TI3H?;V@tS0*?Yb-+(tzX|~^@!qBCLr&BRsY!ORAbD$ z6jCaBS6TXC`VJlUK;1V2p;79B!1sm-B<~Dz4^DcVYul-kaG5anh?=c**Wc^*9ohcF zN+uR33;P4pvw;r?UIn(Ar@@_@o8PIKr24{ zab!1aSI?>sCt|9ijeAK#Q$&$sh{}@C_tIG_`^fIjX`DagvUeP&+SAcHb(e+q< ze)@jeo_QZ4O5e749wdcQL>{boN&f* zk;4m=tYS-`*&CRk{AGK@{*WPeKzd_9A;oO(bcI0cHf1xvK?|pNA zxJQ`L*ycG}1Hjw6H>428WVd>BcFB<*O@WIw9xuXs|H6S)B&*mYVEkCziW-@crTf|t zPucSnZjqo-NghkBgo$R2jf#$gPST)TKQ#iROg91|BEWuz#f>1zB{3oSqOKKnuap3< zL9n71r=wzgkhRk}rgIc}Q{j94T_*b~%$T;dFxQcBY1S{ilteTl68(U3s<{c0W0h5- zVY@kQYbGVQ*tE|Uz4Q+=8w)J#W6F4%=+ps{N&B=SKe)Z?Wh4J%4Xn`=S+8qX{scO( zZ>P`ekE=IF)I|G<+=S0PMv8@7x0mL=>P<0D_FU|yKJ5Ed|N;&>_7(R%*=wm)Zc zf5Yz9D2ww52g%VGW034?d0qREf-^jjF5zS!Y&<{G?5d4GlY-G>So#_7^c3ePXoWXR zM1Fj5lx}1=nTkc(1b#b3b+a|tBqhGkEdWonu91tJhL{G0nLOgn9JRm)>$ZTKjW1~b zcd(?Sm}H;W!5>)@5hZLibaWiUgG2aO-;P23PHRR2a0&0Ut8q5G#TsgTK|4R7wJVg@ zj+JKtp&GR;oTNV$*T6XAH@+Uq+h%H4&yW8cCKtYheqn|vlT`&kKEJNlrLd0l@aZG% z>vJg^MV@<0z`;v?Naxpz;QNTGc2bPq0~{ruQ}QS=l<*ov3g|I>(k<&fJJQ#b`;|+j z8Y%+jU07uoSOQ5MOkT(oCPhK#}s`+VmN4gW;j^bA5h+2 zj5p(Une8A@yJFpJjv+J;t;#Mf~zA%#u!Tr;&bEk21KdkZ**vs zDhno!1>d<}!u1Ss_$~Z|NS4MO*HNEq`j(ZS0Pho(>u1915GB5facrBuJp0~OC}O$d zNOI_>hHa@HD41^7lcCkX5}h`KJ6Cv<_tnfTq@CKkSJ(F<7(`EDM*4--onUe@s)~BW zIJ8*9_hS6~mtfSp`z3uxbOF(^`#knxL2;Ka38R?Hocnu;m~BH9q7gg^h7730UyK7q zO}1s>hVGJN19yB!lfQ$_Vvo|$I3Nc(Dw`q4w=uy`o=+2@*W&~O6L4^X2ZtQIafL8p zfuujD`CAH^s-%E;ZI>!PO1{I+g*pj%;y zyXNkbmdNyJPW|SA2Gx!duhyH*an&WmLf>IFaNTsdy6Sde3D$XP?3v?&2scITe{%5^ z7G+yOjJ~bV$LV`XONZo>#TWy3g39VhrESSw4_f4TZYoGW&EJ1s8)aDdsZ*4R2y69c z;Pv&W8uLxy_D!vmunCg>++Rmg0Tw8G+IvGhC*Zp2zz?AbEcMl31c3(r9H)nWb+$&Q zKNzs>M+=_`n z!3^=_H@gOXCrh}v9Lck|C!*ZylYOh5(w~hl)_)NbJt6;K60%zW7#zL|!nqS9UNeKI zAS2)azY9J{Nka$smzgaSB<8bad@6d=Y34Kx<^Z?bhw4^+{e;wsXejX3#TQ5KdrmlO zI1hCp|4r7|c0Ck%Td)X{7|Ol=gx40&A$TuWe5}mwOUfj8qt5GSF9+3SK_ux^z8FnDFmB56P?k&UTwDr9E=Ecmw(lERzug{l z;_psZanp3yKkye^l~XE8XKscoK5%2lc06BjHKg?U9kJQv)X@-K$Cy2T&4FX-A;1l# z1YFtBu4&BD zfM#l&wMoFigB%M{rtsf1aqSeYc%kI>-nmHZqeLa0$;1GjmzsEmf)b67nb1d zm~~Eq({(?XylyEKfgf+Uv-sc0-Zq`^U#P>T2}yJo-=FUo{MwkF9P5?t%O|LwHUrEF zDSidYW2AM=!X`Wz6f;tWXGss!I6xF410gQ`>MU-$)xD7{gD;CT7ud6r4&Hk~XFZ^R zMbcZrCpwyW?+X>d&WufqX)1!`q3UTm(n6NOMe<8_1vh2A}z1w8iXles4-_ z>B@;pX<9&Bk}m9pVLGTf?zb%vPQza9cQ?A;j(0Y`dpvL|NL{mUZu%^lX7&h3v(5qIPmbVvMWOOl%3K;wweL-((cq%nfaP;~&> z34}nyy(UUU$nr8ey0AnR)RB|`t!>#0gSYylmaoiwWqc>Xgx^=NgI5$S#SATpVpYA5 zDjwO09LW_#%_u;VwDVQ6B34wqz+3wKmS>Lv%u(W&HeB>;m_Q zplpITlkf={IosvCsS>wAEU})>yI$?`2xuGSFj@U*Zyv(&;7aW0I`;kDnwZY7R+=aL z=;?7_nAF8Rl2!cb*zXV9^DKlwaR0|#_M^!~ z#QM+mAI%TnX7<0KKAOyIL>ycR1Z(U7PEcGO0Ikkqtsf1Hlj%RY<^0$C_CLDi;Qr{A z9Ey|eZ;)hW05%BE5rFx(dpHm!E&vgXlNGed1fT)qzycMFllxzp>$Ly` zw0~`f|3f7w*Z)s&uD`)CApc1nGztyC{~w}3zG;BZ33e#3O&+*_Zgem%mjCVq^_ouF0y)=%bvwz3*k2`sZOvP}fD&jG}5SfGsy*Le7gURlEQP&w1A_pWFQpPFT{D7MK__>+15 zd*yN1=p;uYYmg0Yswp8PVOq_Dix0l8OQMXKkB6ej~en^v*(gBINUn!2*{=$>IJ zoWURHSAv6}82q*B#>VHX`iMHJ187!VpTzAA?~)P2XF-0uDK6M@Y6TJCxg|1&}03fFeJA3%mu6LPPPh782A*sYrV_zlLVuIn!-kj`lRhz5D z&{TzAM=t)xvl8m1?StE>kSZ#d%JhU{c>Q-_8FB}zh!UYIa<)C76pvG|6xQ@6o!6Fz zV3<24MHRg{MVQqXNx(Y!yKu`hj+8+LY@CR=p&bd>RhK)G3H*wA;vZ23)>CyabQdRs-vA| z@Ptqskg>*j3R4HpXVE8+!1 zsF`oBlPQ6TG4?&4xJAqgPhdG<&k1@k@8B+-QA}T8UKeK?(7(GbVOa$?2F@%VEvXjf zs8INkq&XaWZ*xyeWhL_ycXnJ7W}SvZO05!Wg3oihD)LYynMQwaU+*Y|MFFvNgA*$_ zGI0|Ba+1+-c40}`HJ8I4tEIxrqC>hdkO^JGPQK9!b5Td9&{g+i;o zRQDX6W~|XD)zY9_HYK&OPa+b+E-ggX4Gk}GG999hhn{g%F!BKbAA#qbxzC`8b5$SzCZ_Y_MP*?YR| zQ1Zl7L_6La(@;j1a7cIYU!LEA-?B?3ud?N>qe)cs$l+LH`L872d9i%DzbD4T#y8-7xu68e+ z*+WUlgG+BRTk<~=%SdtbBY1QncMG`st97zE0a4@!P&2h1b4lpXdCR-nQDfVKPS4V5 zKum9lo^FLXt=`KSA6-9=m|A9~xYiO){gS*H+2nPM&|R4Z2ItHmWWvWY|h zTe!tjId|p&7fU#G8*{E#2v+C)eu+$z!H<@_7MTcKw*2m)jCizM;%CZ6HG|ih%<2LQ zmYY}L2IXedTdY+*W)Ifc#?2MPJs0rSoZh2mO`^qJb#%GzvBB!+o;m~ni6Mp-dMw<~_nR(c)K1dv{v?L1HdN~ZNo!26=$Q!C== zr$5kq#D-OOffvyMW>`TCoqZV&&mI@Z9+()7lYOHGE^$W+|7R3tRWf4&vH;jIC*&Bm zBoNJ@Fz}V)OOUKB~y9A3_HEXT%C5kj?uhW_LQLhi^Gr`|!$NZ1}!!`Uk!5q!2OuSbun-EA~M*nHWSP zDiYy!=}kHzcrheJH#duxD)&&y7Y7P|qP%vi<)qCRBN*Uwer}5vaO#{nyQN4@fGIq$ zvLI|eVM*e*FR`I^G>1#>)r$^?*A|CRN)KJaxSk{JNFduvyyO-9L8dG5E~R`ztxIaK z#1Xx7m!4f!;i?`>6DDL;Uh$-c2BrzAVM^^tkWbkS4g=0))V{5aPb9**8~H1W3aaIsblHJU;xHyl-BnUXS{9KVL^^zW1qS zzN)^=zmpL(fukZ*-((@*cneIKCkGR&z1`2jBWD#fgHYGaD_P|U3zgz)r+5| zTV12W8bh|i3K)AhMWzQUuxC-uG=OQa2KNoel;d=-9L3|T^&@*K`*Y}|y;8BMkGL0S zkM0yIG~SgQ%~gC^NA+e(M51;TzWhY zYr$d2%~FE}wbc>}tZ3G6fBzklTspnxWx9?it%z)5%jBmre43bj;@K&;T{T0FR(2W8 zl#~Kg1SzXg&9C!CrwtZzQCEi52x7%-dV4z?0j$tm!P>Q0V$VSIGr?;;bLqpY+;c2! znz8c{@CM#jvoQMHB5E5&@+UD^kDb(W!5Q_|%h3z)uelya^|2Lw1A=qPNh1x@^^KhD za)PYh=~&+j+qr-Na>~=nwWB!9ZG40e(@{#{0!SX9YtuMB*#=_H)9}N*zc{9a7W9qoJP}_PN|G9 zZ9NWa;;!#&-|m=X6~teP^F(!HTw?Fu(nZIX#SyZgh_N+bcgM~g(*!-vHhzj9Gn})U zUWco=#bkh47^dD0EvrIru)V1$?H{bm-RVn%GES_ zN6bhuKhFVNkA($!@f`RtBO&Q8ku9&W>`E6SSQk7>4h(?7KA`u0O@16@9LYf5!@Hi~-%cYXRbNskG zwa4n=L4b=~e7wK1kFj%(c69?<#YLET6Kq_5CX`Gs6U~u__IrnlbDQx>zY{28>SP3V zr;p%4bUNHkvC2c)lY)L?n3`sx^-$n2Va-}25STOb(9mt4Ch zOhFGJx#93c$5=g!yK_Q7YZJ2=8){PKE zcI#KN`qkxNKb{UQj@G4XQy+wUtk|Q#gBXpRs@1)Ih>N}8Q85V=p%(#Dchn{7g&`#ve; z5l+X)P=CG`rgYUHq4_>hip&kP3FN@Hi}ngrGUL@srizNdm*6E&WSke$5Dpi;M~a0! zKFCMPj4b4-!&u@c)1>VJLj)Fc_ecqtrDDnVaaV*lS0X8A>UZU`a}MA@@CZG`w-oQ=S9+?3f>9OjfI{+PKbJN~uhMi&qP!_hJYz{tkDJnTL6&0d z$A6->c9qR2S|JVa%E?E?`l*k)IG*e|ufrrlz6(l6Cg}ZcH%i9^Vsy}r@`cnP1`ns_ zkBa<`|5+(NJsMxWek3!Wp!H%MXmBC^0+zgoC(PAVAHRNA-M*)x)t8{{!+doVQ{sUW zn3KWloJ|UPX_LOP zf>5_|p|Bxp%~jtcc^cHBv3}nR13A3GQ)?^e{4aLO^tfO;XyY# z0B$gDmV}yqG>E@g^8YUZyf;iCZ$k7 z7djX-6Ua#iK#a-E^bZ66Pf5&7On)_jrWOEb0H(h&*gyt#0LcGCZo!$E*#8-?hcv(h zCJ5>e0R3-rAEEwNcFauwr1x*Ae=_<9M8o~7>EBWMt3>xB$^1IN7R+B=g2rH&|3K}J zh+O|~D$LBp@qfjEp2h(P|BaWqIhcr;ng0ROAMl!m<>TNV2>o&J&k+0#^|#Ia@xec| z`R}*biI`cK{t*Js%*+j9Mh5#RA=Ck&2Gu}=(SnXU0Pw(_YSgR(Eh<*?P-4;LpM^MB zD7(#qtm_wMd(VYGzndqkKwFoP54IRP%ka>ZlP9vOxDrv5@`}?|#={vE>`oAzRJxtc zjduV~ZMx30?!7XfJF=cz)6A8u-dV+O}e+s~k zCaENXngjqND=OHl`6J;K=>fH$Gt8xnlrABDLGDIDI(kAtrL?Bd2iSh1Bp~~yMFhqq zOb50#$gN3)bs?<96dWP_4Gjc;qTNai;Vvv9h5Wfj+7k}au$K-2CaA{=uwgTof!v7u~RxZW`f7lxZG}20}G4;#v<7Ey*KjNBa%8wv)```<64m@EYoC zyb_Qmh%bfq4eQhHWge5%CnhBhGNI1kCsEp^6lC1kEk7+YLn175ZsJW{7$W6zDbunf zK04PhapYzA-1++2G)o1*q2fr3)>7;sAF_+NH$Fkjx$X~~0?{zYoUg(obn-KbH@gJYYmSNf= z+DTO{Q8)7c{zGzDBhglxtkwO6aMx*0Q!(5)Y)AcATVMZb*uU4ve{}B>h&_%V!AX;J z4#X>1KtJl>kEK0Mp#R!0N#TlkTQz8e``vUih}?~rmAFeIsOaqN?Ke2R$g?buYv9<3 zZ^uH_{8K%pvk?3IU2t%VjJp%bL>`~ZO8p7NgDH_D4sYGCtWnTfF}rd{wLPugYZa)6 z&EV#4ITMv4U(rjQ`4XJLstH;TBf)xq9=Kbw%SV#GhMwWiV`QeEoqOUepiO=~Ah3w1 zw6v9-o=rLwP9Xm=mMCjOyTGmu#mld8)3|Iu13{35yz4PSFMM|^P>WeI>@>Hx1`R;Y zS^c6j?Rl4-uTITfe~2E^by1Bmby#xR28FNlWPUyWR9l|8hsQ%ow2S!IRYwu!1Y}pm zYPiw%A!pC|VKO^WV09x=@!Y=_H&0AtfyLuqDwp(QHBukjO`01qSB&_&H5$*4-Z}K@rVw>LS0X zZ*NXybMt`AXsv1r4KTh&E+2fq2_*1xu%sEA-+NqQ-0?8xk?H<}MCplyf6T_(!b~`x zajaA4j-JV{mfh|75PoQDKWG5~GV{Nd-%z2;v1oR8Ej;x)$v2^pW-4S*_q`D#_*f>9 zs%z@nc-t{3+V<;i!p6PrnM2NissbDz&MN5`7@-o+x8^W)Yh;rxnm~5?Q43Y6*XmE` z*B;Ho?vZ($Ok@J|9YWF3uSi{Ikk>0d>WAnpwoOXs(%TTRG2abVYHh*A$ZA^&{Ui@$=H>D!zi)#rr*4 zWXlHPwW7_kzr0e5x|h2{?AK2!{AQifTcv-BHGZ6UR!tWdF$BVpo|6(gu6xElsd7|? zo}?XHXeY_5Ht(6Q1jU~m-dCS;`R!NuP#(t;#A9k8#8AHcs330?%+CbP`RY|wtQia) z@LQ>zMV<&$&N+@FmY;ai*JeClg2r3)W$s53vd@$5i^vEN z2&__1n?>mtr69SpPtj#`Ud0h=%0 zDIcZde^07D&Vafh!2}Tg^E!}{C>RdN z|+ApgZ*)^{u@9A%EJcZ0P+6;Fn&x7IR2d&tZINEf`0q~IHJdWTcUxnq*cr& z5=I^tpA;uF70(5s4*<--ES*3;0{~(`0VrbtzzYBaEe-$(0rjBA0RRn<3=&h4geDH1 zOqhk7FQ~WJvk{i0@eBNoqQ9o0YxeSp-B>*dF@&194aPfG#@^V>2%!xLE}k?%1S+Q6 z5LIl;@4dlmPU%<)g+fBn7=J(I>8u3)!Nalt^rV7+IST zYG^_sV*++=S5&|^X~B0OJP=4nJ{r^yNswtP0_wg3!{acSSBPMyiZ2fp1p}mY8#*>; zvKC9lY%`UnYT=UP+`FNQ?7;R?SBJaqV^Um=E~u}hXtnwH?FuTSw4^@Bj_qFJYPac> zPx%OP#?AVoC7}BBc24$W~kMRO$SlM$IS#o7(RkkQx zHjK_96&Ox?Oaa6 zJX&ApI$43n-0)k}Glifim%&_f z%4EZZS@nwvhZCTuTJmkr)4Q&nU`HjoRIVeFvHQHpg`AXki`?E}t?Kh_#5&GNWz{(1 zJfF)v=O1p|68$u2o42F^XW2yckUMo&gvTUJy}U-+v-XJRd zpK%V|Z`mWVmdn;lbmy4Z>Ua;f5eXU4ZYKNA(nT2kUe&-q)2eNF?rw>g2gb8P~GD=G^sUGaxonW2G?FI!`~{GZS^K4XF1$_nz(3@DD( z#>ctl#&eNCj>!&eEo~>)qn@>6q6*D}Im5GzgKuo+MEbWTq6RC5w}TjkfY!#cQ%gEm zmKc%1;%&_*;M8rgiFHF_NLqxh&FUXnp%1x7{l12dW;$IFqOe=e}jARJX+B;`*3cA>*;um z(?e2>AfcWpFZ^y{XXs%JV691dVmB9Bck61=p}?0O>fL)SdUP9K6*dP=nT%bNP;!{1 z(^MOkBk1ZxmwNU?xfc#mJmXBZ} za{%u`w7|B}IOMTe!+CcZpLd_xaq4EKf}!(xhR?8a?zM|l%dU+QSW>S@(RODsJgx6} zj{EfTC?3zQBeQ=^IW@boYR1_Y?W2lD@5zESVaMXRJRJ=5mmm7>tYsohO(uqZvQI79 zM_&%lUaS^Iz(}pn_O_GBl03K<{|rarrQUK%i>5G&L7#ji2mIuAIicPhz26I&xiI~y zzSsT7f2}opQ$R!(NU|}~u;AWUj-&R0C3(*5Is$h)}wGX~!5%AiI>uY;?-0j2dWH;~y z;}v#}A53H0hAWY}9Wi`&N9Gh8Uc7%gnNCNZ{+Vfpelh(cjU3@kkb+3psGUd>tyLNiIG_E`-ncA^XI%F5^~7;gE2_Ee-b_u2p^IOjLi%Z0yB(55`mbQz>4#4Pk$YUv;k%p-Kj+wriO8ylDYcR zxdJ6Auv@L?CYz)q)36rV$StHzT#7}dlIvy5S;KY6?|)#7Xq{v)wr5$rw%t}fHjmx! z-unQnyN}*uxA&ShMj~?_)z!~c0wHLwv3y%7-T^)P5H*ELWo6#>$&$o42Sa2AZV=7Q zf?d)W?+J<_a)4Hz=4R!$WszNQ(rB9!ykLkKe)ex<*lWK+9fE#|2r|a6b$crX{@U_~ zj|}b#n)~Q}?oRA|9)udyBZMO#GJk^s53&vt^?SDG4NxM$dWQZ%fYj6$JfD;2R{j+S z`+I>Oo5dt-EY>{EAUYKLa5iUR2@B({#AkufruAEgW(hwRpw*&h0vx4LuRlpB{637pH|lzhb?`l4VrUIb-tR94CqrNsLA|9Di;0{k2q8FcPvfU7*@<#PB^E0Vfh)s$<57&?#V2RUQ(ePwg;+X!f&PlEI@PW5Ss=Uyp z)g~w3MQxJHwhWJRgSU)}-duhDk+U3|pWX_M*J6~fTAyZxyZW$TaC#liM~Ayutsv2>H-`Z*xb_h2GjMqn-TAcUvVn1) zLOEnqx=?y~#Ghj3kmJ18?Unx?B}4{Mz1?A2ZMqG`%f{7fN1mrn%7^E$MjrQEx~@@1 zMEgK=#&-8Z`KrhWdGjrXX@%I2@p)2maQmv6o@L@MR4&E4a_9_O z-H>*)cqZFP`Wn}ew$tdNv#l9JWQ<`7HRVbnW=cO@a2(G6i#S&v^FZ-o3p>}T&Q@^g zfNl3QJbo5iVz56%iF7zY{D*uc;QKUZoYNNN@X1M6FTOwApJ9mHaXAMfW~0T-rnK*7 ziN_^XxK@$L8Wx*%-wL>EnUiH{cVdOD94xQZa*#zUrIpuh;!iidFq`*VN4-{~M^U;- z6~D+dYal+C+D#$e#(Oe6lbz+`>!THSL^&ioNi~(z*3xjsD{CG*Ifjd1)lzO@&J6jnueK)R^?c(#PZ|@fi0H2E?(HON8 zl5aHVeC2J1{@=9)I6kU4i>^9l7++TKd0vKJYY{Gbe$u1hL#n;^OMX6q_1W`%zB$Jp zdGHUs7K0l9dXp<}%U^Q?SR9|7PvLS~yWZ61L@F*bAQx5yJO*SSO+`Ud#2>svn@!F7 zOnMPF0!3f2Us=k6eC36Zd*N~UyQmHwi@{hq4=s>Oy!~g_Z%3Fvmw)mEk6_yo=igLr zE=wEDO^qoq{x*z%oI+4fCbqzUCno9TD8-ICc$sBwh3Z?+LEA~s?zYYDAyDDcE2AiW zX#eL~tF|HVf#~z#E6fWev<7c-I66*NIHl4Hip_lP$iJZp9zA?hPF*S>5^$=}8!!82 z-+1{;=#7_}k_s9MN`LY4|I$(aSj2zv((dq$fJpB_tcd>(0Hfl7aKQd^kcw}T>z^jr z|BzhF|LSQ))MkGpsF?^z5S(uS`uN6J#=k@rCfIBqlIqQLuVw+!006Jb{>T1Yl|EAH znxasP6XX;koVO&ym}|xMTfw)0$tk2~n9JDr53!me^TdJ;eNV)YQNAq=I7&l|cA@t{ zF-pyPKI+%BmTh^Ko4wbu)p6GCi;MnkI*@sK`{=< z0&^l$KnYU>79oWNLY=S$tq~$gog1KYKxn}m@GIa8{|r82ZpDEc6=vK(sFNZ_IcRY) z$*zxXr6zIcKM;sN3>$v(8%Pon1l7ZZj=<3+KnZ{6MURyz3juklF_!xQc;CN~K5=#hyW<3Kl<*@f z)jn}l&7^us+WY71e=z6p3d=?mJ~Dt z$_ZiS7UHH0L@1fTwX*S38Y}{WQk{E^p6SkORzj6Mkw2nm0KP z6{73S!s~qW_?;KxdY}jTW`7g@lW*BZ4Hz-DN!^MJ{y1e#Ypr_l4slYy#1;9Sl?}yX zHA^5R9#CIFgh$SWnI`j_LxtD3?o3)~7>-bwCPU}*O{hGRVeoZmP4=fxftsts(L^HB z3aS=q4(2P7>p6oWT;qh785IGJ*|E(X^6T7{vUT6jJ5IY|FN|G_K@7?(W{MnXT>Poc zMEvXVv%WU&yCM3!&w8*8@^HXX5oy+A{pG$Q6JX#ivaO}(v?#&Tm_PEw>w7m@YkdSY z_3Ky*DnygxB26HCw&{2hZ#vno98O&Xrb)45Si`NoYJJ*_FpiI-{yi=RVWh^e`A4?d z-lOJe>-ppBsc8<4p8ZY!Ajw`0;=a7?_n|J=G_mTfoBhKPG#m_EOqi9>aCX`AFSR8b znLsGgR6J2V{JX6ksCeY!)8rP_Oheei&-?p!l_m90iy8}XQ~UlqCbcOhnOA;2c*bIt zv@S;R4Z0G)eJ-2@pQ2au$)v+3Qs$YRY4X0J=i7Ezl`P0=%{2P%$V{cb*ZsNQBG&XW z+%bB+l@VbFH^uz8`z`CVU3+%juC_nGivbXyKQrpT2I<#s=)%7z(x;}+FgjWGe?Q2I zk{k2eZmazW9`S0RBeBEy)k(QC7WWWpu0T{xYCp~ZUHnqx567mIP07z^gPkm>8}?Q5 ztZ`(y(@(RhFvsAK8V_sn$B}0fYL*qbyrHBW?f38+CKMn#M7iJBkTzD=jCdn zFB^WUF5rylMeY!Jg?dC7P1|}n>WF})o;D~!PzU~Y6Q9E>i=)-6(3*hZ6d}6QqpqC0 z&|dl^*h_+lEnN`NXUXn^;d!5pAOLhG*}7#o>VKY6KQkm?(cr$-wsbg}6AB1;?EUExXdJ(FDLB=rS59QJCRcC@am^WrFIal728*?b(D$Xa*fULpT|cyj^}yndER+k6P_ zKgS&vTEG^l7@{%T=E12c8zkF&HGHXAIZw}mt++N&#pn@i!lGI!YO3vWb&7P zNz5RuDk3MO_P3|`e`r_6f2zO#0a!+^e>~0qjQh*e#07)bA?5$(EU_904~p&0#T-(5 z!>`x|B;i{znei|9dTc;azp31x?U1y92D%wuA|mKqNT*GO^e%WY#0w1#s;G$=x`&*U z20LyhHl^zevp?fcXp9nt&xl1Bmc58ti0}bTeo~2|wgF#U6h$1E;9U?@++)A}0vWk| zS@ubKS$a9BWdU~hPVYy(cG|KK=DlJP(aBIk=8Z6Fb2O(2x=7cvE0Pag|VUi?Y0L?xIsKyAIKbb{E*&uh0kZ3ggh5m;_qIPzg<8RMuVNJXb4WD!xn z4SwVQyvzR5g)a8<9cQG_H`%oTdX1|2#@Uf6Vmb6UCpj0oTlSg{c?i z&3g${T==|=`$>D!7vCpDE!JVo?QbN|$dJxErd{z8?v5Z|ud@gQBMS&Y5)D`b+>^OJ zJWS)e4}PJJ(D1!z-A`i0T@(S7{)!}YT>){i_d6iDM?VJZGvm$1&iy00q+ePSxLpyp zow!*;2FwuOL`&ys%qrZWLsl5u;UngLX#L`IhEa* zSG36%>b7d!$&KeBHE}J6>7$T{e#tigkoHUSqZ-~(7;5a!T#Hu%;>nh+A8#74&0xIU zcAqpZ&qVDahE@be%(lp{{U=nfchNX%pXRx`eFpT^k{7=Fghl+`z!0msKxLv;*1f+C zYO4BLZuu?K!6E8Op5=-Fflj8Ji$J^4@`yUq^g*6*w~DH zXvLe||I<1q;$q_KP}pGQ?964Q+k_@>VHl}=Xj6)YY(+#q4|oM07PB!)JWV_wmsQ<;Xe&d8w+^0(7%kM)nOTQ#ntuqrZYY-rY$Eg*ax|KTlSq(Vkt58m;~lk(3fenS=YUe;y|A$GFYgFP7k>mvxV)$7c*i&!m8G&t zKd+!W*b#67lufWp4A@Je$ez6v598x6H(!q7ziKWdXR0|lYLknq&#UgMWPVb}-CM46 z5^xf#p7MWf80g#-jk5e~sG5E={ZUkg^A&dS#O7l&G5sHU^;2o#)iBCcDmW=H(L*z5 zDZSDCF8Ait`AD>rkC=Fh@yV{>ChRZ$kw@r>sGn9>fYe3pX*;R?!_3|yY!`a19O7t7 z?JdxxjrMf|YJisqA-catnb{OS=|h6NE&DMMVf(FBitZRw=g;v2>eVZBwi%D+zf>&%Q<>S`U4qtmN z3u99VAnC1a@@E(CFlEQpCN+<7F1F{&{oy&*rPRwhfZ*E(EbeH%IfBJw?y@08!$mz2KXMiE;JyPvT2GnJY)#_k|s5qti0fa z;EF7vp|BO!;_>I&ktD$F-}!1$;W(((8@Poe2Fq=Z*0RlxJ*(LFo{k<>7>sopjM$Mu z+wSfS5AIvkGOPY%wMdsj!l&C&t#?DgOC4A_`TijU$E6L^$xvDBFz%6FGcP-oRt+b1 z3?TX~`^~GS^PRyP@&P#8BPoz`7q;8qj040qt zuC1G`Ok;Xk9;{x}21W&c`E#H*b#;7x5 za0|4*g4MbJwTMi($glh-7x}0T{iyog3^;MK%xCOeXe(GwOw1}Ke zjWEMPmb=3u(k_yBBdANf3cg3`5(8LT>niyQyxHK3$y%dwDjNnR#g#~kyd`=x2Oga zj0h$zKiek`d|A5-=R}3yB(8@v(!mOV zK*F9PMw4;~_=Qh-K|)4`D%Zf2zfoQXspNo!QDsD24jC907bJtsNM(5bB(Vd0{vG>- zub>?2MQy??pu*4ZOPc@QStWYt55OhSEF>w6c=sJAFRXZ`a-A%lq1Qg&yW~JPms#gX zO2P!yKGsC1quoHMYqQNBvlnEqMF2xqM28}GMdB|jYPgXGu^!$H)ea@f4jj7(A$@TO zKvAP5Uh8y||MUAXRWiI=)c_gD8ruC78RxO;D=O1G9FH20BPa2887SlrjNlT@VWM6Y z5NZrWde;xcFPOr^n`mSs1duYU;a`N5%FgRa{R$1#gpG_O7{djvbuv|;{jdjuQ1;#E zy}Y`ND~LJdY;QB-PrEb}EpyHdF>Gz~Xflm=;W^(%MDPMQA+i->@7#<5c>jKy>=-!I zv-_uQ*ZBFcM2uesvQL3B!**5(qh+u{m>9KMsgl)Bj?Sa^$CTfBW0ttN;tN@{w3ilh ze7Nf9_93FlVG%AwO_f^q91OiI#4vdZCd~8aJhJ$&;~iR7D_n#_ujLah5u<}o=1GgT zUhsO=?54f~%%-(l)$*#q(ZRC^_3^t5n&RjsLaYXQVXQQ(>x=4-jc1?0dJSxcqxyJv z%Suk@hC>d=k5kC=2ahqf3?Jzh)15{{msZDH1}Xgrck?wTsqS?+9N`J~zlut*v$8LQ zwdhtZ?OUvx2R*aT0_xj%s#zAP9wpnC2S1EU3}q*~?^<0DZCsUsh4`!Pb!dQ4Ex%ZM z=yLd^2Dv!)MlNq?FXO@CqG*$0O%@&Q|8|D|YluI!3d*M`Rm<4IXJP2=}9l>AsY z;zNXLlAOT8E~Q-sBkq6}QATZmxrB6;wihddr-^O7DQB;QKNu?C53P^#RYG|8*&B z7Qen{^(G0ejbM_6_zC%}S5h}#`$IBiUsO&(K}?T6T|?&R{k%z>?yZRMf)1bALl^vv6UwVLTg<6m%h1$}og3TVVu9SJ7(%|*vFgn6lJ1p9A{T^L! zEOk8{*VE`B<*3=_sKvgLVKIVUFX;X~YX$`$uNAF#fD6i%UaVbWbeV)keBdyx3{Q%W z{rqU&c6Sy0sqD5^ClaOGA%Q^i^5%i{;*g^V4qhS;ytcH};DDWH$zp)p*LHSWhi6ib zIuaN{OVqK_C*ZE?h3G5`hd4Q~hZG!rjoKUiJ_k_;R>3P}uNVFo+iLsAQ~ z{A;4?EkZ$n4KNGau3Om{NKX2jky#SLeZSu#gSMJNO@ zPP+TEBae{yhgLFb+8 z1tq-W8Zj?=0QFDAxk+<5GGfh*b1K$_q<0e@jBwStm&CMRs_Izb5`LrlQG$5qBLImi zQVEH!B=o-BZjx+X19Pi7i5dtD_TFGzXXx?0Hia z+=V`%av&O|=Dy3dLI-!jBQ}~3ARz2Od}A;%{W>?RhS3`pn+yt(W{>jgC5sQN zy7NPT$+fQ_7+{sy*zPnu)OHA!zygL6NA(i)kq#JaxbaQTUnSS7dPqG`vBx=O!oGP+ zFGKpAiv=dzlRYk0pvQ~`;9`&k!9b!1q)@LMNfSof`xz4#@C+LV1sHJCg0xD6;V-o* zzuzT!ucc=cH}LZ?>VI}E-jxgekjWu{1iBL#kWN0MOcLo0Htzb|M*UGf78M|WolSh@ zs6F}s8;bCW#7}}5&iONVRD7LWNdyg{7Y!nkF&hWsmju$L%m)f+W5VFPfVo&`I1i0lW9a_U>d` zU*RO&YkrAcfT37On|0vV>DvKXNoRcrMmkCS03%}9l2e3GL!Ym9u0Bfhf{!_wj`uId zS>3qg!TAD7>CYON^-LaTBK23BkfF%YqoEN9*NITF8zTvX-GkYIk9EhzU|ZqnBYEJ{hV%B&ksx?<1f-aJU`ll&gd4LmPJ zbGe5g-!7A1p2Zg`&%(pEDpVK`%8XOB6@n1KVQhukst2AYSmFADD4Q-V> zlAn^#?^Kz_=VcZ3b&bZWHgs#vR9IO`rBcm z8cDHY)PzSLl}#15-~tJtE_pSVBQ=*6r>a)%QZA{fSgt=E`Dicee?66&fgT?6f@f3M z*g9P@9BE>enQQSYyse~%X??{*d7g0mavJu`A=WKh@7hE^SMTL0ZemChYVxurdb1$f z_flqh##Wx;9M!GI2Weoqhb48to{TSkd~OkRWZhkTj@UL8xof+oYzu>|uG38ho- z1M5T6%@gxjy9g23vNWVb1S}S%!ra0WS7z_D?hlpM{!8FNmx5Kw0K_89SM9e*Kty6| z^&wJwcC6C_k=s|wsM$~$IwfbekhyUPv;JFmmR5^)j4GM@q#R26M~O;;nRy!YIrP|> zk4)ZHm*Ti(?JE+1=Rp-ubJxCe{H&YkOp)P5eYC^8ykl~({#D#|IASXe)q*-3f{$9$ zB>M{6NhZ_e{Z5FAbxlRPB8e~=RcE7=f{MSBE|Z`VV{i0cNNw7d_}k4?jSoC-2bCSk zOvjGu1$Uz#jt-pV`gCH3G1nuoxb{B^Hx{_PsJQa|G`+t8Dp;-kN)}29cLtqc-RR_G z_lKK#Zun!}cv%$Exm8VQ5!2PekYJs9j(^I;YE4ED?nWadkN1@oMGrD9>)fuE zHW-y!W|c_+T_#v4o%@@QE5k1*bxz0&cC9EY_UDX6)@fs2dd4cnBDiW{BUS|B5(3&*N`7bJ9#P}l zw|OkL0`EQYSu*&gCi0T<-AJp-hp>m}CA<$7*0P83s{(?rI`yW_mRRWtHH+kFsrh9# z3^tt3`Zw9yPK)*TenRuRzOnV!bA51++OZTPp*UvL#n@j{u6mx6jvrh<9z=D^X3$^D z#eb>e1E`uL#=>)cWYpdNiSX8#Qy-DSa6UFXrEj%^Ws|M;o>?`JW*O30_c^}~h+Td85Y~QM_RB8*`##^wfJ;i& zp}1)Qu2eJz8{_<%%o-|Q z2PmYvTf!HESxN<(-_Nj})wAn%XBK6~Hy-nJNEI20E0bWIi0spzSjb?4zwz1k(d2wE zY=w<3aFV8}o!sr|nG392!iF+)Viq+VM%J98&%c+oMO5A%a$Ncls6lzjW=kb*q1msw zAWl84`y2n^z3_`TBlCtI3t<8=HBBpr8?gMVyq{<&m#uNlQf8@@?#bX&OUUxyy%x!pucs+d=Yq3 zc*VZULN%x&<_7m0PBlL&01$`Xs_|e-#{W9=u!2=#Ks0PD{~9Oy_nAjZN=8^!{cmfW z?SCn2_P>uvU=;Ybl~aFpbRqrc)BhOaWUwG54EDc=g8pNn6cY;@I06>r0%BqP>!jlV z$^MTw9tH=ZhGhHy-ncp*R;dsaGW?8^&AMNXPJ)h1*q1~!i5f*A5Gh!k4k<;FnKQ+o z(H}a|(dtV%9Zelp`OoC((9(Ar`IcHmY9gZJIigxspx_1#+G;(iVAn2}Tg?ZjTlK8b zdzRJPj$OV}kFnitlEo@!3<@Pw690Hw&6hG_REqE&$Rq(EerFrAK#&-X{LDT~Bmjbz zF&0LsUaHF!r1oXJq>GsS+uPJk7;8JMYKg=e;SP)FhQ9(^j^H*b3K?p#(4T}5g6=L@ zq3E|M4x%6=t`}CUcU?v4(9~gQzbqoD1&nkAAy#VH%VfP!Oh{9a z1~JYGWF8=ZK~kBu52}h@)GqHCA(o&b6n_&cYIR7MAQR##ALvlC z)E`D^4P9YaVq#=uce0&3tYm=->5&tK&)UurJi4{Oi?Z^(xdP!_@0A&|CPtjr*em-O zrCgP>8t)8G48)B`n|lAe~3S2nu1pPS&9? zh}G;>iNERRIlB+CJ(Oa9U-ng51nb)fEbnKhM*y8;!@LFSL#VQr3>#AJv zOyT1VM_W~TC3vET`SdIq_^?>XXIgJN$UEWrgV7J0p{$D?t9`1; zI#IlC>gB4$NKR2dNqK&S%O?Ydt60=^#8*G+gIWFPruY%fttiVJV z;~~$GugpAjXX(r$y)_{3TsX%!wYczxe4A{m%pgXV8^AVe$8g+L_8-ER7b&=&6uR5P z7nob3FS|)kzQ)o_Htt!?p`q8WdtMOM0?-~acshGynj4o3-=p3(3UcDuSN>0TLzJ`# zc?wO#O}%*InNumfivveME|DXF6%e%wuT)uWeQ}@Om!K7j=VU)k5l280a-HtYc-F1n_7s0FAyezf`7yU{%J>zT2|~gm8A9_yt<+YcON;OpEiQrg z*1+$ZizzOgZWjaxIMw(|qaFF9qjq|m!x&HI?4`C`aYKR0ie-aiG_MS;0u%9;R&I5o zYK+$Q+uL9P6pfRIgnpX$9smc?DW?G1WS4aetmu?bvnml%SiJ{vPb-q z%NN8mOw*ou(fnhVke#r>YX_Y;as44hZmfi#0t%L=-tM|R0(G??Zzk7-ucnEHSNic5 z?yr9s9P$>6EG+xhYH`_%E*@!Wau0F~)X;uiGS`_hh`;tg28}q#)&i1sI}%=m`f^&o z8@2Qz?t+eYrw;L$ye^L&d;HDSl|?K*Z|ZJ}_I(9wIzZdX?$;ugGawbmVY6qN=iheb zFw>FCztDJH6B}EYWiquLjh_&yF28faa1c&!Cm|X*YQ3*c9H9+JdEFF$lwOl3A?`<& z5Jt0{wiN;C^el}s$`UQj1l&5G zW%K$=HSf~Pc^#-pgdMon&NCo{zK5m$%+7cB=ARpZq52#c4nZ;LJ5QJXV~^Y~nhZwd z1DWv-_dP*Z0a{oJ#b%?Ky&EN(+aeFAqd#AasUsn0bk}@%)&=l7j7kutEJXByzHc3V zrabLfDv=Dq!SZH#9J0M6SAkm&9z8o@VoFqE_H@xDkGq|Bx;8J@D7!qmwT)u&)%v;q z6x*uB$+@a#$k(9(%B(w66$@t{`7;5lth+4%ppZr|cfj@?3;gV`d-a3HsEW9Fl+(KI zOIZiL6@RwJk5@qV`nuY%W3&K3(V-q&R`RSqGn@+CfWTKgi?z*~Zws+0DGAAaOoukq zgVB)adttF6943P$>Q6M|Hoc<6+4`tAzFHx0>XVS~Tj)c!*GW&#T&HmzCbGLxYh6A(vR1>g zXpS-BRMi8u!qpw$8R**a+mZ3TUVVJF*T?e)8F++!O-;*Z{;Ft zKz7@Usu(DI>>aly8Zq7&RkivSadIg);Tq4@M-gJmonsZe+@dh3;SA^@29*sE)`e3k9J+H;a_JFrW(C07bl(VIci5~U4)4!FTL)adf z4mUs1y0(gJa^(M<@;Gm#$J4;>Sbo}WzpR(H0&!rhQ2j{H1xS=$8rEx>14Av`^PX(+ zJp&pGpaS*DX@5&ua>J>CZW@gO!m$g#o*TcL892MH)oAl1lm1dKpvTczi*? zPHA}fr#COqP=khQC{>~*iEzDPOwZG>p9VN|zVy8;OH6#e{KXe$wQ3Z2)TSqv_3iMx z9Zh52-5x>{-#V?o+SfmPGpFT?qOS{h*yPA$FM- z-ub|OKoZu^UtflX=03N6+-ivDyPVU=tv!4mZs^!u#=Kr98m#SSI5rs@LIUh+?y-S* z^6kdjlRK>Rm}Nj=VB7S1*sZLonD)Y(@=iI)@h&h2M^4nSeRncqJn}-V=5X*aC)w!rQcgb2)6)!W&EC2(gl{^M5SvI^!(PNnjCu)zn!72UOD#9 zJk-uKH*wDT+obnfJ!>#M9&i*+Nz({R2c8oXA<{(o-V9se@;8zXV)Cbax3+r2xob{@ z?4b*AJfK-MQ4}ivPT!q?*KcvAa~m89XeAkL609cT+jCv;5QR!|?AE zFQFi(q6W^u24SPK{ZGS|jpMJ3{t0}54Z?@{=RrgqkR2V{|C)mQ`*Z)!F>(95Ngj63Q&H})9~kE%xAR_JH}~$Rg^x>#*ISyM zDIR7oR;E})F`52hXh=55>cY8Iq{ND`1YbnOiJ+nVMEt*)ylE~>q$R{}Uvh0V4c8qZ zV#~@nzaZO20bQ$(29jJ=oG?URV2<~q1?Tv?LC`AD0IVcb0zj~a1N{dPX1uzaKY(Y= z=}UPm1QaUKD1=WF3&AERG+fE=3j_`*0!E|9<^vUCb=G%Q1$J}4 zDrF5U~Gp3Q-sM3FTcsg!4EfC+zi@g7F>Eg7X?9^yqq)9&#Bb8l(oPzYK7HRfbAcmfgCk zuL;1u8jY_;o}$36!!p8cEWYc8+W-LmoA5$G?U#I^ zAEbW?bbfsn_jy7I*L;?}W1a!f^`Ng9K#=DQ5Rb?J;vMoi!^<8=?>E7xkUQp^PLht% z)o#H%&4_GYVQ0Lx zAYeiMlQn3aWeNnatFA|t@*g@Kff{5`=MQ_J37;tJv zLwVFpxizk34iZ5OiO9~i1sB4IT5>uDIm>w2_cF)U%xa!c4$ozu(uTuRj0{%Cj)Mz( zw)x!54+GPH)rH#gvBG`jmW1`yu-%>(tO6(@Xh4 z2^+bD)Pe{-t_8+LQ-FSec-H5EeUqZEzawdvYc)1fZvFXPNw!?Nl^^%Smh$5XE{2<& zzE#R7UX6>{B0P(dh&{6fmj^7NaxYvE5%T3nP(x@#AsHlo{jSp~|A{e!q=|JTPk?__L;URw$t(B>bUCIBFpzKsZCi|g@F+;Xl$ka@?C*#3#Q zZ0A00JQT$b9f@c&BQY227S^@vAF`fFNx$%)fD*YRpAM592;GRt?XD%t|lO>C1CZUc{m*Z+?DrKs)xvrl3Duu~NM;`MQJ0Yv(Thgd@@;)*jFi|+m zh5v_%?80)Vl~p)~B4m{2V7HUGNOADyT>l2x!MZ}R?y2~h7n>+Yf+4eQVS;f4-PWun zr1d4YRH{ejV58=tMT+X)(jnJdGpi78t8Hzx;i#)PFxx}aSo|SyD4ek-r_N05_d4H2 zX=@*K47_E*wp1V$W(x?KQAwTz7@WhM-e zDr~4yv;f;-Cg<*Z&^Aj7eI}stbbqL!JAc2Px%c3$E**t{4Qwrf6xp41&gz!{8%;or}yEY96*YHxv z_suR%-V|4kCk+P}RyKD@6l<%kV1t3`B70FsqLIebDqrh`rx%S~YYcu93l%xczB6EBeX9$zt0O?+-yEcl?rc`0YB z5=;+x_=p6j$|N_uXAkDaB~p&3iO>F`iA^h|FkdS&kTCbZZ6YIH0~N)bXo7n7O}@2Bl^)lE1ptqU~_Ck`MRZ8b7s@x#Hx^BCh&K3w+KpLW?)NSwPDg`l42MiO}d;ss*_a$E=b&1yX#{A^B`3dnf zZvzj4cS7+fE>T5DtJBX_3YS~gV{27Y_e;&%j=X#Bp6{_DR~2g^gy=P8EnczV0`_-H zrKK9uAZas}kNug`sQZ2N$8*0ebn>6}8BwLf*VzOBrj#Cdl-i{`zUQGae48(S2Z z=@g-|Y6c{LL)IQo+%}j;r0TbBT{aSOazCXNzBHrDCiGU?CgCLUW~9HI_r|73cl%^_ zWp??5R*psw3eA%b7^qUZ({|*4idq^Y7t~U|bajxM8C3lcoT3#H<-ajBA5tzCddS~P zKH9#Cg5<>keKZf1Q>?`M!%~)a)pVX=lN7lG3JH)i@nXiG*`M#-{IeQF0hWKe_vRP$ z^`7pniogdg3vD+TB}Og2`B8~5m8GrZZxhO{X$ut0%o8~hi>ToevN~Ks9ZDMu5dmCD zy}xgn-g+*`1XjAE41~)?*m>w~95T_0I~s0Zr0b6mUWjsb}N9Y>1*joD5yu3=oeL zif6f)y&^rvNlo^}=Bf9->Ca~$_uVJY)WkUR^1&~N%9FFEIp1gOf=-->yzEI2``?wM zWN~b{dafoLmJ_pHXVbb{wb1~kJf<#+{f(muARu?@b44O-b) zS@ZC7Dc)ms?CcDF!8$IZf(GdL_#z~8>GH|}MR)RusFKhrQ^eml4~d$(naO66wkH6` zx_xFXr*lv+g6J0UC4bAER)T*UkSg}$TU$4{ol-;x+x!9_fv?%Z%zuH2U*JZXM}>a^ z9bHG`@@7+|jg%p&zh{JmC-{Jy!-K!m_Qgif=F_sRfy(WN3oHu?TmdgBT2Vw4>y4LS zImbD=jK`MvOd?weRhrCG#~`>!u2bNo&Nk%a3*+JYSucFy4Hy2!ToAKoOxj*)Wd>Vn zl}ng=rru;HuC{d*&u4jwMqOoR2Ys+xJN0Sa*T`Rc!MT&9<+;UctbK`1Q18lhiJ5WM zaHDoUUB$d4_EoR=2a6 z$PbvoLy-4@u3FZ|=9r%`opU+7tgPqLo0L4$LM8-x&ZMJT{=s?W#Mih-q z-ANt>!%$>)goE1uYwNoM;cB}7+33+igos2Z`mWuzRuH|0MDJa+=)EtZMhhaVm*@nE z-fKkfLG<1`K@j{_p7(vfPvp0MaQEz-GiN??=FHqXcg|7Xtjr##I*EJeRMY>6eYsnp zX(_zQdcrh`i)2&kOqbBXV_a0yBg&ef*czO7o_4;Uvx zz6E00E>c(+q2J=jRdFwT`>NdpYnttAw^SKz&=PE?e#X#C8tKtvY_GDi?ZEr$6FdzP z{E$U_TKBQZxn}&^pA@7R41P-clkIf9Ung_wss&IK@oRYUjX$2EI+}uC< z_(|me&i+S0gJ>$nzMkUSGsQ(eKjHA4YJXx^+hAVaI}&@_L{~b7Uvmdh_Pnaz_q6%R z&!}yK(V_W{Ca2*Y@7Rvgk?7l|{VZK@yyNrR-6WIBcJ=+8!w8^Tb$!EuXtE!5;OGnb z`v;Meh<8T@7A7*dKPk)&<+U%6`|UOjf^J0vf`30m3)J+GD){sv^?hIFq}0I#|)9OWy$4;!KW6+p|(Lj)LZ~7 zb8ydD6=<4iB|j~6tM1Ip_jCGAG@3t|q30N?peM}$d_}=Vq(H5?7pHw_Hi0Kt!%pq; zJ~NemL(R_5$Tef{V`Mt%!6!kskxRq7_m>t}%UU`0ERCA#7-F%&TbGV=nrL@Sw=rG6@yNkj=KeO4}gS*FR6b-c>v-g7wg3i)$K9+0YrV(u|!G^5x~ zb_C`6o%;~xuc7bzqYCKa#a;q@UQ6vN(%EjThmmm!NaCrB?SGjlZpc;3T?RCT2UQ5m zhP&o{#H(MVx;NbzWNBZtZ5{cqi|MJ$m>3ozBwx z1*6($x0h{T?z<({LoU|srvjWvgkCCq5073iat1R6M3y#550^XWQn?r4p=?cgUX%FSYizk zT?9!pl||!5-@3%>r0JOcgdMU3x{fCd_~%7MB&z#n2$QurpkA@S3D`r2Dsdpew&I(* z9J{`9IT6E{k1dPJ)%zDqRN89k`g`SguEeb%{yZ1wgM;Q<#M|bvmdxVD@vg_|BBbR_ z8B5~>m@R=SM3SJrQPKKeoF8B1(OES~Q6OMKcEZ)sF9))gCKnkm?<=0m$}N2>vu;3s z%F;1{>L|+9YGdMkZf9`H; z;fBJ^UxWP0fU5Cj`u?TgvlD5W(drBItS6)XZ{Pczc?Pxl;4lr>b@tNou{E3OyB^L}l8Gc{*2_o(ldln!{v2 zqbi*1{Vq4poK_ZEUku-xE!Q6&I!{3~=Pzg!*E}d0mCBG2ny%U~+BXR6Am3aJrcC-w zbX8}eIT_&jw4p3$xlb+d!P9Rdz+WR?0!9J&TYA<593s4_vgPAI^2x_*vh}GH>rn&x z_ZJDgAG^$IPdCNh&1kX}bmwkbJ)q3{LitE##dYunS6Pv-m%Ov`Ev1r5y^}Z0h$o;c z@y?t(*d!a8$r>$Z0uu~y=M&5`IX@gCT$q-mcmerK6Q-T6ZLY;*dAeWD^{7MUXHvry zC)f`??SxMVj+SIM@01?OQdw7Ed){Rp^t&tnKR z-l+){zR+kM`YP^$4Zk1^2+FW%Lil6QPiBml7szgWB5r4-2zp)tkE#@Bik~acrP%~U zup2*Lg~up}N8J`(dt1S8?q7q^79NBbO_{B2nMvRvv&d6@8p1;9jD!_;B9!6X<>JjH zD~;c+WZW5-c%l4-IfmHJA8)Hs#y;+S{e><(g|Z^<@aK99eM5u7g=T%SHloB9%L1P@ zd8AAyU%I6Oe=n}DoM}J7_P)1`maLbxkiEpa+3hJQ-J^He8S96H9nb7sreJI|t89%K zktX;$)*XDg--lR8KlJu^#l?m$m0=3(P;v5C_!)n$VQ#S89E?$m)cfcZ^?GQQPV2G6 zkkO21IOt_J=d@gu><21*dpE?u4<_{djZIpHL1DhGhu9$r52w6r@>L4>ZN0J?-8BTz zI}7V+WDE(<|-Un2L^W5e9dSAj50yIlrlP#?v`Zr=Fvy z2T0l3?o^wQt9&y=+oMFdD*QtDU6JCZNmY?yg*ty~`L6WqcABCrYFCmAAO?T{kyTs( zRtm^JdxrmdS}mq7`%FRxdBz1W!~f^{dUFyL_u=>HmH^bm1b~2$q9DK=D#Gxc1$1bo z1~(uc9Z?};w9=w)0{Pm&5XDg&yrmUP$4JIPOTsixDpTShIok4M#ACMJrayJ}eC*Jz zX!C6G*Q54b{=Qi!s+`=n0p$=9Sx5AvV2l!o2v#~?+A}$VShNii!k{;AK1k6dgwc~Y z4j8{66Uxnf43KEh_4!DJrlzR!HpBac0-E>_LI%YA)KsSrhRi{b6t2*MFbUynCbVp` zk|)7AqfKe`Xs_t7u%mCiM9V~y>mL~f5$R)|`7k^sX1gU$gT_uMilr?Cqe90!H|Tsj zCxh|MJK%G}3?k>3P&CoVU7G#jYz84{2qQ@y0G)jeFChL-UXHIa*A;ceC4158=JLzH zuUC%|R~ZUd(GrVxy1rK&Gz;}!oiw;WMnhqe`R92Le|9Ib1h<_oT=h^!59;#bN6)Qb z0)}wh?pOUP=IxUtB1bdiur&^QGWX{A03GpF7;yZY`P=cu5A@RVO7O6_^abTse-b98 zB+Vp-`)jmcl|Py3y}{+;4BBXO7)amNJIb_2hzk#=oyby0Tnf5-lD4;u$?l>#*gT}tceEDjutULt0*;YtX)%T1P zfy0P#r0lwO^?sbhmfTBN^q~-X(MN_H_H*!?ea0vu!0GDCtiDAX=QagN96xj#EIw|j zFS+9G#-n@8}mI@iDv1wRTIb$7dV!7T zWv!GY(&QmwQy)0`QO1GiVuL+~@#8Z^`#hJhnY*1y75E$;{cxqYf2EBZ~E$e1#4F$ula9Dn}e`}sjh!t{_XRtGApUE`aH z76E`>p%28Z(bC3ZRqI?&ejWfQ@h(SL&Tl%hIubRNm4{E1H$9VzUdYIs^yY9dXeY>O z>s~#84!{0Uz5nqeeuBv(SYf}Dx7(RSNw{dIi$0LA=7%Pw++|a))wa{IdBzG)#vZJQ=F30x9#Jc5OIPV zRrNa(yUBCx`k&+d6LLk$`@*suHhyfSe<^htsTLh#Gz=|NJ!!4i*K)cY`0Q2~dhBui ztlViel^+G`5R$GsrDulz?fGH-Xp}b*qo~CA^9A-+4zp#EN0S)rQ$RO_U&K*gM*-Uw zR~hA#x0jm&gF$tNlksN@D$>u`5)sj$ezI!$-YG~o?r1_pd??U@VW?49zI`-{;`E)= zK#P@f(HmQ~k&CA^87=v&et?+Bq_AG|3P2alNaWqd~o0KSBq7*PQuR^d+R9tNT zXuFW{PPepP=898YGd6xG6IkTG$8*_N{{6G*sQ3F*d>I}d>66gKxVTl)u<8>qQt1%N z*y5#5Riwm<@g%vnDnCBCU|_yD95BrNp!Ueo(X$B$=7nDZ)W2IC?5$RmMYbiPb*;PzMZ)l6(qfl@nSf-rLK3Ogcj9-EzHBL|w=B27iD>~Otru4S+#gW%~=jhD_qn;~npW<1~HLOSsD>IRyWxU8X zmm#aTFRd;!cf~hYA(&tt4C*7M&56hn+cQ2Q5a?r4)z*2Ir{`8(Flrm|v`n;Qz1|^) zc~F2yZd6xk1-3h29Nytx>HLJLOpG82yaG_2XaIF{%slh=J`X-@qT!V4oeaq2cPV=E zq~Y1*rA&-pgd!A?<*Z)YE=e4eHIwimQ8dat6nF%I+LStea} zrp+y%Bj4A^!zI_^d!!^^@AsX-?g@M$-!DrM8T9|~%vGoMcH_P}9c;a?A#b3O`vFs~ zUbfSk#UbXdPSGB+)%{`Aiofeu8ROzD$#qJJ&viNH^mn`5bx0ATeFoxXQr)#40Xby8 z!VJgz4m?gHP5L1DLdqXwu@58~yURj9QvVt#ZRg~GhCHWMOWK4wY=Me}ZF~3a<`TcJ zD3l!*a=2A`F~#vt1kzW~9DCc`;(L-58tqfld#AvE`}uyEFP0;-3kOkO=En1#S*YZ4 zRfA3CO6;1#@P~6mTF;czesB=?8MHNQvMS)9CzN~sdptDKgj!1Bq|G0vEANT3B&%Bi z&2aJD7$Nl|THO2CIlwHtSK%r54c>Kl)tuSemJB+=pS>Zt7X$s$pX+315(QTsqbSf} zY3$UgB@^=f5JpaZYajiNbSGaj%L6@gJps0D%>s9B;5t15QGHMpD!fkh>Q(&YROtCb zKm2EYGqfr$Pq)iKRP}PDJgz<|PAjhIHL+37>BeL)^?#hxiWS(8HUAn^UMs73G&#xY z`K2!h%-xmh20o(W?~Tlh`#|=MX&CI6;wtk+)OFoq)jo+*N13YnNy*nFJh+&^hi|y$ z@q@)Mm34c{mk9m`a4*b9%k2Q17w~c7t zgA&-?xl<}7PWrIENXM){!@bSOx0&Holb-ZpjM*K}rqw=2s_ld-b&r(uNw7f3JtJkJ z;24hZTN_Uq`N@@^jm@w(HIu(o6Qhi{#{#x|>}+TKE!!IL)Pl=%H*qn!0Sq;7o;~27 z{Ms)+UtWE9XmQ0sJ5w$#*hvO*h>X?pj518@Q9qeF4j~q|AM}m4HLYivoS7)j&?$IT zc#^23oA;nw+QpTNczH+d^ln#Y7i&A44q3Se@&zGLW4V5w@}SF_jw5_{Vc&5iTWG|Q zp)8fzhprBBkDmUnBsXyvSIu+k%Rx<~A-M6L=_9&ECOv?SP*+u3Yr|RHTf+Sue*r!( z-#w-%3Q5VcfiK{nexr~jR!1&$o#P%rx|%SEEC{Z$dYtB-|YBBt**g z;@6s6Z5|#K4On3^6Gfgl=9y*Gdg3ei#kV^`Yae{9lf3ucXk?I86c>5iYx+teNn<zChx*Ta`fjbJiAYF6Sq zx$%J>(fzmh7%N{ZJ8jiI!P1LW5`Y>DElT7vBH=6c6zDIV0$UY5xt z()W}Ilii1V=MS>yH;Ka;3wWPrCI**v`aJ&n=zPBib)sF}EN}CBrE5UgM}l-7U-mmh zt4WJ&e#dkJRQF0ubt@qwP?%aDx3>= zZw1D$RVKD@5oqkHAbU8e!=gxC1c5tf|nR z0=!7cSbTL%sQrecC}E?$OYO6q15R4Dkyl0i;yS}hxeGtjOY`t}6s#2pQ@0-9PUzGY z^hMb7AR~24T)DMjj<FxBhuQ^f2NTA3(F+eG@ z={mBKIsZGaNhYoEd#~?Bae_b<@gV1MBt_KAl2G%NmM=YKJsqlVI^O$tych6rHo847 z`i@vbW{8gTjiNQb(uu=t{qBXQ=j`*{-TES~F}tMptDn?kZYe;}?N@Lez%rGY813-V zi-X5bLbE+R7y%gSvr-HgSi?Dfyp&NQJWYc_2q(0x>}-7fHC-P7rBHq@Tlz?>G7V5D zbz%ECV~xiE8jIJ@=TUfRvVc4>{s{cId9z0}ARxxB zCVsD<;p62+moIR17%FH*cep!v$*MUQj4-Agoqd4uwsE8pxB)YPhRFQ5MHO`*#qfsF zxE|pJzgpxL zl5!0Qlim`-MQt#ss+_egtShrhWnX9-kLF&sSc{E13J(x{5oP-N*fspsYRqO!DCdI} zL6#N2^We<8+7HZd3#13%Uh!r$KNUf|#5WKg>>mKGxf$Z>kqnpN3)?EWGb-mi_(p0L zj`JYscpie)V_*ri+QKrCFZ>=obwIpTZo&EI9@mC z&l6y=7>qZe%3w)AY>Bj7Oqo!NzA#UbWZv4zH~2W>^5${mcjGKH%OGf*;#L{uhFq`U zc9I94S|X|JxPT>zJxk~J(WM@>`2|aF&!|txl}=Au=T9G|(_=Hmyhz&j`t?MqFu|sYPx8bXS@Y)>oPAu(4(y}d%q4aWFm`aH|Ud?B+Iv1(A?^RFu`Do&wHDPsXFnPSc8-Fh#=9k(x=V?yW0(A*HV@v_{ zk-}a3?#!>~%Zk~}uZH%l<75$f>v-W@eTMYyDk&Dl(^C`j+0nC8SC7^T20SOkrCU3_ zUa1!}v2s1#Gua#Ja%iKE;v{yO8Q+IPX>D44GP@_o8X{6N4@C$zv8k9lcHbyvQ`ghw z_XY@dydG+UZg)kzD#wehtk)g;{7%WI#^6?z?lHH*R_RlH|3E6mJen{B&ChH#qE$|) zU2glcv{vII;_95{Cwx=EShbZJ$%)3VtA3ei=SXOTIa>%wCR=(goL!_Elu49h=T zAqpf#)$lW9+qJl-LoVJUa#)T^is?!D&WrD9ClyXGJ4^PNxFl#kJ5<|k^Lr57Uyw6v zP8G;+W{OY1BRiQ#8%-7W;yff0DX_&b7U5Kj=t0EgW01G49eE+C+P9L9%`a${C-WF= zS?l=mihs04+&V?O(wtfCbZA*Id6OVuxa<&eN!{jPs>r>l=g!$IIY~Xj6@wD z(sU+7Gx$Z*6fG;;$!D-Gchb~qX40Q$CDR+43V%&Eu_BX?f36{BRYQuwQ5?fpa~H`3 zY}RWb6er5l#~_Q;MYQ(^FmO6(IpQm89h7HEG}i_#m0X$yev5Yzp_U1)75F@}CW8tS z>&E8gshnvlWXQwM$MVRR4JSq&7INR>Q<;+vK28p&8FTlsVp8H~rl|@C7Ophoa~!~V zQCwlJ|NY8bA5*_Kn-V$~88MSgF z6Td1|@cFKXu-EdmtrhUe71u%zWd>H_!seHRxrtRi5Kj9;&FSs>+CX;u<6TVExXuzU zrSzN=h<8UpaY9#I#Ln#e>~@X7SZ2~TaOvBC%)pq)WW;Q~69?aZE<-Y@MnE2*Q{;Po zbNpop_rtT15ya-OQNSRNt*Hd)wd6!3ZD)?jNvzo}q<;3a({=im>6pRz_a4XEq^k4d znB1I$nvC|$*s|}AJimfAAAP^y&<#Bg zj9rep1iv|L`}w6L;l(y^z2&Z)-7K_m6Lw134y)31pto9EjXb8TyEM4HqBTMo z6@+vSBS3^#9wvx>#Ih3MW~F5;Zgl&SgzwpF7bkdZ4(jG)7+KU89r~JlXOljGq9F(D zr}eXEE}T9Vizk7r7o3XI2_1QdF@M{lKi!D@JQS-{sQxt06sMWPwS1+-#n0hr#puY( z4gF`=gQAQH#d~f2^OLUw`I?pFY=%Pb>S?cXExkk3SiGW)5HP2xU5#;mE72gLd?Jz_ z)ywyCw|nVl(U7@f>8lLA*9+g4rZ+vScNmXPMA>RTe9y46p!XP;-laOe-*^7$2XgaABBe|@N>D>#_c|olDoHdTPfny zLRnqT5UQcfIc*2t+L~@UYF!OKI$IWebUv-(CR>809=&>8Q#~@MlUcIF64DDKXikp( zWG?x#Nj1ggCvHPf^hsO$JJwlu`C3<@Dqh(SeRZOM4}geI=5+#iU|dmT;G_5EKl+eU znvvs-DOzb!)V7u{jKeD4MdYO3wY4jo*Kl|*9)S2JC=tmlSSkzGagcvZd$~RF}jj=&sczE*WR5I%%TV_mR5dh$CYvt72G~DqD3cO5|35esUUp|te@wGDQs({ zA-51NiA%>DW06y5`8=_X{Y6B13IeT}AW*!vTI>!>rM?^4>&NHpQ%*XnhN4>^9l=}Zwm*ac9S(MH)8b#@JyvbbIZTPm5K zaip|DRII;^b!KY2!^tt|b0rI*Aj`L2_@eDYnB zST63nCRG=4>&#Pw1?PJTp1~R9v%N_%eKyacVxAT_6_2frNJR--7-_qz3yS;hCh8U= z3QBF(`POGXVuw8~NowvR*6F-wSsLGOK40St+jV^C;5W@T;Chj)_0kYfYv>W6+JCEK zzm)OiZG%|0^wolb{6mrNIsyHo6`aDPFF(9!@P+>H3s24oFUsX}?<$mlCgX5|l@Bxy zu;Z=MvCLOVh6trR!4U4@`wS!G>UYU55l!D#6Rf99vN^MW?-~57lix||cjNk|hRV-| z4aJGxcZ@f9FZpq7$7`k9d6=ekMsQq6Vc^v)U8|S)VVH5$7GWy=7;8h0k>aK{fR50q zb6Mlzld;eBO@<@E~nx>wM8{1O=!B}>|DBd+12eHR(& z+H+R2da%&K&fgZO!~P?F#8o4|vUtKMaQlti;V2C%lxXNU1$u+WeU*LPt%7MbOsFVQ zi|(R7nd_Z%UI6dTKFhdz({am*)eZvf3D?%cuke(KUaD!m?r)F6#(CJH49sp zwApLO>JI`-o?m`4t1UK>Vu$igy){5=sr2s~_Ovl0S{eG1imLJ?l#>a9DOx zERbM$q;l%~Fv*RqHfYCfAreA72%nr(vlETW>%uys8!uOPXvNuDj)334vvjrR`>U}T z6*sw#JUCb=!Wdk`fN%{IN9D-a>zP=0pD;9*5h_KXiX(WRRz?|TpYt-hl zoHS~8`FHH&QWby~00KpFs{%5wrTjjmN}vWf{e3tUVXmxXN_mff^Yi1_&x&@ZO(mGP z)gmPK)*PZqJS90U!d{cycVp3_)%E~JgcPV6oRHcv`L zDFc(fv_93Hy%(R7nIi)k{R4fNv4rE$e3xZd^+VcdY>)l%FE7NF zWEXi+()y8>8iIGL$K}(DJ0}gO*@3&|?kC!3697cZ2V&7S85;kL4#GU{z7E-&ki?3u_h65 zLyCbJ;oz`vh9(h0I&!hsk5kmK`sabHzXkwN6G`YnG}J^zu(6$KtG**%evDXbw#Cal zKG_sRK{{eYjE6TGt;JlKl7KGw%lYN26YSDD1#~7cRA#$1{H9jBl;~$$msP`4Gh+%kQOx+vO@IR-Y9`w!cO6Q2 z$`{g3;`?Mo-}naQ%5Nj`KA)c{j?}Z?+OJmCV|l4gnqABa)Znq^ZSdaRH7V%{{Nm$$ zyaZEp(%qfh|Jkwc=cU%u;)ppJYh-s1%({K>s$4*+e+}!&4q>Ir(iXo*#@a5doRR7Q zqIfPuoTz6N8qhul@$v|6#y27l79CQAs79>#esvpql0QR-bH*{Tl=g8J8^{ry{TvFDr>kz<7mNd&&OQ(37r&p{^Oa?8q;^-zs6;cNMSJv z>b>7O%Qv!+a3h5G*V+6JxqNj!6|b;MNdk<-<4g6KDQR|@SbkB=dx_aYUP zlDB_(UX>W#k&;-7q%9XMz-AN09>~00$+%rlazY^lO(O8-oK8F|TO^I1!7Mk(Lqz8Z zM|tM-RJ*^pNRIPV(bD{hApsVA^45DHE-}KUrGvMhwN?>z#OI~v$NAt5GX?&xgTri4 z7;kU&2Nhy^1@XwFRHYHXRknK;Yq4g#rG?CdyQj%sK--0gX+P)sm{rVpO^<0L+>H%T zvm+7b`E(0+=Rl-ZUF+xF$&iqBL&S=B&O$$tzp8?~tkr7aRVbQ+){nga(f();=_A~J zLeoMAt*bW7Nxui4n`7c;=L6wL`t9r!z5=ftO~c%HV<7;?ep%H7+V90SMk~ z5@DMo_yXX+(k?QTO4RU%dy4FU!JzO%&6SMO`h$X{kP1gH1IMrP#EYA$w^3W1&MNhM z$xfTY;xqIF4e{?{D}?9rtYvc>!u6i6)tVsR>B5AVRNUkzKWsbVqrKeO)+x^-9J*7}%uX4d(* z{K(93LssQuUy_zx0EK)C7*mCn8MdK9lJk9z3LIa%#Dd7cb#O>^1cvhNpYiA>UOv$AjSC+LklyMmY7 z8+NA~SXT_=wsMu-ac#}Xpd)@@Dfn=7EWwefEguADaIQ>exDtd9334_%+N-=@KMY4` zdTJb%#eA*#MZYyBef0SK{yMTFauTUhR3~>%M1Al(qYs8*Tu?U%mnf3)3Y~j8c^5gS zdp$SuAS=euStuZXMS@V07Eu*fMVjiNUcCC}8Z|eHsKfqw@#;Vi@RIU3(?4f`QJ4Q0 z&jBSAHC6gw#|>66K;>a4FaU`B=ZnVwh%E*HJ^+Lld1(OPBt_*`M2VJe~SY_kOpG^=txNg`w#bT zh5jrBM;aIbXz%`~wtq#(gaVQ8jR3M#KyDBm2xR$J>s{?%n&6=_(L+JV3nPF9CJY1x zf{~WS0D55<2m(U2^ZG+$O@sIQ0`&*>Uz*83G!P5~My0R+{qujzp=eN4^yvX(KoAEE z)j*WW*Ps9W%mW8=RAo*x#Lq0`q1|fM75XexnmnG*mzSPvAfDP%nxhVi1HEa#L$mIi#HlfE2;|_qc#S zc|bSog1~sMgWmk169fW>-2fK^0i%@vs~qoN;KE@4*fAqY;{SmLgWR-P6lh>nJ{x>op2m*-mGdGApI1kSas6jwD zl;;Kts494_Z&Cjc2m|rn^hO|*?f+$|sF~t=HvaA3{%b0zN?_0%tpi;TufJ(LH^&^R z67X+@jV3Sb@(?553tAwbYy<+%ScY7iKu;qUH5 zwf}!`fk8a*o6OvB=wEIFjKcb+&45Aho5KzS2J!wS@7nSITj^{3K`7$iTJu2v-A~tj zh(hKs=Z%7pm-pWSf0yG$jk_BNqUNvbtPB4!SwH zqgF1cDd*pHpzue{Rq&fD0}v0&Ki>2KsL^zDC5Lj=+<(~uiguk6^N)tWK=7N31r#qF zPIj}!sQDE21k2JIK!vhAJT65W8%G+@wQ12P;&Dk^o7kWhnJ73>-vkBm92^bo9e=Mq SL8!SI0z#!w6Mrs&_x}KJ7|-JX