From a8d34772728a7edd7a1354fd7cbcb51619c7700b Mon Sep 17 00:00:00 2001
From: shadowy-pycoder <35629483+shadowy-pycoder@users.noreply.github.com>
Date: Sat, 5 Jul 2025 14:19:16 +0300
Subject: [PATCH 1/5] made linter happy
---
cmd/gohpts/cli.go | 57 +++++++++++++++++++-------
gohpts.go | 100 ++++++++++++++++++++++++++++------------------
tproxy_linux.go | 26 ++++++++++--
3 files changed, 125 insertions(+), 58 deletions(-)
diff --git a/cmd/gohpts/cli.go b/cmd/gohpts/cli.go
index e969a84..dc848d9 100644
--- a/cmd/gohpts/cli.go
+++ b/cmd/gohpts/cli.go
@@ -17,31 +17,32 @@ const (
addrHTTP string = "127.0.0.1:8080"
tproxyOS string = "linux"
)
-const usagePrefix string = ` _____ _ _ _____ _______ _____
+
+const usagePrefix string = ` _____ _ _ _____ _______ _____
/ ____| | | | | __ \__ __/ ____|
- | | __ ___ | |__| | |__) | | | | (___
- | | |_ |/ _ \| __ | ___/ | | \___ \
+ | | __ ___ | |__| | |__) | | | | (___
+ | | |_ |/ _ \| __ | ___/ | | \___ \
| |__| | (_) | | | | | | | ____) |
- \_____|\___/|_| |_|_| |_| |_____/
-
-GoHPTS (HTTP(S) Proxy to SOCKS5 proxy) by shadowy-pycoder
+ \_____|\___/|_| |_|_| |_| |_____/
+
+GoHPTS (HTTP(S) Proxy to SOCKS5 proxy) by shadowy-pycoder
GitHub: https://github.com/shadowy-pycoder/go-http-proxy-to-socks
-Usage: gohpts [OPTIONS]
+Usage: gohpts [OPTIONS]
Options:
-h Show this help message and exit
-v Show version and build information
-D Run as a daemon (provide -logfile to see logs)
Proxy:
- -l Address of HTTP proxy server (default "127.0.0.1:8080")
+ -l Address of HTTP proxy server (default "127.0.0.1:8080")
-s Address of SOCKS5 proxy server (default "127.0.0.1:1080")
-c Path to certificate PEM encoded file
-k Path to private key PEM encoded file
-U User for HTTP proxy (basic auth). This flag invokes prompt for password (not echoed to terminal)
-u User for SOCKS5 proxy authentication. This flag invokes prompt for password (not echoed to terminal)
-f Path to server configuration file in YAML format (overrides other proxy flags)
-
+
Logs:
-d Show logs in DEBUG mode
-j Show logs in JSON format
@@ -53,6 +54,7 @@ Options:
-snifflog Sniffed traffic log file path (Default: the same as -logfile)
-body Collect request and response body for HTTP traffic (credentials, tokens, etc)
`
+
const usageTproxy string = `
TProxy:
-t Address of transparent proxy server (it starts along with HTTP proxy server)
@@ -66,12 +68,27 @@ func root(args []string) error {
conf := gohpts.Config{}
flags := flag.NewFlagSet(app, flag.ExitOnError)
flags.StringVar(&conf.AddrSOCKS, "s", addrSOCKS, "Address of SOCKS5 proxy server")
- flags.StringVar(&conf.User, "u", "", "User for SOCKS5 proxy authentication. This flag invokes prompt for password (not echoed to terminal)")
+ flags.StringVar(
+ &conf.User,
+ "u",
+ "",
+ "User for SOCKS5 proxy authentication. This flag invokes prompt for password (not echoed to terminal)",
+ )
flags.StringVar(&conf.AddrHTTP, "l", addrHTTP, "Address of HTTP proxy server")
- flags.StringVar(&conf.ServerUser, "U", "", "User for HTTP proxy (basic auth). This flag invokes prompt for password (not echoed to terminal)")
+ flags.StringVar(
+ &conf.ServerUser,
+ "U",
+ "",
+ "User for HTTP proxy (basic auth). This flag invokes prompt for password (not echoed to terminal)",
+ )
flags.StringVar(&conf.CertFile, "c", "", "Path to certificate PEM encoded file")
flags.StringVar(&conf.KeyFile, "k", "", "Path to private key PEM encoded file")
- flags.StringVar(&conf.ServerConfPath, "f", "", "Path to server configuration file in YAML format (overrides other proxy flags)")
+ flags.StringVar(
+ &conf.ServerConfPath,
+ "f",
+ "",
+ "Path to server configuration file in YAML format (overrides other proxy flags)",
+ )
daemon := flags.Bool("D", false, "Run as a daemon (provide -logfile to see logs)")
if runtime.GOOS == tproxyOS {
flags.StringVar(&conf.TProxy, "t", "", "Address of transparent proxy server (it starts along with HTTP proxy server)")
@@ -84,12 +101,22 @@ func root(args []string) error {
conf.TProxyMode = flagValue
return nil
})
- flags.BoolVar(&conf.Auto, "auto", false, "Automatically setup iptables for transparent proxy (requires elevated privileges)")
- flags.UintVar(&conf.Mark, "mark", 0, "Set mark for each packet sent through transparent proxy (Default: redirect 0, tproxy 100)")
+ flags.BoolVar(
+ &conf.Auto,
+ "auto",
+ false,
+ "Automatically setup iptables for transparent proxy (requires elevated privileges)",
+ )
+ flags.UintVar(
+ &conf.Mark,
+ "mark",
+ 0,
+ "Set mark for each packet sent through transparent proxy (Default: redirect 0, tproxy 100)",
+ )
}
flags.StringVar(&conf.LogFilePath, "logfile", "", "Log file path (Default: stdout)")
flags.BoolVar(&conf.Debug, "d", false, "Show logs in DEBUG mode")
- flags.BoolVar(&conf.Json, "j", false, "Show logs in JSON format")
+ flags.BoolVar(&conf.JSON, "j", false, "Show logs in JSON format")
flags.BoolVar(&conf.Sniff, "sniff", false, "Enable traffic sniffing for HTTP and TLS")
flags.StringVar(&conf.SniffLogFile, "snifflog", "", "Sniffed traffic log file path (Default: the same as -logfile)")
flags.BoolVar(&conf.NoColor, "nocolor", false, "Disable colored output for logs (no effect if -j flag specified)")
diff --git a/gohpts.go b/gohpts.go
index b94da93..43fe4f5 100644
--- a/gohpts.go
+++ b/gohpts.go
@@ -1,3 +1,4 @@
+// Package gohpts transform SOCKS5 proxy into HTTP(S) proxy with support for Transparent Proxy (Redirect and TProxy), Proxychains and Traffic Sniffing
package gohpts
import (
@@ -52,11 +53,19 @@ var (
supportedChainTypes = []string{"strict", "dynamic", "random", "round_robin"}
SupportedTProxyModes = []string{"redirect", "tproxy"}
errInvalidWrite = errors.New("invalid write result")
- ipPortPattern = regexp.MustCompile(`\b(?:\d{1,3}\.){3}\d{1,3}(?::(6553[0-5]|655[0-2]\d|65[0-4]\d{2}|6[0-4]\d{3}|[1-5]?\d{1,4}))?\b`)
- domainPattern = regexp.MustCompile(`\b(?:[a-zA-Z0-9-]{1,63}\.)+(?:com|net|org|io|co|uk|ru|de|edu|gov|info|biz|dev|app|ai)(?::(6553[0-5]|655[0-2]\d|65[0-4]\d{2}|6[0-4]\d{3}|[1-5]?\d{1,4}))?\b`)
- jwtPattern = regexp.MustCompile(`\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b`)
- authPattern = regexp.MustCompile(`(?i)(?:"|')?(authorization|auth[_-]?token|access[_-]?token|api[_-]?key|secret|token)(?:"|')?\s*[:=]\s*(?:"|')?([^\s"'&]+)`)
- credsPattern = regexp.MustCompile(`(?i)(?:"|')?(username|user|login|email|password|pass|pwd)(?:"|')?\s*[:=]\s*(?:"|')?([^\s"'&]+)`)
+ ipPortPattern = regexp.MustCompile(
+ `\b(?:\d{1,3}\.){3}\d{1,3}(?::(6553[0-5]|655[0-2]\d|65[0-4]\d{2}|6[0-4]\d{3}|[1-5]?\d{1,4}))?\b`,
+ )
+ domainPattern = regexp.MustCompile(
+ `\b(?:[a-zA-Z0-9-]{1,63}\.)+(?:com|net|org|io|co|uk|ru|de|edu|gov|info|biz|dev|app|ai)(?::(6553[0-5]|655[0-2]\d|65[0-4]\d{2}|6[0-4]\d{3}|[1-5]?\d{1,4}))?\b`,
+ )
+ jwtPattern = regexp.MustCompile(`\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b`)
+ authPattern = regexp.MustCompile(
+ `(?i)(?:"|')?(authorization|auth[_-]?token|access[_-]?token|api[_-]?key|secret|token)(?:"|')?\s*[:=]\s*(?:"|')?([^\s"'&]+)`,
+ )
+ credsPattern = regexp.MustCompile(
+ `(?i)(?:"|')?(username|user|login|email|password|pass|pwd)(?:"|')?\s*[:=]\s*(?:"|')?([^\s"'&]+)`,
+ )
)
// Hop-by-hop headers
@@ -90,7 +99,7 @@ type Config struct {
Mark uint
LogFilePath string
Debug bool
- Json bool
+ JSON bool
Sniff bool
SniffLogFile string
NoColor bool
@@ -152,12 +161,12 @@ func randColor() func(string) *colors.Color {
return rColors[randIndex]
}
-func (p *proxyapp) getId() string {
+func (p *proxyapp) getID() string {
id := uuid.New()
if p.nocolor {
- return fmt.Sprintf("%s", colors.WrapBrackets(id.String()))
+ return colors.WrapBrackets(id.String())
}
- return randColor()(fmt.Sprintf("%s", colors.WrapBrackets(id.String()))).String()
+ return randColor()(colors.WrapBrackets(id.String())).String()
}
func (p *proxyapp) colorizeStatus(code int, status string, bg bool) string {
@@ -181,7 +190,13 @@ func (p *proxyapp) colorizeStatus(code int, status string, bg bool) string {
return status
}
-func (p *proxyapp) colorizeHTTP(req *http.Request, resp *http.Response, reqBodySaved, respBodySaved *[]byte, id string, ts bool) string {
+func (p *proxyapp) colorizeHTTP(
+ req *http.Request,
+ resp *http.Response,
+ reqBodySaved, respBodySaved *[]byte,
+ id string,
+ ts bool,
+) string {
var sb strings.Builder
if ts {
sb.WriteString(fmt.Sprintf("%s ", p.colorizeTimestamp()))
@@ -190,7 +205,7 @@ func (p *proxyapp) colorizeHTTP(req *http.Request, resp *http.Response, reqBodyS
sb.WriteString(id)
sb.WriteString(fmt.Sprintf(" %s %s %s ", req.Method, req.URL, req.Proto))
if req.UserAgent() != "" {
- sb.WriteString(fmt.Sprintf("%s", colors.WrapBrackets(req.UserAgent())))
+ sb.WriteString(colors.WrapBrackets(req.UserAgent()))
}
if req.ContentLength > 0 {
sb.WriteString(fmt.Sprintf(" Len: %d", req.ContentLength))
@@ -224,7 +239,7 @@ func (p *proxyapp) colorizeHTTP(req *http.Request, resp *http.Response, reqBodyS
sb.WriteString(colors.YellowBg(fmt.Sprintf("%s ", req.URL)).String())
sb.WriteString(colors.BlueBg(fmt.Sprintf("%s ", req.Proto)).String())
if req.UserAgent() != "" {
- sb.WriteString(colors.Gray(fmt.Sprintf("%s", colors.WrapBrackets(req.UserAgent()))).String())
+ sb.WriteString(colors.Gray(colors.WrapBrackets(req.UserAgent())).String())
}
if req.ContentLength > 0 {
sb.WriteString(colors.BeigeBg(fmt.Sprintf(" Len: %d", req.ContentLength)).String())
@@ -814,7 +829,7 @@ func (p *proxyapp) handleForward(w http.ResponseWriter, r *http.Request) {
}
p.snifflogger.Log().Msg(fmt.Sprintf("[%s]", strings.Join(sniffheader, ",")))
} else {
- id := p.getId()
+ id := p.getID()
p.snifflogger.Log().Msg(p.colorizeHTTP(req, resp, &reqBodySaved, &respBodySaved, id, false))
}
}
@@ -943,10 +958,13 @@ func (p *proxyapp) handleTunnel(w http.ResponseWriter, r *http.Request) {
if p.sniff {
wg.Add(1)
sniffheader := make([]string, 0, 6)
- id := p.getId()
+ id := p.getID()
if p.json {
- sniffheader = append(sniffheader, fmt.Sprintf("{\"connection\":{\"src_remote\":%s,\"src_local\":%s,\"dst_local\":%s,\"dst_remote\":%s}}",
- srcConn.RemoteAddr(), srcConn.LocalAddr(), dstConn.LocalAddr(), dstConn.RemoteAddr()))
+ sniffheader = append(
+ sniffheader,
+ fmt.Sprintf("{\"connection\":{\"src_remote\":%s,\"src_local\":%s,\"dst_local\":%s,\"dst_remote\":%s}}",
+ srcConn.RemoteAddr(), srcConn.LocalAddr(), dstConn.LocalAddr(), dstConn.RemoteAddr()),
+ )
j, err := json.Marshal(&layers.HTTPMessage{Request: r})
if err == nil {
sniffheader = append(sniffheader, string(j))
@@ -1009,7 +1027,7 @@ func (p *proxyapp) sniffreporter(wg *sync.WaitGroup, sniffheader *[]string, reqC
if p.json {
p.snifflogger.Log().Msg(fmt.Sprintf("[%s]", strings.Join(*sniffheader, ",")))
} else {
- p.snifflogger.Log().Msg(fmt.Sprintf("%s", strings.Join(*sniffheader, "\n")))
+ p.snifflogger.Log().Msg(strings.Join(*sniffheader, "\n"))
}
}
*sniffheader = (*sniffheader)[:sniffheaderlen]
@@ -1089,7 +1107,13 @@ readLoop:
return written, err
}
-func (p *proxyapp) transfer(wg *sync.WaitGroup, dst net.Conn, src net.Conn, destName, srcName string, msgChan chan<- layers.Layer) {
+func (p *proxyapp) transfer(
+ wg *sync.WaitGroup,
+ dst net.Conn,
+ src net.Conn,
+ destName, srcName string,
+ msgChan chan<- layers.Layer,
+) {
defer func() {
wg.Done()
close(msgChan)
@@ -1173,10 +1197,10 @@ func (p *proxyapp) applyRedirectRules() string {
}
cmdInit := exec.Command("bash", "-c", `
set -ex
- iptables -t nat -N GOHPTS 2>/dev/null
- iptables -t nat -F GOHPTS
-
- iptables -t nat -A GOHPTS -d 127.0.0.0/8 -j RETURN
+ iptables -t nat -N GOHPTS 2>/dev/null
+ iptables -t nat -F GOHPTS
+
+ iptables -t nat -A GOHPTS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A GOHPTS -p tcp --dport 22 -j RETURN
`)
cmdInit.Stdout = os.Stdout
@@ -1186,13 +1210,13 @@ func (p *proxyapp) applyRedirectRules() string {
}
if p.httpServerAddr != "" {
_, httpPort, _ := net.SplitHostPort(p.httpServerAddr)
- cmdHttp := exec.Command("bash", "-c", fmt.Sprintf(`
+ cmdHTTP := exec.Command("bash", "-c", fmt.Sprintf(`
set -ex
iptables -t nat -A GOHPTS -p tcp --dport %s -j RETURN
`, httpPort))
- cmdHttp.Stdout = os.Stdout
- cmdHttp.Stderr = os.Stderr
- if err := cmdHttp.Run(); err != nil {
+ cmdHTTP.Stdout = os.Stdout
+ cmdHTTP.Stderr = os.Stderr
+ if err := cmdHTTP.Run(); err != nil {
p.logger.Fatal().Err(err).Msg("Failed while configuring iptables. Are you root?")
}
}
@@ -1241,7 +1265,7 @@ func (p *proxyapp) applyRedirectRules() string {
for subnet in $(docker network inspect $(docker network ls -q) --format '{{range .IPAM.Config}}{{.Subnet}}{{end}}'); do
iptables -t nat -A GOHPTS -d "$subnet" -j RETURN
done
- fi
+ fi
iptables -t nat -A GOHPTS -p tcp -j REDIRECT --to-ports %s
@@ -1514,7 +1538,7 @@ func getFullAddress(v string, all bool) (string, error) {
if v == "" {
return "", nil
}
- var ip string = "127.0.0.1"
+ ip := "127.0.0.1"
if all {
ip = "0.0.0.0"
}
@@ -1549,21 +1573,21 @@ func expandPath(p string) string {
func New(conf *Config) *proxyapp {
var logger, snifflogger zerolog.Logger
var p proxyapp
- var logfile *os.File = os.Stdout
+ logfile := os.Stdout
var snifflog *os.File
var err error
p.sniff = conf.Sniff
p.body = conf.Body
- p.json = conf.Json
+ p.json = conf.JSON
if conf.LogFilePath != "" {
- f, err := os.OpenFile(conf.LogFilePath, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0644)
+ f, err := os.OpenFile(conf.LogFilePath, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0o644)
if err != nil {
log.Fatalf("Failed to open log file: %v", err)
}
logfile = f
}
if conf.SniffLogFile != "" && conf.SniffLogFile != conf.LogFilePath {
- f, err := os.OpenFile(conf.SniffLogFile, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0644)
+ f, err := os.OpenFile(conf.SniffLogFile, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0o644)
if err != nil {
log.Fatalf("Failed to open sniff log file: %v", err)
}
@@ -1571,8 +1595,8 @@ func New(conf *Config) *proxyapp {
} else {
snifflog = logfile
}
- p.nocolor = conf.Json || conf.NoColor
- if conf.Json {
+ p.nocolor = conf.JSON || conf.NoColor
+ if conf.JSON {
log.SetFlags(0)
jsonWriter := jsonLogWriter{file: logfile}
log.SetOutput(jsonWriter)
@@ -1597,7 +1621,7 @@ func New(conf *Config) *proxyapp {
}
s := i.(string)
if p.nocolor {
- return fmt.Sprintf("%s", s)
+ return s
}
result := ipPortPattern.ReplaceAllStringFunc(s, func(match string) string {
return colors.Gray(match).String()
@@ -1615,7 +1639,7 @@ func New(conf *Config) *proxyapp {
output.FormatErrFieldValue = func(i any) string {
s := i.(string)
if p.nocolor {
- return fmt.Sprintf("%s", s)
+ return s
}
result := ipPortPattern.ReplaceAllStringFunc(s, func(match string) string {
return colors.Red(match).String()
@@ -1624,7 +1648,6 @@ func New(conf *Config) *proxyapp {
return colors.Red(match).String()
})
return result
-
}
logger = zerolog.New(output).With().Timestamp().Logger()
sniffoutput := zerolog.ConsoleWriter{Out: snifflog, TimeFormat: time.RFC3339, NoColor: p.nocolor, PartsExclude: []string{"level"}}
@@ -1648,7 +1671,7 @@ func New(conf *Config) *proxyapp {
sniffoutput.FormatErrFieldValue = func(i any) string {
s := i.(string)
if p.nocolor {
- return fmt.Sprintf("%s", s)
+ return s
}
result := ipPortPattern.ReplaceAllStringFunc(s, func(match string) string {
return colors.Red(match).String()
@@ -1657,7 +1680,6 @@ func New(conf *Config) *proxyapp {
return colors.Red(match).String()
})
return result
-
}
snifflogger = zerolog.New(sniffoutput).With().Timestamp().Logger()
}
diff --git a/tproxy_linux.go b/tproxy_linux.go
index d06a436..94db8ea 100644
--- a/tproxy_linux.go
+++ b/tproxy_linux.go
@@ -94,7 +94,15 @@ func (ts *tproxyServer) serve() {
}
func getsockopt(s int, level int, optname int, optval unsafe.Pointer, optlen *uint32) (err error) {
- _, _, e := unix.Syscall6(unix.SYS_GETSOCKOPT, uintptr(s), uintptr(level), uintptr(optname), uintptr(optval), uintptr(unsafe.Pointer(optlen)), 0)
+ _, _, e := unix.Syscall6(
+ unix.SYS_GETSOCKOPT,
+ uintptr(s),
+ uintptr(level),
+ uintptr(optname),
+ uintptr(optval),
+ uintptr(unsafe.Pointer(optlen)),
+ 0,
+ )
if e != 0 {
return e
}
@@ -181,10 +189,20 @@ func (ts *tproxyServer) handleConnection(srcConn net.Conn) {
if ts.pa.sniff {
wg.Add(1)
sniffheader := make([]string, 0, 6)
- id := ts.pa.getId()
+ id := ts.pa.getID()
if ts.pa.json {
- sniffheader = append(sniffheader, fmt.Sprintf("{\"connection\":{\"tproxy_mode\":%s,\"src_remote\":%s,\"src_local\":%s,\"dst_local\":%s,\"dst_remote\":%s,\"original_dst\":%s}}",
- ts.pa.tproxyMode, srcConn.RemoteAddr(), srcConn.LocalAddr(), dstConn.LocalAddr(), dstConn.RemoteAddr(), dst))
+ sniffheader = append(
+ sniffheader,
+ fmt.Sprintf(
+ "{\"connection\":{\"tproxy_mode\":%s,\"src_remote\":%s,\"src_local\":%s,\"dst_local\":%s,\"dst_remote\":%s,\"original_dst\":%s}}",
+ ts.pa.tproxyMode,
+ srcConn.RemoteAddr(),
+ srcConn.LocalAddr(),
+ dstConn.LocalAddr(),
+ dstConn.RemoteAddr(),
+ dst,
+ ),
+ )
} else {
var sb strings.Builder
if ts.pa.nocolor {
From 0f1962fe534ba53836ab6025675191402850897f Mon Sep 17 00:00:00 2001
From: shadowy-pycoder <35629483+shadowy-pycoder@users.noreply.github.com>
Date: Sun, 6 Jul 2025 09:09:12 +0300
Subject: [PATCH 2/5] added check fot http response interface conversion
---
gohpts.go | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/gohpts.go b/gohpts.go
index 43fe4f5..8a24387 100644
--- a/gohpts.go
+++ b/gohpts.go
@@ -401,7 +401,10 @@ func (p *proxyapp) colorizeTunnel(req, resp layers.Layer, sniffheader *[]string,
switch reqt := req.(type) {
case *layers.HTTPMessage:
var reqBodySaved, respBodySaved []byte
- rest := resp.(*layers.HTTPMessage)
+ rest, ok := resp.(*layers.HTTPMessage)
+ if !ok {
+ return fmt.Errorf("failed parsing HTTP response")
+ }
if p.body {
reqBodySaved, _ = io.ReadAll(reqt.Request.Body)
respBodySaved, _ = io.ReadAll(rest.Response.Body)
From 8b6cbe2d0e5a22976aec17c9ac157d0d5c35dfa0 Mon Sep 17 00:00:00 2001
From: shadowy-pycoder <35629483+shadowy-pycoder@users.noreply.github.com>
Date: Sun, 6 Jul 2025 09:54:33 +0300
Subject: [PATCH 3/5] updated layers pkg, added check for the number of records
in tls to avoid false potitives
---
go.mod | 2 +-
go.sum | 4 ++--
gohpts.go | 38 +++++++++++++++++---------------------
3 files changed, 20 insertions(+), 24 deletions(-)
diff --git a/go.mod b/go.mod
index c779676..cdbcd2a 100644
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
github.com/google/uuid v1.6.0
github.com/rs/zerolog v1.34.0
github.com/shadowy-pycoder/colors v0.0.1
- github.com/shadowy-pycoder/mshark v0.0.4
+ github.com/shadowy-pycoder/mshark v0.0.5
golang.org/x/net v0.40.0
golang.org/x/sys v0.33.0
golang.org/x/term v0.32.0
diff --git a/go.sum b/go.sum
index 6694189..992a941 100644
--- a/go.sum
+++ b/go.sum
@@ -19,8 +19,8 @@ github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY=
github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ=
github.com/shadowy-pycoder/colors v0.0.1 h1:weCj/YIOupqy4BSP8KuVzr20fC+cuAv/tArz7bhhkP4=
github.com/shadowy-pycoder/colors v0.0.1/go.mod h1:lkrJS1PY2oVigNLTT6pkbF7B/v0YcU2LD5PZnss1Q4U=
-github.com/shadowy-pycoder/mshark v0.0.4 h1:2yw6am1jt6n1GPHdLfFU1oDajv+zQ/23V0l0imFAeJY=
-github.com/shadowy-pycoder/mshark v0.0.4/go.mod h1:fRWGQuU4BFjz9pTfrvwIT2AtmWWd99PEvdlgv+24vTE=
+github.com/shadowy-pycoder/mshark v0.0.5 h1:D7L+vW6DsE/OMwxThQLenNJdHKHzufHFWGuL033GKhQ=
+github.com/shadowy-pycoder/mshark v0.0.5/go.mod h1:fRWGQuU4BFjz9pTfrvwIT2AtmWWd99PEvdlgv+24vTE=
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
diff --git a/gohpts.go b/gohpts.go
index 8a24387..eadaa3a 100644
--- a/gohpts.go
+++ b/gohpts.go
@@ -433,31 +433,27 @@ func (p *proxyapp) colorizeTunnel(req, resp layers.Layer, sniffheader *[]string,
case *layers.TLSMessage:
var chs *layers.TLSClientHello
var shs *layers.TLSServerHello
- if len(reqt.Records) > 0 {
- hsrec := reqt.Records[0]
- if hsrec.ContentType == layers.HandshakeTLSVal { // TODO: add more cases, parse all records
- switch parser := layers.HSTLSParserByType(hsrec.Data[0]).(type) {
- case *layers.TLSClientHello:
- err := parser.ParseHS(hsrec.Data)
- if err != nil {
- return err
- }
- chs = parser
+ hsrec := reqt.Records[0] // len(Records) > 0 after dispatch
+ if hsrec.ContentType == layers.HandshakeTLSVal { // TODO: add more cases, parse all records
+ switch parser := layers.HSTLSParserByType(hsrec.Data[0]).(type) {
+ case *layers.TLSClientHello:
+ err := parser.ParseHS(hsrec.Data)
+ if err != nil {
+ return err
}
+ chs = parser
}
}
rest := resp.(*layers.TLSMessage)
- if len(rest.Records) > 0 {
- hsrec := rest.Records[0]
- if hsrec.ContentType == layers.HandshakeTLSVal {
- switch parser := layers.HSTLSParserByType(hsrec.Data[0]).(type) {
- case *layers.TLSServerHello:
- err := parser.ParseHS(hsrec.Data)
- if err != nil {
- return err
- }
- shs = parser
+ hsrec = rest.Records[0]
+ if hsrec.ContentType == layers.HandshakeTLSVal {
+ switch parser := layers.HSTLSParserByType(hsrec.Data[0]).(type) {
+ case *layers.TLSServerHello:
+ err := parser.ParseHS(hsrec.Data)
+ if err != nil {
+ return err
}
+ shs = parser
}
}
if chs != nil && shs != nil {
@@ -1045,7 +1041,7 @@ func dispatch(data []byte) (layers.Layer, error) {
return h, nil
}
m := &layers.TLSMessage{}
- if err := m.Parse(data); err == nil {
+ if err := m.Parse(data); err == nil && len(m.Records) > 0 {
return m, nil
}
return nil, fmt.Errorf("failed sniffing traffic")
From 7a8d380bf83574f77548055bb2b77baa8ef0bf02 Mon Sep 17 00:00:00 2001
From: shadowy-pycoder <35629483+shadowy-pycoder@users.noreply.github.com>
Date: Sun, 6 Jul 2025 15:00:33 +0300
Subject: [PATCH 4/5] added setup to handle ARP spoofed traffic
---
README.md | 23 ++++++++++++++++++-
cmd/gohpts/cli.go | 12 ++++++++++
gohpts.go | 55 ++++++++++++++++++++++++++++++++++++++++++++--
tproxy_linux.go | 22 +++++++++++++++++++
tproxy_nonlinux.go | 5 +++++
version.go | 2 +-
6 files changed, 115 insertions(+), 4 deletions(-)
diff --git a/README.md b/README.md
index 62146b0..92e8b1e 100644
--- a/README.md
+++ b/README.md
@@ -20,6 +20,7 @@
- [Transparent proxy](#transparent-proxy)
- [redirect (via NAT and SO_ORIGINAL_DST)](#redirect-via-nat-and-so_original_dst)
- [tproxy (via MANGLE and IP_TRANSPARENT)](#tproxy-via-mangle-and-ip_transparent)
+ - [ARP spoofing](#arp-spoofing)
- [Traffic sniffing](#traffic-sniffing)
- [JSON format](#json-format)
- [Colored format](#colored-format)
@@ -97,7 +98,7 @@ You can download the binary for your platform from [Releases](https://github.com
Example:
```shell
-HPTS_RELEASE=v1.8.3; wget -v https://github.com/shadowy-pycoder/go-http-proxy-to-socks/releases/download/$HPTS_RELEASE/gohpts-$HPTS_RELEASE-linux-amd64.tar.gz -O gohpts && tar xvzf gohpts && mv -f gohpts-$HPTS_RELEASE-linux-amd64 gohpts && ./gohpts -h
+HPTS_RELEASE=v1.8.4; wget -v https://github.com/shadowy-pycoder/go-http-proxy-to-socks/releases/download/$HPTS_RELEASE/gohpts-$HPTS_RELEASE-linux-amd64.tar.gz -O gohpts && tar xvzf gohpts && mv -f gohpts-$HPTS_RELEASE-linux-amd64 gohpts && ./gohpts -h
```
Alternatively, you can install it using `go install` command (requires Go [1.24](https://go.dev/doc/install) or later):
@@ -164,6 +165,7 @@ Options:
-T Address of transparent proxy server (no HTTP)
-M Transparent proxy mode: (redirect, tproxy)
-auto Automatically setup iptables for transparent proxy (requires elevated privileges)
+ -arp Automatically setup iptables to proxy ARP spoofed traffic (use tools like bettercap to perform actual attack)
-mark Set mark for each packet sent through transparent proxy (Default: redirect 0, tproxy 100)
```
@@ -479,6 +481,25 @@ else
fi
```
+### ARP spoofing
+
+`GoHPTS` can be used with tools like [Bettercap](https://github.com/bettercap/bettercap) to proxy ARP spoofed traffic.
+
+Run the proxy with `-arp` flag
+
+```shell
+ssh remote -D 1080 -Nf
+sudo env PATH=$PATH gohpts -d -T 8888 -M tproxy -sniff -body -auto -mark 100 -arp
+```
+
+Run `bettercap`
+
+```shell
+sudo bettercap -eval "set net.probe on;set net.recon on;arp.spoof on"
+```
+
+Check proxy logs for traffic from other devices from your LAN
+
## Traffic sniffing
[[Back]](#table-of-contents)
diff --git a/cmd/gohpts/cli.go b/cmd/gohpts/cli.go
index dc848d9..444e7ae 100644
--- a/cmd/gohpts/cli.go
+++ b/cmd/gohpts/cli.go
@@ -61,6 +61,7 @@ const usageTproxy string = `
-T Address of transparent proxy server (no HTTP)
-M Transparent proxy mode: (redirect, tproxy)
-auto Automatically setup iptables for transparent proxy (requires elevated privileges)
+ -arp Automatically setup iptables to proxy ARP spoofed traffic (use tools like bettercap to perform actual attack)
-mark Set mark for each packet sent through transparent proxy (Default: redirect 0, tproxy 100)
`
@@ -113,6 +114,12 @@ func root(args []string) error {
0,
"Set mark for each packet sent through transparent proxy (Default: redirect 0, tproxy 100)",
)
+ flags.BoolVar(
+ &conf.ARP,
+ "arp",
+ false,
+ "Automatically setup iptables to proxy ARP spoofed traffic (use tools like bettercap to perform actual attack)",
+ )
}
flags.StringVar(&conf.LogFilePath, "logfile", "", "Log file path (Default: stdout)")
flags.BoolVar(&conf.Debug, "d", false, "Show logs in DEBUG mode")
@@ -172,6 +179,11 @@ func root(args []string) error {
return fmt.Errorf("-mark requires -t or -T flag")
}
}
+ if seen["arp"] {
+ if !seen["auto"] {
+ return fmt.Errorf("-arp requires -auto flag")
+ }
+ }
if seen["f"] {
for _, da := range []string{"s", "u", "U", "c", "k", "l"} {
if seen[da] {
diff --git a/gohpts.go b/gohpts.go
index eadaa3a..1a58680 100644
--- a/gohpts.go
+++ b/gohpts.go
@@ -97,6 +97,7 @@ type Config struct {
TProxyMode string
Auto bool
Mark uint
+ ARP bool
LogFilePath string
Debug bool
JSON bool
@@ -120,6 +121,7 @@ type proxyapp struct {
tproxyMode string
auto bool
mark uint
+ arp bool
user string
pass string
proxychain chain
@@ -1361,10 +1363,53 @@ func (p *proxyapp) applyRedirectRules() string {
cmdForward.Stdout = os.Stdout
cmdForward.Stderr = os.Stderr
_ = cmdForward.Run()
+ if p.arp {
+ cmdClear := exec.Command("bash", "-c", `
+ set -ex
+ iptables -t filter -F GOHPTS 2>/dev/null || true
+ iptables -t filter -D FORWARD -j GOHPTS 2>/dev/null || true
+ iptables -t filter -X GOHPTS 2>/dev/null || true
+ `)
+ cmdClear.Stdout = os.Stdout
+ cmdClear.Stderr = os.Stderr
+ if err := cmdClear.Run(); err != nil {
+ p.logger.Fatal().Err(err).Msg("Failed while configuring iptables. Are you root?")
+ }
+ iface, err := getDefaultInterface()
+ if err != nil {
+ p.logger.Fatal().Err(err).Msg("failed getting default network interface")
+ }
+ cmdForward := exec.Command("bash", "-c", fmt.Sprintf(`
+ set -ex
+ iptables -t filter -N GOHPTS 2>/dev/null
+ iptables -t filter -F GOHPTS
+ iptables -t filter -A FORWARD -j GOHPTS
+ iptables -t filter -A GOHPTS -i %s -j ACCEPT
+ iptables -t filter -A GOHPTS -o %s -j ACCEPT
+ `, iface.Name, iface.Name))
+ cmdForward.Stdout = os.Stdout
+ cmdForward.Stderr = os.Stderr
+ if err := cmdForward.Run(); err != nil {
+ p.logger.Fatal().Err(err).Msg("Failed while configuring iptables. Are you root?")
+ }
+ }
return string(output)
}
func (p *proxyapp) clearRedirectRules(output string) error {
+ if p.arp {
+ cmdClear := exec.Command("bash", "-c", `
+ set -ex
+ iptables -t filter -F GOHPTS 2>/dev/null || true
+ iptables -t filter -D FORWARD -j GOHPTS 2>/dev/null || true
+ iptables -t filter -X GOHPTS 2>/dev/null || true
+ `)
+ cmdClear.Stdout = os.Stdout
+ cmdClear.Stderr = os.Stderr
+ if err := cmdClear.Run(); err != nil {
+ p.logger.Fatal().Err(err).Msg("Failed while configuring iptables. Are you root?")
+ }
+ }
var cmd *exec.Cmd
switch p.tproxyMode {
case "redirect":
@@ -1701,7 +1746,7 @@ func New(conf *Config) *proxyapp {
p.tproxyMode = conf.TProxyMode
tproxyonly := conf.TProxyOnly != ""
if tproxyonly {
- if p.tproxyMode == "tproxy" {
+ if p.tproxyMode != "" {
p.tproxyAddr, err = getFullAddress(conf.TProxyOnly, true)
if err != nil {
p.logger.Fatal().Err(err).Msg("")
@@ -1713,7 +1758,7 @@ func New(conf *Config) *proxyapp {
}
}
} else {
- if p.tproxyMode == "tproxy" {
+ if p.tproxyMode != "" {
p.tproxyAddr, err = getFullAddress(conf.TProxy, true)
if err != nil {
p.logger.Fatal().Err(err).Msg("")
@@ -1739,6 +1784,12 @@ func New(conf *Config) *proxyapp {
if p.mark == 0 && p.tproxyMode == "tproxy" {
p.mark = 100
}
+ p.arp = conf.ARP
+ if p.arp && runtime.GOOS != "linux" {
+ p.logger.Fatal().Msg("ARP setup is available only for linux system")
+ } else if p.arp && !p.auto {
+ p.logger.Fatal().Msg("ARP setup requires auto configuration")
+ }
var addrHTTP, addrSOCKS, certFile, keyFile string
if conf.ServerConfPath != "" {
var sconf serverConfig
diff --git a/tproxy_linux.go b/tproxy_linux.go
index 94db8ea..cab13ce 100644
--- a/tproxy_linux.go
+++ b/tproxy_linux.go
@@ -4,11 +4,13 @@
package gohpts
import (
+ "bufio"
"context"
"errors"
"fmt"
"net"
"net/netip"
+ "os"
"strings"
"sync"
"syscall"
@@ -257,3 +259,23 @@ func getBaseDialer(timeout time.Duration, mark uint) *net.Dialer {
}
return dialer
}
+
+func getDefaultInterface() (*net.Interface, error) {
+ f, err := os.Open("/proc/net/route")
+ if err != nil {
+ return nil, err
+ }
+ defer f.Close()
+
+ defaultInterface := ""
+ scanner := bufio.NewScanner(f)
+ for scanner.Scan() {
+ line := scanner.Text()
+ fields := strings.Fields(line)
+ if len(fields) >= 2 && fields[1] == "00000000" {
+ defaultInterface = fields[0]
+ break
+ }
+ }
+ return net.InterfaceByName(defaultInterface)
+}
diff --git a/tproxy_nonlinux.go b/tproxy_nonlinux.go
index 850883e..76cbaa2 100644
--- a/tproxy_nonlinux.go
+++ b/tproxy_nonlinux.go
@@ -4,6 +4,7 @@
package gohpts
import (
+ "fmt"
"net"
"sync"
"syscall"
@@ -46,3 +47,7 @@ func getBaseDialer(timeout time.Duration, mark uint) *net.Dialer {
_ = mark
return &net.Dialer{Timeout: timeout}
}
+
+func getDefaultInterface() (*net.Interface, error) {
+ return nil, fmt.Errorf("not implemented")
+}
diff --git a/version.go b/version.go
index ed72300..fdcff4e 100644
--- a/version.go
+++ b/version.go
@@ -1,3 +1,3 @@
package gohpts
-const Version string = "gohpts v1.8.3"
+const Version string = "gohpts v1.8.4"
From e3e436700cc11b88f04f4663af0fbb3d0a2810bd Mon Sep 17 00:00:00 2001
From: shadowy-pycoder <35629483+shadowy-pycoder@users.noreply.github.com>
Date: Sun, 6 Jul 2025 15:20:27 +0300
Subject: [PATCH 5/5] added small mr_gopher
---
README.md | 2 +-
resources/.gitignore | 2 +-
resources/mr_gopher_small.png | Bin 0 -> 71977 bytes
3 files changed, 2 insertions(+), 2 deletions(-)
create mode 100644 resources/mr_gopher_small.png
diff --git a/README.md b/README.md
index 92e8b1e..8088f2d 100644
--- a/README.md
+++ b/README.md
@@ -7,7 +7,7 @@
-
+
## Table of contents
diff --git a/resources/.gitignore b/resources/.gitignore
index 9a964a5..262e398 100644
--- a/resources/.gitignore
+++ b/resources/.gitignore
@@ -1,4 +1,4 @@
*
!example_gohpts.yaml
!sniffing_color.png
-!mr_gopher.png
+!mr_gopher*.png
diff --git a/resources/mr_gopher_small.png b/resources/mr_gopher_small.png
new file mode 100644
index 0000000000000000000000000000000000000000..747c4a088d77c756ba3822e34fda64f50f401241
GIT binary patch
literal 71977
zcmce-1z23mvM`DV4-UayCb%=f-DS|=12ee01}C@^+$FdLch}$$+(HPF1PyL)vd=mD
zp8vgj|9ih@^TEto-L=ZPs=B(mSERbC92Pn$IvgAvmV&%A2===U2M5oJiUPYT>)Bw1
z{h&F?zjcL!!@&RZ4-c1_O#%mp?q;o}=ccEk3^aGNX9q(Z&7kaF_D(QpI5=T3FDJ0M
zE!2(L3~FiZAVPc6(L+mZ4H2Q$EwLi-n9Anf{2GY2j8Um$L_BD4~J2vX~*s8dThx7^oCl9-$izNq_kdP1uCpQN-HyaFs&DGn%4eZ6{;7a!|4AM|na~EqTH)}@+
z>OUC4W{&P|BD648{~?3D)8A+vT>q&jn8rA~z)l=o?3{mO`U?0EEHw@c%Esju2}L
z@BbDQVh*%$bg>7+2F}_ZYzgIXa|hR6kQSkZvC3|34FU3Un+bu<
zxu9(3JiJ0|{5-q@Y(fHN{A>aOLcF{}oV*s?5UzhcFYRdV{>P~PJpT^|gE*SQaQrw99)0C|Jncczv=&vZfyr^n2KRc
z{IM6{U-UI$u?xlkKOY|t-#^>ct-YXjdeYV~t-1ci2tTjjzjwX;w=O|J-aoP7FCPWU
zTf4%n&ikLyMic7%&nr7?>c89)2sZzR5axgE6AGdIXS4NxGQ|HgW&Q)Lrxg^YuK$hQ
z{sYX_(ZbCW>;jdrgz5Od^$U*wig{PC$N!#n3o|}GesfL%SR97(un7tBa9o>SFzGHt_FM{$_#t
z|3!NLt;PM%;^F`AgT(PCMfgV;;P^jBh=1Hm|3j0qf5zsosTcU4#e)B-4Z`MPAS}55
zH{qU>mmAD)!Dq(C#lyqH27v`PHX(jNPBwE3ZZmFP2%ix2Pq_OBH;(^L!~Gu{`b!P}
zmO1^a36_rix%@j3gx&m|NdbKE-_hEi{Ov^R9~
z?z052chN&SUcAJkk&Ni@_1INS!ctgnwTlTQ!J`om?zrdV!Q8zwto8JKe6p%M_T9=7
z5P#Q^HF?|H>3gq}Mp>)*5$QQNfR{c{ws$s{FfgO{tanx%U)_h&K0Odw7iW
zuWBQpFMucF`55~lSrT0j+Yl}rj&*>6dGFBy{!)BREdLjmDS1LKUGG*ip+em><<$WcBDIjKHNmqhq
zdvhWFW_z$UD_S?lS0S5A+Ub7Rj4Ix3$WUI}=M(;rHrw1j3C#fA1BmogC
z_&8)^%xv_}mD=+1^9q(n3JjWnoUw$-FNu>2i7={|A=0!#DR?YM)OD%-8raNXF6884
zN_zeHK=c$4wNpvXJr%+sUa=cP!C)=E-ALcrQ?1rGffB>{EgJ0a`r;@2P0_vb4ofaBgW7AV&L3h#v)tY203;AfB@0}s-_qjFaVI6!
zw<>d_H_%lB<}l_c(_$iy=q!66uX)(NrU*SSK(;Lz@vcd?Pn-|5z#&YrlS;tGVsiTNHoPKrL2Hpqe-1B8U2ctej
zZ%d}fDnV-LO1Vib6#4jCfWLkj@h&VSE0%I$A+9+y>jIXWE$PsLPPN402;Vt9;|89W
zs4p1o;D1o!DWJzkO#vO7#BU?C;{nPz5_~d&6-$&0Ki0w(!HT+*e9DL;8U)cY!y_Xk
zl&>IGWopZ*Aj8X_Lzg~Jq`G&H7+3gDwfKgwod{~~pCG2)&mlPB^XseSt7|}OJ3HE(
zDeBNdP<@#mA=PeIKj~LFnB?dPN9RAe_VA15P{YbBNN{4(Qz9PTODsy#Iqh6eFoAGA
z-pahbpkn%r6bV5n$=74$78dT^R_`I9poB|N^^@7I?Y(v?F;U6+ZK96#tc%7D--+qP
zbUf^OBgOs8&3#e}CO+hoI|&F>lTxk)UlD_$sIg(zO;*|#C{k#f{n#^)s{QTp+r*My59pxz(vUcnNSbiS@R=nqf
zpKX!ShTH=?DFm~fwiFiy8Y^mQUR6|gMY{pQw9C~2X~LINuJg9RviVM-l?Md~^~i&f
z^+a6WwfQ~x4`0jU*->|tICV=15`AoNK0I&qG5i)ESBSN`e7ZA{DMo)5VWBUFkPh&U
z5ug9QzOJ{N<{vNVT+rV{_d`y*d1|WWM1C-#X(eDU=n5&5)|{NoQT3c=)i==RnnVhd
zgrBHr^#$LFl33Xkpq?%=b&qNdFE&Rgvh;7!K_B>eDKzO&H{M~8U6o{`K2hEY7asza!Yw45{6;-a`C+sVzTJJ5b3+>+IH18$Lgj%&lmJ
z^wr0)lMQj^Y4)yCELurA-kG^@PP^3{r))+@YhIq7x?c+rYt2YPN(q_xfc1?@*1dlX
z#SiV~l>_g@v-OQ7U29wKM<)g{xbO@oi>b_7i>dV3MEL}cZ+*^%acDV9BlPjLV3hon
z@L;|O4JPS4uS)*nrq!_M<;*t>DQ4nzEpmpmVL4cAoWDM~l+yJ80{gH
z6KTTQ`j^WG_BRnzaqNIS?jbW8RCEs-)5GI{V7NASdoG&^uhAdGr}UBs!e>3cWtA8l
zUyljl6_Ik~AH50AWPV0|@huRGyi$|STYxYQZobssQ)h8UZr4$izTeRWv8Oqu6n1qb
zUo|^K4HW{2T;4TJ1YHE8ZEHNm_lqI+Eh3r>xhu6G0y4&d7(~^kPo0RksOMqiisjT+
zB;uZus9QgnJEud}jSAMWpoDZO+eW`?BhqG2=b4TIt@_^~eLKOAjKb|y<@7>2xIl{y
zEJV*kr9$r#E65=hjaB5!sSArDz!GJ)XLT?!3g2cfOHnLNW@&G?OqyEY0`ixVkKnbw
zu%AZ$4tKpx3B40TeqKX6rruubt#lsw+SoL$K9N>kT3(;wN24~>(2t5q!Qf7Ro+x)u
zITI40SipI({C?&NU0a|hlcc_USv2$XD^=v;D`7l+ku#qnwjnW=yqM6Z^<=-?Sfa!@
zTAgInMYWQa6E0*L-s>2(@=alyzJ}L&A5?6WUfcgNB2a>AGb`VykjMCjpT0GH@%(-}
zfTzzWhHUH|Gj$1XHgdF1#q9+#m?g`vV7t&z8Z^orK2%>_y4FoZcsELNX)&zbAs&XA
z&G9a)-GTVs7ufs|a=2L1iBlc1D7#HcIIHiZy~ezAyZySXuPk-M(2wO{&4!dl_N`R5
zBu!xyx`6Q~EkL3&oM0m8#3
z$Df3+Ulueq<@mirSZgplDneD)Ur1s$e)S8Z0K}4@eY2+|Z*+dZo?cfKf79JS0i#>4+a+u4N1!^mF!7tjD
zg{Oeej_5FHi48Ej*^+ju3_3v=X)_7auXAe46brx|lFW5!3r*lgrHTnv_l~B@e;-kl
zQ3}BOP|L_VsU1I)Q2XI!J?YoA*~PNg2-E)Z`Ry@hsBeOQ(Cma$4vm)Cy!*n+>9|iT
zT)VHDL(N`YbUB!76(BiQ*0RqX=rSZ?J-Z=-KcLLXExb*9*vI$s%ek7e+p_`cvGle<
zZz5c|TTYkD;!Z_Zb+R9re8htn;bKO#CKEnL|D#xJWl|86gbbQgs2(e?GXrgd6jOdg
zzb+z;Ox2S*?T@Z6d|mm*UFLsMC@C^g$SQgGDFbYFlN$7Ge5!9%
ziD)_p<%oXS=kW5i@CXB|>?&!UFNVm6#kgi4)tFj|w&_}PM-kx~E>*57wBIKwSf;0s
z29?RqF(*X=AQ2ZPGUN=8CSRK|a1G?rg1UL61`|0WF42Er`WA_4@�u>~(T^VJ(2%
z+}+=9;lwXd;U;zKVcnf@XRNl1r*xqfOxt(5U1qn}3Z+aykB-O=erER#4u%2ZkQw94}(Zo9N${P$B)(
z-(M|GJ_k5)zCSWA+?f)Xsu&rXVJbUqr#MtNzBl|-9(f!9=;Qn90O^^$KX&t&)R;)4
z2(@2JQ9>^Mov13cA&BBLZFEmFwXr+8llFx{wb8Km7IBfIq9#&L#Q8cr{j{v2w#veu({J;k_CAVjMv>G%4mq8}}4%cB}B6h>Cl<3tdxRSDX2hy$HslPxa
zF*1?zWqOCF2GYOIBZszX@x1QMG~&(qB&;4IP;=Dp?(oX>Wu<+oL<#B>*n4`~Ip!-h
zc92En#-`FtjbGB*>+%GxX8oio2*1FI>2G1%{h<-U((aKH3w;aA>=0-cMo072+}JEVyPe_P&f4bJnhnn+_8tAHkx4_-YL_USOteb#fr9C>4wO@?jo#7*|hmHObR|--40(x6pT+m|k+lVCRT7w1lGxbj>7gr)#5?zJu>|2kN
zL*|h+F;UxDWj?xMX{0PP{Z}DCf-_?|OXW~ZDNE9NT<;jhpHht<^e;*#H5&Wtikm5l
zQu-@W4i657IWhUj@iuUOip{$3ekW4dc4!c|*z&{kcNu2!|?vaFk=$FHzb_ZP%ckJ3#0qvM^Pn6OXT6xW}Q#qFJj*bErM2dMv
z$}V4rQ5!6c#^q$KG+5_wkbFTnL2xMI&&JFS>VRc--lOb>w4b_UDTgj`g)t1V9>7WM
zPc)}uLED*uweXHt-D|GuJlvFKM?
z_1FHP6&WaMo^#A6JPH9;0nbuD@>U
zWyoEEcSO<&$5O!&ZF7r9h)0BC|jYFT0jy{;t
zXETvx#6t<4D&TBZPG_hq^>g=%7z|a
zK6sp2b}N#IdFk`zAUKkV550?jB4d#2lB2Cs*3>TILA(nGOFtnG9#h6v)H*^&;#BN5
z8#kHSD+4*c%2IW`5cu|zC#Tf>)`rw#O6yQrr$k?$E189SZJ3>~et3k1@I2;tMdo>x
zNroYBzT;A0{c*F$YW_TUAV8px;{EF{Yw#VG-{HxZXMDdm%pk)bqU)V2rzF#e@2ZrF4VsYOM0W6NK6jO2`*ot
z4NefB$sHWQNA|b)`X+Q7zle6uqluebY(Bp>`WXU}T*yTykW@T6B3|X=$Qn%~3<`>6@>OU7gzC(XG%a
z^hv^7@97QNF^*xJ3%$7IHM#HDS119x4C~rCZI0OkFv-nCO(kCmW6241fnBVXyN-@`
z@pa+QpnbRc-5{dJWx!cUwwnAVoeVQREYahMuz|!E8YyFG)>Op6?d)eF>FyB#!9#Zh
zwI+vij5Z9zW&C(5nvUE`OUwPZZ6SA<$J_1v6thjbEx(?6%*aJ>p7tmc{#zj?b_?;6?9Se;EB6V
zYS?v)8W=uIB>FvScdD0g_7vayqjw;
zsv;<&+mb3rXpc@}h%SGAhLiHUw8mVyWr^(3RMemAH_C%0`I|phd(c$WwE3*$n9lVh
zzVlQ%88+?JhgdTzFece8H|9qA<)-kGyxN>Nzc8l7zCEy%_P4E^aUGUkQ6;buO->5B
z{IOt^cN6$&e{96RsVO+?=ww3KrEk+Uh&XdQ)7dqOJl?l=Mocmf^jpYm#A1Wy6-B_f=G)&BzptU
zXqv+d4FBou&T-0E!3=zlihoUh2Z~8=-m5GHuL1H=D6HKeM4Prg0g}axSE>=;?=&@b
zy<<#&v%f&1`Hgo|HT;rvCPS4^nHFm9DyMByM6YkuBOAIJ-5nB&3U2QztF$%!amDs?
zrGrd^1q{*5e(vZQ|KNQQ?65HBTZ*BLr-tq!c3$TC>-BU{0NkvINw7h9hlW4bu?nv!
zGn#6DR~EjKpkm1!$_EBG@)3==qU^obUuITURoMk#%9Toeo#28?a5^FF{my<-hRSCB
zOx+f}P*hxO!YKdF3$;?IyG{&j;M^d4Pe2tEw=EGH)c&0g?8o}fWcTMspDp&3&+jC-
z#yS?~L7#eRy7ilA7auE1RIDf>(=ip_fRM&D78Vz0x3;EBtFzRHgvY`$iJ$g#R+d*T
zvrj!%D@qA|i``dU+<#IFWS%t|zgP!))gZMX34A$A^|Ho>Tm4RPP~|mXa0vW{nrLSw
zna(IFk2g6fe09ko6#sOy#@jeWotI~N^;zh1rqFvs8e(d#(^^Rko^wWpFov&wX`~pW
zdxOr66*>cj_u{#O3z}xPqv{Mn{)ZJdeE16{6Bcv#l?e=
zScIIh5x>h^PO^KpEnm4@p
zm<2Jn^bDoao>ZvHOQ!LvW*>=kxK54-26P?>r`Rj4$6mbrnmge)b!v!u?6)3!B<}vx
zuytAVc+PPw4*FWUdZLIh%67^>QKTKpL&ziHYfFYf%wC|*{FRyPR6q^+oeyZM0Owdh
zEsmfdlc)l!T|wb&&^Ka%MI$_pJ-ZeVuJa`sJGfW%%y!-p;NDdcI*8v$VylbeW$<|6
z#&@e&Oh)=)B!a!yx!Ocxix%{H3aQYQVA!TYp2}>9?w4$WV1hB%T!hlk8*VsB`ME=0
zGJfI7(@{(O?|FACHIi63r>R`_1kD~yF~wJsd`dQdf+@%LiX9R1v>flOB`Yvpvq?2G(61jei03L&D6d#q=Ie;Bc
zjP!2?aKvMG`~F%5&AX^=rEfE_&%WQHht=twdE-q>MtKuX<13Y46CYH
zAlwo@YKIcOLcW7|HI`8b_wUPJV2B@PN7C*fho4F#n;yx@U@_>|t$65&P}C4{x8amw
z^J>6Cq%XzgMMXfnlPG)r;7HI{?_0p%Bobp
z%Pv|&>-zj!a0MSyC`f()$#h`YJqGKVdq2Wl@JCtzXR-Yf`K*@B?gf0;W|x{sO-F&Fv?`JpD0HBNFQcQP5M%V3Fx?DS!2dL}292gfS}~Fat2iwX6*;cRDJAxo
zphIY|`K};(33*BsUM&Y_SPCkO^YoA+CJXMIxMH5wV>Px@BamV*zf%Y^p^=fu8c&E@
zC|Sly))L45i)1x5J%DA#!6SCkC`Q_7sAm;LXWM=Xzfohcb}U<*@?z}E;wRgEk7oOo
zV0C0;_a(Z9f@;krh0@r@rg1T1?F9{N-8}!ojTY#q9=U6Zb?T!>6jxHHG3Eo)W~y3-
z@)w_#UoXe+hQG5!PT~fyZC(U!;W<}p{Evjnjy2)^dI@KF~
z=iu!Li`aaMt}SjC@Fp#dv`)_*E~;aVR%}zQ0hNN-HEOi#STWWb%9n|n?U6&jvB_#4b3Q%p_>S>6(ja}#coW~Cja~GN
zC|mvO3(`^Q$eI7*=hr2+8RKHx%>9<_no^`mp&5gmm?*f@#
zDr;9(y5)q7O|+I}isU3OLNEstiORIukCMU0oaH-8A-d1-8I
z6rFeZI+0sa9t(94XK!!9v0jQA>_6??WeyS%&+j5W9yJF%=fhI!B0cs7t3Ets9#|PD
z2#4D+$_rWaIm&RW*xA*74{=i3R~J1*3mBGyvgeX`wk{av7w0D`SFcyB#je4UT0eno
z$Wcpnl_Z|Z6wAGSPUm6Qiv2
z@JOAKw-(KN5z#0k)@?x@>8=L+w^hX<0K!)kR8m6dQs~!716onaKqbaxnw;^3F^GII
zJ~MKvBJxDDQw|>P?N=^<=To5zC%fT88L^0;O0vbOi*#oxS7Xe{jZ74Zw)8Jv|E>p9
z2dcbKf|&hbX8=)oyKK^-UGZ~rpBw7gt)!9d`*h#sM6->&nsX|O0ay81QNlj9;SEc~
zx~0xzwg%T*#mL?EUzZX`A?~5uS1-HgxhR;m$K5<9^Q)^v4B0=@RK8~px*}oEbd(J}
zLfJtKAYRo(+t5WShoH02!&FtUBf&U4LXt=FQ4e6I3lQ8xzx>?-yr&vDVy)zn`nmSe&J5q={vQ{#-p%s#|gs
zjY{%e?pwhfmayGGN7XYMmGr1>W2Dc?sN@9E9Nt|xd=YF<{=4qFZ`P<<-`n|ku2L*4<;5!UuS7k7%
z8I$N$Dx**sOfAk(PF*+$7
z2)xHIwD^i!=r}(HLD$%l9_LMrq~}icU;vkg@^FhoO*w{wy0q@D)mJ{{D4wtb=pKVe
zZPTrBf+e}8Z*G{equc;0{>`~|MiiHqSg>@@oYX?x54U3WB=cO`!SQ$_GOjWdhlVt7
zYG#A&DNyQ?x3TI$AcSzfmube!DSfRO4*}eY%{bz5W;fs%P!M;s&4d((-Y3KdFxa+mk|I3|fh#7~OD8%vr@
zed>%s7DA0MG_Cpwb!^2^>K6GE&
zfSP+)cqr-VNmI!ZNK&yF+e7iX^j8}VFV(^QLNz4Tg-$^{QIh0yQ<?aV@Cl{g6rS
z?xGbZ#Z8s=8vG7aW)RHX6>l9cUg&b9#6>wlpQ#-Hc^w8KC2Ibt!NN#67c4=DW4Z{l
zmNdf8s1ZtkpA%TeR@L`zyrTuQULX1OizTygN6=S!Ds=e_YfQR6X@}sQS=^*ZB&8p#qhb=N+Erg9_Obo%3BbsnK}S7H%N
z`hqz%%B|6}JuW%Y8R@i_SnQ+f?P^PfD)PZ&1Wp#sq5p%k`)-!;p>j-|DV$OC2j|`i
z4x)|sV$*O~UD8S{EXH
z7CuXb8sRl4Rtqq!AjO#&;&x@ao|d=)7uNud^O=itqKB^DAKypOzjgdT2Wu=CeCY19I(9yv>YEFGgT*;QKn$3P;
ziO=*cRI$WmMwj++7EM`Ze=GhMz1HiHwkn22H`YjMc`XJk3k@7EUJ27T*m0oG8GLC?
zKk{fdW~Rc$o+a4)FNaj8kEBYByRd^6@Pj`F++yrsO$R8$^9nRO{nqVav!L{ERHnz1
zxc%aNF__IWt+7_~*yVCAR92f+{9S?6hm!LxArpKHeGI)32GOeJ(=i8kqB0V6_Xtt~
z($J-BA1pUD#R!qXAevpDBPyn=6*cC0d(nM&aGV9@e#=^^9I$2V^Wtu7f0(O^)*76o
z-`8FM!?Aq6}m><73w3AtsOxW1lqk;N|t}3S)7^J@7nwIk{PLAgQgjE
zC(}+sWb;%0SeeiF=kG*V{W|Nh&elj3cAP5VS=fdEr{dl+Tk6@>poApF0FE#fTNdF*
z=C+TNG)o(7?5kla6);=FE^%R@&4A6EQ7D+G2;Z3>&fqny
z@o^Km7P;8T9!&}>3T7%m*b7UGvtlzN;g$jk1PB@Y-eZ?76T@GwQ2Pgecz-i6@jQNh
z63{}>^E#dw%8d6{5K4(EQ6KlB_`)aY$=1J!Cw*8&s=zl%oerH8Da;v0-HIORYrn{t*grhV
zmMGVPjMU^To8ue$-#JggR#yyU25WA2m`>lHYW-)uzkS@&wcgIZ_BX8Z8!&*-?x2JV
zs-}BLh#?TvS_0Iumy76p{L9P7)llwZcole?WxGe1e7u%C+@}TDwO8&e#5v7}S;t`q
z9NhgnfA<`)E_@0hkH1)e9*yoZEw|hAAWDUleHFCMcQ`Cqpl~ORMAS7+i%PjZJ_pi?
zypK^co{PTK4r<3E@09io^vZ&5k-6)p;`d7nIgmc3qJelVLMUr7@#}Z=K7&DF4dqx27)?QjIUZP1|-aK9ayIYpHkkb=copC#$0{FFjH0FqR^eV;c~
zW7{0Wj7ho>0xoQr^a-4*_T
zchWW+o`?I{asg*_smNdazH`@q>rWe%?nkB9pQ-Q+k~bVzeZksMc(v}z6v~CualLy9
zcctLeq>6l>1It{e0-giS1+jI8EWZ2{g7CN>s}$$z@1vaB+>7HZ3qN(oo%ky=;{Col
zwir1!N^zkpCXfF4`F0`C5B?DPUY+Gb`Ol5xa+h%37K7T_?HBM@iawO8dEbKJk&!9(
zw)OZuN@6Os4Ba)*W26x>IJuJ1K!@~~_H4W!jnUG;NcnUUSp;x8^Ijk^MmhNl=$c?N
zRviAI{CBw#k{@IsouU3_CB0Piaf}T-$v`kQp2J`yuS)0+(53j})zPs}n!M3BH$QwH
za4=M3vu%;@MV5h8+bLgT?mL>crg%=DX||Yk-`8PhG{qTaR&Jp?iQvpEgTtQ(rETSr
zQBd!SQdHzr_VUV~wmGK4Jk+M*R=;<1n(&>?FkY4&9n$*+VdIT7vk*mp&g+1aBK^79
z@gfRZ^KK<$Dl+f+W&L*c1%2GWfXQ>i#R12=;-f&Ro;#`f)0lZ^15v$#nE%7?NEHr&
zc5ga^;|@(+y!F`mvO;v2;#C=x^$A)w?sC1Pe|0_^&$+WfxL*O^w6hSMQx=9+L{WKs
zORhza)9A2G9J63ao3Qiq5J7|$Yloa0=JF4}VU&yQ7~1hDlzS2js@84oc^&C_JvS4J
z?p@FN)`S`?vv=$mj5mk}f-@ncWSnG2<&O5H?%y$I*H_q+R$_=F>;h@HutGv<28)UA
zMaAI>4Ok{z*0(K3&>|WPS-JRytA_8wwOCC0>jAK2xl*q%`*j;vHtgV^S!ogpEF%V^
zgziK$(1?3y{Z@|ATy4cJrta{=QhA>ve&0sS<#Vlqx#5G@w)u;iVStVk2$WQEeZ66{
zu^_+;0ua`-Vwg;07T5J|NY3!VkK{Ru-Auh_<_d2%`TaAfR#CP}A>JbO^m-Sz&x_!?
z|5;8kB&Wk8i6E&bVB6kiO=W3qnP_^`i{jOGf>IALLo+osdHn4Xut1bAwDaxhV0=$y
zm6^tL^zFU1j^?K+!EB^;Gc%X%v5!EefO|RantPz)*~o=z%Zt2?2*rJ;>(c`ucB=?m*2NQ+oPHyARZujiHwnLrCVvDEj
zUDKgsfX9`cUnZn9qxplys{X2>oWeHWDX<1#|I`S~m{gp^;_+*
zn86#y#bT?OsFqB)X3`Y^nE8QD!GA0^hXboQ7Z!-J{XYK?0!V$$JW-g!!MQ3{jN*Bs
zjXyBJEN5B@N?*YY-{EGWL848R-eY9Otd%MG)Yy5m*qG}@ROI=XQ_%C2TW^$AUouwH
zMHDh1_1o=oW_C8RC?!i~lGqj39b~PVOM*MZ$f9bg!KTo%@tbc3^af4folxHN>^u(!
z4RRL0BW7ph|`mC;J}Z%!$4@Y}7V7-{x9ydun{tMB{P
zvR@pelmaSOq^TwK@j1|MVmxpyNYGvCIroF6TNl%0h+V@Kr#Li!6A!+vpnpPq5M~(D
z$}G07^S=1>^Kc{DnvkmskIk|>bJ&%mfSWsphZ`;u3H5MQVceO*V^iaUVwH0^-GPF$vrspu)=6z6F@1BUl
zJWe@867qw)u<4WbXF=1r?D|u?Gh~6Ie9A{^dI_!{aa|q9Jw7tOs
zg&X~(T#j@@8-?#aKfpX>xp`pbMzC#NFvIP`FpB4E36`v~aQxM;+H_~H*mA$&&t_Y_
zE9kAP%<(#v
z>F2>bzJK_**zD_gefZ5~Tg;0xGPG3xIu9`o4wC%pp72_XX8tfn9F_9nSRnfa$MZ|5
zMP~Z!%24OZMaHO_R-0j^*%3i8&)XE23hY3(3}Y{Bc_iIJMKm_@!a|%JNF7^X|^c#No{e|TFtb~oQUpWYtP9FI(k?V
z>FWH)yA}ssm@`vj;jI8aYt1!bP`uEtp`LpM5^=3Vxg+U5Zoz!|1sG4o11ttAr++^9
zX(4;filfd-=>Ht?5%A?GV-8hyjheV-m%+`!sj?X2@VGnrg+%75Rc)s&fcKxnMIzDqJji}vl>x4xZP57v-LyY)>A|Q)5*XG6xD{f
zaODqeuHR?Bt?YZ?Sf7lsnh<}%;(tkt$|~Ly%hXP^%CGQw$}{>s2&W`rjyh|s;cNx#
z_vLjGcc4~q+Vi7BhP~CCLaT*|jYP^aX6{Wb)f>-%!{m1yK0&&O0%{_=_u=L2koCAM
zPZvV!_mtj)Z||Bt>voQ|8h(A~2}#Va{FHSShaEL!R<}c@7Edi~M3Xv|ZEEd#TSz68ep6lVIpS+wzifrS>{hMPgU!9L48#{F7j0GR=)On>$|
zX%^;{<@xi+{--MgRCz{~*@Zb~3vy1m=E)p}gy4s5oUlaP6c^4p>rm|i;kp+^wv3ZZ
zc~Yg-(Q`bu^{#X&gqWCE1x{Ah)&nUhAM#8FG0-Y;pHF@{M~TxO*|bHZVPon2>Ub8a
zhzRc0;8zraEw(umv+~tzO!s70T(6C6&SYxO%_D5QWNf7%#`uhC58p^V+p
zw&OLmxa^mgu*x1=J)KKl>&RSgIlp4%W%V>WC=l6j*}3K|dV&Fes0DI!^Ne^EjZIMf$#RF8Vfgw=W1N^XNrCxWSxjt_
zkv|ffTy6{rWpS%L;&}b5$^9|4nAwGONnno0Ng!%A<=v~0)86vuXjRj@FO$VZ^W~Z{
zWgO~q_9L>2Azwc5qrAUMjKrktXf{*(mf^l0iTlH)!Ml>1u=rb|qu*lNHJQm=mJl-*~Q{Ey=O%+T43nrRvfj{en8Se15~B;@(!)frGG3O1dbcfr|R-^4Q}OCPF`v`-~*$6RMm
zZ2j|8bEaFSIS5=ii*Z)$^xdX1X?%z{a1OuAx*$psgv%vL77mB2yI=C=dGR0CWTfQ2
zBX}bw+vh?;PDz`kFu%MUV{gz0ug!(lb+8o-Y2orFZi;){Z(^5i`0RIXZUhRd-!^I-7O4h<)@_OrN6Iibr@K
z0;EnHN2SZq2K8pIxN3}V@JO<-(Mn|b!Ix_#RU5Rx-fL1`P0$-67je83z?*nUcl}u(
zJw%Gvv(f3ajRS8Y{*7|8d()V7KTeZJ;1#j4)nQ4|Q1?+R$NAH5a}zw5fE@VbMLM|o
zgu=EGjo++5aktM|Y(Etv6T1)v!-OkR=zM2z8_E4iQ|+^uf38Him^yipupq>0imLnmVJGpspNx-=43_=wV@c*9
z!#i?1w;H>y-%-cD_n4d*KAwMC7>%@7P}r0Yiq+u!4kgS}|g%JuTAo3N}&Hgn$1zC~X<@A;v;@bYH`
z8?My(f|28s34*&Ob(t1`SD+<{Q{@iDr`*=cVuB*T((l5;BIleIlcf@MTB7c{oGE8*
z^Hz3$Ht$)zjI;NaX5B#B1Sg9Pd*0~NVy}5=27QJ@9Wk4sG%&TmklowY_Fbu@c$;Rf
zJbhV;Qq@)+HYUEUU*J^o6pinlZQ0L_@rwC4VxI5QxZx4ZhtpZ3Pj4t_=T}T~D%RZs
zo}b~-CD={0)|MPWZ}RjiM`C076SCpk2@Oy
zUyoC~zRaGcc*jnrZP!03doe9uj>_XmCQU+?yDXUuTI?B<$CAj%irah{nT(&LX4{=2
zamI1?)0)vDv?~Or7TZSupqFEUmsom;%?=J4vi
zQmcMCSd-J(vwj8x&7b5X1&L((d8L(nqtn|?;W7#&BYDSCM@;RvVvaTx-jZTs|DIo8
zP-ZkxD*;_G_Dx*i{oafXyPPIKc~S}@x?m3Wpdv-~;c_?26uJE!2x`&~VR1NdXa=EtJ%?m$~F{!?Pu
zku4qHp{S7Zl!;9m;g?O)UYJtM610h?7at~LuwR-AF-+YIHJMEnyjMI7z1=Zkc6gjF
z3w~0oH9?bLU-|aa+a}rPZfmo5Is9WC-m8QP=lb}`BIzuPn^>wAlTj@RwrKGDc(Lh5Z5+UsdUktn!BqPkRUTJAo-{GCy10UMo{N3NP~*qLKKzS2FzAUnln)MknJtil?~Es66JmL(4N-v41<(rWPgbB>~!vfTJjjNseavre5Ae+jJTm6W|w0MACV
zUm3JVV=t9+h$dHx&E(a@BRueq&0sgBFa*@YB1sv?w;;ui)_gTwi{
zBG8|XhQbnHF98C9?PC^Xk6l5;ySZroePEazR#4Ww>DJ}*(2-W&S8YJsqcBixIZ0FHbI~Dl4VH^^12R11Qa<&?N1vaTUHsPW
z(TQv)`r@cJ-B40<-Jk{V*7f!trHW`uQ1^@c{zS0qa98duhL&9WR;IXEln$ZswUuoQ
z4`f1TsIZ28GA6gp&gV)Y5c5=a`^(|f4>xedC6J(%(n_tQ;m->PfjD{}DCGH^x>P~v
z#VK~1&0&c_#=!5B`<*`=KA;`8KV6q>9`vYP-9B@7CR}j7HR6}V61m4zdp;jI$`CUt
z0)+W}yS|c95;|ZzA@~&k=529SrZg{0f=)bW{b92OXz=``3x#C;9{?Uf;l8NL*0E&K
zGHm5gDVK1QJSnOiBmQUq{G2X^CK-LT^;SJV1yzS&;~;Re4;Y5Q<4-`oAba|Kcfb=ZjJnwOs83V
z{>#PUSHE7gEm(vRB%Q3rUcVoP5S;Y&Z;L;icC^a(4>F1h$8wqR6O@s&^8wn%3(ba&5W%ce2kmU|=r
zp9s#ty*wO*VK+6kXrkYZDzO~*vchB{L7`A!a9|KCKgOJc52t(0;nE-4WGY_NR*-D`
zgzk-oQ1fPT>VO2d53SCLDqr=910Ux7bUUEJq57Wm_mmxi^C<
z2Pq`!bc&t3cQQ0QLMcDO`Bz>edk#9RrgWPO%B3P#9)AeAu~7ipXU}29JKo0uFFKoa
zUA)wvc7@U
zZ+M$naPEboY1SO^ypt*kLGRip)HN5K>(phN$QKLDoimSFJ#)zAa)A>g5|t8+!hh~k
zT$tBVx5@lei@qJGOTefO>8hx{IQ9Ei19z07zOJ6lTc2guj!pi)+kaR0ou|qIO_c$VZjA2r>?C7Up=VB?I%|nYQuC0b$M+D?+f%Ya|aHTT9r-0=E6hZQ9~tYU+c&|=PEQBNhVViibbA$
z@?jjSWB`xj-UT;4RTa~P$@+04@FIk%7B61mw6(TTDCXV!uWbh@1%_#2SrvMFd&%YV
z6efl^@vGkw%g%jCu+^}y#fl)7r*xMKdGvLn+$9v)ZQl^R!@BQGPUK7+akYpELgun4otnEHs#rger`>-?o1}jhK*0t-@DWBioON-@w6vt3aGVi
z?Z9Ke%yhQVUb1Kz$z+mJspKB57w!gkxl&?$Y?RT7aVmu}PH~i1JovP%uWt+(OuV6~
z5H?PDj#BhJ{R9tx?Q?9q@4ldX>%0Rv=HEX<&rv5}Bs>#z5_L1)M*MTF-=~7fP=FVp
z&dCsYfBS8fEw$~|8`V8u{Dd0s?+>2KM1qwsd!<%%=v>Amqh5_in0jXg
zZlbG!fj%~@e@x)+Ro@Dnyq{B26Kc)txxh7m(cU@RK5+g4l*;bK^9qG&7?dj&#>Pjm
z$`uO5BIBb2ta;;G#StI=v=l0OTczK~RGhJvO6X3oz>$LC%^P|8N8jVgtA87Cv6h*$
zIqbv#&g|n(CRN`+unAvdP_^25p$K$35_G!t?+eiNlqzOFfwM7g~Uen^SI;-kty0s1y%b6!tH|et~h)8>Bq=TjQCpwCjbxZYmW8>wIWT9
z#5+Y$m(3!j^z1eVDFn7{Gd4boU9rNGzQFu*FBC#KRh5a@=O{0Wiv0LHN-3o6&^B)Y
z$9?hZyymutSbFYx01WTi!QbBZc7Af`67K%ozcaFD2LzWjR4+piDbgfIf{zVLRhDcA=*V-
z!u#L*Eh5{3KO(pTFM71c{}Wpoj|gqsB9%he7;bN;93BLk+L(H4CP7%
z+pz<_kj4Y(u|~!KQ>&Ev=Qu$E!G$0VUEQ2`*$;T>Uv6gp
zQOEi}^7yZQ#;;F0k~=^4E=G554|3Dj>QAk9YxQ+9h%SHlW!=?RI@iDFjgIf~-j`I5
z*QbAu&r`fVg?v%1`~8*9ua8@8U;WZEoE;Cjj8~c_N51#N;x%_XD$l>_dZTCcA(5NV
z_QhPL!+>h_XR<;Lg8bm1vMO%g)Sfkm%fsLGelamIOvSd@wR;E2WGX@qVf{habENl?
zwtZ#wI}cLCt3~yRf0aOs+~5OC@#f%gR{IQCOt5~uvfcjfFO
zkCCamI#Fv}`%?dE&Htoo>?C8dESur&+tf4H{9fJn>5n;g{m183)10}YeaUixQgk17
zl-PUw?Tqi*L7`%iO=qZYXmqoHX$LFA3rphd*2>H5e-x2HRN+!^5@C|n@NGIFP|6{d
zNH97+LAjKdxW0{BaPJm)&Jf@DJ`dLgN-CLFiDZI8u>d#-nV^^($FePwW`c6L65LQS
z@62;`W?zF_)g0TTc1-*||Mx(ZQwpgR-Ah+;?jNqB@2SUl@bjNw$K#Izu>Qusvi`=u
zvht-DvFhC)qG`q~aGb~{y57cAQcwuN?)&bclF!p|*b!vv>#N2z@YE9k%sMT4A*PP#
z`WWJ4o=TbljQ97e$G`Ut^~9CGh;+4c(NfmD@1tV&@h6Lf5l!a4FU_JBfyeu`FGk^m
zW!Vfp`;6Lg)Aj17kcp-;vS1=O^H-U^&lnbNGJmXvv>5Qn2zERkhS~VF*jdSTL
zB=HGv`9Ylh`|Id``f(om;%C_Quxr~q@tZ4n;x|`t+$TQE(u*#^OeEbk((D4g{ct3L
za=DBG>brZe40qAu9M@OvM2)+nCmY9P%*R%!?YG~e?*7CF)!0CP3VkDbiEq)B7=OW%hr+3)-yQJ%kf|Q
zCaYfgO6im;5n}WIF23+0x$b8_wg)$Epuc}FZ7pr2(^*QT0s(;MUBmgm{WIN5R|LP``Grq&Us9h=o
zU?h{ltt|1j9nUFX`N7>faa{*u=#boew~=sa`mxN+6@+bxQ=te*JP;LE+dAyZ7wCFr<6ik0-@^
zlgu4xHBXNanS$?_J#cnU68JeH#Niw(zIdUPRBb
z=*x~R=n{YDwWPe0vO_bRZ@~0
z7*w17^n3N#Pk*3teZ9eNUCUN-%qPDjI}ch@6+m1|dezbd;xL)2?g&Y#P*BBzenvJu
zqqhC+uk5()S~XEBqJX3{$u_hh3={mVA=|+!jngx47MFhIGEb5W19@O39UWZ&jK>bH
z>U|5w;W(^$_lLwYSN~R7Wrx1KduVBH@$%+O##UTn@`)}8$Lqzx)Azy7pS`d*Cr1esnEQ
ztzCy@6(gO{LBN?n-BMAioues}c~$F|vd-(B4E`A;yk
zb#qW($AODD>Jy)(`>>-hO_y62#>e^H>Bo>88syCH{*0N&97iIVs+zo^9oy7zUUZBD
zaOhj!DGvM4C#0~$3}rqz3I^7%RS$pj%T7GLan|8Sam2rWPIfL?7Kv@FCB3T0Ha#0o
z0i}FijcnVZ`W}0Pz4zRq_TGIP`9c8)*S^T48!)pOE#yjbEO@v(J~G10nKO9$sXJ(F
z?gGZV+B?~};ZasCJrWulx%jR}WYP@JMe6<6@n!v={@~p5(f6rjx{-Nv=F!F2~xen~8S)g@H~S1MQ3Pgc)&&OG@P{(7^X
zi)DhX8`pB{?GJGKZFlpxo9F#V|?Gv}q+I1kP5l{82CtsLg(Y%A%)wh>R9^5GF>oYY8PKSzB
zQGYo05NB*`f~M9s7A;&x#jeE8%?08slvqJGYmxJ06SOZPi*Z=S@N>iF#p__uOLD2$G%{wE((TduuI?Y!d_iW8$)UcCl_bf$s2
zbUHYgslXkV06k*gmudmA`RbSeut;UU|vvoBqb^O$1GU+{$
z-T=x7`hx+bvhAFF#>+YRjF$srJpSlI{O!g&x%uY1xcj~bnV1-5c%YBrD}Sb*xbkNh
zpjzk7W6qi9iJ2#yO3Q%@M7p5~L#X&E#+o*cKe?_(;u^)NRE7giIfFSTp2pxaPqXXJ
z+ZkEEj>5zkW;)G^S6;%*qmE;;`h95X?h$AI@E7v0Z+o3no*3u0kG`jhjhg8U%P+i0
zEPKP-Mf03FLfCddXgW-n2P>dbE~}wupJDf1cc^WDxmNW*yAG?yahtkq1CEklCcU-v
z=RyQ{CQ$CJ9xCoo7uwd90xat5>PTiXfE8)SOeAS)Y68G1g-k}D`&uyP#21Oywk|a~
zJi^GxAT2Ge!HXe_2UiHkRyP=KsP=|^_j?_t8VZUF^xcN=O617Kx_k0Go2>(3g0kRw
z?8o^8*ADI?Boj$YGeNOjq~uFC0m=!pCn-mf0Ftd8wQIFqB(n91AUqNuUXn8kjNmR>
zJ*y8snbilM%!faw80y==Ew|jwjeon9n{K*?tvj}01O3~!(*ON$sfWM+Ez$_pzI-J!
zPd{7CIq@{nJa-<6WHR7swV+D1@i@IH4ceEkAlux==z^!oPmE$DlXR>)I4D!gNux`o
zo
zmP;k_xp9)|EZJ-ZM}_h&(hD!~kN;%N!7Ff?eV_Nl0Tjwnlr3-lt?A!ApG+jhstw$|&H8qJ?#8Z_a9X?YS3L3g+(9k_YD;XuW
zS_Go2Cfx_E5wE`a0lEG+KU2+%mWml`4kz8zB*Y|}Ad@i$$5E7WIaSV$Gq!azJMO$i
z_1<}#8tdyNH#$<|4U-ki7jyh^M|08%M{?}3htfT3IeNJ4$tR!0r#|xq3dJ&+bdpNB
zNU4~kXZ9Qh`+LbvyxmM-*ua3I*9Oi(K4$rW75CTiHb`uxSm
zKKsNMi6p3Uxy0Dm2u%%5R7z#^WXzFkK2#L%!i-2Knue;B5x|K+H}0j4`voS@1RU))ENp2c5W@fZx=5k?({AAJ^wAAJ`8_6eK8zV+O3=fm87`~BQ`
z_X9lo$Rj9eV4E2p``HiG!$13>GJvinE0}-I`J#F8QW_3iC>pzZFvA-I_hBD}3sZ~0
zYQ68PCE4aCvF2^>-Iw`Q^=@f=Obu<^!0!9*QM+%yg}$|qsfuk+qFx#-UABzlk3Edz
zk3F0tk2r_}7Olh$7y@_hMu0M|N}u4ET#rOp^z`~wXb|de&|E*7k~QG
zU(_Y9d!sWkF-|s{_145?H!85_6eUl39e=_x+9dcWpJZZeFILgd?p8aVJqQ8A3WrIRX&1@%rAttO<0uTnAf2gG
zh5Q)6EZnT*&xzm?K!Y?)j6{ZnA*omv<#GifJ<~`CFVfmIB<*66wk69**EQ5eDsMu@
zhKF(0#su!U-`Kzd_N1x??}GGx&jC4n>DSh|mvDV6YmTMX`~e8%u;O)Zl^bvPtCK6{85idmaRPa(8KD;BMuh>0|Pw0ZoLZU*hfy!=1~ge#frZ2qL<+&CmzOSWh!8j
z8=i6ZHj`!wqpsSiHkoSfe{Wy9lE#K6a`^(|6JxZscLeW6T^{!qD&-?VX9}tokz{;>f0rx~4jy&x+5%U9~lvw!Cq;WnJ|{hU$kDq#Bw?
zd81Gcj6SoG2iAR2*?VN}z4)@5JUhPUL
zkDM-{ek`xU=8#t+(FD=38%6jyG}%y!4MZ
z%eF;}tH{3==+C#^bc4G8>tAvPw1^gf?yeq|Em_Fnhp*wdV-Dr$qYtCGV?pfg9Krr&
zz^ZGtTwAu*?4L3~4D!aeyoE;}eu(e<@JH<0xt$+;@7qd9lZGbG6(2|n7o=e@Iywr#
z_rLd_Wb503T_F5B=oQe2QyJpH`|k%}#wn+XWHKox^YH3@jQ>9SlrzLb-~UflEEdU4
z?g#_bC(STTveG2)SUmX9dX7EeY+N#xL8(CWNAN`kBEL#@
zXlhHeQ3oinVBsR>%$mjaoqI40L1ALpeN&p$H?|^!#G;-p5J+#Y14>}Hk>QleMKTG2
z#9(M-5b0g+R||0_Q;i(pk?(xN8Q8j+BaS|n*S_W@)Ta`xT(OJ=i|0|_I8S?1mtG#J
zhek$7Y_;a5>Y3Mr$USTRFA|~3AaZ>B2R|f{H2CJXzwgbkf$ca5FM$pUH=m887#nic
z*6&_^Ip@6iLSQc_Q@0_2dLDiBR-WFl34j@E4#N*ot2Jlw=lZkOg-d8`>0n}foLqjK
z*4EZYx$uHw&)kWeZ};z*({RNX8d|)h-&)n-);LiL6|^M{1BA3uj)9vjdA~v8o`Guv
zg=v_ez;?pqK+$to?m+8j%%pAEiYjU4f0OAfi8fdFe*Ce=!_NDEM4(~EUe;{8$X^x3
zr$~f>0ETI7p2NwfoB)(47K*(4y&n)a-*THg<=w#jBP
zy#6&W$3)S&a2X9VXH84G>9Zk)V9r_YNqAMx^Y*vBkJr5Zog8%7Nz^y?00X%8*Irzk
zw2Zf`HF%BR!72(0w2qigq}8FVoxqh!Y6uwR8~^z|?!4`KPJhwq)YoOmj}I_5+{@TV
zKjWkQj12dZ8||ZK#ti;`!ykG3yWdS1H6(~(FZbN@5RP3$0v(4O9_g$$)m3vCm)*%!
zO3XduOkrC^CUO&0D&`t;lTSK9{OqScls&U&Gd42n7L%^ZE4255X%~`0
zZh-U8I)%lHm(w>g#Jtl^7p7r^O=(?MvComNE5)2s&k_I+JoE_P{QB3uANByFpd6RD
zV(2DRHA+TR2@RWshC(_X5i1`opihiRP!m8O$DVKoH{5sw+jl(7O@F(VFMj^hy!>Ss
zaL$>h^VT=Mp5OoGCv4xoo>NbMF)p#$xVD?$X2>{iy7gWFIu9<^iVc7Ff+Kk|k*zs)P{
z#bpX2Vqddst7gHCY4ZxjRVClj62qK!=9zSN^{{()7!a*r|0i(wR02i9*ZsV)=5p@I
z?f1X$?fl@s+?4CxM;ui(X>pR6%tmRMJCDx!3+dakk)Qtbm%Q(T@4$@;%7Ks}am7?+
zSM&Aa_x*7Pbg7B8h)Sn@jLcP3Jqkbj*2HeWps8sVr<`^Gr<`_Pjgd?MyKvFP2nkII
zT$R3+&6}R&=9_N?V9D#=C=4yQqn6sOceNI@uUIJrD9f@am&(*->#-fnQ>uIw5%dk~
zD8vyeD)jwoMDR;Ip{zSTx11;8q!9`1elFnpiUBi`3T~|N+6YxfUk&s&GVMw{k~_-r
z0cIX~Y(THy{>~4)W*TE7k0A;~k;|8B{-o;MTBk?>PyiBq?JJ+-p$G3)?|SbCom+3a
zUA^`VZ+3R?*iK_}vpXC|;W)VWPdjc~!jRaO!Y+^T`Okcul?NZg?|%1t09uzUpO*d*
zA3uO8rC9au_X~h0);`YnzWrag4lXa8SWqpoebp~K+!dLN=$Pa0sz{OA3S7LrFFA$@
zRop&YmAB9PJ^`36lhRELq44)cfA`xzlgo{e5`y`jWUtY)$jVh|1zNfKjxN#C(oV%H
zQ!Ez|Qfd~AuJ-9k&qIyH*IESewGqK-@^EfcKzvav&-ZG&&Ne9|QpQhh?jK0MO{H8%
ziJzB4pyzhZW8%suHeQRfBXe&d^$Q7()DZ75|Eh}QsF
zgf<=#s*m~s%E)}hC(k1YrD+1eJ0Vhr)rd*{N9&smo(o^?iC}CS%Fc1cuYL`{>UX|Z
zWW717C39lEo%FkrOj0-h0PIS^^-u;5F0H;Q+^Lpk`W44Y`!_77g1UUgK(8&J0B!%S
zM#Iwv>DR3AZZbvZB;G`80|=O#QTwJ9A51C5$~V4Elx^3Yd+DW@fm6Vha$Zbj6^D=U
zyBLBg-^&q;>kIQ&xGLcHo
z|HCx^+;p>h9oWK`zOst^ry{UwZVIV%MjZBmj|zZ|n>O>g&wdd|MfpZ#us$R4C16~l
z5PebUmBgi{KA&NagQszc5xJFA|6fE0<#Q`9@ZjrT|2Au%UW+LuOD}#yTy|9Tpq4fe
zFC&1iHHQjt?KsP}BbmvSRydSv(J=?l{c_roBu}J7hpdlU5Vq${mJpK36E{o`0v%Ey
z+ypKn+&pymHoO}~lnAbY6%ff#RlTGx9B|HsA_1h+O{`u2G++Jle*o!fJt6>28K}}X
z^w6Go%i3_%9%jrufX5$ujFV0{mO^fbk)dA3M*0{V?Pq+nkMZF?awEOer43$s{)>71
zkvsYFrC;~j&U4Mxe+8iXkRvATrQf>V#mR_q!HZui>KmH?lP`YdtK4<_t-uVx@o-r~
zOMM$aR}rf!_eHeO3TW>Ii=tv3(l9HMFT^jWNmE_<6H4Q83WNpBVB40>eBn!90pRct
zd|1>qw?$f;Oo~m0w)*nUIOcc(VA(ddZ6UmqD?Tph$gi}21dh%sJiHZw0^xr1v^J#;
z6@tW4!q45~*Q*HbD1Sa+;y0$0yWbWNoZDTc$=QeoC_@Ps7xw=5OeQN%_{Mj{P49oF
z!pQQO&wq)Rzv3e19k>WouQv%1*6F<;kCJd354nya!tMg(1B6R-9o;jz<+eNd`wds|
zhpVn*$M&rl(xkDaot4WLuxizEjyUol+Bz3|b@T#VT>bk$@x)V4u;Sv^iA+O-z`LAe
zUx*S1oj#JulsNwDmy5r?`Lzn*RTp2(aVEspkXKv+Ied(ZtkgkG=Pcr-k!34pi1{hf@C4%5`w%+lAst?FE&54ALfIGc#~
zvZ1>Na8Ku3l?thJ8rut?_mAZG_36AK?pX6ktEx{`m>21ch~Qvc8F;Q>`jzNxF;mvGt{FCp~e>Z-7X>lm55#N9~t;vwTMTYv1qxRw8qhgmI9iRWqr@8*d8<2*{sXx0?rp!b&-qxs9*9xYZTaij5
zanGY!mPK01AZKJ1T`TW!w2IPOmFnvK9wm5}q4@X{2|>l1VG-zdQ}lS>5IaBNU`oUF
zMtZW?{Ud@C(zTkaMfCnNLn%)D&mTyYPLoX5@%yW<<%i$^iy)dNoR;8aPI>TbIzGwYIHFZ*S+pTe1ER0wkn1f{XP0L
zvSB6Man!U$0u>cPJ30ItB3uW*{mrlV)Mq~jz|kN3r0809Q@#|o
zV{3b0N-OVAyrv1nevPk5C#4ad%ofUv
zz^}nEV=&2b)6mu-&b#7j`KQ;s)B%&XzT=&&SiX#-k3SLAK&blowNyn^ga{M4%%Mj3
zQlv8hK`Pu0Tj6nM9UP#Wd+xl0kA33f037n34+fdDln@j~N7dd(9#p;e-^1v$8Hjfan3wab=e>xkS_gADLMYK@5sCU{Ugqn>#tJR-SBtL
zJNHcf_~+|^9#A`hq|0rUr)gA+`&#->^#V**&R0t#A!GVnY47UwDd8b}8@JqaBd>Vn
z#Q@AX^l(Fv?_Z?N&RA#ej4te|A<=Mabi)^1Ui+k?9p92@JiO$27bic%yO|g~YLJ>~eTAInJH@&oP;U0A?R^yg2Lo
zKbL=f+iRUtvB1&Cp2*Ms>-)U+^>4+!t)L%}vB?i7I{qlCa`_*1FQ;Bm;3BdKwDZjR
zwH$NoNem43v;4wWilaXM8L5O&H@^AxYV&P3C^L}(k)XMyjajqj(b3*PHrs%iNVsEC
z?zKi%rA)C@WN2uR-MhEZyLT_ibcTFiKYxDHtDNq|OE~(A-;iA^S4VPB&RlblIQ3V5
zmJfdX{c6*_x2c2H9K)qw{yZQ3*e7t2d;mm+z^2ppZiS
zn7%scD2Ga=DB6~;pk>|xRj0J#bWls$HO`tXW*vKy*!btGlw(<3`^UeqeamKE{Nl3_
zvIX~;iic<#lh;?*?T?DJq?5Kk!TM(lH;B4{KVADfPB`&QCURpeIp-zf#IJlq3PY%?
z&OF)K`N)0LHFS{8WLdd-4Tm0nG;?PkK&Gx<4_-wIiD@QCWivE2wa_zjHgjgrr@5(_
z@zD_~wnKeGGvj@GdFslatG;{gQ1uHIi)>eSa9=>Cp-#*@>%}6|(#6jE?%?l#yNSR2
z=`S3A++nnL9Eh8vBm9f0OBK-L#3V7Bj9@hS+bFa+$S1`mVBtpt-q)hWbV<%ks+T_s0o0
zy&vJq2P&jCSDJwIa7jd@m0xevMd`j|nkK`;Ba9CB0ZIbT0>9kH(5pb=`NpF%u@M
zUh^7x?l1l%+uOQ$_|b=1x_k|9e8X$$-MbA}%5-~6<#-viym5<35Z+xpZytOurJ;Qw
z?cxfQ38DvRgn1
z?u+=_+PMIq$ilBdxrh?rw<$d1B@}%4IZXTrIpHxg+qS7xN)YZVJvhm5rv%>zfU=69
zTmvpEk
zd|4d-g|A3}4L4lxY`y*OG&Ogk9GklOde*OdfTE^1|5Gm4Otc}!}Y!dyBU!RMfh)E_-P`q7Lj`ONMT@E7R6FQukbnDpd)|}0AB}~
zGjEAKd)6FE#R5BbZ>Ll$VwiqD5>Jn{Y)YjP&crwu-T#EFYixY}s)Z2rJ@th8`#WCe
zjA}Q@9COUEy!Fi&^U{}GK&HMkR#OodQ3RpyCjlhUVb_jzTz%DF`ObHL!iJ6O0BCG%
z;+(5*lr6Joi~M*_J@)Nys0~;AM9D-JBbCHPVF-z1+l-G5QQz3i;-xE@GiyE#jZNOR
ziLcAMYKb8Qj_oi!Hq7IXKfu;!pP{~~CA^Ub!T3m?gI4wM##bEA)z?4Ct#>|vzku0v
zmKAURfLQjb*T`&r9i?JPJ@Jh%s|SDaV{e5e=bUp6Z++9NIOFWoG0kRggeBZ$LjK0S
z)aF*3<;dYN|9KtmO}g&08?V2HuYTn}x#jlTg87@X<}gmU{714uyCrFVY__Q&UQb-D
z93LE1zd3fbBhrn`n>(M5j!p^%Et|8y(M?E5k?q>x2alqB?K;+&K3~;WI6^X+B%jOk
z^!g{T%6S9V(Xfi=kS0$6tAX2q=9#k>*mGvh!*(oo@7=}t_$bLlG7!56aBPQ4*Khva&$~1vI1Zx|C7Ml}4NqN3=K)K3=H8pR{HHhYlPhkbSa9#f
zPMRjm-|!xB$UEOHlj$VGJ9eu3KJh_k%YAnR^D(1qCg-1bCg;ESERH+z7&3J_GxDK~
zON{(`KCYPd~~ZuD*dQe)&5#Jo8lWOUjU(c-i;G{L{}4-2PLo<-UGgt|r&zpAu0?EKoAAS9MNheeICyso3u3WYlAL--NZ+>4a
zI{lo;*1}|ipY~!%L1ChxHeGe4dg8m6sgaT4sv-^bEp&HxVJ4GEPYt$h7|-X}+q)ZO
zmm}rt(^;0h{%vB}Yu_yDn;L`yZu{_ioppb?N&)nAw~*fo$Nn@XURgJBvNrh#qQ
z*p8cLq+BjhDi&PzQA%%XOaP9XfY^{^QW=ay0_8YJLt>hSYekkV#&RXHX?W_^uQBh?
zrMN^;&)ANq`TSRY$7SEU2FJ17W1fvooO8t=W!J(5LP^QUj-6`L@2*hme)mf?uFXkX
zTQ`RvdI)RQtY-1D16i?R5e;>Xw6!(R(9nngDprN@@gl=R!wd`z^5j#`@W>;NarfQ#
zv-asH(eb9GrHwTo`;3@>*0~~?F!%fL*9$>(ejOv*x2j*Ceyo$pHgn(s3u$OnL-Gh&_hJfrD!hRvHd(z|z?fqNw76~LdK%h&|2Vek~t-O$)(
zFI~D4AtVzMW8O8eW)Rov;6_ZB%NFCqy{x+U_2Q_He?j_Njv520NpSJ;L?$8rn-Ex*
zqxv_jWy_zhQ5$~#V^vVoJJl|Lnafu*^F?Qho?}m4e2>P~E|lY7nr;992pnaj9OYftD7yRbWa>lBI
zf`*EPg4%w^&1&P%exkNN_FzqVkVclC?in;TWWkhJj>G8C82x>HI8LFed;(bZ@=L_R
zS6w377A~$z55F%WdagvaulKg!eY^V0n_lhIH@30hfJLOz87h@>NG&0`c|;f07vnLJ
zLA$=`R^_G9dgT3)hKXa_tXuyCh1{qCJPaJkbIeQWi^#tMr>8RYYQ?fOj$sP1)Bc6f0`;H2?JE`*!yN=S+D%2vu2!jOy)_wn9$
zyo_&t=i{(==6yLuv1`>z{tarWFko>lc6|Lz%ab@l}fnjL!=;?$uc_9$KaM{)r`f<
zB8O%6wGjJDkO0YKLUb-%Lg&II(_G`&Gz-B~SNtR(wx4|SeZ1kl?}oAUFgnic6$kUN
zkG+P^eEug`b{#@km=S3lSs*Ix)mKTyVp0fbK8()12ZWd~(
zO@?&8@7e_I9sJjo-^VoH#gDG|8zyk`TVCUw|Hqr9c8CXwqQ0e7)SrBsIN;RNsgx~M
z$xq-^$~eW6dq(zzwbLu!cei{;UNe;a}P~(*fqi5
zEq@F^ITpG6I89B>R4QdM=`6#z_CgT5rrZr*A>D=AamP)}ShAeSP7?Uz+t=cVNj~pO
z6`d~Rh6dE#U;eBDxb%~kxWqQJ7RnYRQ!u`hPk-)hJpRy=Tyy;c)HQXYDi)?`x|x4{
zJHgW?^FKwL+Lf^l1_7&_&y2OZgU?h@7#`mS|E{3P$(1_9_sh29tQqC
zz1gS@KGkjnHUZ>vZd8M1S!6O55w37m)N9x%AN6XuyS1em&-ZxgoDYA_F>tAie*u$
zRIn{ql@U?~cPa$^62fCb?!q~aL#0x|v2CO@86Vois>QRo?CbA=@&Gu}OYNvx`Tl2V
zz@9!Zn)t%!--4goeCXpGO&3gx&Gd8JWNeIlfhI(
zHyP}!yx(47d|W;Foo}f2rh5MK@{a)HkdIwwYb2qsAEd=!Z~GB1JM&2LV||p%E;F$#
z*A}zNF7f&210^85^IEoLV^?gfish-424ll}ncLOK-){IeiTZlz?+?|N3v|`5&#D7zn{|hxQf3OCkUNL08Bx%z68}oFqt}E>sh?){xZH=CPFQyT&v!p
zXVy_F7DyNdnN%9vw!;8=K|m=gR*O;&epFOEa@l>=W0szSB`gt=G6D=ULAhLFaG)QT
zLjs^*SpS?rKM(T+K%p>h>|v|sG)+9fZcn+%JI9uewPou?E*@
zuxtmbVo@$zlq)usiiK6Nuq+#^V&m8jjw2Zx9Va)|%VDb*@ZclAq-)+R*tG=`$!en|
zG6Ih?=L*o&!pTRj1fXaYv5JK$=V`igKOKahih1fp6CcKOnBYE%UI@0`dW!-`rBbBQ
zY0rN12u8brBW&N-7c~;n6XnJm@>Ej)dxTjjMJknIWORgy(Lw*sLEz?n3~!&H6Wo3N
zhk=29H?O=^p}wwxOty}SZFwDY2j!;>&t{r<{PJ(AQmI&TuHz3UTb#)jYBDu-I&Fcg
z?{B~Db_HXYA2xl&eJulu7iNsvsZNhOmg$Hw0mi?r+8
zWJ;iL_Mv5oXlH!w(|f^JDGkGX&4x(B;$oq`W}Bo%|7g?eXeDEyxv%+43?#HdR?TRrl&~MM3djN%E
zp2o&z28IW*EDO^xJzP+3_!9zCrdao*?=thyBZJsMANF?vYI&U|tIMA^eZguWpETVk
zyLu;BP1ciWHIP@2su#Fho4cNY#(G}$_Sf>Nx4o3Hojcg@%wGC>2ZVtV1xtaH&ivUO
z95}z5hS@VfG(e#bc0cV(%tVrC;IQA(DQ3q_6HU47#tx>CNHZRqReN5h1C!0=bAeiQ
z)p|ZvTcN}fZ2#L|+;a;75@v#O
zx#Hd88c4U_1CLH)D)tHSLv+6cE&*ot?%lzR88eYWU?!8aG&R%Px5tfs_c|(tcQsXG
z3(wwpt2$`?Q>t_6%9``MKZG=u6x$cntl!&Xy5+v7IO`P`xbASnzpqY&ix7!a@M=mV
zAYX!sjbIowb~bU??3ogh!VMTUyk?7vVjlYX!0B`A_vfnW*m10l$lyF=k^mJRdf2`G
zsea)iQcX?lziVmV@O+4^7EGm;OxBkFtXwXsr~m5*N{S@)**fa$>d1Qm%aLstA+&oT
zd{!H;U9<4~sSbP%?z$`CJ6K#lMJk(O=kA@l?KTAbY}$k02gKR@I=n-5rBdGL@83&0
zouyJP)6~#JB9XxI_Llr%8HPj%MFN9|FZ;@*sa5t@<(bZNeVTo!Qk8_Dae?dU`>&t=
znH`(f!;D#ATb`W+(M@OwT=aSfk)MZiq=4${7tY?DsJ(kpy}MAoyQJzJG#JebgmkwW
ze0xh#Te|tZ4=wfZxl+*5$i$w#+;Q(?04%-aO~QP>X@4hye@LZT-Ek*N9Q4`Q^Y8;|
zB45BrrD40*DMXWJ7^!
z>dlgWno;kh@ILsvxB9*2mIcXq{OF3C*s*Ib2_ZP}>=#d(Wc7uB{c%q1FGT2KlHUPr
zrPL#reojdQ_1P>f%`Fs5r6`facm64e$cl
zZa&l^xQ)QC0Sbi)qqlDtnRFV`PF$99o;es)P+iE_&2Bs7FpHM=GU+
zKw%hetfhAi4+6&t?$`A~;6g&xdKlE@e~FF8F2T&jY})uVpZeqv066iR-xYpJgMS1}
zcOLh*&iyU7>%qI#o()f9rWu|5YR!*=S)mR_`ba$Rvg*p?I
z4cP9{3P-u$-4tkEr@ZJE9eErJG70Ed#?bC9oOse(**iGQ!LNUtSoQk1OX2K)tmAaS
z@5w*Pj++ehHZ8|ie}B^@sx&%ILt_)OXV0Zlsc3{oz`Q~szgGSE%@;d`fngLDOBT)L
zGatQ}^UpehRCgOL|MBvyH}v
zdS-Mqv1q|enp*1VX=`TA>~@-(>M#;16s~VYDw`eKdU^P%tz380Lp=E4<4D8gq|ba!
zEWYR>iT&S0Z2xG8tV#bK_3Psgb7UezOG_I|7A>V%ED_wvrc{kJ)rl!&uhDWbEuu#I
zb=f-h_U>ilGmk4mul>IRUw#3GSq1yT-!B6n1E_CkwpOk@L@1@ODiwC@cF)S0M#76<
zbGb*UT)|N=Hnf+se(-ZK@Ay+9DH!6PCxhuq!s$v*y-nM3*nZb-&e|V*TkU$}f&IR$
zIhAfEkxb$su*wsZi#hGr$rsrL@7mrVf0KoOma$>xY!;q;mRR=M*NVnja|0(yB&z*+
zzzd}|zL4stBZa!|g0q~RPd`qwu9>Bamytz`Rqr8w>#PUI@!4Y-M7UU1mgye-5%O1=b8v*#S>%%8uAa;eDp#2CBw
z?!+_`UN$8c9~{S_RJL$RWh#_;<*g6MZ0r`%sTz$F=5#ta6-?EhEu_i~4p15$QroZl
zBaeLN8!Fw{#;GSALN+ZK92lfrEMPl+dTmH0OrBW3oBok9wpC)y>c!0InaQ(T_fReu
z=-a!Ok+BgbBRV5hPa=`QQSNhyy7@WS
z6}iDZ^c->&Xa4FB(oi*be`~^YrQr){V+?QKq^>;u1m}PQ=JU+D2QZRtxT<^suw7TZ
z0E{Jk@iQOg6QBJm0AIQED}3am9|0;TdyL&XchK86OukUWwrxs*jYufH`o
z<&@LNxq13}`>EBcRBBc7xrFI##|F=*t#<+2uKx!&edTlV{;zw>oY#>=i|?(Z@=Wuz
zEX;)n%ERO8i<8H8U6h&E3G}KGoTTlio_1RNJ#0)z-zE`uo<&PfqSZ-P8jd>Z7yRYQ
zzcFykv0~*Do^oK?JWR|so45F10Ta8n$xB{*R%nSl#bSw7%hwPDK4B1@H6M8uQw_GX
ziLJel+U1zc=*->UF*^$4o@mAzgtJc
zHp5qep954YQ}%7QUXMglD3ll+n2+l?cwQq4u~BYYm4GLtqkDj>zxZjn>xOGva@$;8
zDy^0U^!w8I-m2W0m^4*>l%U9x7GWS!-ry;aM0Hzj*RvLa$n-(B8(H
zRYzglHuXlGanU>SG>^=edtMLM59
zK$R0tIGz>DmI5#}tu>q;eT;W8eycKy1-0zpHyZb3;7AkP6WZ)RWwyFMH98_Me(XcS
zO07z+)Wymbt0kk_ojEG$ayn$#F-o(U+eakJ^
z;(0#({qq=@H=iH~2tz+6GE1n0s=2ljRscVJ))T^!EgMtQ;F(}1&6T}(pm(#^b-hiD
ztBwj{|K7dawS5P%a1&WpZQvG)ba!SKXtW_)IOWmwov5M}_9;%fJ7M5||h)_ohYw1lkUydQF
zv$=HQ6Fb!YINNb36^rcIyNeAQ*As*)liIv_101#b7=*AGn;4@~nPzBc87H6o;IN~!
zTd&2O34D>m$aDv5)2zo}y2;5g`=%TJNwr#G(Sjic`Umm+K%G_zAXF*_OG2@u8!LdH
zJ@bj-=%z%|nFKW3{383zY^KXh=I2cB1C;vbVF8onNw#d$8LV58cpd2E?Vh+!wnli`ht;(E>W}FLC4sY5ZFMiS^L$6w=(ALe$
zZ(=YG9`ZQDpGDNj#PYU|{F_d8AY&zrAJ%qMafneI>~5h+bqsZ7~7-1tvM$3|E@
zw3G#d3kkvyKk(J$*Ah6cjS!MzXE(MK{QNmj3`g!~R?L{ySTha0>C0k<
z=Suwp^b9Qqpf)u*%advxI=gxS@O^#8ft_hd>)Iy9rvMl{?ZG0up)@Oe4po!1vIyn^
zvk5A*oa{5Lgrj+F&kfhhUp(i@pozFt9J7R4gH7$enktW6!?bNF+Ho$C_0~vtYp@YPFimVjzrO3qhqaO}$>@m}Bn8
z;NYUe&UA-5Yu8No2LP{8vv0ZOI(F^e$o}NA`m9kfzXR&&*wr}8y
z%dY@n;P{hLP0O}-F6|aAzPEyz`a2g*I9F#&w*8*(%gbN$lJJTTzDrut!7UUx`lzGn
z>g=LiDH|2){cbv%M#lG=oh9mqqLUv}>U^x=a>Mxo@Cs2Xe5oN!n*-QD#|Yo?2`8A@#zDE_*M_jB|Cmq_nYsiQT*8&(C;xxao@DOSjNPu8`;0
zqmQFlYNK39=4?r&#tAnvCj0ol%v2i1{X|RKQN(|~fNMM4wRIDl@7hegR-?0{lQnCO
zWoT$AwMLCvqXuyT{KNvuZda73Ci=cly^h0?KuYn!>Cm0Mc`z>E|(|8
z`1q(C99%?SPd{G0My*jthAKkdbzL0GCI~`ug*LWd`&af|b%k8~xF-p>P>7X+X=Y|k
ztl3P-?EM2d0`zZ72;BB|wq9{L>({O26|a01h)#r$QUap_89l#<(c!(k_{A@0x;(|BKYPAah|b40pKLXE&BAOZ_e>gZCj88%84q;N
z9FJI_IX0Uw{ayHr=RZaI(^c$3J3U>UtXXvou9Kr$tHz7k&0`=^?TSl|H6MnxkhDUg
z=4)P~&c;m}*t>TZwv%JQf`v-p7fVzs6^NKrr!!A>xrn%aeKK>b{Sbs&wi0u^OR>=v-QU$_L+pmOeSbnqtC?xXoUwd_p|S1zlXq0U;cdfm;ZjZ
zv~wjyzQE9eg)CpTiXc?UkSt-%P*FBXyr%kQ9h-X25)=z1CML#Nzu^uhCr0S(>1D;T
zl`L4W2tV+s*XxKlVN{FCGs;%8qwc-1Kx(F&KSZ@MEi092&2$5(NUS+;={Q^rr{Pv$
z8}MMDD+oMm&+Z*aEEX^P^nLLv{S|iR5z+No3{$4HZC
z%l0CTJu7uD`5p!#p@jK^id8(nwp>yr9ZQUMXg?^R^>D_OXjan7A&`DoUFH4s!$97z5)rztE+OQ*AEcokrlWusj+b!vdiiuQb
zsoRdl?mfHNv12Qp9bGIQT0&1xFZFr@&-1V>Va&Y~^HapXvzQ`%Kia8a_F1K3C<1~T
zZ}^+2)hZUS9e52Y#pD6uo?Hleg$oxmI4~d2^Jp|0SkZ3n
zxFiWl(j*KHOJiT3-K`oSno^eAwoSEKWq4#CU0vPuboU{IMZHmti_wmi1QRo0MQ?J=
z7?Y`YlE;uz(%#<5@bDh)SbL+6`@0ntm9lLHbfrqYr{N^v{irSL0J6QKCtSX4HJx2u
z)M^!`r>3YjYJ@?E5a4+p^;(U(7f_uZL&|^?&w7D)z}wz03LRC2Wwuts
zf)MKLfJQ?iz{%%@W7|zqT3R-HZn;Trz2uj2ce8M+QBegwk#7u%VOIfFAx9l`j^OtlsJWUy1RN#Zng<
z=_`>~lnDlBnjECtlxmj**L4t@U+Tu*1PGsAEFTm?iIZ}qA-{HXEkQ`dHl(x1K)moM5>FF4Gq3=_x*QnMT
zG^#afwFz>?5)XR)Tg95^y;v05icK4U59DB&3mnMgYE|FCAn{<$!$UDA=koqRGpQw*
z+PhEw3O2WWU?8+Y=lT(bZi$lm*b|J{z-Xy!bZjXy%=={!HjUYohGxvwWv%;
z^MPXlQ7%tfd-m?4?)h|dbkW<>OD>mJXBIe)IyuF4)c`p;d@taxtNzH^Z=Ww+w?NmL
zV{jtJ3M6RF!d%UyR`+HbOLG|K!kn$zH=D^gTm5sR-y6|BkoGOpjqjAB~8Mmy9JK^j3p5Rl8|$>sA5@82y@>qZMviDPFx`T5>t
zIDq}Alnpz8`vVDHRG>wvDh|JU`&B
zzy66kFZ!YM$0jH(TS>0FE47qh65CAXn+e$gpNV-}!Cam@5aYJ`exNqb#+(NdJac(Q
zS{8e*zgGVCnP-HX|Na*or$n*6i=jn}Svs@~$Fix^)x60h$#^!TH;6U`X^VJJ;yt99
z)})w6B)`qEl~Mdxa%NmqO7yIi8ALPQGOhEH=d$B2gc(vTl8`eY@cjmzUA5d=OB&qtuLT-E9|#>dAQ
zpBSe+JxSoJyz|Q*_z+Hh+j(N(#FH)i9_-cKHSzvcWzSY8*?KL(QO(i@%>p9%+BAbg%CxU#rarW)
zBQj@|)>QlKw1Xzj0URClVjd8ZtxI1IB^2^`YV|5N-}p}c5s-zVqh>F(*Jqq9SqpN@;?OGdYE
zX5CMJ!k$0=UOF8e6c-NR6bd4nrtd%|+-xx0eCS}yY%-yu&zZ`{xIfce^bpf-m}5oe$uZN)Q>Ut3_ke{*_kZ
zMVpOkolTfrD~&RYlz2w124gkXth8|YxmY+D4wiV%h>YSm^Z35cjW_&V1c9%$+!?40
zR4MpZYPc-i0el}79<~tW%@l#}S(B5aVsvy^`d&c3SfstZ11XhxiG`H5KQhLmVbHcYvk2m{2v)&VdYA6c6LP}QVa2YpIW0H5nQ%}3`3aanenV9+O&oe
zNePB$Bdh&Veio6r7xA~r&PLIsxF)`r89^B_k;vfC{B3+Ud#`sEw70k8c^*@f<66tD
zBRa<0gnuW70~P6eGw@T??(zX5#tQ@Anw%VEWOP^tQi@`+NU2y-CQe<254E+m(cjZg
zM|&r^LLOnc1kz%1bU$1Fd^ziX@J%_rc?3+LL5?`NMq
z(C^vm&6YV+-HnDPZ~DUj$lsm&GC8(&3r@a^e5u6H!bL1yvVuZBPg!NOigS;)uGuKn
zGMAeZhKh4XMygL_I|eCcYxZKvB*D;(2r$%8RA+X8QnJ$rZP$L9gR0BWt8`tJ&P;4IV{-l@iQnJcu1gM*8hH*bJav54>c@zGk2qhd50
zUL!I!$C$2^X_Tw@p4w&H;TBo*;+Ko1PkB0htBw+mZ8fFwyC>#mcgHL}P+8gbLhHIh
zV8>N|3IF`I*UIwLBu=h`<+{x4>1Y0eg%k@VDz&QG-61SRqS|ycEVU3#m`&b|s11hG
zy@`QPp;xIBi%8PrMb}cMo#w_C$Vr5pjJ=4Fk0et?^j{>+PLk>+^^3^FRBcG^x5BAz
zRaX}BzCjdw9hMGv4{uOjdp*5t$pO
zzptN;_AVrndc95*BZ$ext#})Fk8MqfAUr;Cnv8tK)|a1hC-f<2m}JuNI3Q
z{s>X(=@Z#-mYJAkuG(-0+MTt$*~(~DR;zcXN5|wfA9#mc_s7emW4Ty`B6&B@g24sM
zn>PqRwN{OYRjCDOMiZNMo{-H!B2gox#LzGqpP|m8oNBSmv{@5!h)Mo>IiQs=$)2v0
zHR(+pC0@tm;*8@EKbVLJY2YK}U_m9!avhgjZo854)Tj+?1|AD+(MA5dYq%_Ejdu~s
z$+8Ssn9JvJ+&tqGE*fZtGuFSfU1u?*3#88E^`N~^SLcP2tZ
z>T6@Q2mQ8>b}Ns8tNn-pfhdT5v8^cDWy6tYieqe@yT&27Yg)s_tDkWLoTmQd9C>Ywv(rrZ)1GhX4e1aXRQCuS7j(A#YIcVb#{sD
z0`6>cDQGtLW@5-Jm{yhfoS>N~vSwvyS@N#mUnYP1f@jJNmtRWWEh2Iy2KonBx^xBo
z{R0Gks64%znWWy0t#ngry-Z7cnW>O8>zNLT^j0((n`v=7BXy(0z|xv8(poWLCwHas
zoQWgNXo+c?)tjv}q!HRBl6z*kQZri8m<))x080pL$7S!{-O-zL0N*9rqWXDiq1(a;eNvVGz*pJsiiOyQ_zu?jAbZ
z+ORE~dZUIHN(!Y;1P*uo?N8kP{cp%USNuViman93{z73{SrQ@j`#@g8>@()GDe2wf
zJ!ZNu1Y_H`%RjvQtnh~KeFG^i?0k{7j!u>>S7%f74ek{zEY%|aSs2CikI`kFLl
z!ota~>?T=37zPvzMaq>jwd%A53<7^enV0uzhI;|(lvb;&yEj<0Xen+kPj`0@J>A`O
zws+9p(M7SOI$tiADV5rATsPU6XymO>$J>S!+uG^v>7}c)i(D>G5UMpO%gIqFv@yPW
z2kU-*0o#80GwJsAQChgT<=P&k8HdbwXf`#o&+BJIi|1(Z>HC4a>8oFqm!11EIlX^B
zZlMD=S77nbVwNshPO(^2r~3E-`aC~9H4`GuFzSCa3lkZV7Mi@8du-+nN%cW9w(hr9
zUfS%;sGe9GW*sJg_CT7NFTQWg(X`?=-!|)x`@9af-%ppOIO2`4@%Z13n)-Zj7y7Ov~y*bZSR@w^7LdL1F8
zI;h>4HK(H5qmh>qT-(9TGC9#lM_r%OsX9C!a{m=JikUBSoO5$h!fuMHqolae;R9`}YSM_&Vy8O6D&Z3RbT=
zp6PO#Y>pa@bW2zW+fsQcVuol*x`{cVJ#oT{@@d-C8g-_prkI+VU}}1bTCGmdsN)A!
z1aQpb&lD%Uj2Af^1Ybd;{kOX^M!L!oY9^hooFoDZ|7ZP<1s3d>Rc8grL2>
zou2MKI=i|km5SK5Lm&lV2>Uj!<+dMuOHSRnj=uXnfP7}lkl8Z*J!^7i87yl;nsR*I
zML!OI{nF>k$sOCtl{%5Y`~?eGv0_bh!e^Nv2#F&&%-zt2R!X(Q^c+Z$CN!xfT3T$x
zCSwbmOJZok8C1At?39^m1Pdo~uI8nNndZP*Mor2kNrz|NkC}}W^O-dX<6A}nCoc;@
zh>EYAo|
z*z`}|_h|SHEMe2x(M4ZxADx|@IBt#*3qOzyZ&=Ii-}{EF?b^w_Qy)5O_OSz*7)@FY
znA*EnUUts2!dox?F>R$TLd&64EU|LM8s^VmNW*JTuh$?tk!FTnF{CIZ!x84}C4M%s
zMiZkhmRqeTIKr*b_?TEtq82TfB)d>0Ha
zspsPQ)rHhlHG`FutN|R`AqWG8NA?S3C{U-WUT`1*`|kib6tlgHh}q^ZTqakqI+|Lo
zMiBU<$kp(A#V4?UIa!$jqB2r+r$w)9dMq9lZG%W~TsPW~SYz+r-Rv9QN26LH2ewzv0E_kBu*0!x-Gr@Omb<$v@8
zHII!LAt9*9G11Do(TeSb!k12qqQhY5C@rP4{jW1VrsZl^i0xj$8qs|kF{%Wre2-0QODpO_wTOZ
za=-^MG~3YPRdUtJqo~*G_`V-WKP|ycW&=}@D?Og0L)=K2c}nitcC4H~msGlQxfcD=nOQ&zNv#bE%lxFSSzuV``#>
zoRm1W!&G^iT4l;Y#Z~_AzpI9`P$|>j1w0L~g|Na^tB;op77S6XRtS83wwI2viwJ2Z
z%|vt^FwvgQUuYb}juwc`?2v5nh^FwSO&BZEkV2t|B`kLD*~P9sI|%%cMs1SL?jFv(
z;I~%y(xoC@az=qh-~aK^4}>@U@Y}MpYaW$amBm9#8Cp0*-D}`AJeB{kRrjJF+1SBZ
z6+`r}ek?_d2~yCasAcN3Sa6xDAOxb+1zFFf)M#$@4qBE<0whyj-$?t$TLFx*5ybO(
zD`iIOqr+5QP$?xc)|Rcbn{I#7^`NgcK+(Q%QD%l>@Qn~$`#&EE
zZ}{FfWJmWPwR)9RD^{~${z59XDnSsm@cxNZA!;7iO0KrhQ7PILng9AP%-kc|Dcww&
zv34`|$7EZQ%FboHpU>qO9^S|B$X#kjv#Lm#3JR7_m@(
zh|6^n%YQWt0gnNm0z49Rs5v0y(9p7QXz>bc%Vu(FT&;1CNVoVvzeuAAq7>Ir-z^~!
zwnY%gL~`qY0wrlpQJbQe%=%HpYVrCKL`i2