From 7465b7a1e7a30f9621db7727c8c07fec9585e917 Mon Sep 17 00:00:00 2001
From: Igor Borisoglebski <igorborisoglebski@gmail.com>
Date: Thu, 7 Dec 2023 11:11:33 +0000
Subject: [PATCH] Lobby v0.0.1

---
 .github/workflows/docs.yaml                 |   29 +
 .github/workflows/test.yaml                 |   25 +
 .gitignore                                  |    3 +
 CHANGELOG.md                                |   27 +
 LICENSE.md                                  |    4 +
 Makefile                                    |   75 ++
 README.md                                   |   43 +
 common.go                                   |  204 ++++
 common_test.go                              |  313 +++++
 config_types.go                             |   52 +
 dns.go                                      |  100 ++
 dns_test.go                                 |   53 +
 docs/content/assets/img/lobbyGopherLogo.png |  Bin 0 -> 98449 bytes
 docs/examples/demo.conf                     |   49 +
 docs/examples/lobby.conf                    |   91 ++
 docs/examples/lobby.service                 |   21 +
 docs/src/docs/CNAME                         |    1 +
 docs/src/docs/about.md                      |   11 +
 docs/src/docs/assets/lobbyConcepts.png      |  Bin 0 -> 46895 bytes
 docs/src/docs/assets/lobbySystemDiagram.gif |  Bin 0 -> 29954 bytes
 docs/src/docs/assets/logo.png               |  Bin 0 -> 33765 bytes
 docs/src/docs/configuration.md              |  180 +++
 docs/src/docs/contacts.md                   |    3 +
 docs/src/docs/features.md                   |  187 +++
 docs/src/docs/index.md                      |  133 ++
 docs/src/docs/installation.md               |  144 +++
 docs/src/docs/stylesheets/extra.css         |    5 +
 docs/src/docs/support.md                    |    3 +
 docs/src/docs/tutorials.md                  |  553 +++++++++
 docs/src/mkdocs.yml                         |   66 +
 go.mod                                      |   26 +
 go.sum                                      |   46 +
 lb.go                                       | 1207 +++++++++++++++++++
 lb_norace_test.go                           |  167 +++
 lb_test.go                                  | 1117 +++++++++++++++++
 logging.go                                  |   88 ++
 logging_test.go                             |  194 +++
 main.go                                     |  183 +++
 main_norace_test.go                         |   82 ++
 main_test.go                                |  107 ++
 nftables.go                                 | 1049 ++++++++++++++++
 scripts/getLobby.sh                         |  160 +++
 scripts/installLobby.sh                     |  257 ++++
 scripts/uninstallLobby.sh                   |   50 +
 target.go                                   |   16 +
 testEngine.go                               |   65 +
 upstream.go                                 |  156 +++
 upstream_test.go                            |  110 ++
 48 files changed, 7455 insertions(+)
 create mode 100644 .github/workflows/docs.yaml
 create mode 100644 .github/workflows/test.yaml
 create mode 100644 .gitignore
 create mode 100644 CHANGELOG.md
 create mode 100644 LICENSE.md
 create mode 100644 Makefile
 create mode 100644 README.md
 create mode 100644 common.go
 create mode 100644 common_test.go
 create mode 100644 config_types.go
 create mode 100644 dns.go
 create mode 100644 dns_test.go
 create mode 100644 docs/content/assets/img/lobbyGopherLogo.png
 create mode 100644 docs/examples/demo.conf
 create mode 100644 docs/examples/lobby.conf
 create mode 100644 docs/examples/lobby.service
 create mode 100644 docs/src/docs/CNAME
 create mode 100644 docs/src/docs/about.md
 create mode 100644 docs/src/docs/assets/lobbyConcepts.png
 create mode 100644 docs/src/docs/assets/lobbySystemDiagram.gif
 create mode 100644 docs/src/docs/assets/logo.png
 create mode 100644 docs/src/docs/configuration.md
 create mode 100644 docs/src/docs/contacts.md
 create mode 100644 docs/src/docs/features.md
 create mode 100644 docs/src/docs/index.md
 create mode 100644 docs/src/docs/installation.md
 create mode 100644 docs/src/docs/stylesheets/extra.css
 create mode 100644 docs/src/docs/support.md
 create mode 100644 docs/src/docs/tutorials.md
 create mode 100644 docs/src/mkdocs.yml
 create mode 100644 go.mod
 create mode 100644 go.sum
 create mode 100644 lb.go
 create mode 100644 lb_norace_test.go
 create mode 100644 lb_test.go
 create mode 100644 logging.go
 create mode 100644 logging_test.go
 create mode 100644 main.go
 create mode 100644 main_norace_test.go
 create mode 100644 main_test.go
 create mode 100644 nftables.go
 create mode 100644 scripts/getLobby.sh
 create mode 100644 scripts/installLobby.sh
 create mode 100644 scripts/uninstallLobby.sh
 create mode 100644 target.go
 create mode 100644 testEngine.go
 create mode 100644 upstream.go
 create mode 100644 upstream_test.go

diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml
new file mode 100644
index 0000000..ba333e8
--- /dev/null
+++ b/.github/workflows/docs.yaml
@@ -0,0 +1,29 @@
+name: docs 
+on:
+  push:
+    branches:
+      - main
+permissions:
+  contents: write
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Configure Git Credentials
+        run: |
+          git config user.name github-actions[bot]
+          git config user.email 41898282+github-actions[bot]@users.noreply.github.com
+      - uses: actions/setup-python@v4
+        with:
+          python-version: 3.x
+      - run: echo "cache_id=$(date --utc '+%V')" >> $GITHUB_ENV 
+      - uses: actions/cache@v3
+        with:
+          key: mkdocs-material-${{ env.cache_id }}
+          path: .cache
+          restore-keys: |
+            mkdocs-material-
+      - run: pip install mkdocs-material mkdocs-awesome-pages-plugin
+      - run: mkdocs gh-deploy -f ./docs/src/mkdocs.yml --force
+
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
new file mode 100644
index 0000000..fc4cf5f
--- /dev/null
+++ b/.github/workflows/test.yaml
@@ -0,0 +1,25 @@
+name: test
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps: 
+      - name: Setup go
+        uses: actions/setup-go@v4
+        with: 
+          go-version: '1.20'
+
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Test with race check
+        run: make testIncCovRep
+
+      - name: Test without race check
+        run: make testIncCovRepNoRace
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a166bfd
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+bin/
+*bkp
+*out
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..a8663d2
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,27 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.0.1] - 2023-10-30
+
+### Added
+
+- TCP Load Balancing
+- round-robin distribution mode
+- TCP upstream health check
+- Upstream health check starts available/unavailable
+- Configurable upstream health check timeout
+- Configurable upstream health check interval
+- Configurable upstream health check success count healthy threshold
+- Upstream FQDN address
+- Upstream FQDN resolution DNS list and DNS backup
+- Upstream DNS TTL overwrite
+- YAML file based config
+- Hot config reload
+- Basic metrics
+
diff --git a/LICENSE.md b/LICENSE.md
new file mode 100644
index 0000000..486416a
--- /dev/null
+++ b/LICENSE.md
@@ -0,0 +1,4 @@
+# Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License
+
+This work is licensed under [CC BY-NC-SA 4.0](http://creativecommons.org/licenses/by-nc-sa/4.0/).
+
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..f3f600a
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,75 @@
+BINARY_DIR = bin
+BINARY_NAME = lobby
+RUN_ARCH = linux/amd64
+
+# Go parameters
+GOCMD = go
+GOBUILD = $(GOCMD) build
+GOTEST = $(GOCMD) test
+GOGET = $(GOCMD) get
+GOCLEAN = $(GOCMD) clean
+GOTOOL = $(GOCMD) tool
+GOCOVFN = coverage.out
+CGO_ENABLED = 0
+
+# Build flags and arguments
+LDFLAGS = -ldflags="-s -w -X main.version=$(version)"
+GCFLAGS = -gcflags="-m -l"
+MODFLAGS = -mod=readonly
+TRIMPATH = -trimpath
+
+# Cross-compilation target architectures
+TARGETS = \
+	linux/arm64 \
+	linux/amd64
+
+.PHONY: build clean run
+
+# check version is set
+valver:
+    version := v$(shell grep -oE '\[[^]]+\]' CHANGELOG.md  | sed -n '4{s/\[//;s/\]//p}')
+    ifeq ($(shell echo $(version) | grep -E '^v[0-9]+\.[0-9]+\.[0-9]+$$'),$(version))
+        $(info Version '$(version)' is in the correct format)
+    else
+        $(error Version is not in the correct format. Check CHANGELOG.md)
+    endif
+
+# go get dependencies
+get:
+	$(GOGET) .
+
+# Build for all the configured target architectures (TARGETS)
+build: valver get $(TARGETS)
+
+$(TARGETS):
+	GOOS=$(word 1, $(subst /, ,$@)) GOARCH=$(word 2, $(subst /, ,$@)) CGO_ENABLED=$(CGO_ENABLED)\
+		$(GOBUILD) $(LDFLAGS) $(GCFLAGS) $(MODFLAGS) $(TRIMPATH) \
+		-o $(BINARY_DIR)/$(BINARY_NAME)-$(word 1, $(subst /, ,$@))-$(word 2, $(subst /, ,$@))
+
+# Clean builds
+clean:
+	rm -f $(BINARY_DIR)/$(BINARY_NAME)-*
+
+# Build and run
+run: build
+	./$(BINARY_DIR)/$(BINARY_NAME)-$(word 1, $(subst /, ,$(RUN_ARCH)))-$(word 2, $(subst /, ,$(RUN_ARCH)))
+
+# Includes race testing
+test:
+	$(GOTEST) -cover -race -failfast
+
+# Includes race testing and coverage report
+testIncCovRep:
+	$(GOCLEAN) -testcache
+	$(GOTEST) -v -cover -race -failfast -coverprofile=$(GOCOVFN)
+	@if [ $$? -eq 0 ]; then $(GOTOOL) cover -html=$(GOCOVFN); fi
+	rm -rf coverage.out
+
+# Excludes race testing as some testing functions fail on race tests (not the app)
+# Higher unit test coverage with this option
+testIncCovRepNoRace:
+	$(GOCLEAN) -testcache
+	$(GOTEST) -v -cover -failfast -coverprofile=$(GOCOVFN)
+	@if [ $$? -eq 0 ]; then $(GOTOOL) cover -html=$(GOCOVFN); fi
+	rm -rf coverage.out
+
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..4de2bdc
--- /dev/null
+++ b/README.md
@@ -0,0 +1,43 @@
+<p align="center">
+    <picture>
+      <img alt="Lobby" title="Lobby" src="docs/content/assets/img/lobbyGopherLogo.png">
+    </picture>
+</p>
+
+**Lobby** is a simple, yet highly performant, load balancer based on Linux [nftables](https://wiki.nftables.org/wiki-nftables/) designed to run as a portable binary app on Linux systems in amd64 and arm64 architectures.
+
+# Quick Start
+Use the helper script which downloads the latest Lobby binary to your current folder and sets a sample config file.
+
+``` bash
+wget -O - https://ipbuff.com/getLobby | sh
+```
+
+Once the script completes, it will inform you about the required permissions and the need for IP forwarding to be enabled. 
+
+For testing purposes it might be easier to run Lobby with the `root` user. Run Lobby with:
+
+``` bash
+./lobby
+```
+
+To check on how to run it as unprivileged user check [here](https://lobby.ipbuff.com/installation/#permissions).
+
+To edit the Lobby settings, edit the `lobby.conf` file. Configuration documentation may be found [here](https://lobby.ipbuff.com/configuration).
+
+A relatively extensive tutorial can also be found in the Lobby documentation. Make sure to check it for many practical examples.
+
+# Documentation
+The Lobby documentation is published at [https://lobby.ipbuff.com](https://lobby.ipbuff.com).
+
+The documentation source is in the [./docs/src](https://github.com/ipbuff/lobby/tree/main/docs/src) directory of this repository.
+
+# Credits
+This project has been created by [Igor Borisoglebski](https://igor.borisoglebski.com).
+
+[Gopher Konstructor](https://quasilyte.dev/gopherkon/), created by [quasilyte](https://github.com/quasilyte/gopherkon) was used for the logo creation.
+
+# License
+This work is licensed under [CC BY-NC-SA 4.0](http://creativecommons.org/licenses/by-nc-sa/4.0/).
+
+Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License
diff --git a/common.go b/common.go
new file mode 100644
index 0000000..f22283f
--- /dev/null
+++ b/common.go
@@ -0,0 +1,204 @@
+package main
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"os"
+	"regexp"
+
+	"kernel.org/pub/linux/libs/security/libcap/cap"
+)
+
+// settings
+var (
+	// Generic IPv4 ip_forward setting path
+	ipv4FPath = "/proc/sys/net/ipv4/ip_forward"
+	// IPv6 forwarding for all interfaces setting path
+	ipv6FPath = "/proc/sys/net/ipv6/conf/all/forwarding"
+)
+
+// iota constants
+type (
+	hostType byte // host type
+	ipFwd    byte // system IP forwarding state
+)
+
+const (
+	hostTypeUnknown hostType = iota // undefined
+	hostTypeIPv4                    // host in IPv4 format
+	hostTypeIPv6                    // host in IPv6 format
+	hostTypeFqdn                    // host in FQDN format
+)
+
+const (
+	ipFwdUnknown ipFwd = iota // undefined
+	ipFwdNone                 // no IP forwarding
+	ipFwdAll                  // IP forwarding enabled for IPv4 and IPv6
+	ipFwdV4Only               // IP forwarding enabled for IPv4
+	ipFwdV6Only               // IP forwarding enabled for IPv6
+)
+
+// Lookup patterns
+const (
+	// FQDN regex string according to RFC 1123
+	fqdnRegexStringRFC1123 = `^([a-zA-Z0-9]{1}[a-zA-Z0-9-]{0,62})(\.[a-zA-Z0-9]{1}[a-zA-Z0-9-]{0,62})*?(\.[a-zA-Z]{1}[a-zA-Z0-9]{0,62})\.?$` // same as hostnameRegexStringRFC1123 but must contain a non numerical TLD (possibly ending with '.')
+)
+
+// Pattern matches
+var (
+	// parses the fqdnRegexStringRFC1123 regex
+	fqdnRegexRFC1123 = regexp.MustCompile(fqdnRegexStringRFC1123)
+)
+
+// Common errors
+var (
+	errCheckIpFwd = errors.New(
+		"IP Forwarding check failed",
+	)
+	errReadIpv4Sett = errors.New(
+		"Couldn't read IPv4 forwarding control file",
+	)
+	errReadIpv6Sett = errors.New(
+		"Couldn't read IPv6 forwarding control file",
+	)
+	errCheckCap = errors.New(
+		"capabilities check failed",
+	)
+	errHostType = errors.New(
+		"host type not found",
+	)
+)
+
+// Linux capabilities are a method to assign specific privileges to a running process
+// This function checks if a Linux capability is set for a given process
+// An error is returned in case it is not possible to perform the check or in case the capability check fails
+func checkCapabilities(cs *cap.Set, vec cap.Flag, val cap.Value) error {
+	// check for process cs if val capabilities has the vec flags set
+	cf, err := cs.GetFlag(vec, val)
+	if err != nil {
+		return fmt.Errorf("%w: %w", errCheckCap, err)
+	}
+
+	if !cf {
+		LogDVf("Check capabilities: failed")
+		return fmt.Errorf(
+			"%w: '%s' flag not set on '%s' capability",
+			errCheckCap,
+			vec,
+			val,
+		)
+	}
+
+	LogDVf("Check capabilities: succeeded")
+	return nil
+}
+
+// checkIpFwd checks if IP forwarding is system enabled
+// /proc/sys/net/ipv4/ip_forward is checked for IPv4
+// /proc/sys/net/ipv6/conf/all/forwarding for IPv6
+// IP forwarding is not checked for individual interfaces
+// It is only checked if IP forwarding is generically enabled
+// The function returns ipFwdUnkown in case of error
+// An error is returned if the config files can't be read
+// It returns:
+//   - ipFwdNone when IP forwarding is not enabled for IPv4 or IPv6
+//   - ipFwdAll when IP forwading is enabled for IPv4 and IPv6
+//   - ipFwdV4Only when IP forwarding is enabled for IPv4, but not for IPv6
+//   - ipFwdV6Only when IP forwarding is not enabled for IPv4, but is enabled for IPv6
+func checkIpFwd() (ipFwd, error) {
+	LogDf("IP Fwd check: checking '%s' for IPv4 IP Forwarding", ipv4FPath)
+	ipv4f, err := os.ReadFile(ipv4FPath)
+	if err != nil {
+		return ipFwdUnknown, fmt.Errorf("%w: %w", errCheckIpFwd, errReadIpv4Sett)
+	}
+
+	LogDf("IP Fwd check: checking '%s' for IPv6 IP Forwarding", ipv6FPath)
+	ipv6f, err := os.ReadFile(ipv6FPath)
+	if err != nil {
+		return ipFwdUnknown, fmt.Errorf("%w: %w", errCheckIpFwd, errReadIpv6Sett)
+	}
+
+	// byte 49 is ASCII '1'
+	// file has content 0 when disabled
+	// file has content 1 when enabled
+	oneAscii := 49
+	enabled := byte(oneAscii)
+
+	if ipv4f[0] != enabled {
+		LogDf("IP Fwd check: IPv4 Forwarding is not enabled for all interfaces")
+		if ipv6f[0] != enabled {
+			LogDf("IP Fwd check: IPv6 Forwarding is not enabled for all interfaces")
+			return ipFwdNone, nil
+		} else {
+			LogDf("IP Fwd check: IPv6 Forwarding is enabled for all interfaces")
+			return ipFwdV6Only, nil
+		}
+	}
+
+	LogDf("IP Fwd check: IPv4 Forwarding is enabled for all interfaces")
+
+	if ipv6f[0] != enabled {
+		LogDf("IP Fwd check: IPv6 Forwarding is not enabled for all interfaces")
+		return ipFwdV4Only, nil
+	}
+
+	LogDf("IP Fwd check: IPv6 Forwarding is enabled for all interfaces")
+
+	return ipFwdAll, nil
+}
+
+// getHostType returns a hostType from input string
+func getHostType(host string) (hostType, error) {
+	ip := net.ParseIP(host)
+	if ip != nil {
+		if ip.To4() != nil {
+			return hostTypeIPv4, nil
+		} else if ip.To16() != nil {
+			return hostTypeIPv6, nil
+		}
+	}
+
+	if isFqdn(host) {
+		return hostTypeFqdn, nil
+	}
+
+	return hostTypeUnknown, fmt.Errorf("'%s' '%w'", host, errHostType)
+}
+
+// isFqdn checks if input string is FQDN and returns boolean result
+func isFqdn(s string) bool {
+	return fqdnRegexRFC1123.MatchString(s)
+}
+
+// findUniqueNetIp returns a list of unique net.IP
+func findUniqueNetIp(nipl *[]net.IP) []net.IP {
+	unipl := make([]net.IP, 0)
+
+niplLoop:
+	for _, nip := range *nipl {
+		for _, uip := range unipl {
+			if uip.Equal(nip) {
+				continue niplLoop
+			}
+		}
+		unipl = append(unipl, nip)
+	}
+
+	return unipl
+}
+
+// findDuplicateNetIp returns a list of duplicate net.IP
+func findDuplicateNetIp(nipl *[]net.IP) []net.IP {
+	dnipl := make([]net.IP, 0)
+	occurrenceCount := make(map[string]int)
+
+	for _, nip := range *nipl {
+		occurrenceCount[nip.String()]++
+		if occurrenceCount[nip.String()] == 2 {
+			dnipl = append(dnipl, nip)
+		}
+	}
+
+	return dnipl
+}
diff --git a/common_test.go b/common_test.go
new file mode 100644
index 0000000..5fec7e9
--- /dev/null
+++ b/common_test.go
@@ -0,0 +1,313 @@
+package main
+
+import (
+	"errors"
+	"net"
+	"os"
+	"reflect"
+	"testing"
+
+	"kernel.org/pub/linux/libs/security/libcap/cap"
+)
+
+func TestCheckCapabilities_Failure(t *testing.T) {
+	cs := cap.NewSet()
+
+	vna := cap.NET_ADMIN
+	fe := cap.Effective
+
+	cs.SetFlag(fe, true, vna)
+
+	err := checkCapabilities(cs, fe, vna)
+	if err != nil {
+		t.Errorf("expected succeeded: %v", err)
+	}
+}
+
+func TestCheckCapabilities_Success(t *testing.T) {
+	cs := cap.NewSet()
+
+	vna := cap.NET_ADMIN
+	fe := cap.Effective
+	fp := cap.Permitted
+
+	cs.SetFlag(fe, true, vna)
+
+	err := checkCapabilities(cs, fp, vna)
+	if err == nil {
+		t.Errorf("expected failed: %v", err)
+	}
+}
+
+func TestCheckIpFwd(t *testing.T) {
+	testZeroPath := "/tmp/lobby_test_zero"
+	testOnePath := "/tmp/lobby_test_one"
+	testNilPath := "/tmp/lobby_test_nil"
+	zero := []byte("0")
+	one := []byte("1")
+	os.WriteFile(testZeroPath, zero, 0440)
+	os.WriteFile(testOnePath, one, 0440)
+
+	exp := map[ipFwd]bool{
+		ipFwdUnknown: true,
+		ipFwdNone:    false,
+		ipFwdAll:     false,
+		ipFwdV4Only:  false,
+		ipFwdV6Only:  false,
+	}
+
+	ipv4FPath = testNilPath
+	res, err := checkIpFwd()
+	if err == nil {
+		t.Errorf(
+			"checkIpFwd expected to error due to failure to read ipv4 ip forwarding settings path, but it didn't error",
+		)
+	}
+
+	if check, ok := exp[res]; !ok {
+		t.Errorf(
+			"checkIpFwd result not found in expected IP Forwarding system settings. Res: '%v'",
+			res,
+		)
+	} else {
+		if !check {
+			t.Errorf("unexpected ipFwd iota const returned")
+		}
+	}
+
+	ipv4FPath = testZeroPath
+	ipv6FPath = testNilPath
+	res, err = checkIpFwd()
+	if err == nil {
+		t.Errorf(
+			"checkIpFwd expected to error due to failure to read ipv4 ip forwarding settings path, but it didn't error",
+		)
+	}
+
+	if check, ok := exp[res]; !ok {
+		t.Errorf(
+			"checkIpFwd result not found in expected IP Forwarding system settings. Res: '%v'",
+			res,
+		)
+	} else {
+		if !check {
+			t.Errorf("unexpected ipFwd iota const returned")
+		}
+	}
+	exp[ipFwdUnknown] = false
+
+	ipv4FPath = testZeroPath
+	ipv6FPath = testZeroPath
+	exp[ipFwdNone] = true
+	res, err = checkIpFwd()
+	if err != nil {
+		t.Errorf("checkIpFwd errored unexpectedly: '%v'", err)
+	}
+
+	if check, ok := exp[res]; !ok {
+		t.Errorf(
+			"checkIpFwd result not found in expected IP Forwarding system settings. Res: '%v'",
+			res,
+		)
+	} else {
+		if !check {
+			t.Errorf("unexpected ipFwd iota const returned")
+		}
+	}
+	exp[ipFwdNone] = false
+
+	ipv4FPath = testOnePath
+	ipv6FPath = testZeroPath
+	exp[ipFwdV4Only] = true
+	res, err = checkIpFwd()
+	if err != nil {
+		t.Errorf("checkIpFwd errored unexpectedly: '%v'", err)
+	}
+
+	if check, ok := exp[res]; !ok {
+		t.Errorf(
+			"checkIpFwd result not found in expected IP Forwarding system settings. Res: '%v'",
+			res,
+		)
+	} else {
+		if !check {
+			t.Errorf("unexpected ipFwd iota const returned")
+		}
+	}
+	exp[ipFwdV4Only] = false
+
+	ipv4FPath = testZeroPath
+	ipv6FPath = testOnePath
+	exp[ipFwdV6Only] = true
+	res, err = checkIpFwd()
+	if err != nil {
+		t.Errorf("checkIpFwd errored unexpectedly: '%v'", err)
+	}
+
+	if check, ok := exp[res]; !ok {
+		t.Errorf(
+			"checkIpFwd result not found in expected IP Forwarding system settings. Res: '%v'",
+			res,
+		)
+	} else {
+		if !check {
+			t.Errorf("unexpected ipFwd iota const returned")
+		}
+	}
+	exp[ipFwdV6Only] = false
+
+	ipv4FPath = testOnePath
+	ipv6FPath = testOnePath
+	exp[ipFwdAll] = true
+	res, err = checkIpFwd()
+	if err != nil {
+		t.Errorf("checkIpFwd errored unexpectedly: '%v'", err)
+	}
+
+	if check, ok := exp[res]; !ok {
+		t.Errorf(
+			"checkIpFwd result not found in expected IP Forwarding system settings. Res: '%v'",
+			res,
+		)
+	} else {
+		if !check {
+			t.Errorf("unexpected ipFwd iota const returned")
+		}
+	}
+	exp[ipFwdAll] = false
+
+	os.Remove(testZeroPath)
+	os.Remove(testOnePath)
+}
+
+func TestGetHostType(t *testing.T) {
+	testCases := []struct {
+		input  string
+		err    error
+		result hostType
+	}{
+		{input: "1.1.1.1", err: nil, result: hostTypeIPv4},
+		{input: "dead:beef::1", err: nil, result: hostTypeIPv6},
+		{input: "example.com.", err: nil, result: hostTypeFqdn},
+		{input: "example.com", err: nil, result: hostTypeFqdn},
+		{input: "11..12.1.", err: errHostType, result: hostTypeUnknown},
+		{input: "1111.1.1.1", err: errHostType, result: hostTypeUnknown},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.input, func(t *testing.T) {
+			ht, err := getHostType(tc.input)
+			if !errors.Is(err, tc.err) {
+				t.Errorf("%s: expected %v, but got %v", tc.input, tc.err, err)
+			}
+			if ht != tc.result {
+				t.Errorf("%s: expected %v, but got %v", tc.input, tc.result, ht)
+			}
+		})
+	}
+}
+
+func TestIsFqdn(t *testing.T) {
+	testCases := []struct {
+		input  string
+		result bool
+	}{
+		{input: "example.com", result: true},
+		{input: "example.com.", result: true},
+		{input: "testing.example.com", result: true},
+		{input: "1.1.1.1", result: false},
+		{input: "testing..example.com", result: false},
+		{input: "testing@example.com", result: false},
+		{input: "testing,example.com", result: false},
+		{input: ".com", result: false},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.input, func(t *testing.T) {
+			r := isFqdn(tc.input)
+			if r != tc.result {
+				t.Errorf("%s: expected %v, but got %v", tc.input, tc.result, r)
+			}
+		})
+	}
+}
+
+func TestFindUniqueNetIp(t *testing.T) {
+	testCases := []struct {
+		input  []net.IP
+		result []net.IP
+	}{
+		{
+			input: []net.IP{
+				net.ParseIP("192.168.0.1"),
+				net.ParseIP("192.168.0.2"),
+				net.ParseIP("192.168.0.1"),
+			},
+			result: []net.IP{
+				net.ParseIP("192.168.0.1"),
+				net.ParseIP("192.168.0.2"),
+			},
+		},
+		{
+			input: []net.IP{
+				net.ParseIP("2001:db8::1"),
+				net.ParseIP("2001:db8::2"),
+				net.ParseIP("2001:db8::1"),
+			},
+			result: []net.IP{
+				net.ParseIP("2001:db8::1"),
+				net.ParseIP("2001:db8::2"),
+			},
+		},
+		// Add more test cases as needed
+	}
+
+	for _, tc := range testCases {
+		t.Run("", func(t *testing.T) {
+			result := findUniqueNetIp(&tc.input)
+			equal := reflect.DeepEqual(result, tc.result)
+			if !equal {
+				t.Errorf("For input %v, expected %v, but got %v", tc.input, tc.result, result)
+			}
+		})
+	}
+}
+
+func TestFindDuplicateNetIp(t *testing.T) {
+	testCases := []struct {
+		input  []net.IP
+		result []net.IP
+	}{
+		{
+			input: []net.IP{
+				net.ParseIP("192.168.0.1"),
+				net.ParseIP("192.168.0.2"),
+				net.ParseIP("192.168.0.1"),
+			},
+			result: []net.IP{
+				net.ParseIP("192.168.0.1"),
+			},
+		},
+		{
+			input: []net.IP{
+				net.ParseIP("2001:db8::1"),
+				net.ParseIP("2001:db8::2"),
+				net.ParseIP("2001:db8::1"),
+			},
+			result: []net.IP{
+				net.ParseIP("2001:db8::1"),
+			},
+		},
+		// Add more test cases as needed
+	}
+
+	for _, tc := range testCases {
+		t.Run("", func(t *testing.T) {
+			result := findDuplicateNetIp(&tc.input)
+			equal := reflect.DeepEqual(result, tc.result)
+			if !equal {
+				t.Errorf("For input %v, expected %v, but got %v", tc.input, tc.result, result)
+			}
+		})
+	}
+}
diff --git a/config_types.go b/config_types.go
new file mode 100644
index 0000000..b189f8e
--- /dev/null
+++ b/config_types.go
@@ -0,0 +1,52 @@
+package main
+
+// used for config file parsing
+
+type ProbeConfig struct {
+	CheckInterval uint16 `yaml:"check_interval"`
+	Timeout       uint8  `yaml:"timeout"`
+	Count         uint8  `yaml:"success_count"`
+}
+
+type HealthCheckConfig struct {
+	Protocol       string      `yaml:"protocol"`
+	Port           uint16      `yaml:"port"`
+	StartAvailable bool        `yaml:"start_available"`
+	Probe          ProbeConfig `yaml:"probe"`
+}
+
+type UpstreamDnsConfig struct {
+	Servers []string `yaml:"servers"`
+	Ttl     uint32   `yaml:"ttl"`
+}
+
+type UpstreamsConfig struct {
+	Name        string            `yaml:"name"`
+	Host        string            `yaml:"host"`
+	Port        uint16            `yaml:"port"`
+	Dns         UpstreamDnsConfig `yaml:"dns"`
+	HealthCheck HealthCheckConfig `yaml:"health_check"`
+}
+
+type UpstreamGroupConfig struct {
+	Name         string            `yaml:"name"`
+	Distribution string            `yaml:"distribution"`
+	Upstreams    []UpstreamsConfig `yaml:"upstreams"`
+}
+
+type TargetsConfig struct {
+	Name          string              `yaml:"name"`
+	Protocol      string              `yaml:"protocol"`
+	Ip            string              `yaml:"ip"`
+	Port          uint16              `yaml:"port"`
+	UpstreamGroup UpstreamGroupConfig `yaml:"upstream_group"`
+}
+
+type LbConfig struct {
+	Engine        string          `yaml:"engine"`
+	TargetsConfig []TargetsConfig `yaml:"targets"`
+}
+
+type ConfigYaml struct {
+	LbConfig []LbConfig `yaml:"lb"`
+}
diff --git a/dns.go b/dns.go
new file mode 100644
index 0000000..53b54b9
--- /dev/null
+++ b/dns.go
@@ -0,0 +1,100 @@
+package main
+
+import (
+	"errors"
+	"net"
+
+	"github.com/miekg/dns"
+)
+
+// hardcoded settings
+const (
+	// default DNS client config file
+	defaultDnsClientConfigFile = "/etc/resolv.conf"
+)
+
+var (
+	defaultDnsResolver = miekgResolver
+)
+
+// DNS errors
+var (
+	errDnsHostRecordFail = errors.New(
+		"Couldn't resolve host record. Check your DNS",
+	)
+	errDnsHostFqdnCheckFail = errors.New(
+		"Host is not valid fqdn",
+	)
+)
+
+type resolver func(string, []string) (net.IP, uint32, error)
+
+// A wrapper method to a resolver func
+// In case a resolver func is not provided, it will call the defaultDnsResolver
+func resolveFqdn(f string, dnsa []string, r resolver) (net.IP, uint32, error) {
+	if r == nil {
+		return defaultDnsResolver(f, dnsa)
+	} else {
+		return r(f, dnsa)
+	}
+}
+
+// This func receives a FQDN (canonical names with a trailing dot) and a slice of DNS addresses
+// It performs a A record DNS query of the provided FQDN on the supplied DNS addresses
+// It will iterate through the DNS Addresses in sequential order until it gets a response or the list ends
+// The function returns the first IP address from the response, the DNS TTL and an error
+// It returns a non-null error in case a FQDN hasn't been provided or if the query fails on all provided DNS
+func miekgResolver(f string, dnsa []string) (net.IP, uint32, error) {
+	if !dns.IsFqdn(f) {
+		LogDVf("DNS: '%s' is not a valid FQDN", f)
+		return nil, 0, errDnsHostFqdnCheckFail
+	}
+	LogDVf("DNS: '%s' is a valid FQDN", f)
+
+	if len(dnsa) == 0 {
+		LogDf("DNS: no DNS addresses have been provided. Reading '%s'", defaultDnsClientConfigFile)
+
+		dnsCfg, _ := dns.ClientConfigFromFile(defaultDnsClientConfigFile)
+		dnsa = dnsCfg.Servers
+
+	}
+
+	// Create DNS Client
+	c := new(dns.Client)
+	// Create DNS Query message
+	m := new(dns.Msg)
+	m.SetQuestion(f, dns.TypeA)
+
+	// Iterate through each provided DNS address.
+	// Until the end of the list,
+	// unless a successful response is found.
+	for _, ns := range dnsa {
+		// Send DNS query
+		in, _, err := c.Exchange(m, ns+":"+"53")
+		if err != nil {
+			LogDVf("DNS: query failed. DNS: '%s' FQDN: '%s'", ns, f)
+			continue
+		}
+		if len(in.Answer) == 0 {
+			LogDVf("DNS: couldn't resolve. DNS: '%s' FQDN: '%s'", ns, f)
+			continue
+		}
+		for _, ans := range in.Answer {
+			if a, ok := ans.(*dns.A); ok {
+				ttl := ans.Header().Ttl
+				LogDVf(
+					"DNS: resolved successfully. DNS: '%s', FQDN: '%s', A Record: '%s', TTL: '%d'",
+					ns,
+					f,
+					a.A.String(),
+					ttl,
+				)
+				return a.A, ttl, nil
+			}
+		}
+	}
+
+	LogDVf("DNS: none of the provided DNS's was able to resolve '%s'", f)
+
+	return nil, 0, errDnsHostRecordFail
+}
diff --git a/dns_test.go b/dns_test.go
new file mode 100644
index 0000000..96ac83b
--- /dev/null
+++ b/dns_test.go
@@ -0,0 +1,53 @@
+package main
+
+import (
+	"net"
+	"testing"
+)
+
+func TestResolveFqdnWithDnsAddresses_Success(t *testing.T) {
+	fqdn := "example.com."
+	dnsa := []string{"8.8.8.8", "8.8.4.4"}
+	ip, ttl, err := resolveFqdn(fqdn, dnsa, nil)
+	if err != nil {
+		t.Errorf("Error resolving FQDN: %v", err)
+	}
+	t.Logf("Resolved IP: %s, TTL: %d", ip, ttl)
+}
+
+func TestResolveFqdnWithDnsAddresses_Failure(t *testing.T) {
+	fqdn := "example.5368235687."
+	dnsa := []string{"222.222.222.222", "8.8.8.8", "8.8.4.4"}
+	ip, ttl, err := resolveFqdn(fqdn, dnsa, nil)
+	if err == nil {
+		t.Errorf("Succeded, but should have failed: %v", err)
+	}
+	t.Logf("Resolved IP: %s, TTL: %d", ip, ttl)
+}
+
+func TestResolveFqdnWithoutDnsAddresses(t *testing.T) {
+	fqdn := "example.com."
+	ip, ttl, err := resolveFqdn(fqdn, nil, nil)
+	if err != nil {
+		t.Errorf("Error resolving FQDN: %v", err)
+	}
+	t.Logf("Resolved IP: %s, TTL: %d", ip, ttl)
+}
+
+func TestResolveFqdWrongFqdn(t *testing.T) {
+	fqdn := ".com"
+	_, _, err := resolveFqdn(fqdn, nil, nil)
+	if err == nil {
+		t.Errorf("Expected error due to erroneous FQDN, but didn't get it")
+	}
+}
+
+func TestResolveFqdnWithCustomResolver(t *testing.T) {
+	fqdn := "example.com."
+	dnsa := []string{"8.8.8.8", "8.8.4.4"}
+	mockResolver := func(f string, dnsa []string) (net.IP, uint32, error) {
+		return net.ParseIP("1.1.1.1"), 600, nil
+	}
+	ip, ttl, _ := resolveFqdn(fqdn, dnsa, mockResolver)
+	t.Logf("Resolved IP: %s, TTL: %d", ip, ttl)
+}
diff --git a/docs/content/assets/img/lobbyGopherLogo.png b/docs/content/assets/img/lobbyGopherLogo.png
new file mode 100644
index 0000000000000000000000000000000000000000..76e515539c73a9ec7a20da8b6cf247c81a49b19a
GIT binary patch
literal 98449
zcmV)`Kz_f8P)<h;3K|Lk000e1NJLTq00FW900E^41^@s6pP+L;00009a7bBm000o2
z000nm0jY6vkpKYz07*naRCr$O{Rd!V*KsC{7SPB!XJ7`HobzyI$YIV|lqf5&ytZtw
z9N#*x|F{3HwZY!C_c?oQ$;uK*i4?^g#LOXwlXH$3<eYOi@V>9^J>9o4z#w)b-9xn+
z1Ke;<-E+@(s_LsM5x2P#a3$bMz?Fb2fjKOJh&kMMx9hG1rX+!NWg8*~2L~gEhKAyY
zh6ZCqhGK?>Bx*>%hX(P9#^0my?`ZrZ7JrMz?;>&Bkk{*r8}NEl27KNm{Ep{DMnpvV
zJP{Gz$cV`P=%}a;kH^!84h}{{h<9)h$KZNipD)on=u6-^zCm9ct{aIqfRlS;qoP}R
zUSy=FALsCbIG5Lp=*KZVk&$|B{*LE#<KNNvu>=1ez`y$rojp7_C4smnyAqhA5^#ZR
zjy|}B*zJ3^J&5%>0>I%*#3#lJ5a}Q2OC1>KOXwfyPXYD-bVPhUZ@ffEBtU||6B7{`
z;lb|{05+)rk4ykbW?z4Qs@Lm{?e6Z19vB#i>Guu9<5Yl|MB@Xnk|@WA|7J7a{F%q`
z7y*#zA8{}J+41cqkm2KToImP2r{~HL!EXRRnC7#uF<}3~T(gJ2kBap4#YD$=<Kp7_
zV`5?k;^X4`qCB2P0A4*nwF$lJ!nOMF@j^c6OGF?3)`NTXM@WRv6B*SN6&2m?iSTqr
zM0(mV#7+#Oci)+h%>5SPRCC8X$0Xna*&KUd3#GfeH{4EmNFN;XW&(Vcc!#`edj@)M
z>FVh$?&$1D1c=3YeFJfQef{y&m<VE6q&=3#WHkdQ=4a>kLXabY(R>^-fs#3>V2HmF
zF1^qk`=cVGdI4zN_NOy8I<6ur!gDA#D&|;hbj&3jS9jvd@vem+H+PJ4PXaEG&An$f
zuX=p%P4{Jcz5V=T^?Uo%eM5tpzKFr4eZKxp&26oVTiaSQpkZbDyj~9$U<D_)g<b*#
zK&ZbG6%|EuW@AD^LQ`^L@}=m=sACa>aw&2sqBS}urXw~cw!sq}Q?u{HCyk-+m3s$Q
z0wYVn1u}PLgiQi>?R+TC=j(@t<t^^_^>1kJX@8`$s&ZLJXIm!L%~V*v)KoX)%{CQk
zKO!RWKMy|mj*gZgAAl4J&ENnmfHwkFa}DAyfA;^|0mOR#Fkr^LB4c0~^}x*N191Cb
zWgLWck;e|2V`m1;4Y---15J)U63m*jvvVtBW8!`h6B+ZNCo=L9z_0S)$^A5oy3Lh9
z$R*$cS;$4aFmLeb`#y`gHIz0uIFQ-X-&<VY(e~igy6QWcYpe3a=go#x=#L70GXSDy
zHiA*Cc;e&56PF+{Nhy+$mM(E=8TihW=)^>ciBA-07!r-YN5%7)M2WV42NDMGWKafu
zKIv&~lK!qv8SEbrPi%~WT_k`mGAc@<;^N^<!+-d<@t;Lt(dYfycnsZDgFdhL`uib{
zeqbY9Qs`q;bR5o)6W>6;p6l)Fm4TjaeD~=$&jHg!`a0XCzo$$3I@+bDrAfN+>1%7n
zF<s*8?#A`|0fN90y2aSSpvkho@YCUzgSBZXY1LWj8GBRWQ(jAqPdpasiK>2U?^`Yz
zCG<0XLEgayvIY6rr+3hI?YuWR0?a?GmMQq;M8!s}^hONcQ`^$Gp`pDayScU|iwo@Z
zHcVYlBtR)yVpG!qMwyb3ktwmsDH0E0icd)cFr@;7;>3f+H98?tK_VL9M4%w}L;<io
zF#xtG01$pAP!Vu|C<-D39KR+ty`3NXY5*QJquSrf(;yyEJF~yRtJHrJ+z5mN06hh~
zt}gvue|IN<vJarx2f*u+{?0ZF`~Y};ogDzbMu1?m^meq!0DyUD0Io9t^>j9vBqcp9
ztv)*|yE-;H_MmtpJ{j~4orA_!1u{+x*qj}QPP>}hbjo}oUdsith4|E`Fy^~=-jhA(
z8_4PR_LcSz4&3A&@@?(t>L_k)ZB6d#?nxZ*`BJ<C1JP!|ox-iGQ=!E~#>PurX12uR
zla!S!$+-oRn1P@33M45zU*gi!ph*FsV&ZUk6u=1Qc<>E#pmhl<hmNUE?aco-ClPVV
zy`8xW3<Ew3>;@@5f3tuO=1PE{Z(snR*CX&v0@&K6yQx7s>Z+xqwo1C28>9>W?rNx$
z?uJ_Nb+tpg^ZFT?lNqGL=O$oS(*M>P7aQ9d6N685Ohb$(`cRxFW^a@y`Wk+B<-@~!
z>Lzm^_nd_(0T;*?=5rs{sCRF>3oE{4VX@2g`uex^`FbC1X>DHH+0~iT-`}6ohuyyq
z=Bp_aFchp{QcFoyU`oj=l!WvwNy^ES1cFyi0ko`i)wZZzMZt$eZ7CS6uwpxXTjLtx
z0zb$JeoCaV&7IKfXxgNP*W21Eoeee8UR@!5&5bhD*&;plb<$p2DV_Lte=oogphzOl
zWSe1DM#B^f4Q>eEb*U+7<*`w5uX-fvJpkS511_0lvf^D3=ea<(ARhDh26_MP`!fax
z`g42xd&>rf26n-Nv#Y78u^7z3EYRFj0bWyDu$&rJLVl5Cl`WTy#mgi)zfh6^Uh%0J
z0IOv9r$BaqW)&H2z>5AQi!fon$2TJPsL4t|O_{b|jT;qXz8r*qP5^Q}UGT@X(>&QE
z?Nt@hP<~#TFJF}QimTG!)(qd=)Oa3z&Loq>#>V>M<KwF`(lcrj;}Z6H1|#>xMaQ0t
ziH@y!=fHa{lO3OX-u#k)3uN=_c}{3Fw{5#4ZNS@K=JoaM9P-G$ZJlkaU?R-v?dwbJ
z?FGpIJM9T;TWYog;UNViiu4Rg%*v6}{9^TA#o>1}2PULvOF~Yz#3fS0f{#i`5q8Y5
z!|XSq!MF#9PXg5B{60HqarDz+uJm`)MA;-=G)>Yh3G-x6Ycsy<rK_<{`e~+wKaN^F
zg3)zTG~SR3W11wH1ldoz6B80^Gtx89Mh<!2^h87-jE;&vci^NO0ua7QFuU&L0@>_(
z9wF_`eYZZ40W)FYfVXc$kGJ>ny85~e?VTO@FcBuwOgL`y5Va%tn8^G~$SssanEw*s
zvr5R!0{agp!MuFSca;X;RYDR>fw9WuBWo`*3V;QF)r=A;LMr72d~qA#$m*n-lD@bh
zFF<RcSNg#4^g?^{wYNxLOPvgoZ~}r!2LP_4rdnD7d|mAzqmadk^Z6O8G0u%z8^Em}
z8BJ=kGBVF4#w0uoQpsUxY**ep@IF*Sw=Dz-xIi|KpYm-x?#cBH4&)+b-<pUhc?25Q
zP0h{Ch4{o$;~LLmVVMJ=Wr5ij3vkL<v_vwOESL16GD#^avCM%fDH07IS7a1u=zgMw
zrD19Ol})Ue$D($Jb^{3nn<>e%gxL}r94M6<C+7pm^>wsK8%&fvjWyB$6J^7tbJ9|N
zNxYb+)cDxOvJM#fe^OGCFC{tUT5?j#Cy_%@FX8md9#7Q8Bd7KuWtZFLqXb+an@3Oe
z;oBcc_YU^u^$qlG1SjqBx`w)~Ev+qi-Q7J2-09MsGp@#+E~x8qFb8JBhn2o~srs_g
z7cYVKl?5#;*@~GWGteejC|J2<i*bq9Jt!an19Ai@6G|}9+bz9qEz((aO&YIWmexyW
zrTy9!>8h{B@0+3F0RRnA<p#o}wnhR8G`4OKMygVhQ;)?*#y%S#n{X64CNJ+h^@*EL
za-K{^7s%%LgS>m!eW^ZQ-%4Z|yuEj@?~65cwM!Zr8WVbYddBa6fF>0U&`K*@48Q_t
zm92#4RVMN9amA&kg4%8Y7XyV=J99OxIX-J<dH0<rO3?lZY<*oF(g$B#Yvna*uDmJ@
z=T1vob-8o{+y)USK32fDVMdbr9~%?Xl9`@)3fkIpQIRnp1Mp6qxNww7nB6u<CEx<t
z9DH#1-}Yb@l9?AHq3#2<O?6+atFK?$*4`dNt!pgviw+k%)u`k&NrQ%!yJ`bI>m{{d
z5i~GR+~boFJe*_&2isbf3tV$>lFXwnJGC}tPtv;3-y_|vEeH#!l$I;!rS|kOX}EAk
zd`-0)96nZ92!RcGB&n_SCd4P4OHWRFHZd;o&A8b3^Lvl(ZJkHrTM$EWfozUE=DTls
zAQOd2)<SvuRDDzZBaKZ>Wep7tLSNUI-~~|fAk9*8L5XB6T_Jg^H%TU_?@76N$bgZd
znJ)bK1YK=wj?9RK-AzBZf%(YHCCp;djkva!OXsEi>UpU@b3&T0U6x*CFJVmFSVSg*
zS~5aE($mr}$HyhU3~lXYm?IAyI<e0MwK*`=Tp*jp59zTxA5R$=>R*9mL!Ygxt9}fc
z*Ru9@<k-WG^oETwIPh_$l`fUsmFp#I$x2BrUMvY&S)jl(3kEbU`nQ<>&jqeoJOkXW
zjaLE&*nHH+z`*V6Y}HVJ*2;2_NUlo#`IFLk;jHx5RgD?rM&BA!YsJUKoy|<md@U(9
z@wtT9xI^zB{-}4n{c(>AuLN8m3$MJ#b+-p@eJEEVeY<;ydjI6|)hk<SYHG%e>5A}x
zRfyD0nWf7VymHrVlC+{l(74i(SCA=zTvOq=gzp|S_a)$nb2EvV8ROPjUoTA;&q~$t
z{nBv$jC8`+HVFUQbrlF45}>9AQ1j+wW*te0PWlIA_<!@j$^Er+Ur6(71TK)xlIQu*
zosT3V4b<vE@qVtNw(_x>+S<~Nj*c6fM6h#=%gUD=__!ADxLvZAuSWb<4l-jPK`xTz
zGRW9Ug6lR{0t;ILS_uG6Q*R-0ayMew+N&z18lZM{?+4O>%p^lMuyoL;hAbnJmXdlU
zEjjhggy{I6AXe?bCnxrIENscnj?ue7Hp9>1zS|!v@k9?kTHjp%>y=eiYZ2phL+vX9
z%)zAMGBp?Gt=%Nq%T`NT@gk&lN<$o%RW`&0uNi)*?(Ju_1Ons{pA4YnO-EggG+j9-
zwI_~9-MJIeb`|k!2;3e`Q={pT{<P%8q?2(`asL_@lkoD13&*d_>Os%*&bdG~0}uGV
zTkb20h>^|6dGNKX73JIO>gsbkJ5k$ew8X2n=2ft9yDYx>4yDL5n+Dm19@N)zgN|q5
zA-cDm9}@6W{Xz2wjlTx~)`onMRY&(p<)M9uVLM}+A4eW8Q)YqAUzM4f@qR*d+*2?;
z9y)UVc+LC}&fFP=3uIw@R=c;}w!Yuj_3!Ij8b96A+FC^Lx>1mFBus=^tJX>BEq6=)
zx~(8=lxQ$A>u0gKnpYSfo_nhWApx2ohlVUot*fO$2_jcNepf0EeuP|+z^73Plrmiw
zO^>nB(H9b85}!|qOMdEN<@uuvLTIyKkS>sg;UV0-W%s7;{*K?OsHuFct*tGS$#_R=
zByGg!6-mJ+XkWYTkgR2^wDy+P+HzTjVR%~ZEnErEs%RxfCJV9;T3TyGxq?~6;l0vw
z{xqs^kM0^HsNvI)mYDL3w50TJUaY$Go-5PPO27rO5XyJgmfdT5yq&*aU0eNW_`Xs`
z1u&Z~pSN+Fl<m4pa#pWL@yL9ML3a2^f|pC!2;oz5FYQX;#u8914WQ;l?X}M4I^=-7
zER_d721(>S=|*;u(Mr}3(2ydlD=jJY<<!Kqzde8L{9aeqp^?Ch0@+RLZjOnNp;V~y
z35djx_xZeuFtsIOH^jQO%#rTHWax~Fif)dKjB4F~=9Bi&h+%rKdh6C(3%k8tU#_UG
z_}%7~mb{SwOi3B2e4M^?wG?gHDFpzrO!&Uy(lT7X*YrLP_iC;Lrbhyf)LH$gn%#!1
zBDJTENX3CYQjg3c{V+ws(S6;$NDhhec<OS}vVM@2n)#1ME}XbJJsk@DRaTa)j|Yk;
z4-WZKP|+X`cZ`Nlz7OlypeNGPg?QBVlb4RPg}x^@zC&1nY{Rmx(NNZlQAT9Vz~I2G
zz9H}S?w+nZfLB6ae_tGSJ#j-KNa#n+JQDvz^9}Z5B6I=Fx)E{TBtwzs#3v_^`153J
zbj<m46(=vxv=GhxZ(4tIgm<X#k<PyMzo@9JT*Z8c&a4|&O(js~kzs>$`J(N+k%+fU
z5|BYY8UdKB<K+e@&z7g@_QRFH4J4q&Mp14CSw)!OxTCg4YK|Y2YX?4*27LSaf>Sq|
zLZQiti5Id`vi=I|*LRO!JTXRQgYZ6q#o5aj_w@Cw>*?=Vi^94aJW&y40|R|&P%siA
zA|n7|L%KHOL$pRbLqspYtOsjzM`VPj3Q50?#K*)RjgLz>c%}MmSXrDQ2eK_|w#P#l
ztGj!<cJ>VPe5R$XWhoZ-d}ODHbY`$N3qBwCNGX?0(oa5G<5-m;X+UnYGag^$YiY@8
zd*b60_8+@=bVeq}*7Y}S>gsFz!-l5D&o?2X!0<76m;wjE%FAziP>SIDN-ZpwXrztO
z3>$9d`0&25?%iAoOrr#7cBJ{y+t-Wuv_@!W$K~8FUXWU7YJ>g3b^c7LncU3mkC8Ft
zFQPrMFCV*j9Q*h1x8?b(5<0s(ceHf1J%9~36pMipm_n&oT*sguEe)Qjeqq*S29OU7
zcxwUFS0e`_-^fbKcq1+@{_vUd(|w^FVaR}N?Xt~TC@FGBpSSDR8k?K80=Uvl#o;k?
z1CDdVMu=41Q89KfHa7mGcs<`wN=SO?a@D!><Gjq24%@P3M_xxy%hwuP8-52wj;!G|
zzSy^<k|na@?uVsl=bf5ugS2^<GCw7;yC=I6n3WPBp!on^oh|k7qwSUQw_lWo6Nj$L
ziOS75>ZT1Q$0xmz9H07)vscd?3D<y%vzG2`?`i!)dsoXHo~X!WFnh&}r!3Ay`^PaN
zJfSZxCjLxxMC^A_AMR(DtIk(U^g81?e%gU-<I1gB-F=<+w0F1uVMk}j#_sO!h%tdn
z>saAKzY(ekTMeus{3nCltl%>W?bQs@fEw!$p@?2>Vtn#jsc}h90o-0YedT0Gc03za
zZoIpttNE{3X_*z4olUcA1F)9f^^h!k;7O#8TB76)mw7mzY3Uy0N?>kFKsB`fUg>JA
zmKxCa&%N|hX+)t=r@!2CHAG5ce8RQ##Pq*PO-}#*@r%bo;%{1#y*#t6r~R?6{*JHo
zd3)C5-sy~69dm8wW6;t~CPPpFGFU%uJZm#A!3{lXz@3kajQvqodghNV*Iv0aolkgL
zfo$cHH4k_8w*A+(_O{K8ks4JUg*nZWoQiZx`S1}fljQtDR2ojxgtn|Q9EmE!K2X#t
zr~zbm?`>_CZj?#yK<%OS>I&&bS#%$Ar$yZ0L8z9Nh*V9HF>fVCC;gv_hO4hlm*6(7
z*j(J++x9yx?aja4+SV593}m)4YeY%z<{h%~fzN=*u|wk1vOwTK?3Y`3a=IRYdmUE-
zb3y`xFw+fmcS#$nURQqjs+@cMXVQW4GfvA5*Npi1c*#sne=8{_`Tspre)i+(8eB=n
z(%iQ0)-QGTwf=HsRK%Jah5m4Tii}N^I3!z$M*-cG+#*TL$&sXt9EnK+gF1@&TA6G-
zLI$xu_jmV54+t)-I?z^Ct|fJPo9YliPXFM@x`P%wMYZmv*rdNrj8FP@d3`yPT~4`8
z3y`fW-B8fnUibTLoh`o#L8Xk8p@ONE5(`TZ*t<pY*KS2xC1zvKMrx%L)CG#w!i|=>
z4L&j@{#b%g`!fKIz~;jahXwY!8XKe?1@;;)o|2klhol1(*g=$W7!I7quSWGY!smG<
zD>?liE1E0cnTpg_m94(3wY%l-np>JzU#Eqk|H%O6<##_SrMKOS8ehf!_^+wl(>>Rf
zfGdHyD*<Z_Lk)|zR%twaL@vGlbGiD-yV8T8Yv-D!?8eB*ioEpP|DBSQ_RSNQPfj}9
z{-W&V(Y4KWf6(V^`&DRtWus*c;-;H%tJ%xfXk9|qD5QcBo0=kVtOT!$1++1{N`|p~
zX}?vG7)1Ryj1BoKdjQa_6<1L7^pw<{Ix3Cljzi(-9MPJlwctF_Z>1%q{<rFu+V`jW
zbf*ktrNwJ@wRTkhRabY{PU8b}cFL2SE`^|%m+ihA!M#jsn|mF}VZ2N|XAL4|wf2G;
z#N?lh>!?1uU&=rEKsqZxVnh(*aJHbD`aDss5Z`yR)3W}qyy5DESv4j3i+;Pkr|lc?
zg&|}hc*hZix?aog|CFq_?{P^lE`=WqL=HSGx49B<CE!XxH{~!la^32ztHcKU6FK?p
z50L`v+;!$gR<TZrPkJgVHTRECT{$^npHf16{#UzuYX1=4n$;t^WUv;-K+DSCuniWY
zn*m_!5VxAA>#|9C$No-)gl2)Y_3@&jKo833v|qa>SNFXq<$K?i&TCk1)f5?MT$AHs
zV(VffWB<Ihr|qAnGE1feWQBR9U#f4a{Bx+urNa@Q3wz1V+hy6^4=LKyY^d2Orjw!P
z$dkrk#rE1tsRLu^%E#|W&Eb7A*wuC&pmEoOxcgJdG0Fd!k&^b!3$>TLV+n9o@rsNV
zm`uC-x_^uHz=9fV$64#Q%El+ZDusvzi^I5GKiF6jb^q>4VBt!DfX2LzZC5VHS(qBn
zzwv?$3|p(Hv7{y>f0UD&^Yt?oP;JK1a#BiG)wfswC3f-;;_&OrUQqi=gECQa(`{0`
z?Pf_YDTUi3GbBZIO{%Z{u1>7W)p8ABcJ|E|rQ`BBLVD0>z-#FD3`Tr2D>eJiE1Rq8
z$1&9F4w)2?tzWe*s-da&kD6QS{;+>wAT3DyL5iiktvAcs$3HK*t2anOdX|-yJ;VhZ
zjkZPyE8{xq&YqBqZ@(tjK7Jc!$Byd&4SCT9qa&hU$xhAsf8cl=b)u{&T3*`H+xmCy
zo$U{^8nd%SV^_24p(ka<y^l&-Nf~xCF(Du4WFE46jw=CI0<%m4j6;J-t_O7eii4lX
z@t=NITFxE~qP=s|9UmQYCNC}j*Dlsx-gBc7M0nDEf5_MR$2cZ?_;CcVbkrzZcISft
zuv?&g6@Yk_7@oLQTiKwWuo+~R3-7!v=U)4{41m??Y#eK>C;Fw#l&n9jXsjgKO{h&6
z$kwgg8r|Gl`)7?U4SxbkeXJA2VzTmN!)LxCWp~`KjzV47XCS?jQQ<jBYN4T>dG$G|
z0&{4{8ysRr;X$>%njD?@|JJrQe1Ev)RunE--Q3sy&DOToT|rJ#sKl8_;=Ac{zaoXm
zi5Qmzk_yQjZgVBzO2C!C1SDYCjm;<>bK&Km$oW@)Dt*w_OjDOgMC8T1l$`%q(OUD;
z@Jkn_FD|NTsrug{1E0m;4CUKCEJBjt^IHAjld|aMJFzAg!hDFt3p21L)5JOG8<5`i
zR#X-^AV;45H)%pxf=!6f{*u8N7ZvkXW=iJQD;ldVOhAm}yics<=NA8$*7n9fgLV?-
z1hJH5Yh~NN`?{2D-35kA>a6e&X-o(FWgRGQe&vI=<kZVgODA>(PP?(q81f>h`u`+&
z690Q$cb(b}m*y?r-Zs$r&6c*-^+6fxF$osk_5eWaSK;$p>5@4nHhtWqT?x1n7(oJq
z*kpIs*T|)JUXv3~eG^Q;2EP?avw}oKRA(k+{Bd1p;}6a0S#kL{HTKs03;w-f_$A3r
zSPBhn<%6Hrs_~3nRno=`Gp9|Q9ksI~&-|NQdHbcHf~M*>i;jIGGdc5Xl}%OS_76@7
z$O>~ye!H=??k}N<#rr`FabHEd?~%=)|C;2iTq{w?9~f#g;zZvB3Xith=Bu<x|6DG-
z@x1tuE6v$hf&r$+pJXPc{vBwlOS=a9{-UY5InPOxjf9VH)u+BBYoGX{q~@2nl=_K2
z2={nb0<Hu`l>pbNzK&L@*!Qj+{{BBnD?+V;Lwlq-JvR9t6Jry<*U{5^Yiob&|HQ>|
zgDwcICTGKTS%-Cs)}r`y`oLyi>O0c++Z(Fn{A(}B(Wky8K9EC9(`wwF=$|2#*Kbrd
zS0jPt*lpZER#vj|iR${R{|d@^W&p$@q~zB7W!u019WC}46%#w-h(G!)u~ge0#G_r?
zzekQf{cULlec!2_(bSldk|F?VK_GW9H5OFV^)Mx_e)uzBUKY5f#Ifg=dxR?iR{|51
z0Db)f*mTz%+b^H|+uy=(b}VQeV#0@*sOT2o&|n&@VnOS-Cox%8z>K*1ktadqSTbX-
zo$(HtKEmF%COQAsD{}C=e-FP|qyJQz8RI>%f0vPz{)ZJU)nld|92bzSUA|%4)v8NB
z2F0Fv60Ms7HH&uND>wbh@2TqQA&AX^X5~cdk$S{B9DnwEQvTlSpv8_}AB;mHsbljO
ze@&L(^9U+4=gy3cc@D_d?V>9IR{~R)fPalTds066*8h=)BcF_!fg=&XwdISyA&Yk2
zDhXJx=1S-f$JzrhJNwGd<N$zsuorP>b_19Vq{SruNpo+<{~1fFV*=UwRol}Wnk%2F
zZ>+n=X=cmWv{P>W%|F$`k5RGA?mvebz}Sm?XpBEQ`LiF&xmSMzJMG9hEtAVuVuJjd
z7P*W~X66w$Hf#<(X}7Dc1m>g!w5TVN5I0^tD@T9wZ7F~ERj?dK-f*X_SSQ=Q`dd=8
zd8fo81ILVzIi?_GWp5%w$gyXCAjg0FFETU`P{2H%$d<y4{Lfx%sCw&0w;0B9x&F}B
zj)q@rX=}d6X{$|w2Dbf|e@C*Gg6uHYKnz1PMe=%}%66kr-bgiskQ_`3Z@yb@|NTFg
zCAZy=_^@;r#HKJ=-BVo&xDpt@1jsXpii?-*6>DYtul$az1qUGt?v0U}57hR)_BQYU
z7-nP@0i8>Y$^o^=)sH?Y%O3*y(x2B6wPJjO=^ect|Gg}`DE~%dx}iq4Zuy3tmnttj
zkGfj9#-vC#%q_qB|Hx7-?$L=>7WcW*be99PZ-pjy>HXK_^h?i3Z+$JHEocZ4F)_00
z(J#uH$37?Ni<X2X4sKdyXq$hnXJ)7R;?Md|I~g;6L{>=awuZ^1d7G^S&i?WYGt6?D
zR=Kzrb0shbB|u_CZ%2z<{RkwGAO2rt$+&c#sWCDxK}v49Th=`MOOmr{tyNuqj#-b$
z+-$ybQ9k^;|ArDcANrpZ{biX6$=_(`Z2QlnJ-$(aY~8ZWQBCc&&(<~8J?1wlf}yzT
ziLc1EU;a%^ggci6MG))n?2yW1`{ejD-<7(<do};r@aDm;XVaH|0||ehki;z7npsP3
z7B>QuBf|+Ny$=&&5QG()PidYYc>9o@pP>j$kz-1?Ym!jSZ;5Ot2wG<>90@xfXxaRZ
z1fYBHd-^~5tTkf^=755n3vjb|Qn+24ZxXPQ4|hrxNFWEl_fOJ%>hOquv-rGXS@*=3
z;m?0q5|IvY)~{c~9uzY)Rl+Cu?*IH#C>d4Gzcww-Eq?TBUB!qAl}81#rHfX6x~8$>
znXaxbf2xyAB>TPNkG>(9@Egr35L5bnhg{zCmhAu5-%5A&)e+~p2fLUp|L(Vtt>X!a
zOU;~}V^rX>5_PhWA0y`bJKMqjX~m~mdRy>mZ&A=5Kq613!r|l~s1f8e0W<y`f$!Mp
zDE-6(z~W<LBq<?YQt&~YB>kkOriwQ%NxGsFq&q2HT4Pfr7OBQ!z>cEXgBkr5;8=Rc
z1-ALNcDm!4WfD-A2#9L6Cy&bh@BHnkB#_AHSXqU{6ziV&62gRv<`kH5j0{0I4u9F9
zZ~y;jTl7B#Ph#rJzOJ@MMtUqG0@;Qo8{?{5tKVvBX}sC^#z^hF^$-5LEWQ0ci9&Sv
zTxlk+8B35;W$mpQImV9T+x(T^1c-eaX|=LvmBW+|SCb?IfEW+gi$uv?4Ykr)Q;pI#
zRnmhp3JfdgL)1J0yRV~NCp^K9=dq?6!EZdZhfIwmO&NpOI+nsApk-uapwv!=L?h*x
zFF8ZJ8F?u2fKPTFKtEjrE~&-2c_!z|o8k6zE=s_VKx$7PlRf|N-=*cuu@Q$60ZY=#
zM?WtczxXT2=utd7H|3)|0IplDm6zq+zx*?)hj!*~5gu<rPT?<C*In}mg`2;PNWts#
z^?j<lx62P=Jh)`n-BP%D`<$WK>j0s>(5zO4%=jPw^ZyzZ#OM=S1C!~>2R@}H)7ilK
zQSgE(upj0GYFVAgPSTD*_jZ)5>8Pt#AR~bFb+oBw#$&BSol~nJ%JXST=7;fg9UUD~
zTT4Hp<v(LGQ)+98X#g*1t<f-LB<B@MO5q}WN+c<VB_QxO2FBAAIfs0xb8%sF`@FCu
z!1sx!e`c)T@wNXb@BhtzmF{b(_%W<89pBlPo>Cseh9|!=r^1G4<w-_5E#|RpL^+s2
z<j=L%b6-?_cjtdtlDp`sOLgTzsr0V{vP~<tMpZXge4PQorjg*W{Juvt0q|^C<i|U8
z31W>XlW^dB{~%p(kdD+8#Gd?RS&wWTGai3oClVcC83brp?N!&L71>Byu3iLyT~qL4
zLS&i?X(mL8@^Oj6)Me9DH+G&i`o`F(ahpo9rrh~xV94Jy=VVJui+)5d!^d`5VxhGq
zWMoTH(PBx(hs9FUS=R`4j^a=-mCRPx{5Y;h<sRfpU`z>EjK%~hSienn{@NeN-v9f*
zrMvR_s#K)0pZeJkbfdWfF|aI-IafB8EGJWdY9e{tc1iU|ffACwzRq0(2}v|B{@f|3
z>wv6(u>ZF1-tO(r#cc8JyCfGhP!a;>O5;M`R&z}=cxZCUks3%2D<1wlY{_4Qi7bD{
z)NjM4q;}N_ZL9g>ImC~g0=x2(bkv~gDnM-jrothgRmg6{p<r^OfT(6B;fJQc<m6=4
zo)Quggf)&>g_g$<#FXR#U}GLhYF_+ip-?bX1%6RsxtiA2RzdAG{cvM5QoT8XX%9@9
z{4`@{$fTqR8CfXMw_GyHmTL{VG-Q3D2{MNH-pHhK{b_UMHFEnoOC>-+V$H)v+jpzq
zd(S`o59vp)#^H^r_zwN(UnB|j#)`M>l4t<nTzLPuP9!1u#LD|VCAEi8lB>7NQp&Ja
z)pxcrLGq1(tgXHIb6B+eR6Y8R%5J?EPX6>cgXX3@!l|D>Emz-R!swCBZ3R1Tll7nZ
z(u~=V6~I8kpoy>*8e;=W&oo{<11;<#s$kb?sv0s4M`}z}L%_<-&6R?J0?EtE)1R}l
zvLrh@TfdzkMt>JUjHW@Op&5<Lm=Xz8COsE{i~!cy*eK1-&C<}&pr5+BI;pCv(r*Hu
zGf1ABpMH{0SlS(C(7NLXBn3rA70{Ni!)LXcA7hhKHGR%pc%f$LI_7rEm4L3tBwi8B
zx<30Wvj1QIS5N|8BcfioBMyH5pS4Oy?&|e(#yv!~bne=XlD&45)Ex{|vFYvZxNA{X
zL0NfYwcn;1q>*hZTVH&>_Tqic#VLEuCM-a!l!hI$X4A(NakYH5Vde$=K1Aq9)Yaj~
z6z3dCO;(yc2oL9f@v@wL{)f<FMy{I~horyj9{;kW7Ay+8CT1MA-3Z8ThUv2w8e`+R
zlPD8@Sxt(h$`9AP2tEX+;^Jaiym+ycl$1zOQIY<eKt}K)DTCUV0WF#lon}RUY}g17
z(y4*d)W|tNEzM|Zot>QuZ1wf^3S`$%{k6QjT&`Zdsz2A%)QGcQ8~fh_@=5RMqtbNg
ztd5Z;$K2JJm}@p_d>$E)I<H&}Eo85jd*S&l0lIpaaj5K$d!_O6S-JGub3yrI&FGs>
z98?#}&0qgx$tYbqGLz9>hpjc(^3e}^E%yc2+6a#wssl@wf9=J)8!B@p$Ce1r!qVFx
zP|}B4%OfKsXK=_z^Wxu{@dW`{&p_`jzQMs_|D#8TOA%zpi%qw0OoheL-w+mkS@a9_
zfkxif-XWchwbE5rBi+csMS6Ke1Rqw4vg4BT3M3`J80M=?_+}9FXBV?H!lZ^%b#xz0
zivI?6G~nlRPG@GZ-+)+)g7urjx;rr@L~3BosFYfB?10ptIs$F%viiQLNjd?Hz(dv`
zfou8l<+5_+N?EpSnf^OJKVQ<)(iFI;X=&wa+gv!ASJw%0ybd)t0-|XIN&=h#Hfm!{
zO-)i!Q6ZNvUzQ6OF6ig{`SbcaYIeFYVLC9dE!9j~TO~~wPD{qgLnyPp9lNc~k_wHD
zX?0wa<7A$idyXpsfDGRKWF#_Q``8z-uAE1r;SuTt<2|h2_r9FM`?mEfzu{+Qn}Wn-
zH#1y^o9j+kTRQ8j@r}(XtAv2{Ob{b$IUYQTgv>0EM{<zuC{<kvG*_~CC(FbbC1bjt
z3#+N*t=lXKAd?xM1J|KmU*G6J*52FkIr>RVi^<BByj2^p*iT<BMN=cJzq1VlhAL^i
za0WYxGw^4Tkyjyo*!6o6N1*8IOtoSM;WEH44*r&$RqLeyi(xi=Fv)rO5GwN^#z-5~
z=wm<q-tb_$fLsytwCusp$kMwW!~&WcvfV_`gCr9WfK9NX*{}vI%G%=xwX6*NUmB$B
zU>g#YsA;WQwMy2mU8^4g88t6zUG#SmXbfRvx+cwyu49NIhL%tN8%>!@moAl?Zn{ay
zAJojwo;@okPMnZar%oxT(Hv>WBm^`itu)n33(CCLL0c<Wzg=?HZIV<>R5Glnal6fx
zfGdHCNr0w$rVQNlg|EqnfAb9)Xb!HxtXG3C?c6IrMY*kYvIOoTCO}}2br&|)B$QPj
z*)P@5+&U_+LJ5FRo@6p73tF`=Y?u*48V&bA5=bPe1tpSI3V%3iGo}?Sk_0fB8Dlza
z8&ljf8DTy}n|8=K2Vt+Hr)SHW;<8nzDgYkT7>&5rmaZ$VY_8acYRLYaR*Ua?L~i~6
z{O4(jtFq|iUgS2cmztAD<kGvZNi{T*ek6-@2E9$_@nOM_fkQBB$x0OTycx*71wqem
z%JCnf*4!wJzTB<1$nM|yGi2;v5tdRcoD7WpYOA;+wE(cHBl}=#J0m?!4XTM603%RP
zyQ0Rme*Jpcv}u#9TenWi%F3)5E)X@0e``WA3e&*^EBe@|snLH%?TmnS^ypFj&<yD;
zP^wgZ?6%0L%3i%einiP=IWRerzE65_sLT~%5{G*mR{~*|0F?wLLpbrXAIZ`0{k{6%
zM{4P-Hp;Hw_#^nTk?H8r$5MHCpL7wt49$I_JtrGFK1tHyf-2i}mlWT0tE3k%wrW#O
zLp5rK7hQbkReA4!{-NIo$hB}$R^GqAR9pF-ARt>=vg&>S*=zKLXan-@{N4X7YajjG
zlmnnmM0(=|?ACw&Bf0wi>nLp5F;Q{d@c0N%v?Q0UkS^@_hZoH>C(<u=`yc$dlx({t
z^d?0+hK-~Rnhz^J`9SKBR)#TPP9K=@eXUuuMz(I<D%-YgQw@y%FOoS(>IkRiH60Iy
z{xz~6=~JVYcI3zr*}s3k95`@5E?v6hH#_PCgoYdgO)RaXO!7Bwmm<6bSxZ+V77ZG<
ztDQ~9<8ZIBfFwX=p}np`_J8wl<;t7S2NmY@ivjOk+VVBZkoF?E!n8KvM#_>^vhm5U
z%3_q1iAQpYsb+y9KsSH{_u7B@x^!0s!VL1#Gk;v$()304-*3n1_x9fGbk;}1AC<Lq
z)s!jsCdXmLp^xOicmF|J&z~I8897y9vZh%31zdZyMymaNk4ZilFrf}3FoYAT>s1H#
zNX7mSVM;r%X`@W+7Xge~76I($n{Sp~yLKsn(f38oY&L6OV?8UHA2nzi{yqBEXcpbE
zV}~3(cu@B2*&}=R?p2Zq0gpaG`bNpv>_nVgTg6o=*?EV8S~Ak>Xmtgb3^JC;-M_mM
zu=Eeo*0b`F+~Lzw4_`FRgx58^bFJr2ghpbpKye-Z=x_gATCROT)_&>>Q)h*fD*(S-
z_KG!9?f|mx{@#tN@=FuW)LiLSAlp{9KB}R=?JlS3Ckcd##O$0YnRu*nDcwR4`|$7o
zhmZz3Q!Nd<gk^U=q*<XuX|`hgT6Z&O>L(9N`N!`_EzGB#i0{zM8_?3!*M!Noa>WV-
zu-k6CP0fh(e-Xe;!17GVX*%!Av66_AnVG5D<)TH4bga}mKm71R)zT^}EA60cp9Xwa
zz>i2rb6b@KXqhk@$HJ*h+q~Oc3Ahp%TLSc#<*ZyIE0Fm77%MMhO$v9TRqP~UczwNn
zC`$Y_xC{y=ZD!P%x%foMK`e9mJFj3URyb8pUtb~2RV(o05e2d+k0-yYr)!aOuo(zq
zB~x%Ji$2xdhVy4+-@pCcjDi@=j?89H$0V6GA!#-{udS+Fs-S^g1&B349qvb<a6k)-
z1c{?aZn@<ax&8LrW&8H+y0}wwp$0ae8%?ApNSmz7&6_u?cJ|IY@2JU<!Pjg|ZrphO
zw1y#c)>g}6IHmK}Z&j8Qozre}CE!Zn#uCu@GF0&>yZKJ3{NOFAJAY!zsp}>qb4`==
z;!~;+t$qB98b3N&Jc$B>I&D#z5={&n9dMR9I5fD@4`iTWEb<Qea{QgePC5f8O(hDP
z+E`C(qnv#4$I^c3^kn2PZRg~`OjUf-Zl#Kb!c1jMiA`W&Uj6V*H6^wK(CBP6S{TiU
zTefVG`|rPBL5!phG7!1IFO+69GzM#v^+-UYIrYsq-&8;&<I$KKsl}Fm^frRU8}vip
z8N)8fh;o}N0apSymVlZV3l__gdmcmR%lV)f&v43)1d<akJS}+$waH(%72Jf$mc@#c
z6r{Y10sX%h8JpO+Rt)$CHsHsnR1H8xS1RIu{3-!87){wU1!p_8F_!7RiXA}^g)^K|
z#Jw0ZwiG7C)PmwktF|}lGFgeett}|6a7ZqLiCKfdJ<`if0$-9DN=l05jyvv<2OoS;
z&1$5rGe+x10m@+(Q&?}uaWjN~{y>5`wbB(ZwZ8JoEAr7tA8C3lHpUj#AUg<sXg#gX
zvUvAB2<BWKvJFXCh2Y-Il|U#ZK(jtbR7E>(mdcOcmTN~)e{qTl#V6a{UJ&puy!|T5
ze=V1|sEkQzWx5Hb-yJm~4Ulm>eLgQWGK=it6<?{-jv5JjWD;V?CheDCa#>J2X<qYn
zwoZ2ZlRS?R1%Z@QMZ4~VuVpt%j7(oFoaq?jzq%Wd>EhtW2q$<&*@-MUZcK^v578&|
z&_fT&J@?$B0nH>q%qKtCBp;HVMm8qpK@g*sMh%T0YG@3y=0qLDuB!<fA|^_vY|HL=
zK+C_+r39!`k&%0@D}l*MfM&epLL^go=y7Q{cTBnw8Z$F(NUrVsK-N6+S<ON+Df1$M
z3>LK%RNG*d64N@md(<VSKo%Jjwb;}h<G<-#C;fS{ji$D46nU&gyjVC}OnNTj((3%T
z^dPs`iu)gzWUzRqBc8!I7HXVbFn?8i^1fVr>qYo=PHD*%V@ga<Pgf$xV~;(iJ~5Ix
zsD-%gdI`|Hnv;_wyLazaEseq8FTC)A96o&5PE<UorrN74B#N*N23F@H+Mhx2liqB(
z55kqee3t-YHL-!uLYDlTb=&0H{tx_gd}=u1)X;irD>aWS^R7;Yj<4lwqLKJKJtOF;
zb#!-VaZFny8(QKVR1~t5N5iKxDdfaOhlW7Gtge)H1ObPuCBT2uQ*YJHGL3$*JS54S
ziivcj{*#&5f%;$-AHN5c`9)2;M2*3JUo6BlBR>B4<4S5^DyjKS=9ubprglcZ+3MBE
zmJfL`3G#E#JtyzK|GqG`k@K?~F?khu8MWFqwBbD1+&QsbFq^9M-Sg+G1h|1u$|{iM
z4?K<p6#Jwf@trf#7#>x3<^&SZ-=hV1C&N{UL^b<_Gy++`>IR!l^6I>mu?l2J(VOK2
zvY15Bz^A~X8$`L0wn_vhI~Mm)3vYlaRUj<Wn6-b|-47!_W9GDKV+vwOr$r*d#kXG4
z+-CIUuyL0|Gufv;^(lGu(MNSrrs-^<`obpj%;`I%M#hZ*S&js?*I$2K^Ez^lGR;>t
z{E(W^6q!*9Htz(O;TgO1{K<&hJ!b((fca=MLAJ<7=A-HZAK6LStx%wFYGp0u7d3aT
zninS#8%l+QiN*z4gPH%)Zt>AEF^LLfy?uSL&H=?HC0k`SCfNp&FqS#>MoSYl$;;mG
zw1Hs}>V?~Oqlzj@7EECr!*8e{1{Jw{&s%aqLF}AXXJ(^DL4VkjPd=%OFjGr0F3fEc
zmjJa_`pj;<^;X>okP!0n%P(t|5Owe(t3LBp(!9%7i1b!*s95cS*~De-o-zL=KvP~~
zMvg4G`*F?j>g%;DE{`>Ig3UA%L^@$n=|^JXsa%sZ{9)Q$EVNEbBSS`ypx~;ANR&#M
ztVTu$J(+x1Y{J#JfN6qDyG5mCY8DSxEuO4-^g0m3qS@I{BiBBD7v{v5gFuYr4YCox
z_{A^EefQm`8ig}+e7NK=pYFqr0RfD1C799d`0TUKYKkibGcXw$bgt!nPzol0(@pT1
z&7GQg^XXZ+W10ODps%cO%XZ1zx?8ID{6ae%PHl|$qx;3%XH~_RT#L|m9sdt2qJO=Q
zgm&kNx_jI05$9|C^~v=5o+;4oRXAG9X5>0xlN-Q|&vJqo(Ykc^-H2J(JZ-6{l${7l
zeI@cGlGxFV`dTI-C$)#2J9o+#zVHPFF_JpSR&?9cB|!570gSO`lqo+?KmD{OBxWO+
zafhjO>Ih~VwrSAiWbE%#@2z_UR|2zF0;bf<>W801wjpR`9WC0~8=4onmQSNrHZ*`L
zADWg9X3a^93TM)^7|>fHNK}j*WUZNq$iT0O)OM|~$=pkApG?CP6P`fd;kMSe+(Kw$
zpTh2Za`6ho$4puDwY5t1;ZNk^+b<~<+ypvP6JwgGuYBbz^1uTRNMT{23u2R*G-I4Y
z6D>m*KJ%H+$mc)*c`Y4d8a4l#WBYZ3(SYKlPSQ;Xy5e5amB5^pfNu6sVPf&_yZmD?
zEbDL#$^+Im0d+F|G1EV-*BJ1R>8}UiE028V(EBXM9F*^$#ED7UF<G;Qg)mX;E9?#T
zUUttTDC>d}Et55k4(l|XlXZv>yM!EHtm5qL1E~Z%3Yxx{V#=5ksfjJ5EFIx~whUch
zHk2oxctU>ZmwriokbW>D0R$V3EAPFg$(fDcGTeQ1@8?QjHcNnR7LwnV-}{)vWaR~c
z*{J=VMju&JYz#8<1d8=eTvnE~&slsJ*BBh~`nn@|G4!?7iIU0)g9<p=78&J{ct1^Y
zvR4`VJc5bS&YOh%kV|j9f7%LWdSTOTyl_e`V}WD|mVSVm*};%jPjeyzotde_rPq)B
zyrz1D0kcnk`qQeNm6Vj|C6$^F({BYT4O|7Aw4(-zh{I^wp6a;V^IZvqO9I^B=OByx
zlH2YNGQm$pOB!$Anex!%s5(F1^PI;GFnk~wT)jT8*8(!%fG?<=C>Ly2G@fju3Y(Cb
z4QHEPK4dM(SqV^Eao3}g&cu?_ppB8C$OOPwK6q2AQGAZ(MY9tit)5x|^Cr5QSjZml
zh!<wgN|uG8X7<P<kLV`CfLTY?H6`OzAKHtg!;NYpcbh8#R{{YEs8$9)^74BgmAITj
z{~y9Z{D?;>mgwlo#gOSc&T1+Q=?Vt2{_{<jdM%C2J6P>R<bGsNP%^`$)k;)5&d5Tx
z^3WxC9qyz|DO)9rk?lDe!Q4}I_LDrqQY@87{#%LEDlCp^(oRteV4yR7Vq_<}=EU$X
z6ZDyJGeOOa8ZoN}u<;o&B;qQngx8-wrkPeIKZnCVF87YE1i~Q!veGjam%$D5@RZle
ziS#!$uf(bv4KSTdqsyQRiRhgv2=NaM;?*lgN@Rtz3UPl&2Z}&i*%T(zSSp3d9piJX
z-Eyc~L{yBdy6<sGD_T5hAvya<jg)>d))QkqoH4U9?Gyownm}o3sY~n#^@F{^^-0O6
zd6&WGWR05ql|DFr8<0WZDk#RSC~V3sAZ~Ld;7TAM0WI@_x{OQjcu0~<S<WjA4Ixr2
z!{T99kI6J(kt!I-Z5!O;0zeiM8C~v7Wa~rFS}zi`GB5t58b}w^$g)vRI~<J>>x*|&
z8%vxrkWmwDxpF}>cd(wAAr4UUV)+$nW2;uJ((2A`n^_4E%vgDvV76}EI)7(++b!}3
z^I$R`Cc`J(Hp?ZTVLM}g)LiU1j{oNK<sujKw^=^ineHChgBc}dvKp175ryUNPN;lk
z(TMHMUb<@1AyFDT+S4iRb=AS5OGwl>0v!PY%v!<4XKG}%(XfV0J00doH3cnn!p%bb
zWGURVQ_A0a9j42v1i_7bd!sF~Ov}pqpO9qG?x&g<m@fmX6w{o@%n{7CuJQpebN5dW
zV@)wGpl+La3DAnb3?O&ib(hrD)k$-6vp@SsCv#yUFJnsaVohtq1jAD`InVrv=Xein
z3y*ns4V4;uZ3~15N(}uWDB1Bw1g&7p5UoUkC?sm&+<a=~b?o*@Ch))yV+G11u>;B|
znUJ74F1=~(zE)kv#=m68t#Te=MJ;EK>-8sVg&V7LxuE^06rz;YBvMmpzc4QbU?uDv
zmQOb-Hu-|LyU7BwsHo@)m=|e$w4Dt;X`xvLH2kR8$z^P3BzeKct&+BMrC&&64R$hr
z&swud@^PQ(DAPidV*Tl(V84B+fM&=Yte5rh!w+lB7<2zk_F+tBeC|0nmH;(n`Ymbl
zt*EGwpZw$}(uHyrGzU|&uGssY7Uaxcxo+}i4fi2TTmlZz;(KIbQ^_VJ@X+K-$G!h&
ztTkM3H2Z`8z8}m}e!QAjQ~fGrDdV~7&s-3(xb=3lp&nqfrYDPs6^Pk<Xbp<PCq6Y@
z1LWy9C%`dq-UYS5qtr4lxdpQ1*8Aijs&|Z;QgD*N(Gf^wP`dL@iD%{=Xo8b!%(Du`
zV!&1|Yz;$FW8)4r5yKS7JW;jDNvYMn&AnRNg{>8t>j&U0pLBU@W@SKe&ZVdybznR~
zn#|}hc^B=tO_DNEJ8iN8vhPclVtZw|RD!}y-wJnnY$OtJ$4^oL8Hz5=elia#wC9kP
z&wy#>xMUr(4?p}+clIPL(bt(#x=a#t@+AqM$vT=tJA!#|btiDy=03htOsGB3)d`<_
zyYvxsun=`)lSndEPfL^jj(_jNvr-TPnEBw;SIs~*G=u@s;)wqcq3T$Ltse<=CbJKL
z%7cwJ3rfZV&{7IYB(0<rzL}-a21?+!&(%71+?>;oZx+LOApOY=0c$itz65LN$(Mg3
zz18KDyUrMA<!;;|Mca2xX(P$aP}{YuNJQTexEtc1)1so^@&nnas*{6-Ig38V5j)LM
zEda6}R6b^<=*hhN0oC<(x%mE@(sFwGYm?FLnvYsLlhqpi5>d2AmFHszkiQSbF*~dZ
z#m1yanmx1HyY<9EGS8>wqBQq1FC(87lM7$Dazz(ICV8$z_(VFZ)55$+bBf!hR{{hQ
z0t)@f)TXqeH$bWfVAWAwA+42Hr4zo5p5{gcE{hf2A21&hrkupG;Uu$hY67MYya(^s
zc=m*9V${;o;19}zR-V0lt)#--oRFELbHSJ&7pmD=wX(c?Wc=79SH=ReNu;cz>u34h
zk4hrsJr!kxN>$_KGl&%nif=x9sq(~0&St*{EIKmgEez`SP3%oyQ>|)cnaGmiIBY_1
z0CzoUMT=zZqo0$HK%AiOZ8}?0ULkhcNDMqhZH#6PmSd?r_>l(F8j~V5Flu71Uu-&`
zT4=6CvJzv;?!5C(Id|@y`pmk!yLEwOZcJA3P64Zx3)*zorwh%9=D<~%ARO}TK@nX7
zRy*SOS}QIK<M|ka*$JWzH8D-;M&FkKsL|Na#($#OfsFQLfBTg&CzIOxr8$<@H}9_A
z4`j8$9-sE59sOe}Giv5Jt2b&bI~I9N#u`Ga69JF@w1oy}%4bMOmYkJq<;pL9KJAmP
zXxE)mxb>zfxqfI)?(J%q24IM@#l~lR(AU$fzw!ea5(Qs`@=jGGg?|{rj;a3qNto_#
zpS(&))fLg)CEIV7%G(~W1vNQJ|40(fUAZ2G*0Lt0F`Daf0Ny|$zru5;Sbcae3S^%0
zvlMAU+_h_$R(a+E>11_I`_pzWI4u%j#Q_FObMtZL%o*9YZ=YVbr-jwZ4@>rnb-FXu
znnrG$vIGcXtj$-k??Yr%c}vrSksw9jvP^=*-gO(CxOgfFgWuSIaKlR<ml8CX02+Qz
z^=I+#wm(ck#s(_Bv;N=XJP(fN-?<^>&Yk8-YKL?WC}~7N)Tfzw2Ffq_T?pKy7i_#q
zvH@(V*yO~)r>4F%*0!4@DPhV&oq-E56I0gG)k0qu*Zmu|320>rg{89Y@h?hp7OZ+x
zP&WAdI%{jCtvo2X{ZLLy+Upg=fh;aI_DXzW>eZf(=JjSEH88XFbhfC?d9oehd5IXv
z<}duJrV*+;{L!>LDpE#^wjzFrk>XQm%$?YD@wC*QI0U;rvOzE@B^phM^o`N?;+hnv
zAmA{cN)zMOty{I0*~N<&?Sh=Jufw{)9eKvGRq7X*j_faC9@^}>9qG`}wis)9=7pzF
zNEiMKW&?79mugl7Bdh!dS%s_)92FNY(O6Sr@Equ~ib4HDt}(ItGd^HEM<M8)wFFgr
zX2NrPD<IKthWqI6?d#ID!28f2*WFNOYhc%;3+6>8GoY!F;AYPE4Gk!ntEZ_!1Lrf!
zR!ANyC*-XMISm?ne0mo82tV2a0W=0krxlk-`m%M>eCp7&%rg(-)HZzftCG8V{iG@P
zrX#+AKB)(*asZ?rN9&9l8hY3K+pm$Gx_s1^on8Ef6UbUForjsAN>Z|?Ms4Sgi4ON|
z|Ngh-BTTmG@Ry}S8_Qm~W=abZCw4a`a}9iBBzW)zVPocqTW+~UZo26vt%>Eb6sKiw
zhvg#FoM{rKCVlwuVR`4BchscS-`Roe_$Q?4+$m*hx#eD__Bc#|Q&t=xal<4HFj^Kt
zhycS)12r9{tfRj@DLWVDy#h(f%~t@6j!#sAhJuz|TaIBBx^X5D4lDRU(ucF@-;MU9
zrp^J?%xKc=tgC^Q<+RkFIVP>wE-QEue0_Z|b+XhH;?Jz=2?sQ%Y86}y)X?%b@4$Km
zpDK#A8jzgN8XBJ&!F%a#_sRb80NEH?S!7(IZ2Ho#!#DPjZb~M@u`th=8g*Z1n^Yn$
zlnH|a&2#2T{S_o$v|3P<SVCm%^Z4Cw<D;B=Uq`D{p{#t)inS6O1&iZk)onY*gAT=;
ze&u)NlYjkdX~m*4m9_*m#}d=0RyflNem;*(5XYq#8PtsppY^X8{Oo4$2s|On|1dnJ
z$ND>g-h8I=OsDHy2CMTK?%usyPM<z4H8nN5aM6cTd*YyEB5A6tl}%mRGy%pTIXE{3
z1O;kI)Tl^*Ps%Hj<oqJ+^vjenNFbvYMqr?3W;88plj!huO?Hj3hr>Qm<BLsB0azAF
z7Lqb7y5%ka*%he=gOxjbf*Oe^UL>HU36x}&elRB)dc*ag`sh9|`EJ)@t!c%j3&Mv+
z%U03WU2+sz@%tNV$DSOc_&F^Q`wdz3&}Wc19&Vp0m=xIwDjRK;6?isQoSSKp37KyV
zb_cS21OZuj-Nn5k(Wg=2WwUj{kX%J}gyr`>G9~k(E_OhD?!1by+qva8|C4<3?Z1&m
zn0h9Y3ojaFy9+nNtccW9lWuqrJy2EaPaRcKi^=}LLXM0V+q7wuKZoC>?=go@Bxosx
z9X9hm>|jZp=s@Z+etYfA@?3;i?2;NR!xZ@8zZu)5yXq+}N|O~I@132Ut<Ukmfdlf|
zYp>aK{7$V|)_mcNF0wRbxovV1;IoYfYj_cy`P?;A+aZ8uEnf$Q=rZi^GcAn^K608B
zEyc<9c}?z?<3GzTB}KOyO_pRQlH`%SYMm^G>9GOkM1mEyHTIh<N@|o`G_6?DV`?g8
z(bl4Ew@5aEc~c7)DeF~9Av8J8vqo(=CBIOLw(OG2Z~Sb0qZ`I1^(3XqrZ0R=RzLD2
zp8wQIc*F*VWK=;L8)$8C_Q{(TpZs$3Xh6mz6H>B%*4<uX1DQx0m?CwjPe@8$G2+dp
zmX?WN#-x#X>o&<PU;k4%_``peN|xQ8V3zV?Os+IgXs6=mpd*-mlSah2^*OXLrk`Tk
zqrAMl1xfHwlM#Tcy&ct;;b6Ub^{Ud@sns+zH0bXMZl)$1{f7j9X4qh1Q6^Gm0C|3X
zzW&~T+W6j#={t(V4?augVLWo=h*Vcst5!yGLfx68Sk%_TN5hn6^KVg_J}KVdN?63G
z`Q)wLtcyI&c?1oblBjXfFGlp5idkt|#$j6vJdrT~A}c_e{Vl+Tn)L<ARBixGpJ5s_
zM_PaemK@fEDuit`fbf>NWF?q)H%kFDwDiTxBnH~vd}O}z*_9&k`V|zZ9U4zsH-}ah
zmtP`VzWD31^v?UWsPR<RX7k*+vFK{9lgseK4pVrpHaA^@(iLdeC7?=6NP4BaJ@QY0
zE}Dmll=;gjWm3F#ha^VlO<7emU`D#<&0qf`ISI4F*%zM?ALy0iX(V}+Y`;Zcm`R&D
zxmY7sjBzF{U@`d+xXH#vnXyPTOPP%7<LT3UIEKK~+uN&PMaJLp<HzOHsZ(;{!UY8Z
zrhn>zDaL0~2ib$>&YT($wK9Sk{ZlM}xnaWwS-*b0{+yYasj>~HhQ>ZI$uplP^DtWG
zMeDgYoj;A|ei7y`6hnoN#%+_6fWFHBGls!f8Odh>aNP)dX(eEa^mq@<or~bJ%aa@c
zF*UP_Pu^2zE5mOXpiPsb`p{stsXhYj4IBCfm?c*|_5~${kf<`_AU(OqHtJc_oU>M}
zmgKUP(tbh1v&L>r6NgydEnoaKDZn?a98)zXnw!$~Q+Ep5@i5xGL}xxD0}O+{0gzSK
zUN|Z#xqFeF@g8$n6|!B_!%4pArmShvQq;_dU0WLHnG`?{%n_$wen#q{?vJ$-NQ5Sq
zwG33zDeR=V>*~Y~jAkZM?+sIti!K*FY8DHLZch!Xv9VE3oH!vLfBdn0^2sOaTcSor
z;JQ&GIPe&n9r<A(^8Wq%<-PablQnDBs7Ayv25Ltc85v<Mdqb^^>{C|qK6L1ij*-v0
z6(Gjlc+RQ~YWkY=hG^{9eEuI16!SGlhHLj(K^P`Snn5#>(3U_&7AD;dOg2rkmhqvH
z6v9N*sqmSlFIs{PP=bQud}>^m6Vr2~1irG9V*wf63dpFm{JzIzB`S}kmn>1j&UAqo
z&DEVP^>X3eSBA$Qw`ZlKJ>S?g29WW=<i)4`Q*C?Q9r#f-Hfl>3-g-qzABk`VPS;L^
zj@bm*Qp;|=8w|wNa_Q~Y<iyW^bVFw&GkGNEOsx-$F=<8~zSe8d#_Td51TOl;xO=B|
zu@D+Th<OP~Q-Al}cjc|O-qHo1TG>>RhYmo)H73cUM~|wXisTtm;+HI0qDhyXWrIQ`
zYu<y}AQL_l&<JE~Oq0|Mr#{U|%=*B2=(dF^0n0)Z2VzKpR<)-Yu?{RpCJyIDR{;%7
zYnryWNR#ns7@G4@Vg&bsjoak(bKf65fd%BS7$soVKKgkm6)T~IrCO%MY4nNH^;3K7
zh}0akVnO{aGUemOrc2kw2#lE9zP9e%&td5N0B`)A<^tuYyu0+y2W0Wi%*h8xkMQI<
zIcO$KFJ2-mAN-U?Z(n=w)e+}N1Q5RfC0ocin=F{p?n<8+vpsYnld{pqsD*9ZxKWCV
ziWY=6Mj}URYpa6H%P+sIAVxqNO9Pw8%gcLIA$)^oy^|+Ts=1Q+5UHV&j1i8!l{9G*
z#Aq%iNYi|(dE4;(TdrKx7^2wd)QJqsJ$4>Sz?ex>kclV(Ap*Gwl2#uYtWhl1N)iZj
zHD-~)P4n3_F50t6oRmZQV&tYoe#+KSw6dt=G+FiFr<Ln4l|q@Lja#)b_{Nx(f3O$D
zaRaSCGd=g8o0_h7LycObWl?(WUslw2-HzRd>d(H87CHUOvyuq}PR&I+{wdNbhYx}i
zg9~3LSVg0?SZHrtc&1`jq>$RN6K{oYj1`29=3y2)5)|g^BsFp+SW)X@a@}X1c}C5E
z^nrz{@wr~QbV)&t-@G>gEgVUhsg*G^3;lK6q!6sxI>1)r0#yj7|5RgLLM1o%x?z@p
z&32@@SwjX;95@FdL+v04^}+?gP=hoq^2`h~l{F~Lqngm|m}Mm%<715OXh7!c?$FpS
zlYM1EHyFpkw31!h`=QkA|1kLI*p&C0nl8LJ(j`U(vhtb>Z^p)_ec0F2dYd`1djB4&
zIdVV}@5r*8<kPq-VG0=rFm~J^aV3*|CT318B^AvCt=Nfc<!75lPE#UHiVGobj37o6
z+uLuyE#LqC_Z7^jrG%sLKD-|({50jV(soWxPDss++?0^GvwHPvO<zSI<>qAoCZf)(
zG%r>uSz*$ZYr`Qp_a5PufCJE?a^qDKqpytGib<yx-VTNFZWud(Jah4Kxj-HQQ;iL4
zLvS55UN|R<cicJc?+w>vCYe6_#`D8Wn-TpvsoCGGuOFEdctdYxNk-nEVGRB=2Yb8Z
z<V#OWOT|?`2uzoVnGL()>`57b*>B_)A-UKc#Uk~|l+227+LE#6Oh-k!IEe{l-G#$<
zGhH&9=yj+WwY0P-nEddEKa}_1e?M#>X8KAHVaAQ8pMF}2C8YCD#UD2w8PJ5ec=2L=
z#?GRsok%3xhPll2MQ(E?aGeAQXap|?S+i&-$qZ8<navdmM@B~>vGN9qLAH+(8{T31
z5&NN;(ZV%dP2E07!g2B4*N`eJxLQhNLfUKf^_QL<?OrzovI|vbKU!2!`mEE`)`%d%
zGcYmswl`1TARrhLFd8l)yYUD+0CqkKYJD+-peI@Alh-hTo7BcwZi0<tTe@_q(!`k&
zVm>z#JLnT5h!DicR-B1OK;64{uRQnMb3!r*HMCGRZcfOUBy*B+Zl<*(_h(z>6-`?-
znZW!|_SwDmER(=ATAyaw$VR|#4`S_#-~-z-YFFEkC8rz7xTmwR4qeU3qjCzlJBP8?
z>&i0nzHy^_jmaNP@WlTQ;7p+68Wy2*ulz*H_w7-7>U1msio}SnZ-&Wlv{tZTJN#oy
z0tN9VAwdRhwpUuoL=E$Z6m5c7IQ%t}=<>9k!XW4K=g-TFFTSYx2g7Af9Blx+Kh2x3
zyz+`t_CpP-Bz<thQdU;x_ks4I4;^5xGSRFtGf$hq-3z%An4=OP{~<0lQ-h;fPi&;t
z&rP5sBhpld$|9_-P%w`F^t;mE<lsqQ1CgFt{Nsz2XKt9ycuXKWQ*rvzqTJHIbTZ6*
z0G*>xeM=e;NN9qIr!o*t-V47Cvo4I(7zE919*h{DG|5EMopd2H_EjzVXV{9&;K9X>
z!L#$#tVq8Y>vNHr_~x5$DqC?jwEFsbdG*y-m2A?4xDaY;p=$KWk(tV8&CQExT1N}y
zA8vBo=1RbofF%JBf}?ZSA~hGn5k_i*cwd;mk}jdCHd@NM5i@q`g{P(F(4JwJi#}A4
zn)%mb-D6B3;|0p=F8^~@dd}-k6JzVeQ*!i~Z%b<x@)X*cF~+*tXn)s)t^hF~GL(<h
zVv+na2PuU#XWJy3$=0pK{=il=t)!$xNgngrtVq)x(=@&D#v2;nHJciXU{Wg!wTaPW
z`d}OzS&XK2w_pPWF!S26LbFLWZeLsp%#;MI;OH#LMbdzg+mMDz4S+XciZM^7uWF5h
zY5(#EZ>yzmSOw^|C3%bg1eIB;#=7>nfQ%Q(O3wbRxR|(e{tH6Gx%R>9a^krkpyp5Q
zluR?4_pq{DhU_vb!#kaW4Ax26D3#43dy{O6`i=FPB$W4K<Kjl23G)InC*XW+)W(=%
ziUH3gS%jKcF;N*(3nS@+iG9n<%l!$7CwiUn98dEiNgsUPru8BnQ74#-OkFkGWHX*I
zxyQH?2#Ey9UPQcZ-r7yV_}!6OE7t6(_?HP{+(1^MsPUm6{4)}7I2D-)NlGpF_NAKh
zZ;fYs<3@&)mycb_&nWt1WH%4c3h6IHp2Rb+{tQVrVXm75gT)M{1*H|Nd~L%Tz=lE4
zaR|bj3Xu7{{Q$8#D<zfPPikR|Eg}(MzM2)OjWH0JX{X2#oQ;jCt$y)~UnrZht*tF&
zUF2qk=0!epV_oop?#tqfJ<!aiva<|Xr`-#?5||+gFitER=>QXpN=NJgxdz=$lYDQO
z+79N)niEH4-?#o&dh05K?h&1o@%Eyu+&>@h(8mpAyx`@U3oii7{=!)?nMs9@{NVq}
zDF9j*oOF|Mn)e}Uz73APky;E&wvY-s6|*9*OIBnz`p0UqX6H@1Jr}k48U#&khr!3p
zeR%fl+40Va899zb6p}v}=Vi*oOm|02$|^o{r=M&976oo_OkvgOzOQ>dR|0cU0%~5&
z%7%Gy{fONk1m~c$zRu4#81ERlVPrgS4U#nP{nx*e_DiT7=4_srqsw!Oe*M&?Bdz1T
z=7fNZ7cH;7{J*l(a)0PF#W9V@kstnxoO}J}h|j8@5SXcr6q-V3L(PbN&O|1U6l5u%
ziZ(`Or56k}R)Zb@Xqv`gT<*}Fz&u{T&4uHb^N^V==zp56+L)0eHy8BdQF{y(9iLhl
z<H%@QB)P}50mQEKG&lK8&U4|}x_xvd5ON6^^CIGRNw^!{hI|7`&@--@@$`q*Fq#u<
zp^1I;Pk)JcvBSepySA!$`EQ?s1#mpqGsjFA$arE_QuePG<`usc%w%krL*M%cIsV)a
zrM<p#+yoG<IfEUs7v&PJZxL#v)s!$(NQq^Yx^LH#3{IgF$e8nQzWT=q2qaTb%b5$U
zqM|~}#?aIlDt{F<F_Jx;K-NS5SZlp%?b8uXG8bg+_R*EVcqCw%7gwQjO7``KV_hX>
zevq7lQ7T3|PolMsMNF?Df93ms^XJlXIymSV$JVbZS^b-5uAUrDT^zHklLE3M7Y}x)
z#-x8bJ2Q8W)3-!t-SMaX1*XP-m8L7_H0XFNzXJo`I;sJDBM?12a5gf2ENYZkhA~HH
zA7Dj{w;_nT)n5sk{U(sjSK7VF;z5m!<yhuIqXx-*jLiEODj?&gg_{@pMNMO!waD&v
zH^awxCkYp=VIRI@fsa+3lJ&ftAO6nzAk1QfYh3rc@%G0(E@Tp*B`g^hvFzomN4!TT
z{A6CZm&STu31U61jdJc6FUtpi{a>WxGLl~exB8WfR)77>wbL(8W-z1XS{&<Q$1WXe
zU$=PUXME}2=NelYZZ<JMLx?Ll`@)Yv%P*JppZSUuZeX#s)KN7m1}1mVtT;jpQTp;#
zYM-5InGL=?)X0=}KWGt3Kw42Co3H*c6FWvGAcLXjN;8$H+5b=wa2QX<&5Khb<J=v>
zCX8lhhJr*yxK*QdzSz5LYmpiP0PzDLvWu%~tu8E3T2+~#rC?_L&WC^NaR#*PJcaai
zv*ZVN`uv#-B~8BSI?%$Gs4T7j=1=y|cxDk1_`Ckosyxl+4+mO6SvSJ{9;=@Wb;rtX
zxmT(_dKc3mIM$OcA*~EBiblrgPbH-l@w;bV`<a}2{wYmBKdjZQFI)c~j$c0h{A9;B
zX&~bbPh34(x4v}qr($AapQ^5_yvrZZiq6;W|3I3rUX%@={<4(aen0$ND38L4>ogH!
z@PlL%A~5#4hRL~P_q`}ho-*07`Oo8Spcgp?`w^#Rb`JEFq@|_JYyTKQ!Bj?`vJk^`
z0S0a}P@39VC``Tt$JEqR)yN2Hrs6fN2?MN#fW?|?=0a||_yCAldyD2)Z(omUtNjR7
zU{V1uG+6$gm6Yl4V1^%V0{A<c?ip7~XFh{v32as^FM^jxD@uE?iHt&G+L)wdi9zyl
zCTtD@IB3n>yjoxvrRV5*pn>!E{MOuuNLR<7O+iNmHW$>Ued=<}UbOQz*_)aU7f^6P
zOI8KwYrj7JSG99&WO@NwH75?k<@5uoJ^0aeDF`DXqb{sjy!LmGUq1TUR60H-AmfdX
zUpd^cap|@PyD}nv*wR$-q!Y3G>#OD9zy3Ai1op}5ho6*u_`Bj!$j|^9L4_F=x<C*a
z-Y`HZLT<(Bn3&uVu<U@9U(wRYm=T@Y7#GX=Shj^gV6>a5OptJ&%M2d`Gxk3e&1A!;
zM#g7v>aY2*P!C{%HW^<+aqqcsO@dHwdyB@_F$*~<)=VOxAqu)^wJLBCwD?}BHinI&
z%1tefCWK~$P#V7gY>kRqmug!4#_w$HEE0)%{lEqwW2FuH$zu|eBq{+vqkbVvsw8IT
zgH@L!iMgoqoR+D7C%6&(cwHCRrf<e2f<2zLc!@L~4F)nF<^o+d1TF%e(ZadmX})?%
zE~2*N`8Qq&PCJEe>3bNPw0BA2vacVzbol60dpczxV+W32JirL!&n6`m{$6Ki)&GN^
zGfl^6a;Vw&p45YCS-kUhS#sNb$kKr-%*f>xiJe(L1kpJH^*%Nef-4z0eqo}6=F6tL
zMTZ}brCX?#aaTSc8*>-Z*EHMNio<13q6brGh0+{KvofDOzfI1`e!O^m`839Ge#XX+
zIn4=TOsIWr@4IsCllP?wDd=dDXBs*SsBQ#KV_yEc1BO|t#=d|JcnVUi><lf90GC?0
zNYa<Ako1xzT1PBCBMX+CREZ|=L385*OK{ZYYHVZ6d4walIVjn33xI5Y&|jIvqPMLT
zbA*+%y{a&@S69iEkKdMy@4PBqBgY4Krzhn;lZWam0I`wj>J#kcv;dj8CqV3PiZYkI
zTGdkZj}g*)w=;L1ud7|IzV)J9+w+cO0mzugi#2a_2iV+jUAGH1ZMSNkO|{W{2?5je
zG3dw(Mj)d`7LF>#Qys!Y&sUZv#!65K6_tIWeH!oaj3Hy6*?*2>y0v9qkD3^tKf^8z
z(06urN*byI%;z%pH+lx#QBxDU^4@E5`o*VJBjbBBs~YA5=LFtpq%y+)V8$egi{M*z
zWUsCliP!)q1I*HjOHt`~nIz>G>hGw*MMIlYGbTaJ1+<AhTF9&Pmb>K0cmFOpGd-S1
z#eolD^7X()RHx-#s!tq}eq>M@?oZ>phr^HMB^Uo`ZO66OnmeYCgf^`}M#)q*T{w@g
zds1TZez~o`_J82#Jg3AMb5@T@#}7>jk)CLP+4W?EGH7m7iXC&@l)G$3kvm^Znijc`
zg@RBpu^AGYqiHguRujrZyrJkh`%NGVm1&WErWVeuE>0gDnTyog)u*!n8-c7HIVZ2}
zdtcMI%{mafAqoT9up#anfF=(!SM${iat&Hr6yEQo9K;L)&@z{<k_>2VsQ|bHxHssZ
zGbTtE)W$dAGfJ0%hMyyJ89Cb}6v4dw)=L05xC2Jl+Ix~>GM>pw%KFb&n$C@!9e#Y>
z81blS2QqUPfY^8P5=-B#?P~Z>BAs8v?^Cbq0iDW&*MpcRDNRbY-aLh21)r*pYhxa<
z|HOEr`3z*bbDd^W(6l{}8(fHeR`y#6`_9b^pT9G^2Q@*hffT~~hC_anx(6#mfSl2E
z{*+eCp7R+_bng4q3ey6@SxfmPHJ8RC7AgyQTl3a#k?fW0v@&=+65|r^TrF+vnL};1
zbmtv%4y^Q`1{?7ZNPD9+?hFs*r!4-1n)a(7cJu}N*v7u=_>Kq}kn#4lU00a3_%}V0
z^VdG9{~i4NICOd>fgJjk8+EU6>n`k=rp{L6J-8r}J;kDJ>X^0{DlTR;D^9oRYJ6f3
z{ZUG3o+0xI?@QTI;~_v$yBaSr8Pi`VeV2Up^p80;G6jB8#up%vam+o)dQ)}e6R>*`
z!xzGGI-#HWBiw<cGQ9t+azK-5<-QLkwP=y#AY(;7>l{K;OU%jB>hsjnTn%mHr$h_c
z>W4pjJ&=ujI5m`mNfDWU**Vno5<o1Zk3OV8W_k_~V@BZLvp(uD-i*&ud{~nCx<0IW
z=+o0?R^-iSOINdzBdIYL*HGp33+WRZ=fw#G)HuRzIwgr>-MV$MVZ#OuJZ4pDW*1@l
zsqusYu+Q{e5@<rz2$qzO6X*>Me<5mQnq3El5<5`!mnQhIwHs`-oX=*&&BY`)9Gd43
zq@G3)S(+}LldB)TDY<JlOVQR_BnN)`<osg9y}E!l+8oG2mX8>iYx}`u9o{S-*ie%v
z!t=BA=*(|5_Sf$Rh=pZ3g$2k)7zu$)5~ETwy1ea;_|f9yqIp2AE!qUy{j@diw2@^1
z>>4MvnhTeI@tU@K&7KQU+c18>a8-jQrTvjd9+4-WctX~$T`MUmDe9+V4Kx<@eD1mD
z<n-y&H}u;P2pQ)^APc8PsT$dQ(?ljR9VZD4H@t-nRDLSFO}A%!ScE4MVK{ik+)&t?
z3PYFI<M}%VN!!oG${J!>R7{*3{bFPy>$~lvIeKEuN?wooSFZrfs-cbMtllV#cHJp?
zNa8^DBgrAI$ual|M<Kjn$?p5)%yZuj`UBtF$lk%fiXMu6rpecG5Fj>@**E25X9~!)
z<Cv#+WAa8gcU(o=Z&h0D^tA{plK_LU9g(gyeGT80Pv1Rf_DWn3sM!!$IKfOsXpYzT
zpr*Try!OpE-z;DL@|X47nTVN5dQHapZ++`qa``e9^pP92F%#o8-F-CIo2&lAP|1T?
zG!nCNL4;T=treFw@OeU-sgo8@s=FQh%<vl0-=pFaBpLzGjPc?^NTLO`o>&Cf#(^f!
z-!qE`k0)?=;Ir~DAR6y1!HH~Rx&<`YnwdlxaNX011m%rdV~~l;Ndaf500Xxf=ceE`
z-i-;sk?h9`Byngsdt3?-zgmi94B4o<k$^Zg_MO4puE`NI5YKwmL!SYVeGmT#gkwbb
zd}rIeJ%1>|Sl#fq83nQd-@u09W`lK4eA%*7Ph;Z?;laYLSw-wPTLRg9q~05`Q6pn=
zTxPJSth8$Vgi^zy_O)~8PBkeGuO>kACM$72_~3(b=FAyka^TTei7c%X>O{_l*6);u
z`I+SIh1R&iOU%xb(%bG=4W;qiNliQCw_ps{))ctNI0ondd`JQySSdImt}6}z#h*#8
zV0t5hL0oE@m7yb+9{?5JN0X^TQ&CwH)J{(oNL8i3SIWKpTpSu2fsMZJK4fJfpmo+%
zNy{~mJ1(C`R`yC^^>2ckhE$A4<HRw&Z3sbl|8=Q9eN>9J@0LQ4&N7#*RQbdp_p9qe
zLy$0hig7T(_SOVSZ*}zagw7W*ju&!z5n~)TbRN>{>)GP`cU*3fX8)MZ#s!L#PhT2G
zh3Scs5T>(F;kcFovb?-JEserPQ);NdjHW<pQjE_Usqwz0rKPfF%^LNAF<5(~M(vFN
z9E$W*&ihdoP9G`fhUWbXSh>UTm}bX4NX`Ms6m7djf$1Ws)J+%9A_W!FcG>Bt2nI9<
zMgxc#XdD9<Ks;iz60&oVRJKS`3Q9C)i_~_F*J2terj@eO(nUbiqUPuDB23v29zA5u
zH3DT?NtwD3*k6KI8?usABFlOW0(jez_m!25wN~Od0F9a)li{9!^*O0RTBW@8Tcvp0
zt&+QLv(ouhgPcOO`q}Z&C*KQd*=rtpQVxCVul*N^jEKlCPRm(c-cmQLxY*?HGm$fA
z6v)ugCC<*4?Y>7R$#gf>$natrTfGSwHbJ-3eZSdoJ(~Im2*t(4>Tfb*4HYYozOWYL
zvt&HhXkcbCYB*`{K^qyEln8cA<{V1aB4t3op;Id)keMX5v*G!LyANEL$rL8(A#Kr8
zUHm)iYNYwnS!p<bQu?5&P}|BVT`n1@5tv+1q*{umj)JB_Ei01mm;<aro+8Tcg9AuX
zU@&R&J!e*rL;z0K^0iU|pVzgI-$DJWL&{oYoEbH_@t7SMwnNRXtG-t1kT0+lIb)aJ
z^C&=b$-<`WL+;D&dsGg8=WqN3I?SJBSlHI#DJ(1?%grn-ZtZL=bfzMj&LC*#Lcm2z
zO^XhbrC}|GYGDueLNxq-TtqT6GiB-0r9yLEb#-tM<8=3rSws#UIwY+0ylvaI5zV$d
zh83#`cB5%yOO`CrWX_?|9C=@AW9)--?$I1-?X>4-%Chl1Z<F?k)btdXj_7A%9zAL|
z^dTi6=8Cab1UzbP{>=4uzQpm|Bjm@}{yI-&jG8#}*KL(_0CVZ?t5SRXpj02-C#{Gp
z>w(#k#dgON_|0S5Q9$ziYtN}Eli<hzYo@}Y#<>uEXURDQ5}Q*5^J2L^Qm&&N-Cb)!
z{(MKd!Hj8S0|VaW7`&g=5s8{(SxZ+;zZ}%G7;QP5v0F2Z*&|2|H%Vis|Hd<WMFIg$
zc&k^hma?+4kOLXzxOeYfdH(t5RU=!ua%E7!F@fXo;lr|jKTJKS2tHCH=q_8fY*dYI
zIwZ;$j++=hdncQd3{PdL&C}eQ<CdKQ0nLC++#7|&u5prpYz|g=8{7OkN6cypwD=?d
za0qJY$V|a}uMKBUNcG{p(ue?XCPQYi$1%;0jI~2y-g5x6dYr%Xu7_1aOTvOa-9G(s
zKdTu$kZWnt=9}c=D;AJ3i9zpR-^fMF!qCqd1G4U(uJr?sB)&<-Ww5(XPZ0EQxpAUJ
z!x`<YYewy$tqmFRX*ZvzjV3$-1N~A54;~C!xI-~y#)&=q?6V3~ciwrYEMLA{{bmG>
zvuDpL$Pw&DN}EM?<@)vO6?8-GA2UGa)W~>$&XK89A`gX3XY`tejW|buYgAd;esY=|
z$(SUyzHrMfX})q^st<iEwMb}Avm=QfT0wp^KN>edAi*>spCBt~q(F0J*8PRZXygW=
zaMMk4>D8b5lL&xEw``{7>x==J*W16zY1T`_qzKi{h8h{oA#_xm#>JHjZYXp5&D29R
z_oYddWRERdw#Ww`e4vcMP&dYmJ@wR6^2sNk$chy!)U3&bybOwF3>kkOsZoPtKgn1O
zWe~S!v4D0s{MnOrNfN_CHZ6vFZp`@gZEcg*nW)@&Xqwrm#IXTsxhka=q!7~Yo56VO
zX=%D4pjl*)D(P;hpZn>&rtnZ$b$}r53n&BGOS2XgTx={4tsi5AKF=7Cd7>iLIutUn
zo{FuSHX+#kahDx~0-dA?Tdb)e)e@+YaaSISEbCL4AJcj&O=bj$n{K*Eu3Whia;=P=
zr?yL`<jIpKm9#+(>_#SB_L2RgM#i5*+0>Sg{*g85)W!*9LXAwx3T~U%5-@%=u<znw
zB4cPk`r@ThyyJFdIx;U~TLs<~_y-x6MziDaU~A54`p)L7k9|DPpJ5jf(XoOTNe_nw
zC?D^68Gc+iKn6U?_X~@0EVRRqH-K?GQg$4}AWN-A%N@5>N<bHM7I7q?&1WEEtQ?tu
zcieG@0t-!y;cEJ_kK>tc+_+J0z4cZNnhqsfk>h56_}uw%=G~;(X$b5)Cp|n|a&qr8
zgAy=W8cM*VEn0$5f<jqz^PMms9+x`AlC@m9poK+y;UA+fO{-qRU+4it(#kY~Y$6M>
zVG$(_KPEi`X4Wp10IgdCgI*Sq+!Jn*%!o#|x^QXQwbt6yK0B`)X}hV#i$Ygo9=mK-
zm8E%6eIS^C)DXy^W7Z2UZlN@1h5Mm8??>RK|7XXJ9ctRUcI}$f*M~QK%#Fs+xH0<E
zHgDb>a&3(LU>HJUW21gdV^}~eVxoN1$Yv<f@=VSV_uiHSl(mUDz<i4&agd!zzZtc&
z`cp@g!q05_WN<PQN?bbpV`MEZ&=!*jS>+W-4?+}7#vte<MKd9e83D2ZpKo>lK)>H%
z6_timN+?^7q*Wo20ohhD*m0A&MB1=AbkPW8T+j$=^Et~0$5vQaDEHiRk6gTXQC@oK
zC0)>Gx)DHj@7}FIR!~q7a&64)8VTekZ5Mw>LP`Wm2WbqW3uH4rEoS`whV4jl7zsd(
zmt(rBVw5l;IfQJ-<oqIyr=wP~Am<F;6BaVfC@PbNqX+!fjlO~2tuyfeX9UPP`?_y(
zk}Q&Q3z2sX+ENJoW4hCV&}mj=+y_(SXf8Q4E@=GFPc~YR?o2$CP~4M+B$+<y@y8#R
zy1F{~_~VbqW%dh2UwBPw!1Rkf_Sj>ZV0d_1t5Dq65Iu$i8Pj-4vbD)^n=64J36Sx~
zN)oW>WG!Ef@-K_ElC}n3BN%)kYh=vak_rZ>@q<%tZCxG9XJQ7;2$1!9`)+YMNt2+a
zI~j%3E(oUJ0e~fCArk>eAKlFjevPcEs!CaGjJcZ6W+je|S>>q#8Q<X1qeo}NS<SxC
zl=!*NeNOum>HugnpE&23eT2`PzERW2lpFw%#V=qp(X_vF^XY<)3?jzYuESg4+B=g&
z$7knQ;Ro=Ku?-CQayJyO$T?PVF0B5G838iykZ+}Po-==06au0{rIGPo+-<XXUL4{+
zBCcK51)Qu!Ca|TMiHq5M1~STkCPw<Cn7o&aJ&u=PHXcI8bgfI&#0X+v`qG!={`>FO
zG+Lo1c$mI(%#3wo5@o}pRDegmz}|#3NnGf`(9`vh=lgXQIDnbQOP5V@W}ZYv$4MW^
zbGpXF#AHKJA#*XTKo%OO)D0%`x}~e*1_yn){zE8?T=++5YYt&!j2e@R@?!v#3meG~
zwY9bLHp9nokuunrndoWK`|4M}su}A;9e`~5!27Vo3-9~z!w)M<F<kd%AIMbY^LD1|
zVipqS<zq<^XPKW6PDS_9t_0?X1OVt{`+DHEF^wC<-u~Xj;T~YvH8QW)mkU)CP6?}#
zv6zqrZ79S!?zl+BrDmw(mI+Q-rh<(N8$Z+%!nvr1`$0SJN0J4>?9oRb)#8`bMnC-U
zLp3>usxj{)DfTS7$!`W~hg06vz!{9qSUPT8Ow*DvAR6h*=<c*b_4wWE&O-^%nh}Nd
zBPBOq+7VRFM(d7Od?Cm+cw+&E9msn7`j=y8?2kH)uzgpdG%KnINccc3S!&^8O)F!7
zjJtCddSs9+Y3lRcylAEaL4-^}ni*+sWS&D-aXxkG)U;+hA&G-2vdBy%YmzZzWC@1L
zoM^_&7mOs23l}b^N!c_4x?~sX=EiNV1Y8MBKmuG-!Rn01CY3G&zGK`l_IU?(P2eii
za%k9r45|KiI<q`PBa=f+m;i)}74xhmfjZl+u@8f~sBv-QE}i8=<}(d{_>AFLsVVK+
zwM)yrtXj27Q&}-+`qHIKQ_2ED0Arp<G81pR?KauEb*q{ZY08_4%>tRJ+^|q1Gd@9r
zX%<qW^`_>4=n?i;VOm~b_ad$YW=aB7K0L_mk&0S$&Ud=s=Uu)erzH7O{k4v8^)2jg
zZ@+Kg9w)hg`MOx{JRD{n`pJ?&_+a#Y6c$=7iH=<aOOJ4YV{X8O1Z0+?iZb`uOt5?k
zft(cmW5<pu351zIxcHN<Z&G=UHZi#)BY2U#!Av5g)YDwc>n&QeNLiub*1}9*jaiY;
zndBbRv=As>LJxwWUH@3PmK^s!^GN~>LrBb9r0b?pPzJo-JfF|I2;)2%uCay{$Tlus
z8*{m_yudlQjK#~e+H5#>>0GShQB#T4WEmVyAY)^qTPC%oW-?P6L%1IJX!oJ1kqbM`
zs{}QYG6-VS%*xBlmF>p>a+9Bu8vssT#;4KGMi8Xmi<%wJXBK<@j`9qrFKndo@dYCo
z6UaCQ(+IE;cnMj)B^(>6nSRFZ{ap!6w*(@iqa*`anPQQM*;JDNkj3G%c-{h;Z_t<1
z)7P8s7bbS`=>RgV6BZ6fJEPIDXr&=RXcB_3S&N7XL771I#EBD1%VxIrnO=COd$Nu9
zdKx$mA_za!py)rMX^@%X8KS@#Ecy~n9WQEF3?wIz5d;~hMj#}(QHC?6fejxo;{;9i
zeUm7d8f5n3CDM~wC<!5E%#K(7?s2XJ=9&apyDkRdE3wGAC`jkU#!W6<NG!7Xa=6A5
zR*ej)sS2=w_<<}k3Ti2UBLabS;cAR0qd7CRc(F8HJT3j+P8B?XjHWdDbr_(#(3>$8
z(p*S+(7#2^#+eA1z{d{(iy!mv*(5vmms%vBFSSe4n9U=muuQ`-m{i(rt^`~OOilt!
zRpm*`!pYYAMN|HeN5WbyI;?SIgAtPJES=#&A<cLQAe>cs)x3y0M46?_)y!yoBQ&EO
zIdVjqZQ%?Mp4`+4?^y<{sHqXyXfEW3niu~~?Tf${4)gFtN6u7e^ncRlN6p)`0%&9X
z1xqybP*|)16YaQryeok@AOTIZj8s)|s9s{4Rul0=gq4CHRv_!~_N@+PEG8jeS!k+4
zk2(ivK0~>VjHRoPH!V=iljbtk(4rs3n9k<FJaW4@h6HF9J#^@hYGfuY8UZ;K8=2IS
zQX~qVd>}r{4p|>)sxVOx0yLSB+S}Kwb*xxL*#F_b@q7MV>szq|h<*O36^Y%a>q=m@
zOMn&`TGl|KbGF|8{=C&iOESaN{qWiJFrq$h|61q3l8~n>b_N{nO!Ud*pP5TmA(QoK
zRD^BRMUG`oxahIKBTZ@ZwX{pPCf7{ghuRo}-5E~cWGiMApzhg{wORvjLV@@+nIL3i
z$Y&K*RL}xgku=oTiE86WM$MnK7$fejK&ADnV1o6KsvH9!Eyyn{DTK{b4CX$|hUkYy
z3jO9;>@UONGoI-O<lcW?NPtxWQc(H^rZp{*#nwMCknZ()nZYS^Sr#193oDSdb+j#U
zKDiY5s#qo=+$Jfi!*Os<vNS`@@dKzi)QrW+r<pDG@87TNMP_`U>CA0&R|3rBL31&~
z35+Fx1rd{$u7yUvQp-?`*=+El7DbTi2ViwK)=Niim2@JTL1#m)^fWgrkg4{C8hZ+2
z1UwcMWffOK8BMQv(dnaQxfp_2Oj0V$+nE{;l7tVl&hXz%`@{Ew;Ua4Kc0p~-$K)O`
za}tP*@<<9chmqKf4fa}0aLoGTfq{Mk+39ffEUZA*H_#7<gx&CRCcsBU!pBU!s0@xy
zFI^^?OIJ%Pk_h*qtU0wZ`ck-qXK*kxU$|OXIHuwB--EtbYGI#z@<|ZMBOxPGa#pTW
z@E}l()(Aq>x~OHbT0&dpRcS@F;1<l4&bn%7@l6V9YC;5f4XL@%%50#ovE8n(J`U{+
zg<c72yg!p=M?p)YuPzSpY%J)Q4puGaW@>S%`g2(s!f0zV@vcn&({Zmjza#*~AURE<
zFo*kXAXDa|*Bds!QP_ZN>7tdf7t7Bj1m1Ab^d@|%XQFW-;SM-=%_gZwNpmhr)XJFQ
zgSEPtiGq}J1`E4w?n!{!7&j!;u#L}?+D*ptwUW7fjaCc44ir@T8d8%Xs{prMvnm5O
zoI5G))z_eTHDI1}sIO}fbH!ig-qyODn>44y6x<xgsI`$9=>UKl%Lt1=C;CRx6E|2@
zM^bf@$1stc73(Ey#TrS0KbM*s&Eg?X=Qj5qx7*_xlz@`Kh7}kkkRjY^{s9?wtFY4z
z1yBL_MYhXK?l5V-;Ud9;d0eOz%&_2a0VJ4_icePFY>9`O!MQr8ZcX19S*UyV?9qzY
zrX|8`$BhdE;x%?L7;O~5dRv>N`SLlbIl5o!&m31xthcqv4_<nT0VO;90LY>~Fs1Rs
zgs2Qo{_L+~72)@nDFFJlH(P^K0QK?3w?MS3L%Ql~)KXA;;*g}lpUZydZP=!oT3kxH
zrA@jf$2m1G=W}O0n2$^VAJifwV1Wzq;KQbo+2|a|%t{o8$%Mt(W~y=FVJ)=0_1m<3
zdDF!+s+Bb~G|GGLy(gPCZPHwX3=VeN+>ih_A`IT<Mr7~ay?$+s&pHz(MFIk|y7;vk
z98YlR2Y9qxy&#qQKU5G?07HPMufN~Yya--4aM8@imsSZH04;)#54jv^iWJ0{fP5ST
zVixvUTA6h%%V!oH3qKef<uplJzBMo!(H9;^pB(*etY+Q?Kb(T=u>(@Dd508i*(K?V
zmVh*pWPzs(Xmew7&f{K2#zaFg2{3?d3VwdLh8#8&fvTB;w=NMuS~|7})&~PfkkK_`
zO*4HYNj4U^?3L@)fp7WB24(-jL-PLn@2ghE%<u~}+sBMOn@Qf7W<;`2-+lMpAZ;uO
zfzSESXwm=x{@Ql{3<3y!Ue$;8%C)`kO5=r7O5Pwi8M?j(dSkxQS4Gp_Kp$9%-U0D)
zF5_?9`~;aA$I<r)-Ww*$2wX>j3n0jT#lmOi^I8;sUYB!`B$7`2n|?V0EH_;xJMWbI
zjoXl+2DSXcl^JIo<8lvKfD&Li7tBGH$?CL+&vyq_1Lj){OA8;6`Fv>rG5`G{V-nOs
z7;eVmaH-Nnlbly1g<Ez?^A+UcJAF(Sl|H03qE^NdBxEpBGn?tYhGj;~;hT_|NFOIb
zj3f^~QxV{ky>1IM@2yIxpf;ph5QrKrc;=VidtEB_y)W%m<?vbc_<dh$`-jhpek*ER
z26zZ!1TI!ynrtIL`Mdx^0-0$9Pl6ZvW(Xeaqk<~?3ozqmtGB&HP2sH-mu2zpdn5xf
zaZJ7D`pzc%G~Dy1DgnMD2>>!@!%PlhsZaGDH#$FTK<4%NvYj3AB*f3SkIeLku|3qt
z^4D#Z4wQExy_yTniBqTLjW^!VB)HqRZ+GeVp`3}+aBUJiNbdN>FMi=Ko=GsG7FM`v
z2Yh2o)Er1qpg)u(pNnt3Bvpq#_UGMXHw=Jz0Dv^{Q6u8!M$LXs;F*R#J1?O@)iyZ7
z2&ra6`q~(C=EHqS4q+fQ2`5dL&Z_CN8~H+)-t(yBtlkJRNXo?G;-<O(?&TJy1h|2s
zizp$3X{xM7jSR75nd^#|#+|6R*c)oegbm0BhkQYB9gS?sTvTR5QwC#JuKFJ6i>Lx)
z&DseM$lLFKpygc(3kzlO;>8QD%*$+eKI7>F69dzv`0A^#YTTGH3&y6TN$%Rsk_(ND
ztUoRMhv!Q_*o8Nqhu>*GOm>JPWFV(zDS)jXB%mPxmoe`R+CiS<>Bn>(V?d2yHpnzU
z*zvM&mRZxvBGOq`qvlZh_t@9`joXz7;%a8o^%UIej8_5-ql!ktaP`;PWT^iBesUuC
znLj`VCKrm11sW3tM@DnU8P+UWqdpg!kTMY@TeR&K)yl{i;{w*&)Tmk+%aSm=J57vk
zY}t6HcX*B?OR=h|N}tm^@4O@3-BwU0H%gghE2L=qZUk(WDASLOK!Vu0SAMF&@ahwV
zhGufck%+-fjHaEU1~$V@L6qsNltKcZF8p+ZQ9b~dWdfyER()ijH3qOJ31$TB+45e^
zu=w2Dhe-lt?Z$w-6tu=iM8pEt!lJE&O(R3?svwOlit#Wr$XFcyeEH(Xr)5e$Oi(RX
zFG>$6*IXpHKpa7k^vf^5tXkR5ojbKuiQ8s}1Pn{@!w)}HZLGSwT06!?okWP@n{Gt_
z^m=5<h*zzJL<yP`gF%euJ1a6|00Et|0l<b!ms*%<)EJ`?f9VCWg+QkoCK!z*i$r0Z
zd26?5W)PRnI6LO(Lg)oIS!Cc2Lo(2MBLYnI5DFq}K!$ZCD66CgFWgK8Lysm;J_u%0
zDA{$VYGpMi4q7HgEFxqu639sWVAc=T;d0x|OTYv^zwp8fK_<nx)HEr;rlb%WHcPe8
z+R<K9Ay+?y|4cQpHd_;${UGL)GJR!3Jzc78D*KYOeV9S%^P{F24>C(UobKsm%heR=
zg4xW^(FM^1C<6ZZ76|^2!;fJJiVho);b8_<hK@!sG_xkpw#J=o&Z_m&dGlSGnuxJQ
z+@Z4s2zUIff^3RTx|IBxeR{?(Mi8S$MiV0&{YhCX)=A0DcPhby^z<HN&!|1JA2j=q
zrMn4a9%wSu!e_fCHj;#ufHF7)vK0JgB(L<r@QCq{o?m%jkJj5`&PD<_3m>}8l|ZN^
zK!Q|k3cN>-m`3a!nXEP}=Bw~Is3L{}lopIG7Ab->pmdf6bE=6E>46GB$1eo=BR(Tr
z%~UjDF<Zp*&p$73zx_6XrW^e9?odw>_xjgM0FGq2diAQBd|!Y4b*)~_#%IN3)FnG^
zlWc$)8L3?O+bheZ^6<w>u~*X}V+cv=z<;yVoOq+>PLm={rJAo1z-@&T_>`Vs39xR)
z28_Yn&eT}$JaQ!vDhbfK#sGci#)<h(!6!%y)jgfp4I7Zb0UwkegZ?PZ>M_fJjKa~f
z1cfEC2wGVl*lsaN$qKjxGiFo&=}&*E8UPnhw+LrArfKj!47uaA*ItvK|NQ4#s>K4a
z2;|Sqm12-P3b)=2I<U0~A*-+c)KO`=a9ZQU*pymt$CAxPpV)Y$%6=1s31%kO9b?Xz
zp{4=jRUhy0JdoqLuzQRvfeA|>5{a)7{^78)@%_RED>%4p!q*+&31I=UjU}t2k<#Bm
zX^DU>-_92|zJ7-Ns3@?*GLeI^^tSsYYuRcIjO9YfAlr{V`beI6<{1sTW#LA5u?XMe
z;V!SPu1?;3^G*55Pkth2&YbbzoYeDz%{vh!e6O0<H2o8peO-vPYB+boGAZKUe2&cX
zNeA^@1u-*dH8aAGOU+BuRpFZ^MkYG$gm$KBv)txNAjA^jJ4Fjel!FLIAd8BP4z9Qv
zqJD(MM}`5V`vwOCKn69G<~yymG)o&zHKZ{!8w3-{GUpv*%rvnq*kW(J^_C>CNFo-?
z9XobN3MyUCHZ$og744+E#Z5$GW22gOpMLsjIehrAUn7ozStDodCMmn)0m)pp$_lne
zV=N%eift8F5ZG)l`0$yLG{M}4)7G?dOQ3wq_^!*GjN?1<Mn`ch96u8l5B4C&4F7H|
zzl6*mS0sJO3YYXTbrHK)7>5MtvyDWGHUB0{Gt|TsjpNiQ9}*TI8yXyn$08J*Fqme=
zSrS7wniOgJWEEjjxM`kZW(B4N;x3qMIhwW*R-kcZ%>3bk*_7wws23oJ(Jx65`_Yen
zqzQqkow3nOn1#|TOYV3`lLE(}E|Lk%q_)ERgxyUIN>%6Y=~L36;)%qGg~UY1M8adq
zY<ytHs?}`jD??vR4K-!~VP+6_lQou{-M>#&0xYmOJaMo@MwCwVy5l)NJU}KxV0DO}
zqDY5ebW->$Lyt!w!;hhPDmlMMbJ`7bcZu)aJ~-4XbrGbGjAR2gs?j&ybd!Ra8!$Z?
zNsoRG0gE8UVCV0D|NHX62OkK@9&D`Pr66|aBTCRQxfJ;~F6acZPLxF9Mno5SCIIFJ
zYBWtKB!D#)d5i{j!2sv$C-K9oRmOactaHX>$PD<V-w;tgQ|W|zt}B5tCBXR?<q3`@
zL!fj}YQixuGRXtN0%Va95m8t`0{6l@$do3tEskt78Pbu?__DIw@7IO#>PK&By(mM=
zfAPf^)pusVj2S@O8fKH6k;6_Sv4e?#jV4BtjUU8Vnq}!KS#sCIQoQ3<O*1yUED)J}
ztny5guvLmB5(Eik#W32~tOKs`$}Je+I2SD-gP)ArCO)jA#!@f>s=l}^{P7CbJ#LZ`
zV0I5r4Aym<7{`s|5WGl}yxfFN3k#58V6pi4w}i~-!2!>uMspN{OqbmKusYDMef$pU
zMAcbotWf{zrI%jP1-1`a(s%9JB^enRZeGSIK48kSqM|~H9fn+EV#P>oV3EnP+aJ&X
z_T=0`tJvhQ#+-@10VLbCO>g`&ePhhnGT$2M_RczM4Ei3RNgO`2>#{D)x52yPnOO+{
zydts0dxj;7pb`^~j)mnWuxrEx)6|hInOO(sSYx8&tYvHL*qjI?Y$cf0s%A#^;w!Jb
zB3)fw($>}{cieG@22aP#F~FWJkA%U_jN7A38SZctX~Ild76W2Sp@}WN?LG~a7-^v%
z8brnmnAk|v(WJm==6kk`b2|G$My3I5!`5uRbWSpsti=14=aN3AQ`qjcu9E<*0WiG<
z{T^XgVOi+I0%XuIgMf@h3ZtT#;%ScA?X?hRB78Dym2pW``r1eDzz0*UV8&#%EFnTr
zqn38hJ@;tF{CKA0nuYOlv+-TzhNq*WLr$DHq5emjZO@%M=MQn9)|G)oz)S9UP(duU
zXt7mT($T1G(Ui#NQn3fY>t~Kzro~A%eKq~>=QPj^$JGx93uHW;kP)s)^Y_VTzNtRK
zW%oWN88E{#lZl!i-R4SQnkC=?pCCRhkdca}#m=s-=({%E>UsOf2O-VC9Tp&iFD%I!
zYZVDCW%%MGon=@XUAu*Yl;ZACT#CCDcXx^vC%AiYE$(gwio0uZx8UxjxVuZwyx;kq
z>mp&Y_sq_E)>=2m1Ut&n9zIJ##4>w5^JqFlSVqDR)T6Y#qm!LDVNEjAjyV`K0kV_D
zs<}qZ>aEkExF7YDWx-s7_=gZhQANd=e^k~3l`1N5=mmTUnag)%<_jm~!rppHf)9e&
zkk{$R211L5d!lXV3L>|$nXr@aDBSuO$?v=TOCQ8$GjjjQ5XSm^X2^N`3j4H0hd|~(
zopxwGLV8f>h(@Fiy<X~~G)S9w9dt&yBdfom&$dZLDqh3b{54!xJHVFJ<nzReKeLd_
zgfuRdKmTJ~6uk#|w2le8Zp>E`Of5@TTIHPN;$oV+D}m?3f-y_T#DrTCN*rrK3Nxx*
zD#4c#1@O7V?1>einBXQqSEihRkA9-bZ{L4o%uVN5<F4+Fk&xC;(R=%&$aizvQd9(&
zaVbsil3p*{@UfNVI`rGfe#n}oO0H@LuFHkj_Z^?gZs)IG-jBK?E?$L3eRsDiG{<lC
ztKGRV+S-R>>7mSEf@5M8yXKxlJl29eSa*wCYC!}Y0dz{F8H3e*JqPt|ioJ{&AuwQq
zj}-}Rlq~+2p_~QIEWYfv^E5f$=X@U;7__QKHaxbN{;M7y7?9B7Z`gvjHl8=IlA|gM
zj>yQU>VNF#l}-nx{a_=Y9rF5y5Ps%@$!{rFxHwooYGLT5%iMM4f}Ka)nQDlw(0Ap;
z#{NeVA^H6&;VEc`Jl^dgU>TZm2R|W%41U<#%gc;KMmB0HH(_?_y_j8)pqe%N=!ki#
z8kU9<>i0L3Z7C;iNUvq(8@a{(kB=iNc7Cl=9GLyK?0s2BE+gg&49x0PjNDxM)gAwS
z16;BE6_HXaRwQ`39mZFg>ptN3Cv6r_fk|D}&j~Bm+@Q<0IyPN=bw9Q%7R7qb;Y=wt
zX*GjiG!D#?hvGo~G}Cyk?J}{WH%9#KSEuu9hQD}3YVcB#S)?S?(t4$amHkO#b&en7
zW#M*`85fa4xH@{iueGg0a?oNA2+?tstl8bOE*Zyce6!!8sCaZ$yH3@x-T6G9^YzVN
zG<#(Uyy6=tucj0@Zk_#X>R2OEh3o{5F5n`Xfw~Zx|1+&J;zYB{^Jnf36=k2-7tF~Z
zh3YarwWlM3g%`z}dfFj=BFd&?cZacST)2hY4vu{T6n!;A!<vB)*5)l6?pc-Ebz(qe
zH|NBHm=)Z5hV}7sooVLr3GhvRWrBc@^BA=W0(W7}zy8wW$a_k(+_^nLAMnDs^uBvD
z9H}dLm(-0<wQ8lSYb4VbdbymyB*J45_V&%qZqu%c@&hD(DjMxkbFb&hYZjL#$=*ud
z@Jndx^mTk{>Y?%KiSfO;2ZuCe;a2_kvm=k);NXK_bsxk~zkFNUJw$uQ@cevYwvlAG
zz&rX>-<Dl5<y8HUrP<v2xQ(MoVZur)-qizG=itm(m!9G=jp!pYrA3D7$_lV{#<sp=
z$#sLRxZ`bdI~=kI`LQ7*L#CRDL4<f$Ko(J-K`AXY)q24yQFOl|bm)p>GS*xo2)Bt9
z8vlm++M{?zK$H(Kw}DLhHe{eX#CZ_reSRv6R#tsw?!Jj6ew*pGoKc_+_q<fw==QF9
zy-xBN+2=A-`?^K1MSomWUM;D+*6yZyaY5Qc(>H7W{A&U-n3^08UOfC>V{KZh8p_vb
z>y%@=Rx6>Iyf^-gL;dIxC~(*J@j5v7B4KFJ{vYcL#$U(#qLO&8DlKlGcbi0AHSQ8w
zZI`R3i4vhX=~Nl@CdxZ9vHTsQ4~|sPXcOVUO&=zBQ?En{H!aaTL2y69YPcJ|L4`80
zg?$ay7flwnA#O8uH7V>ZL*#SV*qEHzUIKdGk5?dlrs=W+)c4N&5530Re3-TrqY7Ya
zjs<l&Yzc8SkpRWb<rNjd^dD6yWegiN82FP?M&{L>SeH<jun)0JYcGlnJE)}nU;RZd
z;c46oX@^I<z5i-H&0@8T{_V4k7;*y+ihK82nxkz1wC&cFF90cn1q8N*<w&H;CX}}{
zXgTVn7me<!tv(mJi*uR;n^BEVd`le<O`$H&NPw-+=QQ+t*%G8;NW&f7@_*psbE_Mg
z`VLmxLvj#^BfElHd0p6Y=W00el|VYSZcL>LV(3}c`K_^RWO9rA*rA~A#+}>;j}%Xy
zN;by_&#Y95D#&uwt*s#QE)(hyHmaNCd`<nKPU-7s_hsk3AhmviN;!_zl?IC@UMjph
zz${ee-fT5TL&wa#m>mOjIV^O<G$y#PC$)J3G5@Nap?V%z`$WTNlnqGKz&z)uK?_dP
zfPK=dqD&96wIBeC<>7~A+wZ6pxco)zz5k7n5<v9IUC-89Zn4B|H0ZyXaJJVu&1`iU
zm+5tBvM4hBbZ)}@p^6Yr<~=<uQ7=InU{`Hv4mTik&Pp>l5Td=(W|aXn`&41?Q#2rp
z#Ky3b^$5B@aMO)VB>O*apIje*q<uA^OxO2%p~jX{NR2Ukc3TM0hnD%Aw(;a?r>p+A
z*3&tZAOZ42QPZnbni!Yt=D8!<@4m&-^3%=F`|&G`T3Hntz#RybF1TJ*342PcCb%w#
z-O9sqGT(zwo$5-O>z#I_R_e{7Y?o_AQyFzAj*gB9RRr-MvAU(0povOiDm(O2G!lW&
zVW^)H|Ld9GHscK#>;b3iH!IZhoFxP07^Q}cLOA;os;{9ytbWyG*zZ;GsI&}Oj;qO5
zHTCsqNtoK>VwKE_4k2DA;O?Z?o=uom@x0wFn6ue+MBafkb#+KnINiy4)?z>K!nXMZ
z0&hZ$CJF(u^nRZ^9=tx({|4TOG=UH>9Q?FO{xIAEBa#Li!$m`*Yw-OgJh%Fy--Z9*
zYQu5>&Io{|p>52BJa}-<N1X(<cP&22BafLE+VthIpi_UM_!UAt(p;&B=T!YSlG2!!
z6IT=CCuv9>kuYw1fT^5lU68J>Y}q`sKGWAQVJV!g2HnGiB4cEzpeVsnGC)^O07?r+
z029)kxElPNK3nM*R4#vWtWu|Z%xrjrN;r`QI$xt(sB3Xnpl-9{(Goj=9>sZd#W4xD
zA0icv-=xK4^hM5-G_$*Of#hvlSRRl%MURTd5IJ^*|J_^cPU@dfeMrHf*rs&hW<GY(
z?yxfV{@Zmnixf0W1o&2-i@A5_KeS`7;uH9Die9g!e-gjlR6MS~I?Tf4$M>+XG3ii2
z*3JOa`5kZCA!;0z!C&Buh9=7rb57lj<BgKO4VlUrzw&`LLRQ&K-^&jC;fpO3G^H(Y
z<DbmmbCdsUBn?qRp+pX?p8G64xfIggmVw1k!9EzZM97u&-#zostjBi}Ck1%J`M(Wi
zupIzQJ7jFXN?|AXt_DguIODU=FqZR{z;u+0H$7mel>>U^dT-opfgbD?mYSNBR8Tyu
zO?Ak*KkWE84}s<KV+q3ZHN18EDeP|`n%*-A<Q-;D!g!#y5f!vnPFiH&pU)CI5p|UR
z$Wu{XN$oQx@@pSG-6AQ=0{x?$k1LJq(GpJu|1MkCyG*O7`WxAZ2Ov(#s?geBPqu}x
z15ZUozMm9esciu&0s)kH@N^;q^!(v7$h|?5zhEVP8~XMv!F=l7SzvyEH)l$~F)0)K
zrrucT!}g986Wl>1BUAFf$EL6%B-}urhwOXO&A{?mU`extFN~)O44ls>oC8?+ofOa(
zT?xNLMV++t4*_wH!$4&3FGgCsj>%GW6IWyAe#FuuAJvoQU-1KUt+y#gMKMOa2C^3b
z&gp~}iwqC0btZ9!YVNhkq||eAI%^uI@4g*X{8iQfx*sAUA{7IJyex&1(GHjp)qV%6
zeS2y&9ZAvLpPeNuD+{Lse|KV;_eOCG4=EOPsY}DAXP+7;AO%X@<~(yEvD2%w5Iflt
z15#(X1<RJmU)}MLS&y9|IM@iwIM)5N_tLAf{<&<lcYh#(230gRuh!{~0%Q?F)xUnf
zpR?m!^?Q_*Op&Z0wa?Uoa2lCmX8ezxkBrPOAEr#-Y+Idg<(bQ$_%-EK4T=-_hvwkT
zE7Gt>FW#>E)pX_<OIQ|kOSV^I4wT0ua{Z*mWoL0&+}_M~FiO3n<$A^`Xi<}zt-%Qi
z<Xb2|h(}oCE!nlQr!tW6u+EuBhCU(Ux>=ipxr+m@vx9#+%(W%WI^KtvmyiV-=e5rn
z_NE(&UH%EnlgcFkdRMf8wpjrAQhLOOmunk9_-4&1e$5MG&nb<$9(s{l*@SfT(-F<@
zFnceoi@!LWg7vDa5<#jP4+`QlcQClj+pj|SF0cS_UkjmY>opxh?wdpje#&0<576X;
z=*Fv~gWJZgsqQRdM`hDHz1F_H?xNB^=lU6C`5bp;QBlThBkch8PI_zmTe_k@SzQfF
z!aa9WT5{4_afbW_a1z{<?dgeND=(#PjnaLVKyF-f73&ZKOT&3g*~8lBpr>F9*$JD6
z=9KHppIK%nUm(8}Y6p9|vSkW#ZRd{Fp3Z87$o}0q_|Z4H|Ka38O&L*@?LPla>rb$a
zPEg%#OA(}>H|+e$xHO-GA-kH1o%3OoM4NaA1Dp6vnX1fPgNE_b)}&L{B*Jqbyd?>C
zFjbzJ(agwNtzsriPEzO%ZQ<Ur<WXt0NTmix`CC3Z6)p#N5DHYNF1j!*&GSTQT^$@@
z6Ng_zD{XHyskIF(7m2iW<yGC49*n_!YxW;WyLi$})T12}5QneP>!(0_s;a2B9hc%<
z27-NYxE1yi!$qK+YdSkVrNF9Fd%;rxRJ<c8Sl2vO;e2c%93NY5Bf1;A@hxrK|MA*a
zO)s9$9-ZSxmWv~uKr8uIE-Pg!?m-XayV^am07FXC#F#nfz7#Z}KMm+QDG|FMZ)RbG
zpQ%{dT9wliGki1~?C27A2IFFFbn1f1Il?s_IUoI<s1HFi{~z7xm1!oHL*Y-gtSZUu
z4a4{GDApR?D_0mnedqJNT+4};*>4vM2m8QAHkCCB|Eg#L&6bM@7VpZgo6I`iqHX?>
zHLy_&8t$_v9BGnl_e)G6U$JA<hLo4rE#D21y{Tm~zk3q39R1xuWVHcormGC&O}3qh
z;@a4=b$e`OIfrri&ETF8GRdBNsr}dKl6|VEOI^8yA5#%O7@vM!MD>_AHrC}}<x;=p
zAcK|Ybb{Cz;aFLgB;(&}S{q$IoJH6haK2&p;Q*WWcPPvBuJx)KE4Ked8V1n^!>R8R
zR{g`qJ_?ea)6vGMdK&4}HmP`{?cT~(l{)G+VZa!f&9Hkfi9JtBo%9XrRy83&)QEE9
zXIv<oJ}en@V#5{heM$g0wxBy|n1eSf=HP1UwVjRp`a85foto0wa;t*7gCQM}7E=&S
zMm22ej8BlMAkX{HKN%T0$P?~iaMAz%9FRVlLVmMuO?Evt+KU0Ig`;Bh4#pw0@DNc9
z;;Aascz9Jp(GOilV-Wi<Zd^ND!_2I8>n2J8&2Q>4ib`L*F-$#yfw&fh%*T4o#;>5|
zYJJTy&yR;Mf=r5kKa4}<0&zNw$|K{pZp20M4Q;*<<&rnN57SUrOtB!G_5<;o-E79M
zWah}9njoLSeK~S%=tDeQeY;-Ucr4mQ+P0v$sH>400nZX!{cefijFQ>tve@^g1$g|)
zait_TBM^yzlg>S9J5>p@hMb*vMLjWs9^CvhC4PXyb(NXlt>?$L0I??q^ef@DT(b-Z
z3|ABoxWT>LM+qb=?QG~G5cdm#jgL+#m3d6vaJl);Y<ehi8%eyj^Aob*CnB*R9a+EP
z*K3Q5c=ZE@-RUEnRGFFXRnwQIOb|iQy5+?9@>H1u*~7XKLeK2JOY6YtlK_hkSaljT
zNGr=2sfHgfh}sAe3*nKm3;ok`deO-=F}8kEStiD)`@<aR$jUxBrx`b%Tz8>{8#Dnq
z__0{L8qgH4)a;Z1Hq@>P*du_iy)tT0y^)iE^P;&e8X7EY0JmX;lpq=u*US&e`0>45
zbIcliB>}7X+@4QdqS*b&Ww4i94OeHD;x|Qi)0N9lPT92t-L1%fb^fdO;nf1ixv5-K
zcTL5K5F#3cE-C*HCotU3Rt3Q_xj#2*jIc-Ml0s65NO!h=R>0CADkZ%h*=VRs2V`#L
zHn&pBl=ynp#InwW_kIAR;m7GE%CF2=-n5;U?8Wk)V^7q6C|Z!N+f3LYI99P{@gB(h
zq0IW&hP%*-K8=6)oK+fOWiPx*cWZ#hlZ+O(M~f<24&nkMTvbbPe+<wxv}iY9DREz%
zi&mBoeg{y8ii*zBNPnd#5-zzC>L&wCZUnNC9AI&!aS@6#l7y-)!8dVI=84PT=~pNf
zaP44`1ypT42&_ZMN))_x!%Gv86TW35fO(aVEWgm(`8oP2F!#3a#!~I|xa2})A2FR_
zcyyX*>J1s)lgwqvX3(sJArQ>h6N2!4yn<-Y#Pg?K-+_r|)xNE*)d}oV!Pd2n=vqBz
zZO=yb>at@VC9s;T#hqG7eGTW~@bJvax?^><t(=<KF&d`Pf{5N+=1`1^TXdN}KD64s
zSbP56Ji8X$HRCk3s;Ei2sS&Pe!!NUIzqt5rF%QijyZG_0{iDM&MW~D!vRziDzB#e)
zP8VA^9W61IKYu6xn3Jp7Bx#>)pE5GU3t7`lzxtQSqX|d}mSHHL%@<4fZGIADV(@zU
z0cJ)T6r7Q;N{E21S7b?1NSL<@3SdN3(oHRhfMyFJ#1D+V(tj5H{aJnG+vpcwtw2`T
zE+uQzpKe^vS5<hRu`|CU6HeT>8Uep7xPOU4B<1Ffl+U>)<Th~lNh)HgrZ(Pb^E@r`
z`lea`)VJoV0~aQ$^vAqTKdOdwaasJ5heqe3d!8MUQ;?kImZi~|?mz^Mfj{k=710GJ
z3NbvN!ZXgmyB8bU+uAuC&ytnaqviVF;;sZ=v*3*rRYjRp>%AP}X}VcK`0Oizp@<O}
zK~GqVQXskq(GF?D`p<>OfLpI4zP6=w6MD5hNJi10j1UyiXr{stz^;rEcx8FpogVj|
z<0P{?qU()d{lOMjhT=sC7kKjF;%lmSLp3P?Uh~_S1<K}XsCTy5-bVebw2^+9UI~9q
zUR-w=%S-s6ZG1X}&mWR9a$wbDxZ&9~XSbPakun-vI<b1UKW#iayvLLkJSt*Q5%q?X
z4ME5eK%cFRs2rySGLfx?n?&AYhS62}J{a`p(gnJ3X(z0+`s|SAq(NoX&PK5Uh2S0Z
zPejcObKKcC<a#%gol~wdJ)30w%zIgAcO$KvN@3sEZKBnooB3wd_WNs<2`pNMyzv85
z_h+u-wlr@_ts<OMub+n9<=JEq0NgsU@>X`9)I_AM<Z}i4Tq2Wj#uP<Re3{H;{?j5W
znp=U<OV7Ljd>*^GSWqe<!C4CxG03;z>iRu8!yEm|s;1Ll;+~|__ET){e6GOfDjco(
z##88(@8%PI{8AH>{gs?Ig|##WC{4zEL>^`2OWb&yjG1_pQY51B0_nfUM~BvbS7Up^
zrYZ9t@@P=71@wEQ5)y5=VUaIFIE^-BnAbmJ_wzg)ZhSNQcg3J7Y1e2UACozmJFDx&
ze8a23VPkK&q#c-Da7dbpPKiy4+}R0lz2`_q)EET{H4!=II%tN)SL#6zJ}-vrc8G@U
z+*n(ZQIZ;qwlv*IDJ^n~x!~BenVfgxbg?)1M$<+h`_3HCIPdzD{j3+P&BU=F`_R>(
z2HnqNm2<cpuT_Nt#8F3%9h>TO_+TtVOG0b4*(LEJ7>e22Uoy>pTvC4cdu$=9b>N0~
zSTHW$!<CUVIdn?@rmv|e*wTiH9|s%%@$;@wERflm&afJTX~+recC<9Kup^F>SU278
zgdOQRwJvQ+PjMetke`<1(wM*TWSN&mR>7j_*V5EXByx54kT0k=`A<s+Be2>4q&W6z
zVb+Jh=m@kwJ!sL<jSfYB0F0YREv(F~5gb}7=Jr&vS%2XORd>Tm4d+%4wb=wK+E5*z
z@538>m{IoMpb7)FEfUA@AycuCAZAhm0%t5eUi7`+J<xEmzzDfV29qqFjVZ06sD#EU
z$PjO&kKbYh0ueXjRl9j~fIJRNt{&&rhF{)~b*|Z_g0NWhE`(78AtCRmpQT}X`OjhS
zVZN>a&dusHkTXUf&yedkr5gz+A@)eJdwSTqrE~GtKv+uy#<8gY^L-g;Bz9EADDg*k
zz?pwS6_DmSZBfL-fihD`uB?jVOh)-Y5|t>N3Yi_!d+vNejAn#N6v##h@=Q*pgQ8wv
z06v-xryUMF_spd2KI_xHN0ajBd9sd9_Y3X<%sc?}7>gA;7;nQ&?$IY&T1tpn`d#K<
zI>)#EXvB@qr^;jy$NtH<5r53j;;M|(OAU$_@pqaqIaWd?^y@eKQm+dGo@~q>y*hfa
zj|@gRrDYv_J47NQfynJ&R>@97WHd`CLaF;n4Yf83aD!mybs&9Nu|pav>N0<Y&FU0~
zZFo0rAT&KY`2!sZ5P~BI?aInkXXaK#Pm_rjq-ELQnz<3M!LIJW=O9gTQ%&NF3c;<M
zX8s%^SrLv4v<fLmVMpc8UgZJ~GhL{6YOGtgBlM@yp{h^%vpj#obBvv>1W18zh70Ck
z)%TDRDP*$tp-a?o1gF^1wxSw|F<pi}x9uK(<6TJ-diks%8kysQpJ=@3_O{N%4L{Xs
z!@|mQUnhggl`$_X@-{4Yd_AGcPG9$RjuQ>i#dx&C?og~gdvl<xE03|4mmPCQBqrDw
zPf4v11(SXoiv!P<j-LA$I44ue_5`n*v&quQow5?;Oja9AaFW(@C%KQuqgWr~(FAb8
zj3~hQ8>o)IQq?|-@ZR^RlLmYLxRmRmN5B!_=`e5@Ie7=<7c!}Nde>=f*Ffj8_U)er
zE<5(wG?kvXxv`(R#YwHLkEXvE&6SUyEYc$r8hn<xfZaqNqWTU6zEed00goIcA~okA
zamcgsD?ZzMLPg#Pb_1z$$w<f#{uw>iE@g4?_TeY>U#?i&SY`_H@9^i;b_hnQQbDS+
zV|2CjN^4ckzx1t-GfSo#OBrqiGW^L2;hNYMwfH^SzF2yxeKQ|){BH}(LI+=(p*ei6
z6krKJev%GuiP3Z#M(+$ff6bi3%v<3DKws=T(WJ#6A#I(~lLgPt7xViuXD^xK(7)e1
z5hlDP$l4u?q+)X!(88md#t>D0^3(CjnC6UMyS@l*VB#kRc8T;k7<|fvtbb%T!WSG2
zY>DC4P^%QT#LPIC-Z5bD!8B?*ng6RMJH~K3g`t$wa-SVP_Iqg5#*CxUiQ+O{`LU3<
zi9bPOZf1e9`|%Lp2mE=(gy)&%X3;JoeSj*hiI)pwYOSHHPy&_GJ5Nn)WRzr^mC2wb
zsyRE5oOG?@C*zH`5k}(w%xw;+k+kh9n`ETt!j$?Oz3rV&qb6{okd^K>lOINIfcOaK
zdDCwy`d)V{DNp6`rg;^hbNs)xAR=nJ{1Un#v<r@N1QEz6_wJ)Hg`NHPl1#v=m#bJl
z5WM}sd7<zRgNo$!bpmF3ER(a?cHJ&i#CH8H>o{=EcBQtl&cO3wN8PzCpH7BoXP=^|
zcEF5L=`Lep>E<lIo&>!)8^y^i;uncCunk$H1YDTlGBCNI1?I(FYJ{}_CXUHaVhTV_
zhuN1knsd1v`1<s8@=|D~Z97-GlP!vl^y3~U(gro{6A!}hRO)z~;d-#hVh<dr5T$&i
z!*3k(LGV%~ua;q@<1LY`Car2z%k7=Fcy(VGlv1cG^>ueh?Pup-07ETshDzizQd!dN
z@7j6VaxzHV9;6FYp7<MXZu!f3d5M#feM0?{uGnA%B6BaxS9-rd+e&WGI)2sPdC6?C
zuK*`kwc00SD!zHVu-{-_N|3cZxH*B}$cHoHw?Ol;Wc=tbbQ`za9Kze?-e>}Kb&1_p
z?b!C41cfPI7n{bn{9bVQe2(jpk-tk@u!V*~c-98FkKR?WD#{!Z{Jr<>JonyA15bMN
zl9RuE9w&Wm94IOnDL%nXZ;Zwph=~61$=sd@S$y4b<SQlbNPgIbtuG8YWVV*feEgM^
z3J)?+si*T+#v*&tH2xp)b}Pc?QK9Iy#@|!)eOK5=j=P2~g*Tbd_^k2|w~LIF-PP-Y
zHJ@9T*cX29qDEe6xyX8ICOXksHB4%5cXzYqUo@KEw&;bwpZh-bP6;8i(+%|{w;pd#
zm1k&GV73B}8Wbv#MHARYc8e&~;1A5i9CKj-y#HE723-}S&MR1%5#pgzI;}e^{}mag
zy#0IbE~@yo=)dXxG8q{8FZ<Qs|3P-8)+AxTW_u#Tw9no3zI60P=kZcV$W_Ujh(Cc#
zD87IdaX%F@|6NBfovFR0D$(0vgRCMI8)_L-<-jsAG{Fj=MKn5d`61U^`Tg9xMqbN-
zY@6Ze9&k5mrLMn)!-=-1COavveegv;fM0rayrA!g0)viD;F|MDoB1EFWCK_vk@2Ic
z+wDJw1I3jY{z;q7xPlqai!UFUWiAZgwcqC)gvj}MYT`p4FN1Z=6q8;jJPcDx44-8(
z*I?MR`lV%5Ds0YYr-b4)-=EiNWNo9RQ<HZ`Og-#UrUc!ilA(8{V474OPvA{X|8)!9
zAw4b5UC8l3Pbn4{R)WkoxN_ekhi=>a&aNhO9!gL6&}UR<$a&&`d#ZLEBkzJq;g{%|
zk9Ho2t(dI_(41^T<ZI8@ABAGZ20l3ht@edA4IBPsqT5sd&UKy|ww{yMJIqq7&65@#
zhrWYgv7Qq--LUEnI+_kz1s?W=+O#)$x21=9+FQ10OPCk`+$6rfp&6vnk}i|`UlYa2
z8yiTCG|2~Pd%6|8p2Te>I|$w6+@itit-w~Tb7h&$X>~CJ_V@@3?SPYzk0&{`c~q>s
zwGxhhwpIQUmA^j;PHybRlL_LSl_oV7GnNu;qiRx%Y$=$y=Tv(B9nWk&hD0gL8+un5
zehE`DOmcXAbGa_L%s5+a)Kg2s3MuY5vdnH*Sejp$3u`U^;(1VzbbVt;40_a{Ls!%~
zIV6d95Pta8(f&~QI;lmPJSEg9KM^};$846ZO-hfT$5@l#AbeBp^I$<L)6HYVMjpNg
z)LpFkojqK2Lbb7AU~!_*K#mfVynpI2Lrs9OYy-uA)W>^#*%gtZREd`|KR|Qms*e|5
z^K^q@t_4qFKw4XKyxzlR*H%wScQDXJ-XB@~J{$V|b$_}I<}durub5v@KvVUT0CWQ9
zv}66Xv*Y<()$={Z*LmOB4xPZHHU0=KR#fD3cYAw#@H^z82gU~0qqN{mtwy6|#Q&94
zIMLttndzyDWsBuut63E|zPk|*B$a`Pnq)OGmOXBvArTIv?JtvXG1Qoz%t+juR9W56
zYltSQbyom6!=O`=oCJ9%m`#~4F5Au^9rx<^gDQ4e0*Y5KLwKlm$NAnt1S}&fL;Tk`
zU(pGDTEA!gBP*EnmB1<3!0yL1yuFb!`Rj|ER+Q)=>hc8%NzWk^%Xw`dq1?t`J8ji9
z;GD$~Ni6t{Kw{G|GWidn$x;FF`vhRfChO!>mo4P0>-V}t`cYPhiAhoDu1xutu&Oga
z6linai*$8$?a@0zf#wFHQ+m}&Tkk^;W-AW{N#5=?X&>DklK0F$fSRa2q3LAqKmqjG
zfQFJ1!|Daju_%Z0Fx>kbjRg<byO^xtAVq%gNzH2xxJs|&gOa|YZB7TTG4T-k{@NcA
z$5^A9DgFmv@cc+^`<{q-tQzjn$D>X9M$B4BbXz@ivSTyWl%Ey?8K+jm%+k$l`|#eM
zi1F*`v#dRXfS$1;$;6}t=uE#xYq`*J2kQQoO*U&8!A=;N#5FoChU2|X-;%wihq&nS
zK#UGGb#=3w{fT<hVbnJR0GAE6u#k6fsPVbU+CrvB9rGR-9v%lck(B?9<r|xtM)$_k
z_8zZxoKKh8-k4cfw16mY2|1rf6G?8%Zduy>2ve5U*v^A}QWJxmtH5a9jk@|ydiJ8Q
zx@?w{yWJ;2=ceBV_ou>0RoAt|yq;Xz1p^VVReenD8d&4Hb&DVBrj@omecigkCdDd=
zD`{u3oF}MvizPcWkm)aj@%#1w!K))@>=!9<FC#gFw5HItJZ4rVIc@Gsb>mmP1W`*h
zDgFwmx3_Ooeq>Xfb%v%B_G?{o&6P|^eL)JciXo%ONW6GHER$9zr>P7}$Gam(70#Et
zW_(Wfne#1q?DdqANd#XxAvB(zp3Z>de-v;DGcssVq-ZL|Qsr5*_r~PSE-#k~$IXBD
zGdC~JQP<R@`HwYO6-{;z#0JKZSUSi62aUw5j>YtmVpZpLAHVb-iUyRnPAcsh4`b39
zQQBDjtk0;7Z0f+H_WB$lR)tlIyQ>xPTG-3v$j2Au@ut<q6NP;6k0J8lv3z}xz@Lw1
zib(s<17gDd2REM>8ANNLLp_XLzg%!4Q0|JD$Boq_%ruVdCkhrHAuvym<FkHq|F@H9
z@EhBF=t5?pHx8T^l~M>ZxtAJi;Q5loaZSRBIpoCjEt}SJ<*5AUU7-DBM~quc)!3ht
zV}c%gXK)}PsQsk6eYb9yB&q6KLOmU&_?t0h;G!i!MDlyhDk7i|We<oUlTow>2<zo_
zozKS=*MFl}%025#N@zcOBOuU7PiY<<w8I-rPRXT8=ABuHiboBn!-Ey=Ktp3v(PdU(
zF~kOzo{o$z%d$$pS9!Ji8}2({>sW!b<vNkA(jx-ED<=?2yi4AB47f-*j6z^We7-xi
z)gR)f5E2;Trk%10Vp)(I{+NGF5230`NP*QfeadOsg^UZUo<R-<+jnFLA+W7?OdF4S
zIq@U#YV$q+#qB+TY6G+JR3^kPq0?-ugHm%NQr9*FD)P$8Y01ghbWBVsK%zy<0I&`(
zOv79H_DAAecX1Y^E`dU>2(%~zta!zLV_&rDYYN@!jOup5Ex`4}x~eP3$cLPZ0`SQD
zQ1TL{P~s6ImKfKg2Q2@`bAp{D(1dAaT#8zwjHbXd->7!89P|5MYM{?2wK$<3Ir^fH
zHxkqU4D+9Yg&$$=f@g?%aRaXY3b5d|Q6T6}woUn~!w|(3_HHG?i>ZZQwFzGKz+3~g
z$1#ttn@?OiO06q|xNk<t#v}Ue1f%H}NkD{!>w`9I!0N;@n{nB1+Gr{$?`o9Xn*`(O
zYjNPgm2{QEYvKi(+A;pt#xa=EBSB@<*s#8kMMck?bC2A1-J7LJ6EB<ULXN)yKvSHD
zKY5fIGFXyq<+=Dc2~P4kkjgW~<kszXV@-40F6UX00<pzSuM?(!`UO4gg*X~-LAbxh
z{_(i@7C)MB9n9wss)aw>Q@IxYdgg|KSn0Yp)kZ*AAC{eD1As(i?^Oz`M;Nh%m>&%C
zcrET%REXaN4GPIpvLjk%9&D+OM4tstT4MFrV$(!*PRCVVOWMr+h*b<lUocTDtVzL)
zqi1fyxtYoE&>9+yC0Kek+ltUXx4l$@y=6VW&Q)LW?(f-=rV3GrEEnM)oH&KM40pvA
zY><wad9%cDZ^)sw5mxrs^KGmI(9uKxw?bOyXZDZLvl)Q!Venh1qt*5PsB>PwxKt41
zs&)7`CVnm~x_;5Bl&eqBfaA6~raI&0v)9Z38`K#j9r~vSi83+*R225>cEI2khq-P3
zMDP{5#?P1?Q}(UoR|;(AQ?1;*p^I8M7T+*X!{MWZF&}XvZ)>1y1Tj`hhxe-lHG1IV
z&<R)lH0>G+U%V)~j|+?g3(P)^TDf0-qHCPtGG<Sd1fr*_SiOXCoz_i8<`&JSCGcCI
z>I#(J1_Nbd1lvPVdk5n>RFR;wY-0vPfC{eE74OF5ssVjiJ`Jtf{M}U(A?)%HT_!7X
z!-%>x#(GxbzEC%X$`^0!zbt%6bPGekRWHgijB{;tQ73&t!gfI=G7-ERhYwz5E#?dq
z?0JlFU5rs@xJlxmA)^kOx1=kjfdSLNy70zZ1?pxoUqCOylEiyk9#R=)&4+!ID3~^P
ztZqiXHS%Jw*vvB>$)84ZbNPFpjE=n6x%-+1>ZOG?Z~d<)Q&#o|H;h_veetC?iZ%(K
zN=D*#HL6rA8M$Jp6IUieLU)N2_b=N&?jAwu-LUeu@QU0?PyaMFFea%Hcom~G{{{w7
zV3j)ohe#PUSc;EjhOTnT109&<z3odsb1})j59ZZ73Dj#&ca)Nu53Bq_eR1oe5c>v4
zRylyh!X_$dRMio+W5z&emAO+>5gltYBh8I#<MgObaP%0F{^j66-CdfCh+5<%;Mw#O
z3i4*W#XY=W{IBTo%TI@wfs;cY|K3~0%84{+2Ds-WLl=|$?Go`~z0#8kX6q3F$x8>k
zAD2qBG0`bE7w*b2jx`d+vsU&-K*zDM#8UMlSed#jD+ojGG){JfhpZ@o!tU9#d*bAP
zniiJN?sJPHV&~F`VR6x~10ZP(8Vp<+SHnI&UikyLv|ny@^{ysB)lYFD-BDoU?JrRV
zkqlCel^{4=TALjXu$^;i@&N7l-n-J1q;%7kw~d;NqWN-x4zbkuBimoW(?+*q&S=v3
z8UK0;Un9C}A;4&vLA#rSMTpQ7IfJLtbLuQZ?!g31xc^X|^p5kRC+``B{I&UoQSQC)
z<1>`?D{^G))X4lP4%6ex5`x$7Po)H5Z`)&~R4W;owBP2g%~Zt@8DlZjVkLS<O7`&x
z2%>1jhb49`Wj;~<<RD1;5<wCX5h0o(mR@h2*FL_dpt#%HIvlD8Ew_L3VJDTAf?b7|
zRYDNH&FX68Nxf4WJ?JpacX~um+ATb%)LSR29(A8WF={ltAyQGPNrq(J;Bqu3I#F?S
z#o0yoSEbTq{CfKLh`}xID@?C2D1sYOrFm)YRZ3Qk=PN;qEHQ_<3w3ntGfpQ|&`8Jn
z)9?MktB5&4dPYnm%aj_H+I1Tmq6kaGy9wZCNepsN4m=%>E;<s6h@6>?4)Yo~zdPuL
zJ){lh9>lMh&sUqU?j<`C5n)w`n_k6K$zw+ag&xz6L7$3fhfiUYO;z49rt_(i5z)o3
z!utx)mEUTIb;dt^T0tw(nMG2!@~7nvu{RHV63#ssfw!{zvma^hGsj8pF0uOxVo&~!
zI?MIa&i`tj!*?CMZa>KeFs<=Xgms+#ep#F0de77kETEu{WSrx+&2KP&y5w+DUO;Lv
zMGAoMx*$l6j*jXIxa5P;s7<5eKQGKPWF6kM;<GN9>gi?wqhp=;rYyhXW}eM=pT2%R
z$$@a|)-<kSs5}h>ZzzJs6T*xj+e;&?@D3~*%KTry!Vm2NxLc8)4tP=>-BC<gnW=h6
z6bPRxF44u;&N;72bF6)>5Q%@pKIAv2XI)mKq8n^hWhLW>h6v86{kXhS3`CpbEh)NI
z0-rdeXE<LltVSlEqUkCVjRXm7Ufcd)gaG-&^0X}Ioed(b?vnU0<3a9B0xNN1L_rZu
z=9L$Rpwwy4sB>tZ>}}TmooXWLC@M|PS+s87kaJaq5)qVhXr0>s2}NygiB3N~?k6fO
zm!SwW!9*06UBS#n${`y`?jkE8#Y^8T^J$zFRW<rZX@+8`2>T3Br{0c<FAqJh2$zu=
zV^w}?{xY)f7fByWOY?=MG(Hh6)|%#v8z7*l$ORDMBRR0YcuTDyGPUweuT>!luS971
z2-bHuDa{uArQ+fy(bcK7%hkCkLs1;Swmf_r!rO->fX1xhQT@YqH*rXdR0^hm5j4_a
zSFK$G3g{6L0{%^lcH0F!jX!|?<-9=6lqaCb2D`8wN?M_$4v;LJyJ`xMwP3lZLC=qg
zB+HD9C7j~ePy?N3D9PMVPn>Ky=MG7}XKv0-E#h44sh{%2BreGu6|hI5trF(nwkKZC
zLhFfpTg*o&8R<+3=RkBTruYk<N<y?Pb2nnpoE{Gk0V6!fBSupWXm=oS66s<QnuNQ_
z!1xuhDhLw;#_{lpL9VV2<LuWWW?c$Ch9y}GyP_e(C%8&yv8p_e>|-kv60R%M3T{!>
ztZ;7g!U=s#MiA#`_gOe;Om3R~pk2Oxt~L>4NIb2QBW>b;=?)P%I|u2kLI2us$-{HO
zF~+PfrVs|j*MQo1LDqQ9gK_zWzwt}DGXI5x3Nej{ajl)%Sid0Y5-3JTGjQk<SQs_c
z7*2Y$$Zge*HAA9!RXOtP*Fj$>pBCXAdEn|3TwL*UiLg*#vJ{EydLR>L7_)r420nV2
zMyiSq%B<#|6oS6}e3(1GmtoNmqom;IwJ#6#Kv{oGozZe5VUcl!n+g@2fsiTClErG#
zzHJ)R9ZhiLbY-(i5>cP@6LUQstFE1Bco`fSVQJ1OJrqpE{z{xlbmT#Fr(5tRfo^^U
z>R+&xxdI{S0U#hYhyWKj$!FI#bAgVX;xUc<&_;U`x+Axi^1pEfvTT4ZfhZNFyt8Ii
z()qp@%9ul^J3&CGAg&8u9}g}<cU2t*>xnPGiDkt}-sd3h^>8bgL9Z>%xcX9z@dtlh
zz?n$D;xE@1etw`vaL}LL3TTU*>Tv*c-*hI-TEv8Je2OcV1$e3{NfoyIfucVK8+pI$
z<DvmK69%O}d~IP$s?eOh34XbH+7!TeP8Kj+$<SxxC0|h*t+a5~M@AxAS!aG%gPuH1
zkfER<^OA7cL#Yggtp_L&Wfc`jAOiN+;gVmE3dws>F2L5vNDaU-z+6Y_kbZPKTzamx
z1i!t()J^tkvw<hgOp8eaz5o3n3zV6si&9h&)mveo4p}Qgi?uR8KDW28{cA|fLVRFj
zXIG`y>GgH7QpW{GkzU(*KZT1%_P`K@>)&rYZ)7r)V(<Hc&J7y>6~FGn4hn{z)erSQ
zSbZ%X@b5MP<B(kzRvLA^@E8AkZ=-5g*fT<LwCRSIU+tY)YzVb-uEd-Kn8LVc9WX)-
zOo`#UeI%B={ZN6c%U4*m^IF^qQi(D)3}Onz=8`#EFw)<@eOn9R{0wa(E*?zG=d<iD
z$j-K-!pYfWiJ=fxkU>v7Yx<zA1+AVOp#MV<mFCWvsWo~D+ks>C$QX*fRx>Cd8eZ@)
z{2g^>d42phW~&l(rQ&|?Uu9g=^WPKomcySC8_biQr{J9@r9k|Se*!c#G|S7JD$Qjm
zVCy(6CiOgGpM23-V}B`PyaE|jTA)|%b}OgOsSN(w+=qC0=fAZj4lSd!M+CoG+B<L_
zjL9MF11`P8E_6V>FMu6n#c_2PfN#M=5`{)IuX92)=d<CFjX*Jn4C9AS)W3qmej#+;
zO!Chn=MTp8K=27H;W`|*gHBf(4!)?)az1W)U&wy_n&MkU^wKQTa!^;(@mimWs~9Ea
z+hjX1Fet|0@@9%;JTw`|RzF0wiC3c-%Pt7_w&~G%VEa6bg-c3M+9x>4TTgCIY~l6|
z+2@h@`*YZ#0Z{jUhskP`nw*7pxf&^!U5EKWvE;f(`j~^`o&9;V>)+djJV10?2VxDG
z9ZL|i_JD?ee?yZ+|M2_2zq;}4Z9QCUv5@-SCSc=IFmzL@4_^i&m{4WC-j)cb9OU|M
zqUD3>Xb$iyWH||~n)Lpq^S4_>!D@Gz<q>5F5~DaJb-h`jO}-({5My!HcNvipp|doy
z|F>CW0h)9^2u_yo=}~G3<#815V~1MZKVNiFMw1T_1k!ONDcz4z-74KnZx356e0+Sk
zPp0WQwG|cealSy>tmY;z!%0(1i-FZ{wL=GhbJF&!>tLK(Ds{LXCBEL$3MX9n9Pksu
z^$fkUr?-O-&PEOm_wAuAoUdCSP!j_r!9nBj7Xen8x=i%+yJSNzKcp#>!UMOhJT2uV
z+YCIuv|^^KB4``oS`4OFZ5j>tApch_V5MdNL<$j9wjPIgb^+<-8UUGpP68?_5F~tz
zQNrI2rG*Jqi8z9Hk-GmYTg1)8ZSV*5tk0h@dn{9_2H!!i##7J(n|?2LF{B(Zd08#)
zQ2>I`K0-cFXXY+$;&9!`frJst{2rg;WogDJ21#D?q!zRy6A0T+*|Q<LEeF(c=N;w5
z$52v!<M5Xlq%E(heBEi`Vkww`(2G7l?(=k)2{oLpwTu@lW)(IzY6ONC52P7*$!_}p
zdo#AGa<tRPFD`SQHfK|7*m1M`(s8iq{k6Z~-zl&Ho#Dx(Og=(Q93@dMCt9^Vs~aY}
zQVF|rctMtJog4%rVFl8+a!QTVu(>_43SO1eegpgMcH+cUjzgZ^@RT(KPeG0G+zLq%
z`j{iiDBkJ!t{6v@n4c7!is93xV%3Y8kNK^BLV^s<cEgm=$yEH*t?Dc6U^o<+DJT+w
zRo}V3Ma!@O5zXYBr&sUsc20TRrlzy_2`@u5MEB<?)!*8w9)G+z(79s$Ifr4&dQ;Zj
zR<(oeuZigu;muxnOH%-pepTy<<cWYMN24HuD;kDRm(JZy&^~8Oe|YMzV2^gt2@4Xy
zn1<x5_A}Z%>H5&xh)yCoyy~se*T7EbSj)qb_(@sA4z<oB7u_FJt$fCiQU2O>z*NTX
zJ5TCkH)|9_qh&xzqA=E1)ec^u%uQls#WBS!W%`}`;wg-G@D~&&Frwx4vmO5EQhe*b
z)MNt2#`H)!uUeo25>b70R8}$lt@3hbe+ab*4HMnDRa6?;_b-Yk>H2;LW@UWtB3_w9
z#@FqlOo9_9mV=&bf4(^ExXUsz<Dfy}j;Q5#Z=;mAzq}aNg9E29=tZU>qd|G2bct=?
zqU4RMc%XHIoNnZAFXQ{<WdH&iM6ee~byM~D6qZtKe}a#HwEQ97;Yc>;R(k%4IR;rG
zjzk$u709SG93=YS(TmIxOE!ldyV2PQjH#$aFlCU(y21N$SBmY_ovvk^`n*hB()Y4J
z+sLfyw;~s9c}%GI$JyDqlyr5n51^X9DxLx`#920Aiz!kU`&|jp%F-ExJPoUTuSw`N
z4O9GPQ`+D~Obh6ehD(?XB5h6sxLZWk5JljOosD>KQux1Fw8N_GOr3n@8sLljN0U?O
zin)UvCk6K`2)CElKt`)2d>zxSR4*&Q{*de_7qCk3re`%>p6HB3g$9n#NtN=+1eq_)
zZfG;Wl+HsQ0fKekER@*%kfmlJoTOUlq7Y^LuP<)<^$UH(5rh2p;`eV1x`%U7>0`V>
zdhXR!W(WP*>19@p`LbVn-}Kc@cyn95Yh>jCVWg5~+fux%H(o1j{|xvxzejvDW+reg
zes~~{g)EHF2%4>9_0vIFS|F1~h-T}!>IIp@8lO==d-}2#X)k;V<uok#i0z4{9qEUa
z$FUe~E^X<Fs6l5neVw{P=oq^e0rg#oivv2hBJjrzRQp3FDuTo``}XJS^5VhX-Y1EB
z5y2<N-Rs=gl5K<j|BbxPMrPwdx@_W){|5dP3@1cv>g{|%eB+&TBaLMUT%iw4sN4e8
zKVhMx^h#5xIy##0oqpL6aB6Uq`~60k23w3Mpf2dI_tO;(2+@-uNLWucgKShAe3A2Y
z?eKNAzjqLCIZjh>L?!$Iz+->@14%Iiwy^{rj(leNY?Il!A0|l&L~JpJL-7z|E~h1S
zG@F0E%q@KiWPs9wu7)+TCH3UX1u82#kvxMx#SwNps%x~VZvlS<c=<*gx|!hWcW;k0
zF0LK59%07Pfy*)m8z&bNs@B~8Fo&D;_W!@%2U;i=EPdpP$XH3gcT4d1d{vS-+IW6#
ztWtKN|8Mnb#dM@*C8e6)oMU<GS3@(IL6h&Sz8pv(w_^S47&J@q(xGs}K}wR#5BJ}v
z(nAPQf$mQa=uk)Zv`?)y<WJbm$C3?JY}g6y&#wzX8u8LGnjk<wGlOll(M8@q^<X&z
zK1h#VN<a!D^sU=g-ebp`E_C=;@k;QCjMdO3HLQIde&t6Uvupyexithi?7Sezgs1u;
z0VAQeOh|0L4M;;`vw-izk!QPoWX20dwE*|ce^(N?2%1(5nmTaWb*LocAKiGkWB^#l
z_XKcemcN5T%VL>nF@bqPgrcN%1B7^j+jJH<4Qk^5jslrX_GOlHg<2(`A;llzn!t+Z
z6QQ4Vb^iCSF@8rthpjEMkc{74G`Es|pJ=W~D?GZ^QDmH0&w*uAj2KEbpN43xiAsLh
zznCY^jY`eCJpPhQs!J*R=z(p$J|R&ATa4po4L-EgZcG6lFxw2nAES_>f_=c1nJ4wQ
zc&`knh``n8OA0ts+kWObyrGv-y|M1}QYD-uNegwMEh>7=zis9$_zmqmiz;7jzo;0b
zqa_j3sMkj3MvE#tHuI(yQjVk`^Ha4MdI49>92NqBS?~)T^~J^|ThnV6%C9b=`<&A=
zaa?z~Y3MOf4U1a{OWY%A7b(Qzpd6P9b!=ZQJ+lZ{R{Z4%CyCWjDgi7;Q*~Wpxy>o=
z>~cN0uEtm7c`8?eEA-2eb!iH<hcE?Ssq5tK{PrwlM8e}fV_&%))og^+TRY(Na&Jfc
z$I}N<q5Ah6<_WUua6x%(9`dwiZ<znq32rQ`Z7yDt@OSUuOn=0T7ptEMk18utV>9Kf
zYP#Ua+RFo^9EqwdZLrzN%?gL)<(xYt$l;cvni@)43|CjZ3M<e+`9kz8B9%&G!hX_N
zO6W4$zq0R6#q<%wA1=ZSr;aFhg5hd^{Kz7~CEE%3yMq;EnI6n2GxAScV;VR_-#E8Z
zx>2*{QX9Rrm#TWcc%{_NL{L=DHv*3(nQvd)Ts8EQm_bXR9y|0x9&0vAD?_#!l2JM3
z_`Y=oo!_6eQkj|K*H1M7F(<Lhk5r^mz4|NH*ijUY^Rrk{V`IZmf%5a}x1!@|Y0TiD
zYPQP2Fu5Jo((fd?KcIT2FRzTr-b<pEjiD_)cu72#0~l#&isxjzNfA2x*^C}Y{#$9l
zA;=wJd36cYSWXh4L95{Nb0KBc=T3k=GB?HDQlH8h`S$K}k-?h*<zrl_C(eGMoRw@f
z;Qk$nr2bLwWd)oV!Lqt)K|$&I2l8+|n6?*(3FAxF{|&u%tI%Rc+Zf#b!m!>qHOURW
zqfxQ(D^Em?mU8;(ujE-_2U&+qL;vguvkd(pApv0_gZc9DE8^M3QR6jJ=qLei%oL<E
z`Ty@gw!a1BQ^*#P3Zo4y#U}8kWKd-AfYzWMTkT&d10N5ieofh6U&FWnQ;}g=S=H1^
zMux<*EFeh86$P>+NK6Jr`r0OcPY3(Lj(?T1&fh&K6#X`yHu!_@dLD^%Y+HQ~#F6U?
zrBHL`tEHy8A%JT%q&%V!9p4Lr&i{GB$FWTrYioeBxEm0pmV)ew!6GVM1jq}(h3m$|
zw=4Lf>d~jc4V3ZN0G|KxJZ?>DYYo_%_iCl1z^w|Hyak`V4h_;LiA?6~)Gnp0S~kS*
zGq&jom@Is(IH|i9W0`wV;JMYodLP*Ya7l@bm``*N-f19DGrWmyUEPeDT0C9cR=fUz
zDw0AhUJY0IROR0BhqC2|u0kgIq{9KKD~X{H+v*v8SN&w1NQto1&{(9fiAG)lq-(Nt
ze&!iU;<)9`;YL}b!a>)3BzAs|F$ynn!z;@NC)U4}PD=AF_6ZRaoxymwe<&ibQVXQw
z%4ygA=~K;4EG!Uc-&Y(nrH{MXLNhOjKSsl1CMPj5e8Lif1ofW048y-e1<Jgs-E$>F
zS^ANPh8AxTBSjG1`X-c$j`<)7@1@P-EiTQ#$tQI-^T7^PtDMk}OvJygyV6aLC$m3y
z;_k_^an@xcr~gaL^Ofv(Ew$~wl3$DFpkz`#@ACY4D(Is$R$)98QZJ%z!BqOhSHV-3
z!6qcgz^R)t=0!zJ^pCgL8N3{TtW1NS;pVLP$4b#G+2w4#jGd3R!TTqqA^p&I=y%wT
z7tba+zgAaI{~b(V+mu_>>m5=j2hH&B*%22tU&4L_?fY?lLQsqZxPDB3IqGwFn<ZS;
z1oxBd(g$zy;<;?Ph|q<Lxvm0b@b3gDTOSrL-@D#r5tDIp86ht#{s|0i$9KsbL3X50
zMW~i)yR0GmOXiFZ3w?8-Lv7P$f-zj{)tw0B^tD4%QH7MdmT)qTY)>goQpQU*XU-K?
z==$c#k7ml<IM}>GZ?W^`L>*`_QAcy+D?u6Tp_lx{fwMxTuh2c_p^%+2E4M(WW#_ZR
zM*Vh*pLYwhTPwfpF+c6p;zn3##{XojNW~f7=PIf<zN665NTxh08)YRLlCxE4l%Oo;
zcE+CDmPloeWkE9^%Hn2*N&lHPwyK$ecl1c*4-_6(?Z%a+FHcu>Cj0*BBx1uDk{IIL
zH0_52%lMOmb$56FMjbQ<z&_^39~H8Myv>#=uC=l98<=dIJR8~%yAiV#G!<(zP#?Aa
zj=fwZ5%B5&FPgx8<33&a9kAR!pZBTU^x=4`>DuFT+;Od2FriAHy1E8JZS!kB_iWlf
zHUWwC-$YmKbUAb0eb8S$0T|!<^CP`@w>m8yK!e`T-MMqr@BG+6?pW97Ci{N?gFt-0
z4fZcu9H&|EZ5de$pS|b>?dG|#+6$=Wz*AbW^)XI+2WXmS60ALF<~#)_1uuKC^lNAK
zGqwPe*EP@6`oS-EbAKFX$-x3%(-)PM4Uk-z;VcPa#QC)&773)h=*KW~Oy?F1{=5dx
z<MW~X{Lh5*O0^@q4d2KFFJe~z>^Y?xkaMmOxOja#hoE^@Iu5^lbY%83x3v`ez2Gy~
zzUXrxkXwD{*x6@4SlO8{f>?p<x6V(_8T;F@$#QCDT%!hY4KGL<G$T^u>ThpT(uU?e
z9APs@!bTdjul(FJSyGZOJ2x+f-)pH9=VwWBV!Q=h+?3d$J)LV{3^cm!o0fqjQXtj!
zZ4d|8gfM|>p!J#Kl2TYA9%^M{Z7L_xsVJn(a_-7-kD+-LM@E^TAX$)cmXpt|5FJ<$
z_)@fjp3A^U#+jIuG`d4{YAW^us3~d`j4W{CqU1pWQ77<SXD+fAA-<Sqp;t#W7JA)L
z`gg?E?o|QQe%Z{<)&K@~w&vbu&Kt`D7c4eQQ?M2=-owfj*Q2{(j)|bb-C=xsro^SD
zTdXRxTQ`7bFPqvoUHq(t%fI92!lfVUo(e`>pzy8tSFObc9}5wJ0O&dgymK)&19QmS
zEQq?`bDZXHPB8G_H(*vX3$7Em{AM;=a|i+?o7tv`Vs){%GzPy0Vvot%FyL94O^U5)
zSwpn}kuuO{Z;f3Sd$VED4TY_d5VV}vwY3<_Ph)GU!xuoau`(cHfW@i74cCmFi@#aS
zZMi!)N`B4D?!Wzj?Pu)J+zilL0)(6b8w|hZ<^*3qkOi9^{X_`6e|$bZ${q8S?}q}U
zQ?qm|_R&#RoEO1r$>KbaHVS1G7>7$r^CT}jT@vCfpI6Ap7XFtoLQ0EsW!w6ta`e<?
zX=)`Ue@Oj!HOCJ~&e}~%`Ur)uOcTL7?2EW>1ZG}Xl%=rTB=CYdZ78<sV-m<e-%jBR
zLKDT6cVCmr1A7oO*<evw&4OqTSYHCiBA^lb_QK-VfE){I;N7+5ZUdPC8vhQ~1{?m{
zGGPT?xL`kn!)$YdhY(nd9J^%A+-)re#ss6<7{E6g@h<$B4BmQw0JDOc(KyruXK8>c
z1GAe~8F3-D7H3N{vBzr`NvD~~X*zUjx?BUzJ#6qZi<Sb2c?R}51_;dau(Zv9f5v};
zz0m7BU~A9AHDukLi%C-F@YUF6L%o;LRBSM|zKj`CvyAKgxuMadvAm)UZtP<umlWKC
zV^m<|PF-baOlp>Ca?rjeO<f*rlswp6L}8KUT+_`G7h~aAZTAw>N(|vCA%2PHYPNR!
z`g|_d*aYWUePXjP)Y@EdL*xPR!J~b({45@ib#b59dXB_tY8Dpx!B`hCR$Mzkh~VFN
zO@4DuSm)@Ru;&ARMuA_&e99&=GD@O(Z;aFWj?q%~Jf36eMxx$!XkQ&&*nkaOUmubq
zOH7DSvc^hiK&zG&$;MTsvaBp0@n6a6?_&R~dF>y5NPplQNQ#e@o42fxw?8}vAS<_I
ziH#&lC@q&SNNUky@uWnD#=Pj<bQ8#ih5`>hgd-0dkYVBk8IU8RYz57^I}71JXYHji
zen$LP?%yNjAHA*2C+=*5Z2q<xV)z)059PYC*}HG!)3ILU@j32|xhk*&=SpI|g~LHb
ze`(xRe(W%BY~X&n5c5#`+xb@WJ~Y>;nagkLgr>#?Sr<><-dZ>bd>+ce@B1+(C03?I
z&N`YA`He+K6AIuYE}&efqM{@5iN&I9nbNpG>%wn?oc7PZ^XIv^CjZmL4*-mBJ<kA^
z_SKRK`$=;WO|*WRw0&(Z%7Z?F6BbV{C|tmGu@1a?Y9O@#k1(MoUYa2ttDhx%%Oqy?
z*?Jy>+<a&^tbSPIMSlQ31{}FKTbimvv*Kb+&CE6%Q;Sg`!dV;xV}L9W!<cLtvCjlJ
zv+FkIX9We-pl#ok{d_E7x3pybomW?&u)%`oMZwI*zgu$U^R>ojhHIXYnP%)WtULN=
z?Uz0WYwRjl&Kdjn3L>^C(wNN^&W#-O+mfSd@ECtD-o3`gW~r#Clq;73V(lF=Fbu?a
zPFhkN;=FQY<C?{?W!+L)y}VHA@~O#)^#Xv6v|kF>8bq0_1pASGxnt)lrGLP(Ofc(5
z!@1*<w|)zJWyzLBXS$ky^B7oa><xrNdzr4AU4NZv9LboSq`lO!TXyUi$2@iZ9>AR`
zBk?QYjBN$;Nu%S@5J0Yr2^VBe2z3VYKkh>D@<(GM5RDgxFR<mrwsz#Y^X1}X0|yr<
ztNb`M7VBDE3@m?8K;yC2!U$`jHw%F7^6kaIc1Bw!M_uRDgu}&4@2{Kaz~UPKPY1B6
zUxwGS79O*(@}6AK%<s7Bvv2+}`NwG8*E)|ob>q*n?rn`PumiUiILgQx7Z*7$@YX_y
z`>719#gk1Ja(fJV58Iz*h!d2p@h4fh6FA>!KRlmfF<`}O>w=Ht3C@1ag71Q@E$EwW
zuhhIJ`>W5{26Oh=gK-#uGrzYaYiSRbIn9<E$BlEXe5O|ID(jkjPS&@AjN+mqjmp4)
zv>vM<YW2f%Sy|c@0ZF}B9FsktEbz27LZkf>lx&c)`e^~3Ue+Ei`=Y<F`=QU=q))dG
z<i9O#j&gyE0ztskBz3-8D5;oX=8^&zwMqLs%HCY)(Ppz?1DSaj_<m6Ps;Q}w<0no_
z6+rC7@e|V8+G=fx>}CLLd1=0EUSB3VHZBK%6-#a=N~wS@Z$MecH-j5=$|5Z_LDsKY
zByWFwOseWSEUgT_vPNiS9muYqlv`kfzj;6X!<_sN_QuX^n(g@%79vF0fD98XNMd{m
ztmSrLH=1IYs-_3#L`_)(jUqWYSyr!EBYAmw{>9wvO!?Ll;9}rgvdk*j)hfxsUZiw!
z0Px{IU6}1%cfcfRZ6>ViSzw{yVuKb6pu!YlX++j8-<Z5CFtALIyes_&J{w?df0(WL
znT4PCR&a$jM39Q684)Zk1r;uSx`?v>05bN03q9pQ6Qtd5UHI+YwpknqW*mDA;%AKc
z%YdF<izXcfO2~lbGn<fMfLy`Otfr2I-deOEJBMcD-`%VBV1c61Fl}|iQXUvrguZj3
zHB;Sa3%r@xB=EMz%w{wizb{J{WL@rUU@@R;o{wcNvos)rl?66tLFV7|e0{zI&;U8c
zXm@@s)CO=%W3k4jT9|DDr1_D65m@Z4O^aEijrq+2p#X@P>seZ%&9>A&Ip6cZb&R>s
zGBv6stz%VFqCA|NG;32}#u=pc*qa3fID4aG-O+}7+mvYmnl<-%A8PRgtjfx2`QU?(
z<lT2akSkZN>hGP6)cNHwA8uV&CcCz*)QlT>Hh`%$!Lho{B#4<l^Zi}B5<%5SZ>2zn
z#&?0~vDz!INj6HpM8(EU@8WB}KjxzLoC^!agykk27#6*_;0KIZG=saA>3xEeznaC|
z@~W@Mm?H>a4?X;_+_HPOq@;i@i$#XA^TN(OK&P`h>kY%qXd%`jXuZhxZdL!moiR*B
z_Cghf`$R=sW?gGTY<A~{G=ckIL8fs_9o@!Hr!T*yMX82E8Z-LDlsN>XfOcW^hv#!q
zw-$5LAM0GRz<|_bFSr&knZ?$asEm(;i=$ak%_41%Hw!b5A&{tv&o*Q6J_d-*E?!M&
zstE<;WwaLOVsEqq>pm8kQv){rFpIadU#7p-^#UMc{;lS(Ad{h4xUGfVXccCRe(l9Z
zT{VB%8iMJ6@G+K#Wr3Mq(Rvp4LDu_cOpMn3oEm8GEXI6fZyj2y>7#X=4LFXI0?*HW
z!p_w__~QP5IoAYpuYfG<JLyspkWuin3yfp<?}Km2r7my{{*7QoAK1Qq2juzZUywa}
z_A013`;-_LEi2&jx@q$=_?=d&A1p5`RpMf8^2RvEILgpN`fJYL5~Q^%Da@8b%=7{C
zHd`Ou7;RNowQ#3q`k1Ev>qf+$^Ue(qt{;?RH&lZT8<63}k1{WgJ<S7VgiwucwqKWT
zo^4)Id$m2O;!qSXCnrZ1m6WJ<rkas1V!^v&v(N;-tzE4pXEUA5&erUAE&q^e9tOnJ
zdl6VPti{qc(b)@#y#&~xq_@!+CX0D$$1<5v0CTQwCL<VFmvQdIEx_Z>-CBTblbY_P
z%`V#Z;~4X*0|X7Y>7uRup!OBKXq$f<UkQQEfTWp&{5EDY1L^@y#?l6ynhh5@17Zev
zoB-rpa4q1mHXQ-53@pl)#%ygS*o-DYd9cr>|Gb~2xmX&KB`b@<ZPp>9ZCZ1|x`);G
zfH~g@`p(7LyqC_t^EyVx0a*vs4y(_>z%bF*EdX4BXKz^$Y{HAJZ3Y9ek=OP2w&q#D
zJUsko_Rq3nSRmHY(kgrR?w23_@G1HD<4@op3uIH`hN!eS1LngOa@&qIvL5kY`B`8e
z+8H-S1Ay6}jhW|=f&lAM#H<mF+q<kFZN|+p^FHI@5{L5nhEDXcje5K?tQ}T1dy_ZK
zYTwAW4;zqSdc`^)ax^QLIu`F~lja<}5ZP?1k=ae<<k)iSO9SnNK8Jt_CNNNHKe{5)
z;K#+&4`Klyn2|jfK&)++|3}R<)Sgr|^Iy<f5RA4E07sr>VTrxapifrZ5t(c7p+w<I
zL)46TIWD9&pxTRzS!~V1=~FYA(INr>W-ZuOmkh`mZNgfpZLLoibo5m<JKif`_Tw06
zb~KBbb-tyMn8nQco6!a>u<-j29UyOQ4lKYk3p~FA;1O6nEz_T+IXO4G)+6=Vz^zmc
z|Fwo$-5qi>8WZGU1B*G<jLW)DU@;2FIG|0Laa(;3_z(@)S>v*vm60#y=`@q_k7l#u
z)LbX?x()B6wGpz-*!HH)^n>4O!uAJk8$yZ0-{uExV|uk@8`xl2^O17mnAkcyyX5eZ
zBl6Q{p1lslGSlK@E9mR@+_FKoBe<BX#H7TyARpLd#vRUcICfePilLDuftaE|#y0@-
zg*h1MmsbYxG!Z^1+vtR(z)Ne(Unf==TG)Wh>m5jOj)x2PG-<VA5L4)G!R0~CKQ{5g
z?3yiXu@-vM%x>K5xUB`n0wW8^>_yEMtlx;IKUj;RW%jfDXBGewF#@wqkFn>TwGdbu
zlW9r@<e4-%`T<l&VQFZ%mNND9=U{Dsqy@jW0HBFddNe`H8i&4Uehd$oz?=(lkSx#-
zo^KYpfVt6H#GK9emaKaOo5hUz(P&>PEtS8~c&y`{3nTkvfl5Gow1B~k#oQwRSWXQ_
zi5SDQ&!EkQ-=`A*bNa;095CZ>ng=Za4fNY+nidc{wOmWqM$@y^>!7h1&^B5sHD2dN
z)TzB0ARPWa2WxtkTmo7rP1lyZ{2Lp417n_>xt`J1&1S|4xYo0>HZbP-IAs&KR=~{K
z57GnuV6VRNntbHY#Mr~dg&A_stsCT_+qb}sSSaZ!2o2G+QR7>WopU~D0?xoc*kz`z
zibo7vpba52ev1Zon=qW|=$c7<;KVIzy+ct$VZoTN+(ai9h<HwcF}7k_>7Uc_G-lu$
zx}b3ZbZDo3f`tP>j8<T+^wx@RVsZS7y8$5k7dA9Fw0+|!HyTx7p(e0d&0>LB6ViTp
zbqz9q4}2Swn*xJj4B}X`IPs;nOk^fN+PbgVk<+*4r?Z>8+gg~lU~`e;`PR38ocNpN
z$FnH$G=o|Thy_4w0YZkgOSgV+G(>A?%9`VkHsD$yMBp|cWNC2b+Rpns7foY6G(-?y
zHo#)EfYU7E2H;IUt$PIs2mwEv8H-s!&9k!>Z8KH_3;``EFln6Z!+;qt0Cd(l7C>2m
zbv?)%SvdP^WagA}0OX8Jt!o*xYOw6AKA26KIoAo4X8r~4YvgGAT<zy=UDv6lS@YIE
zUTzlj8C&y*e&5#CHu+@VKKR5wK^YW_2*G1Yi!$WNhi;Y!@7#=x9Jw$f#@c3N)BEv#
z&n7U71N%9~p><I%B$d%eW&-S|OQVQMNU+`&TTIlXv95$JOR?i|gbm2xWM^=k|JKng
z^yXAI#y3ai?NMrG)mPFq>xHEDWZ@RU!ep<o7CEy+)t8+w>M-E*FCI2Hsn%y7<J4IE
z=1N;bFiWSkhqi&!zhKyYCR-abrmDd74J_g&ivbywIyU>>k&)KIZeAd#hUDCZ8z2qd
z*;}Jx->gO7@*DZX6NYIXhM8&ZVHP;mDs2G;HU!p)t-e}dW~Qi9+c4%mCwnot-*z8$
zv2~jAtm_6eJLl%W0yCq{@(R4SQ$uz3%Sgch+Hk<I&JWh2tU2QZE3?6{V%z*d)ecS5
zIZuM;jMewR?}9aO$E$9n><1GA?9THIm|DLxGuM0vG<&D~%wK~6F!)^mHb9>z2}oY4
ztg4oeK<uc(w`n;UiSqE>Tjh~^w#w2H)bN5|X}DHDyjOGO-^1mpS$0e+ylEPQlB4V}
z33Ev+Fn(};`N#$a`h&fSx>LGt#!i!1=iX%ufx!QAJ9aifqcJO&y;20UCtI`d`>z7J
zm9;V$S(^Y_8(b{!i+@qF6&GF4gBK$kd~8#w^+(GHX|x?RQQEiB#l>Onv94wLVk}L;
zIOe&~2X@eAkq`D88PZ3<e5AB&<e}E!SiVG-^5kE9tVPJFSq0Atr-ovI7yA^5*$)6j
zV0>ot5HQp6nno`A<ZLa{p%DyQm;;MS;Jko#XZ1M%IRF3l-UC3hBq<Nf>T>Pv^t73o
z9`AQ&*33F~mjxX<tT-VAcP9jghZ7P)z#$1Fghxn%L()k?AbSGoK!BKa2+yq6v36$1
z_xNe=eRr8Q7ZG248IkY*tEZ-?{@$+Ydb7P%_5bhX%Z$v7FTTjgNYuH?*V_YETKirq
zbG^6A2;w_*4%^;*-e)Riz=iu4ZKPbYg3QK7X2v1)yk;1{#P1uoAS#(yXN*P4rfYEI
zX+as}9;d;j0Ub|0`E+^u>FpK)td|-OUm%$<zU&L%SZ<Nvh=l@Tx(0n_V$z~{^JM`w
za^wm<CGE_(^uLzK_6=J^_i1F~OoDwcy~No+dD$45gpfB=C5K4QzPbzVPE(5dFR{~b
zOXUT2xJRIbEXNO&Qqm^maKNls7oq;aBZ)gX!0B3CGX0x-T4RH&XU^1A3FLJmKYAzv
z3fi@qtT^csQw7PjoqoLw_f&7RrpZnBKv53<Ge<7wz=&|O;VmtYsciK<_^xY-LrFSP
zwkp8^#Y(KvjQJLnMWz=91^Xf^-ON-1gtfoWKfD*R3;Ny5NbtS&gTEbZM%w^{(bleP
zy7Gy7u|MgOrYzf^weHDSjecxFiSG*V4OZL*O5RKP<~|JLf-YFNO5+*0WHrd+sVAQ*
z2lgMV-Lz@l%JS~F-CJ&#jm{dCxDc3_xez6=<<QYn0%i#GsB+T?SUpB7ZT4<%xWqrO
zZxkM+I)-Q^Ut*cFeeALUS$DF9ik@v%7w&z=P1CG3c4mqvS=|a?@?mwuxe1DZ4b@fv
zC@`d~Fim?I`!#FU#h48VfK>!}G=m;P694Gua@J5+)AZf;9oKK_P>!`K*H2o99K8tl
zmuHx8)|izZnIsr%I|iWGWlc-|BY*`!q>%0ecEN6XU0AgC*%$d<yqRpIH*${k?9YaL
zosFXOULcs`8GOl~WL=g*N<mD%#b#sFyVuQ!eztnR5=M9FZ`S`wxp?<5I0o`Y;6*l~
zBH*K!VG<Nug8=PB-PPEVS6k$2Y>UW|o@B80Qz^AowYQ(UY%`C7Jl4Txxh)_9daAJ~
z!6nCz9WO8Mc)6UCOdh;$*>-KYUCsqtEt%=fMZW+pmD!mylV#^_IrQ^X=a6O{A33S>
z9JRMOVSsvOj>>+eVlEqyAx%<85iPnFq5nDyF%}5pp8+5c6<F7GOe+EGpc6eSf=)sM
zGyoUWS*!iqi67Q)tL#)$vTT39MbTlSa{wm$6F}F`LblqeqSW9FB~g}gDE5_UGa2=k
z!Kznzsj`az4Juy{Go*fE5Coo80Pwth4s>LxRJJoSuNbEQx2zOtV04+A8w&N_U@fQ*
ztOx_84j|X>?X^fbMRf|o8`~JvU6ffe+TRAc<odEDY%BJoMf6~7u+};vaE4={X8G`a
zd|ei6qtM=+-GFFZHU<J*um(s&MO|JMxTUWE=(+`hMn)DC>TD8n!zA9p&tt<q-{H5~
za3&)=d{|RYaVv#v9F`FE4I5Tj;^1!I)Dd0{4fjg8(J<5fF@ionzo~2w9yw8-eQ|F&
zak^z>(MZhMxniKIw{ifQ>9FiN7@#OF8<2^zp_z_>p4Mds*uHsDbhQ|LRxmvj6^DWc
zvvNbPF$;!+hg<SCoqd8q*bYcNQXnk)J+62vTXRsdoQ<ZWoRL9|*gsP^rgZ#G6;&}Y
zRKalrvbrC~B%27?3ik47Hgg4_yzUhWFai})2!C~p253TIX$XEKpk)*x>y7$gpO_O_
zSBMY{8Bw?;*``*J;$0z3GNVwM5owv3SpcUk8@e8$Ou?c8n9<kxjIwdY>V^Q@K!qO4
zwrfy?VrSd+UK$e9l1x_XhCG*8cRMSm3R5Qf8S*-swdMUDo7BO)(4Gp=AXZh*96wZ;
zlm+uv<|xe!z`;;+a7?^QzXyYiJ_=BcXXt~_I_kTQ962o6JdOt#N?q5iSz(zvW(u*_
zdQDHs2^FU&<lm&dbM?yQWresQ=i)%jxmHqI-^t0d<(U`ul;?KHkx-pAvZ`<9_{E5V
zYzvil^)i?_ey<jH*?>$YOVh*)=aI{7E-iuq$Y<b18h3K`RW0r63i1gV^awJ8N`bbh
z?kHBZvo;2`l(a8?O-n4b3@Q&k0Un`spsNb!JaH4WDIT}hRZ%d5hCZ(#2IT=uSpT-r
za~*VI`D&^x0t_pc0RdwJt?jZH0En_Je24NSH=s|M95|!j!zG7*bZrGV2XmsU&q=T=
zy9iK08)8#5l`_hX;SJDe7ucf%z+M8lLK!PtiFHu!NplyWGda!3ukQt$5qZkHnVr6O
zum*#v%%rj!^pDnadO8~uFn;h|vCQviU(^l##*v7(YTc_B!L~a<9vN&YyUN1cz(97F
zkgb`yX@6O_U1WH8Ca=TB)(;!Q#_-@a)$t*FS<AkC`z`#wjyd^-<1)X;>Mj4%V4{=a
zn%lAGP<eFw%jM;r2P7C|%uaiL{hiw+Iq!-&V>G?}cWIxT6GL&|VM)F9@b<D}SF8oH
zG@Cnq+Q3|~F>GUPQOxJZ!b(vk!5&R3HE&?Qqroq&>*ncG@C#uNSu+U0GVI)_q!7c6
z5o;+~QJ8|SCK17_voPQ49~Ye78{GreXO1{H6Fs;jhuE8<kbgMV16L>?vJQ7WxwF$U
zV`-^w9V6R9R<>k+q3EsPRK1vZ0C8C5$c~PyADhZx(7K;u<luR-EGx<SB)1O=ol#)=
zH5e&CD>I5HH`q#c??Dcsu<`CTdXsH}h#Uabh3YB5>~pDv9yL>YTaBPPP(pBd>}a{%
zzh|u4Ep}5p3LxG`3QWqL0nE8>&YZoz96Fl0gdmN+@k}$$y6gVPEF6CqSSI8P`wZ^%
ze6bDqX`{6E7i8ZBw(u5c{m+~cK-#gRobbJ4?6WgxBplt@1dTHdkT`toWZ84zSb6Tn
zJ>?S*KT|&b+3jWbzQdL&<17E%17*YdRd(X@lCdjiT}=(k6T%!nD~D=+{4?9jG0*6c
z<+w!lmW?bE08VGbHG;mxKXMQni;yvutmsQDcovUcHby2^LetxpxYh^yEb6&nZ{Z=5
zrZiKR+tKfG4%P+vXNyB-BI|mSyM9!`_9!hcz?qu+uuKVcbVvMIbp@0jK+Hc>F!Nu*
z0GU0+_b7>i;*l=|;%o(X-Hv%vGXMt}^y%8mE=(vkKqogYr^!*7Jeh;l-R4XVOyEXe
zwjb`XuA&F=>)qd#=OF3>K!if3;9~u(J4kz{aI8sm=XU^lC~30ITrNEr;Zj4T8kJwW
z8=n$Dy6#RIK{f{MzK|c4d<NILXHae<Na+*EjTnH<`r;5vu2Tj(i!!l1O!p)E4@12L
zvGCl`FblcYb|eOdI<O1`pG;0pmHqn<NKQo@mBd@l$k9pD;!;(E;Ox}-vR~NDliPQc
z&piHOdE%KJW&88H%S*ctm5C`&Z*}Hud2z>n*-U)~=ehaV==T5R{#)g6S^_+tdTw|5
z-9P?Jc|v}6NRk-~<Ez$4!r(PcTD;d@SM?6)sqxZz$(bm9dRZ{$vb^M-cfNUe_r#&*
zUBhyOKwh+d?Sh=2C7AW=mJwZ5c7%rRiucXF##~HAr%ROy6}QhwfDKp~o&ci=3pPF9
zjPNKKN<Aq71v7s)6c&_|edg|;u2P0O56mDdnE*Mu-Ec6Z9lF?=aaCbAV2yeaAkiAU
zBiA9`%T!tXo(ebK59Wy`GXqF30Kt_O?zv!i_>A(?Hj`DxXH{o5Mg!R#lsT1nR_xiO
z8vDk)!qmfVw1oI#jgm${zy6_Xl6^_W2Sys>gzTAh>1SYL+=hJ6OBjpjuP_3tOWeOZ
zcP>~}X6HE@OJ$?h&u~}M=wVhAf>t|@2znTc>RLQ?N{>ovmu+-CN!^DB4jnHqiYxA;
zpL(kN!G|9yk3O}doSqP4vZGp7E*mK~N@n@BlD?{6G;Mb*4_Y(P5I8OCcTc^ryS(oY
zK2bjWi6;fHJEvNU3^X8P)t2kaiVfGw@k(=fO0;i?PGiSi$r1`W`0KI&nKWa?nKNg`
zb92U5=n18BDagSKYankhC19a@RfCu%u9lvvNY^S^u^SUp<yi-fnXpuC{wo*{lz`sr
z(N@qcc3~aB|ESsvQFFYBAVvkJUoo9kuA8xf22esl@s+VY<*Lrwsj4lK1QX0zHmVh>
z#NO|lff=d|CCdF~WFU-yBP&T@?QPBgZ_2<WM!|MP(@%+KYn)=kXCeRSD14^n#9lkC
zJEIPBJ0s`<GU;wHNd28OZT~uEmu)+WEAy$wOSoRU#zEe17GnovOl8Tf6!;E?j$Vvd
z=31M{!vG(3fh&{!gRzIdaRcvTbZh<&_w>4CyI`#4-~@3bU=Hb(vhUDQbHzRU_zUG@
zpLtq<>}g?Tl8dkvm9=s6hLz=AZ@s5{$-D0>TdrMa#|C{qF31FH)KjvKdGz>cVPZSW
z2mkal<pY28nX>oL$)0Md-1KDVjd#ATthjcIf!bVMTK4!#VR@rV<p57aNm{POp|WDG
z-f^*V=B_0ddyC}TlEV_y+3wQlRjchV$i)j1Kr&xUW&(xkfnW@(^kWU9x(zA7Jn>l)
z(%gfgsj@WP!08DSI^21LEP@;E!~2t&rA6pseqvlX%S2exw3=NpTCt%}17uTu?0tC+
zi_C}a8`L9QQ4yp-Ak)%@CGeuIwYXA5JKJ`2#~!}*H5$Arxy<s~9-br<;eFsCxjk7q
zqg?K^plktb90PnO6*%5c#@4Jc8So}Ba8{J*RDF9#?vOE#r{P#L_|SLRN#Xz&f(xS@
zVax=}&ULeL>evc5C5((<+<dpn3IRdE+{10klxEp&+x|`l%kj|dOa9HV!Xtz9<aKR(
z-VU_=xjp4S{nkU}_(?e>djIh<-HGzkvX(C$DR<v?UHKw8(&bAeEB@WLZ7pl$m=p$T
z&Gi1c`kcUJ?bYZ~0ptl`i$_nKE<5)eERTsR^r4SEUOx8Or(_d!XWy6)wqaS$S%32#
z<=T7R;AfG|q5hSA92u9~lp^1Ar_gHOkiU7ZWN@)^E(?%}?|HdIKQ*aJ##gTPMf%Ip
z%q#pIiA`ut&xs|Y?hh~+cjc)<&`qoEILvsI)n!$%ZlwmzfTH1Z3X+C%rbVf|VGYCm
zqb@&wm#t*n;dIfX5!;aM3>b)V#DpQZ<PFhwGIU)lZCet+r=RCUxz@@KFoqu0wGL(s
ziGTyJhITzB{tg{XAPPVtL+<AS4TXt1ftdstlJ!C9L!JbLc2p8H@hJeqm4RhHLEr?R
z<%Z*6Ei^nFgsObvEx~pJSS-JyhTh9~(+I`0R!;<7sKE|5afIG?(;d~mHehvAppGk+
zrNKDb7P$1X>y6+=W}AVHV+P}ehC_d21oG_#K#p&f+qfv&Yp>lXKgVi%Dt*V16BF_;
z@-F6nSvoc>$%L;dZ;@kNzUUqImN&fama=8z+OkYeC!cE&%V32m774a>Tg0^J1r0(u
zCV+cL_K5A=d#F6~{ND1|(=Un}^yRWkK)APmY%s}bEu&@i^*5Cp-}yh4^|#zvM&uZ+
zZ1l8a@zVYpk^H&COP3dhDe4%N)7m#)T4}HDsmlUn(jR)LCPuT(QaQUu8a&rgGq0}c
zSJ>TYgVMB6bG5j1;#)98W98fQ4pGYJ$GVKsEs?Ek>hveVHR5bUzjlTKrJfZ#RT4nU
z6s0g5Wr2ulL%6oR-4tr1qN&|lbqp0bSqx9KhRX=y))}OO4dQc_h+p8+(#@965S@Lp
z{yAHOp4n!wXB(trj~SI`W*S;H6(kvg4bKD^_*-QYhc=Q;M!S*aKfB@(1qZpe<#|6D
zo9aew;t{6gQpL>Z!VH3_Q;Y%1fuLpvi?uCAKxUdeD^Ay^j7^(2KqF9xElN>cLfn%D
z00o%wU{Cf5<d*>$?cuxG53E;Sm&;o<w48h>rqvsWo!S7u02yHzBt9nV_6nYafNc}(
zZ#maj4yj#PZocJaJ9S-CRn2tizQ;`)SIIiq#&Y+q*Oj-v@s4ue-8Yu&Hmxr!mydg&
z%=q}MzUVS63p5egPs!dsbrnucO_wwB@3cf9o{|8L69Qg`CEe7%gGUX(UXpD9FYY){
zcI`P_PEX3I@wuyW4U8!*Evv7)vE2NgFD*B`?F-BD4IAg2M3|gq{0s{t%kyH%$ng4E
z3FI~2bXkB*hPoU*bw2UfnWX+2TQg4|hvntxdr2EC(8Jvu1P!tYDpq0}@+7)KvG#*e
zg~EocLun$w0`5i!IQw4jLR6x@+rs}nY?{bI<$?WJh&BW;Y1fA9EnD8Q?ZSJdRZckG
z1&WFLd}0E`-Y?B$Vc9H{=|GcJ771Bs#gXGJyS?=6Gu!v&``*lAmuK?^S^!TdVggQU
z{R5Q4MMZGsaE7c+rXC$??$zpgC0OcDDA!<`r^~bN|K;-Yzx-f%=yN;E$<Ynv=KJ1V
z{^Ga(pXIy0^7gXa`VmrLm_O^rZ2;(3$Pw;B<{BiMi~8ok1npY|ELEQDL))Z0I%G;z
z-=lp8hDkOEP_zD0?|^@Yc40he))0;=$g|xvub*MhUyL7ZA2wwp+`j^FGMwlN4MQi`
zDc#DLBfh_`j+5v+-Mgr#u3vM_hO&G2p1#^*-KwSK{(EjJU--7W%bV`GrQCSK#&XTN
z)pDlSsH}&Hk(4%I&!lehIOIJQxI{P#TABxON;X+*l;MffXUZ{g5gtBrTtfa&%RaZ0
z<}y5T{FMKGsvJ6e!dTc*`Tm4#7l7B{A_`B(gVa|e6xE%0!#lpHY<tHS8=$F+u@0<@
z6!B`mvd!VP6$Y2~i=0NkaMsA&QcW~MC;lRsRmE)}5Mgl|U8RbFRxyBqYbg$TrZl0{
zjj?!P*t|^Hh8u<o(LT`$Pq(EhL9i>Zj@T20lb^9h6Uq$l#QH{Fi-J2(uL$=J<xQms
zWrq#YT8=6%Dm5xv>?exjYv4wcR;kskZptP35JfONW)TTR2WCkS$frVczfw#%xNq6^
z40aj7sPHqpWBDp`tZ4=~lH<03>8DVaqvgXt`Ay|pe(BM2f<csL_LiqU{9nsI{K)T?
z_kZUvmEZiy_mmB$oatIai%eb~xo17^%;mf;uA_V9Be9Mv^9^H$293&;1_&6q{ySTN
zOWQLcZY;e=L53F@8jKtO9N&XJMPEUY+5g+`7^f%&<AXq?28RY=PzY{dIdRqY+35xb
zAn0d+YmDtU&72XN1l~3XL=VW^x^+vr`KFu76Hh#4K%TF)E62*0ebN2ptN;94%l&uX
zB!^P2l#Db;7svV2JTSu_6^On4Dl5&RqVha0(UFIbov;W=WmmiR9w~d}=f3?%WPR?4
ztZ$tZ*WoE)V$<T43D@FmwI#RnjIUT-R&L%}Hr{=Ix#6wvmH>~}m*v-Jq~c&eEJV>J
z0+7C2J{y_6)_X1sBa=#wiy~`%AywJF)+WsJ=T#4>f=-9u=~{)d3}kGes|&wd`Xyrs
z05V33nKH94^kb}7^rkrj2!g`t4*?&wTwVRyyYxTJhX?ZD3<wIzSdFd!h_6_>lWP}P
zGYiX~ph4xtdZVXWrAil5fCIq*x7y*GV&#RKEY?f3w45_ftyD5uxcab7Kwz_m>_Y*P
zwPYEF!iD|`WlWc$)<M@QpwzgTS>1n-2?7YX9l+&hMFq36C*}ELzyH(aZ~W^7VtE)}
zI9VS1mA_Sf<n4b{{>4|UZR%p6rbY<mr~vAF3bE+v4AI#%#!osmq1J~+koKwO7z8k6
zMx%c#bAa`a6)+k!VCBJnB3+b%9>)U8WV9jL4gdqo#dsK&v7g^-TM+zScq9U}F#dSP
z8|zGiMZp<u;WPY+AfzE-W9!Qs-~7h%$xnT{hn49@=i6@FT5i2*OWCk?m8_*HBaL_G
zE}H3gj#C|n>LNTX?CI#KGi9%U)DB7D``k<W#4RZQb{!DlIx0--q__}eP27!@*}S8B
z5B10B@)c!#%{mLMUw8BEWz)THDjV;5U0J#5I@tg%8@H7$y~_5?x;}19Em_i@+9Lh2
zaE@_t*`+lyQBG<ZEMAa+TC19H)6+dEBQvF8DT^WyBYx*&uwJpeCX>0&Ikk$dV0>21
zIaL5~-SA^o^-$+}9~Ca#g}Sc5anB-LbtDVhtzIBw?NPdW$N;EZpa5BK1qCE(B|+Dp
zI;rzoUMMEC)h4}L=6ML2&F*Ve%ur#9#i>9jYrGFi9&(C2i&VCuz}N<CKO*3@j04@s
zpoj#<6T8ZXe)X5jzyEI!l}~NoSq`3%bD%or_0aH!a{pI<b$OtCy8O5IK3WcmC0@=S
zEbsphA1FWi<$two_Nu@jKy%P6*oIYp)*g<TYKgcqPV1;%S9ATOU>mS9?x%x$SJ{}k
zPPNY}aQWC0xq(e9P{OFvEs>CIFn7J1jF%z&co$rf0RNCJOV<x=EchUd<ijxJ>e#e<
zxJKE6TQ-2S4y#tJDsOq<&E=Dy_*6M~@Q}FoBBAc?{U^$we*CerS;Feaq}>|SF+Qe2
z9Tx{PzJsCgx~8RBL3ZywT%MPW)7vF8$oA)Ul^1sG6F@r-;F@t!E05?IemB|5{1lxr
zx@>t_wr)dNdF|G+>bh-Z{Y|%*HQQtzaO<|ROxD6Q7Qqg@929`DirNPPlpK@%SpL2&
zWa+ZJMB2DChr6l^3qbbjteshO@w~jnfJEIut|WDhLI=7sk(_M-lRYLdlvqHFu_*;U
zlY%R<n$<&1V0Zht77uHe>l$DxSo=^V1vXIuQPobeq@iHghoLAn*PALJtb<{_h{}ns
zI$HLyu3OMx$|X*U_z9M2b<qDDz;#jsh*~y>BSbQ@!uR;BWp)4tC{)NX--}^|e2Qq3
z-o?H#6`T|<*~!@*zgK?vo4&97$Hz{3603g0b4gkM7k{?==D+%~vS#RHdFPUMmv8&6
zLmH!5rXPE_JU;zb$|l=xNm*wg&24M*6H>900inL^KNu41Tda4&-G??Iu!G5%-O8ze
zVq-*^vaO8<Hzd=owu1qnx@{rzoVd95i;h%r@u^PWx?;$c?PFi@g!FFzVEm9J64<-C
zTV*jSn}Bb<_2%-WU-~8G#TO-WhqxFki;{MI^fS*&29W7;K(c#$!2@^ML7Qt<Ei0qy
zUhRx`ooG5%Cp9pGDXsP$74X_uo_=9hdHR{%<=L0^i0kl#xfVP2%gnl}GD>Hb=33SD
zOIfEIUslFeh|5#fzLu?(;1gk68ily-mfOq9Yc^R}y+#k}y#r-neQK}FFgq5l&o7)`
zIdenj?wiX5WapPP{%BzuBTL6$HEo}}W?x|?DI-(YqDL<3$+c7fbRAYU=2kx@DOr#Y
zcv1|vZpogqRch)`Cx#V(<5a3*m-2LCO81x&Yu!CLw3%+kz%fozGApec*OXK-nM>4}
z7~f|K#~EP&j-gb=M*<XB6LbkvR;jWF@bG>pd$x(}lY85M-#F8Y7BLihjEAiJ_+9I!
z(swW*0g9jQO)G_L<n*V?&wk_gl>hMf<g65!)&ZNt+iR$@jU2q;U~b>xei{b+Jp*fi
z7Vd?7u+GT3Be@LT4%URDad1C=az7cK#osgtcwa=2s>2f<M%QL$tb7l_)P8#7!M0*u
zQ11mB#dtT6)@&&Hx!0ElR*d!5NTxj0^|)ru>hkutzqP#Z{PX4TAz7Q+ySEBmgIGTK
z=!+7{e%R7ez4L*)%RP78P__y?Te*Cxx%;&&b-A9FR9BXdQJB}u^6yz;UQa)}t33Pi
zzOw(&EWs<WE6ubqA`D7dmW8s9ja$T_W<eU2zsDqr#Ip6*7<jF?c9TROUTa`BCR>^G
z88wC>n>pMc))|i%`%`5*wxV4UlU`i&DvG$|TQ3ukU09kY`;hoi$Cj_U<Vr872W@T&
zdyzqm$(&W0D`j;j3A%s?7+-J^(5l9S26<{3Tgb}GRt4mX?dIO`_rZ!4B_aRLS@P9$
z%^F=Rb10L{cJlYIz%>F5nbWx;Hk1sqs_TT)NH8ROMOz4d0UqJP<M(t=>2y_@(1Is(
zqoO8wf+4ZKIieG_X4D-Nrn}L+8^To={X$uhW!TsTD%<lK@bKJ!{F(C0Ps|3y&X>av
z{@wER7d}=VxbT_s+wVQ>R;{pydtP7ek%Y9Ydk(~jtR^sG$U?Ldbl>KB=DxDuZ5%<i
z-2*n!2kH&LeR>lfA;5V4#L67#{<9MOAApCMFIe9?25Pws?GIa?1_b*%+6Uma@BK_Q
zjs@*I8h_!64iM&h$;!5D*;2mZE5A~r08f<nz3&6&X5^(U*tPF?`K{mmWck!1&y_bw
zru(~Yxvp%wR$YxF7I31+xg0z!hji}RU!H$?zidiAR1Qjbyyk4Y=%q%huqy?r(dEkx
zoXD=0%KFxFVO1;SpZ>1jXJ8vqU?a$hN6U;~Gdezh;8okI?UJa_(eW0@WS*~h;Ep#B
zeQNusyEfXKs`1MLWTF^XWguH3oAI<GKVO!^oJ#Pu7UouXmPcO8F)LOSN`y75tBwa#
zf}McE!-dBXZ>kg|84h<L<3aS9a~?v^s7DR_s3+uBYa1>hC<$zoJumx@=!OFhM^+Lj
z_i)o8a3yE!2o?cAMHFKOx$I62S;Sfi85Y?{z9+yg003YWEG8?pupOMgTK%DnGC+_y
zfQjH7H3MHe9{`BJ^``UFFO&~H_}MbSsVjTnZv5(>D8Ka6Utiw5S#pfZy@!AI`^tO1
z`M1hm_4b}UR6hIL|Gs=SkEJCW%U6BdSC=hHj}ud3fQ>QJwDyPgIm@zB6RZU_Gd|m&
zUqMjdXWHHzp{VXfb;UU^vwAeg(>NgN%b0jLAK#MY2u6*Ndjc(8l-vS9w{P?haWwi)
zkxadxXrEbb$p}JA7!jKR8UZaa4s=uWZMWTA{_@v-t@Y*a|K1;#z5Dhx<51bz^E(eo
z{>4LbUfIKPg7nfdCP1cRT3v~!Cw0$VWJj4%6_}DAF?OZErC_yc^L3W<aP^jLU{~um
z8lY*whPehU)L;MkDz<Ou(DvGR=iq;>`e%-ww|<qeqRfz&_T$vl<jB~N9S<<jbIC3X
zkcrS`8+lw78mtK`7cVGG`L~2&v2L+(GcOe;Ep5G-(PE~w^?3y|oz!j&BVy6lf^5di
zWHXHNB)aO$ws7ZA1O|9ygO*K%ZYQX*SQ9~oRT-(GGdG{FQJHFy+p!1DS&+An%88&g
zCX49G*m9H^!<-3J01PN{CWmF%H2?@KPBR`TztEae5yyFG08YFo@)e@4V3t_R1DG<p
z4SE9LMj+?k1Qr7m4>AZgC}m7PSDt<@&D+tpmGAk<ZzvCJ5(C7ePS<_ukCuP_-P_Bz
z{HsUH$*!$Bw6fg$9lub1=BqXc=<(b!VM(4y+>8*<ERQJ^%v`@an_Plmi&1m*B{y2L
zZ5SiH?GHv1#sYx@?bB@)XWh^-H?WtFdSQD7SvL2=+4`@C^%K}|zvkyl`^c*E5JsBr
z)8jg@wwZO(-w9gSqsFl<;Nih4Y#Z1u4q{y{jOXsV?kNBJU-@6ln$@eypZw{E%F|Cj
z(*%H6|BHA|O9I~06TSHhS?_*7E%-sk-BJn0SR?zlR&BkZtd;B<>ttV-g4j}V3o3A_
z5v%M9Ysn5&CO(Y6`EqIBSYS!I#K6{-*?~9YvH+PfvTSi%hf!(HmtGoBJ-I592Y@jo
zTbReb9G#>(H`PMqILVXPfW?fo>JM`z%^~Dr=q__xuXKi@?jvPJqn`ItmC=M`11HmC
zv#UGLSXs();jheVG`inM=b)Vg?N&P#Jx>P4936oR)7*<(n}KT%Kouuc$DSuwkq)M@
zz>m2?MaO;EjG`l(0MH^KvyRCnbuU~1Hf3uYe^u}oPL*f>`@b*$&%b+bdFYWB%facD
z<%av;RsPa<d|&yVue!CYw6^LVEUpJlNZ55kr=hiF{kk{|Q|q~8$-45MAN$Sndk_3l
z`6vJScVt8Kj&gEDHbme5h2?9%^RJih_|lupa#hM&N4Lt!aKMhCFc?Hdokwtwtq&dq
zk|OT_gxG+uu3ar(>#yaioS9`qKUek<pJN+@89f&85e9%p?2%!i%hf#z4*}!}wg*4~
z!{=ssuGKMHNp=lFRv2&W7c#DFQ0RAgqczGVkjCVtyIVieai`fn?z#IeIUsX&x#P||
z%R_(qQ2ESf9xgAvyrXBI*{oH7)J2n`ufG09i732Af-&wWTi^7KvPM8mgE5q~s2k4M
z))mOEX5G#{H)^iMd`(PD46hv588X=GvH+QM*m&bQQs3@8vo;3X4Y~#<7MU}E*u3ki
zS(SpV-(ukF8dg}QU|RO94VMU6Hkm76$)`{r9(phL=|s2OjkbOS&@lI<+^-Q@swmZM
zW_#1@iXe*W0>a0&E?|XFI9d*@VcjDX8#}|jLpFr)ZYZH}I}+GXH(IKw38UX4bUZfL
zB8?K=f>=8W0LbfO2s2@QXbDF&rQWMRcclE$kA6e>j$e5^F{jD${Kp?G|Kt;YRDNGJ
zF8`MweP`L=>u?B8>CW3&w`{*#Uhen{-(P;|E5Fa`NTt>_BEVvEUBP-SlFcIm31HC<
zTK4GQ3=U?`NEOd%IwXry_3SEACKwbpM)Mh-?oGKOKO;JyE@v`e^blNu3>G2NuBTf2
z`}ABe1rsu2iY>bYp*K9rQs1Z^3o{sEMz-(r5OALknJJs$LQjJCmzK9|+0t_3jS{-P
zenYuiK<!hX{&e~1hd)*xf8q(*Yqr}qGUufcz8P#%0b9c0&BJuTj)~ET>}w>${GDI%
zbruT0RKQE!iJIT=az_#lT5r|zwNKO_9&4O$P+F48V9@orJU}+Qq&dPxvyl#qYiaQ!
zMqm&)jv*S1%)uuzm5M17R~Dv9d_t4pnq_RRL9U}w31|{v9ahSQMalS?OzL^!>A#$q
z7u=nv3QNcp-ewFgyRbY`j+KV~su!(jtm$AYKsUQaW<F?NxU#q&m)E9P58kVPtKx;b
zQD4rzL{NToQ38Y!X{TUoiqH@^6e8ruOb}>{-hcRmKUV(czsVq$M(z2N<#WICgXJf_
z;19|_`?58z_^p_p3$hJIL~DoxbjaxR-N8CoRB}0ad!SrB>e8R5yP3>4cM8|Ztf}&U
zX3Y4&QT9Yo%#{x}FSi}Q_%Yd48GE3Px|Ym{fnkLH^1z<lw;poH01&hTeF4J*{YNm>
za=`AKMf-XY{|;G38?1JIKj#QQtu-nL&YBf}?b?yDLZa@rUbnft>5XqJk3RNzdF*qK
zmYutHmE*@xlqorw^Q>ecQ4fYDAYLx_u3WiN{^_}7Lvr7q^3X#cHh1CL8*eLH-}tt&
zV&i5z<-^!!kAc%WPUiC`STbrEnT#*hAg#Y~0FAsXKqkX{WoBfOe@psw;B6a#xaPh{
zvameJZ4Y5p2(cGxru9;)aZTF6U1V^@K#^c`F<dEB@Y)itM^Ir9468NnpyvjBRZLW#
z%|0}D4Q4GK?1TG=U{UKmafC-!)chWE-U+1v0F+_?ss7DPwcG<mu*x7F&$XaWFeG~n
zgMetPXuq$#_don@IpBe4eK#(j+gpD9n_gdj{h~u7MVETJSpNVT-^1p)469VUVz%}r
zsp%P+m&5+8E&71pYZA8c(+SS-LdoX2XAGd>=8?-7$Fiugf`?EZ0LtdF8bIDB+Mjjr
zmop)Ms=5+cJp&U5EXqKQ3)CrZ2MI>VwuFeoQpiRP?*sUvAA_Ca>DZ&zc9`C$-z}AG
zL1SYZ#MQW_+;YoJ<vs6tS2=d{m?RlKX(vl-IxU??%Oq0<|7n}{?cZNM@cs{$4}IvP
zFh~?^bzSx<0kN5ezZli3bOz2^E(?&!(*L^L&>?lBrHoY<)d5$*ml5%W3CaM7Xgb(M
zD4edzk6;J@kz2B=d`!JzLdS#;R}<GO0&tRbZ;XzKNdwC0CdzfAlA^H!R}XXfr8}LO
z1&9Q20eB;WJe4pvA6Mpq)_A+(Bx-G|tY;y>004kDNkl<Zx?D{m)mM^5;)BXslT7f1
z7wONj9YbfIEDt}%6M|*q^4I)a`R!l&va-6IDDN76SNYc8)Q!utyU2#f`VbiD#)h{^
zTSayf5s3tJkK9XcJ1S|mt!6{9a<~E6-L=XHowe!xa5YP9)Wudm2kTR;St5nAE-pQ9
zC;<}np#i`#6o3fB1LZ}oLb?qrQzsMkI&-X|zq#(l{v%7H%+YZi_qE>~#5q*LNC{(z
zz})S8)>#>vx(js;ZR?iJkcG}MA3JP^woS8xOiY~71i7e~zF*g2J%DI|6R|o06ttH}
zG-$qLO>#`+urPp3qM9~kMy6S)b+L1yQ|(!)xbTZqd6?BGvl9#X03uk%;a<vXB9%#D
z4q>v<f8?J**~J<We+Ou0Wr;O5xTpXaFwSG`D}XPa1Jk36D3o1QvPp@ezOcYi7Fkdz
ztdJc+oYr-G6Ul!8>~;`<*H!-}tH^Al{_gFvzl|Z}Fm4(Ol`m5#qP}f)XVuNTiOSja
zT`f1hM<2p*=Z1y#Az056Gg!#9axz=L*Fm{uuL@Rio>^>KmS+&oYJET^j=C{SJ_2sS
z{n>6#CK&L0JdgS?NC?2eAfA?4!;lEi16fl<IfBJ=9npqN9X2%7Ai<~u%A*H>V8XSo
z7K90KtxD2o!$liL7vF=i&GXvSU7wR#zp7!eAZ}KJe0-TC@}NS|Ie7m3xahH-g|oSC
z@a17-7tURqfox3t$|H-p7JcTq(z4KHGBR0@u;2?uj4_89El{wttPC^rvH%Tttz@?w
zqRO;vx^gmOgL0w*RBO^KEDNnym1=o3>@_&TgKKceWY7Mk;?hjx*(DVH4~52XcLrAw
zU{F>l1OiMjN(Wh5^2y~zdDwg94_guOkY=va**cKkShIBzprMokr9?I(ca{6^9WB51
zA>G(~z8w0Uzg_;4Y+QcJg-?~=dXO8JXEP-M+E^p&MZvJxv3>)2w@Q_AwIE90(?^zv
z=LrO4)uDJZBjEdUKn0)eG8ZcBZUiJy1dNXI3eZ4Z(60n60<xcf=AdcOxOx&o+P8;x
z5_E%=k)aVhv<f`<H5fj<2p;KqQ7Qy42ALV$ra2f0{hC?c#d<n>H;@PM>NC`}-I_it
zSs8k+;<)TrT^K+n<7IW8z@rkH+TCw38+EWC?{NlkPLFP>%2^@?WpX20j7l8}LX`s*
zS7t^&?Ht^KNoBCp$;zlc>?P9m3NAqD>)R~pu!5ZcctD505$bpPpYN!?poebSo+z?6
z5B{hOOWiB>M0F8GTf#M}^<ii|l>x0~G6WcSaYk7v7v#EQvSli?uJXyiNU*9Kx+}0S
z2p|Pj3~el5{ViW!{_%%@r|jp(<=^_ZosG+z%K!HN{!#g7Un;>KK0q%_exQ8&t>0bV
zI~gOEc?8jakf}y#lJT<ttY37ARH33~JE2mI@&Nc`JOL<FzS!SK<^<ybSFC4|t&k}(
zYLv>II6&4;w!^;Yo~{5xi2%%X(a1=z&vBn0*V?dd>ov3SkG2Hfw?Qao*yxz^u|*dw
z%V0z+$58cFIHQepSpfR{J?2V`&F<g5^Q~ooWcD_Xy<K4ZZJE)F3+p$FT3jZ_kE!wK
z+bDfb4?K<2<zZy!&n?ScHYz*Z&0<-+Oad1)L2Ei2NlzD^l6;HEyn%T@5Wrd(TzFJk
z6eFX~G81auKFAQleLUyotkaq;-oXOaIbAJnIJ}lcW{};P0N4Nk?g!%WAKXl>_h>@l
zvvTeg!me>pA>4KSt>FlJhC59+NE4_G23*-^g@(Fimn1<DiW2P$C6tv}tE`60hOheZ
z^3T6xd-=9sexmQj<@>(-|1LlI<?AIZE7)wW-crSj5c;tEL*cVdT-Q>0DeKLVf2^an
zQ?pXA53_;Dy6e3(KsXkvt5Jc#GHNA2vnWJ=#_%q-5Cmvx0E5MaR;G=2BO0}3vyeaB
zl`&59)&`DW{aV3|(UJKcf)YPtd04*-W{$uY$_s0JxYvy}pCI9qHHb>=7<G)X9c5<~
z)w0f3d8r45GDqoG<0Wa;R;&=Y>udm$ncmV3qXWJM{sOJPSltb3S?ZOm#7db}|Cwc|
zt~^+$HsN%!-uFa><(=0FFjZ*P6G)i(;=F9#hz-R&j1Vpx1u!xtwd~u?#;}@O4_GK^
zwkNw`r~vpK8I&p$D!Ixaq>Uq^*cgjV#Hv8r2-XTzUJ14>yMYLB89?#=$jTld$Wy41
z`!U8IEPp6LMznPd=%EeeOMd!y${)V--;{s)D-V`GdH98L=&WprmXn<S@^}BO^4I^u
zZDpAl9J+BiP_nnzb^Qdk3fMAacBVY@{(mheM9YTgN8*I&ule@BR=)GgrCe78_EefL
z%s!IeLLkWi4Mjp%rn4Pj7XJC#m|~6riUE?2zs%kO4D=mf^wkomP0oM`Mg`Dj1YzFK
z#r9w<#@Ny*TAUOeXPRL?&?^yPJYcrI+1mh%EEiek!D!pmXE8nljPY4!fc@RS-9Bh#
zk9o)}CUx@YJXQm(cQ`D_Pt4HK{dB3pw$c8=g@K>hby<K+dac<Ihdootg|i^L_0=~D
zxhFvxjLoDX@(H@IG$B7`BnKcs%%;3lIq7j6#_C|5VlraV8<6;s^E%;q)I1c2ThdMy
zxMo8I0R@7}Wd+*;P-bXQqWDK9007HtSFAhPL%x>^x&pO=u`3GHmpI}<GA0iMIpEn?
zm(%xzVr9L^(5zLpY_xG%x%JDxxBT<3_}=tRZ$Ib_<X}HVev*-G`7-%s(tGg2v2x^?
z)MXQAxZZTQeCWr&vF{1dKl_mnmiK+fzbwE0<L@c!4Zva~XkYO}?cNa<${n%{MUL@;
zqk_1}-TKRnD0$AojAJCmQ@o%34*MdjXN(N)9po6IA;Zr(hH3a<uOQfQ<U+(|@63`3
zy*bZgJMP-p(e7cKy{=}0b(U>JKT@t;w%aX-_o0h)&iP(Nm1ieaQ*U1_z)$o{I?uq*
z5o@l+3+LN?!~<yhz;|3@P>a?{*RX6Rw86Q^${+@x%>)}*ysfH$5<!kU93>HelU*X&
z<&-0|REem?s7J)`yfaNtWa*)#H}pIGTvHM;U)?#erfTjx*DRdOU^Y2iz8#$etu9l9
zRnGts=J&&bKipV|6l1C+Zeq=AS_E4CP61dq_A<K6z{|5X*oJPu81#bi7%VKiz+yPU
zEe1=S{{SE=kL*Ii_YUaRHg&4pRPMMnvCQd@mw)m1f319G-x&|rzfg|;{!d-xgy>V{
zv48V}<?nw`0!mn>oevfYn~d5NMO{y&+mv+<<3UH0fs>D;8cisz)bRutv$fdz!v0x5
zp}kp&2SY~xb1Y_ngDe4daGADc=;t9%y5+b=76y-P5AY4|8QglAcxG-b2jbkpc=dLs
z`Gc~uI>Php`}})0o|^Cdeze&QM^<<Miu+0}a%4>W2<a?M@27#|%)nppMQ?ql8hg!q
zMr4o1qHD1oil&_1?Pbct*TG=5@*ltq`XPcS+6jm6LV@RfKQOxkTm%Rtx^PtYzo?tX
zl_J+_x>@OICQ~T^H2qywakWZ-iXIkwW@Z5J>gw}JPo<)N5`5WKCy1^Xq0}*sLQz&l
z<8>ojgK`ON#mGsz6<G!YSVDfepBR0Je&}7#!8*-_;Ty`AebxPCoci>_+49nZKU}{2
zzB|j7P20+*O*fW1zv(y29$ygGjn;4Yi{D(n{V(2EHdwZM)&2*|2ma&lmi=PoBI^cD
z9;iw+x#S>+SmVJxV4a#i2_Ub}qVL<tz}Q!4_iNfKXK4y%am-JELjak*IqFnFzx^Bl
z9Fc?pypjDQv&VjQj9zHRGy6OGkwGQ_oM94r|5OH#y7z)2#`H`&D$h683u~a7Q3sz~
zm5fY>?KwH!-p8p8V;HCd4~Q5zkjY>emWDKoAV{>H9cNitT*bdTB~aF+Y$!5SIDmN|
zMk}FU4XrYOV(ZG;)LB*jh(TW>*0|<ZREDOLzH2>)6-tYrZaPd}yFZ8So3#sN2F4I<
zB3y8xM984H&O#t1yUa?3tO@Pv&Ec43lNBZbE!aovKFn)1v;#t6w{;DxTV+XB63lFg
zoVRz|H~&ca&b#EOqE{TwenRvw|3vwjU;h8f&wtH&xB4Wj|Kp!4PinRn3*Cp?nf;gR
zMi+CeRR-|2_eEubVFimb(2^HeW_oA-2yxG#fHJ_s>^J|Oo2=t(IT}8dA-jUJ{`Ea&
z!G;L10Nh%(GpGEn)~(pC-?p3hqmG$LQ3|th2(@4qMqvJ2+jCZ;jwdCBm0~tGL!Z}3
z<hn-riUVOm+%P=a>qX4KHmF7p9>`=~$RKLoGd*z%6JQa{`t~c_IS8+=u0m%NHAT=x
zMnt&I+Nd#g8&PpI?jEyHd9+8kcfz9Tb`_LOD736h!kP^R0mFqs3i_nAuaCPaTf0=y
zU5hzfMeZ(hCfn{wV}xQvFXljxu7b}Bwd)qm41~(B8#TwWjnydYS@qWP!@u^=%QwGn
zW$TWZvEO3tFm3^GH8K$}K*su(S;GjxlOZpF5dO7&Mx%i&js3&*GqAI$Qywqb-5N$u
zHcWjypf(MAC3EB{-}D}2nWGgEfRWvrluh(C+Z^D^vQS2B=%#EiZfOL~-l*=53)V#q
zwaLlJa_aOc?EMr&boz`OvN<^+3<W1mTosoH=<L*l0XZ-4yMZ&Z!3TTjIgDrJB*t`&
z%5mN{v1VfuT@@n$ZZ=+a%!(@jPC5<I=bjs|ivSXekxYwBh!eLi!dH>gkB>Q)*Iv|(
zrJi6I+XN-nEW4NRbq1Mm<3-oPtp&wYm5?f3UzbotXn=>p>=wGd^lvWQhmyu^UFF6A
z2>s5iVs{_qgCawLAqtM}Hpt2Tzh|^j;j^7uE}3qygd9BL>_wV0eEpY|pZnnJ%2)jA
zuatlP+kaX<`Si|m=;U<ANXH4$Uw7f-<$?0)^4oQzwVn`tpPUe_u09wwRn|s_Ak!EJ
z1gl`&6ls<n#ue^KB5yLv=kdVu`ID~XmZ?PD@|5N{&2q|sn}$4O;v2moU$WpB8r`~}
z->~Mz?J4ZjE(1ebnT3P>%rO~^JL=qmPi{k<4eo+fnNCell~X5ABO8w}v8fZs%k=4!
zH97ZHp~gf=dU&WNQphqI9vQZH-9cUh2QsxAHLfc+;&M>UK?-fI%eKjwLeS|p!+Uz8
z!7}(@atHh90XbJ%mcB_<pZuS?5>;uy%ErNmR1(Zk&v#S#QyJ!oPB0))ntpYVrGmlp
zv7Qz0p|{yHxI-_a#eG2~_O#(10(mHNyek2rcNDDe$QF`A!O6tBecHNYbJh$GsdgaF
zV9>3X$z$xg@`c~_W919K9iU8rJ@UKXU%v30e>0sB{qH&(t*<Fx^{ro7wvH$(i)|SY
zla2|TQq8fF0hfJ{0SnK;3xd83w==*gXE<R$_(7~4n==fi07N_yV49~qK*hhW#!3K?
zer3TX=zZ(|42b>4L*9PjwRHnWn;3_hW&?zQD>23+P$h$EcPzx1>@}d+Zrv)QITua7
z8YnY0Y0Qj_unYYC-mwrqyI_Z!#^v*9;5akz7pPlt>YQajuGe`#HFhC%+-q%v4RB=#
zOgJh9T4s2UP^3FUBk*+b9SST@R7`qW$~wU<s!>&f7Om>VwXM3O^nG@?psk1L0!(D~
z(6(sQqFxLTFc461s<sH%f(RzGQCim+!8Tl2p#-#UW_61K#YxApCIUtnAO&CwfXr?-
zC>SW@3{K3fAIvH0+yWF`Pf<?GFoW4?S#erG*A0kl{sa~VX5?dQ%xEwO0%KhL=YOR9
z)9-q!eA_QQ*8ha)Z`Y01>!1|P=z!tDO};!(v!A<^$~Bmn_mQ&i%H#lE95<Aoe#YN9
zR=|#6WzbmB-}OH36AK0fAj0Q)O9(dc6V%9Tb7qe&i{jkMVg0B>1Q|s-E7lF*UV%e_
z#hI9%DiHxhWRW(C{46{gbZBcAd<e#Q3}L+J$=@-)31)U5JK?n|ih2CJ^xtfAYhQ9J
z2M=U29;VNq>sgCy70M;oe?dH`lVMmho%o=~MqvrSkj;fq7MPqkNx4<p-MLaTb+~2g
zPzFWh<txz9qSfE2VBnS+uHZrilIgT5EOXPaI8}!EZz=!=2>9kxQ$SG%J90+K;D%`e
zHUN<O!UE8=j$C77r<2|2-#pk6m>q!w8A$W*RLc4pK_b{>Y?$RZg;Ivn3f7S87j20M
zx)`2pAM0?wtS|5R2ftDN`<s8c{Jd<mt|vsxM(eNn_U|d*^%b`kb-)v7wC_hpvF*Z)
z6<;UIdXg-L@5t<#N|>%Umdi{rG>&X6dXyx`8Vw<gAAo5#KIjzy5CO2bJ{kc#jF`+D
z(zAgQz><TFRDxvF1W__d^r3A;Fd!kT1Q3(nM`C5nA?66>m<`Zk`l_r{*#B+|HUL*a
zS>KhSLTx;1pvP4RV&{bocUhSTV*YQ4mM$JSf1y2mOb=h{W^-5&h;)gKFvV*pHY00-
z0huWbC}>*UUG{?4#iBSTw*HJj3pEv0w?OG4l1~q#L?m1&AN>|e-B_4en0{Z^jpxV)
zFe9rW+|flv1%df&JWD~NGJ^i@P^*Qz?f5%^E!szh&<k#@YZMa7ZpdD1n&9M&!<1sA
z%fji~ydo76-CYd2Xb%l-qx`7o!(GNejg{rLulif%U&;y507ul}yq?spd-&vc<T+##
zU9`J(wdJ4)wzp*zWICB)&=8^V0=Y!r#W-+T*taUn03sS9WYBnfFgNrU{spjUc@8oT
zc+o#?vS_ot(%LFBeAMp9JwwL=@yo^#$2`U;44eQm22^EvMjyr4>5iE!Pcv}pLum~8
z!L^N#G%CJee;XbiZPv)#0B45}tla}=WHMOBL@_r}D<ex~(_DAN46KRspkSR~vfl@%
zHX}8aUJCX+n~aL)+*zkTsae4q!Yv0S;$iWwQ6dPU&8NulXuXYWhE_0LM|@pgi}9)6
z2$;$vK(bY;a1&A?L;HkVi^{`lQdu9^Ow0u;p4Q++nP8gXBFZc*udB4{WbRs&M-6Bl
zpiLG&PQl!$?Ahc15xOKZtE+ur6-_xJy(wgm!JvGt$P5^qe4UlNc;s;z>-0L??_O!|
z^9(GMQ5VcJYa<AALp~X5?pOj+1zUF(@vzol$9bVYK#bEp%E@h`E0Al5w3M_#=vT@L
zZR1#obv=SG?(Nl^xxXo&Y%sB}q8#@im`ph?Y0^YwZ=HKS$4n0LyG1Krg_p%Yqz%y+
zt`{Ve@L;cj1DRO2V=^%U$Yexo(%?4yW3Y|9vP+jqp@1d(FElbyCjySO2=^G>IGQyA
zgeKSym3E%I`ZaSK#-tDBtI8**yb30UdverRm+?^{XZK%b8jVFx5U2_^*jDQj3m09m
zhEUFIa#qF!+<st&RzUgT`!*n?D)B~^+7BXgBe1xi0H589&MoZ?7qi7`UF$o@R5F8Z
z>s6ygt!x-2(XZ%x<%b#Ia^$7H3U1y|_PwA_P>p?t=E~DH_pzJVMgnKdCCWEg6hRzK
zj&(_nQOF%7<nrJFfRT_d_8nw^F%s<wz(PMW^L}iIW@@(FPso}NFGsjX@zyYOl4~;c
zb2b>m7^CrMmIVsZ_DG<I{%!wVEk?V}89!^1HkYy9p)&uo-%Fp4iO)0uQwE(Tmb_{@
zx0#y#|Il#NVF7n_E%Gv@>W5x7pZQu5CUw_ZrLv?o3Cq!}QJrUAP@a&PNd#zx#mRTW
zA`UAxKKDQnD;&xzho@7eQWu4ruD2}KB})nKq<-jzo1+YlrOdwcIVkna<f!D@wP%sE
zsZaw26O}r4<DI7Fwf&v$%fO28f4FMdekipTl!Ccv-7`>OZ7OHdpyD@>k^gjGSM--Y
zpR?4Xaxt&SdLvRY*brn&mV>s{(c$G-X_SKf-p*N$JsMR|=%LFqkY&NO?2+vOh;)H0
zz`xxp5rEjsmRdtBgL-Al*(I4kCdN<9qj1r;bpsHCebVTG3~}E%3CFj0Uo9Z!au^wt
zBmj~WoR=9X7tUYXnL2a+=fD}6xMr4(N&tRU(bBQHM#e!f=PjCt1zIH9(%2EN6F`G7
z=+;7nTDHWgz^Di#)ek3QcGq#Dank9g&6s1{PXt9(H(*zQ2!&{R**?z-vv)nHf{R(@
z&Ld1GMs#9p-DYJ-1^db!$+ZeA%N0h;&_ZcO-Lu8+%32SAOdea-EvqiR3(6hr;hb!b
z1Yn|_w$Vhcv>!BqY_ul>ZkM50J~sh0fE1zvBY||RPi4hV_QPNl23%wVAl|NZjd~ME
z5}BwhFm!N$SOzm|M{?z5V8>X)TjO&wHLgL1F%w7D#QJ0&0WI4LW~TkX_1-vZFM>@f
z+jBO^;G&B$b&eJM>>71p&QxI3`KpJ|TE9u%<ez5suv0!#x~5ki(ewWfWn?3xON(qo
zu*=5g(1neIZrQ+rOi~|>j7j>V3ARK!c6`-p#8fX{RRUm5m?R@3u<R{6Jr=fHQRapA
z%n$H8Hy5|3|KeFh_2JZBU3=r68jDs_C2ZmTSO}*T8Wwh!i(r7}12MB}v&)b|A;y|U
z-g}l6d&ekmMo2G<54J(t*0rF+EtNry$|*pZ3eSMa5x^kJ7#55QgD*q3aI5KGRHU@V
zDMJDY*X^Qi!H6=8VSvTZkOcmS0<9tUE(HcB5V+|kqq|XWgRE^KvVx4UFACO}nD!l9
zsjhD9eNa4BijM(&){=_YQ^&vw<%^kVveWW7h>p~G?|TPT;d=@vGTE;CF$@T=X*G=0
znnIsOcs?R~=_1ryO=fzR8)h)pvRg6(r;dwYSr|L)YmOh7H;g7`yL63P^IG!K^96C%
zUd-!|!NUD*SkB6`7>IPqzST8@Zt=i@OgeH|tK=k)o34>9ULgThIvOeGE)Sg~8o8+X
z77-qg?DRUXc;*o&DAU0(vJpWV5nj)iKp`j-gZ0Qzc70Bjnkq5{&b%%}r4409=4OAn
zGD7LCdotX8AWE?2X9BwZo);($0&^l<opKlwPbC}~FuZ2f%|{m#fvskMZ~?V@&IG)?
z-ug8y?+6$OCILkk3YB}<DyuW#02mM~X|rU5g9@9n0=r;(CjuWgv16a1wp#ZWW_M!k
zGu88+9LwJA!K=uAkMcNX$o?pUQ1oE_>_;kgx*XX?F!VM8mfv+1KAsI192phZI+=N|
zM=l#N)gVY9$UXot23XM$#JVs}BhOn9^3gCD%VDgrooS-FtfQ`ZdqMVs=z6y$Ip{yY
z7p(Rh64EldOgD}ssSU|qlL21?2QnF8E0J=^Rf`5T$T2RKU1IT4H3|C7%~<k@T6Q`C
z8@b7Zz#*7W0%m0!IECv*Cp$v)8NFAfjtOe+un51`^i824B)yC?GCjjg6(kqKsbtA8
zBGnHkJ?3jxHc_`Upsl`IVJKi#0?p)i7Lmb&mVQ6$KI+BH>KId5AwoHkSrG6-Znhql
z6lhZaUX}xyu2ZG#^Zm-@wg%Jz?N%Am)fg5&lr8I@Gi&I*=j8-#GBqe#uw@>iT2I!N
zZwNXWIJCLlbY|RCPM|}1k#U9Jv(98@T^1b7D_A;>m3}VO*vL&|NM#=ZBHB(h&PL@F
zhKM-jUcwgiz_!SeT)-v+06Y)<gmH$5-`J;!d80=a!PVZYf5NqnvU%noWD@rWGe#fV
znSb(gOb?Z`n{6`0Ai$?r#WgGui^I~F`H~b>;({COHE<x4fQ99x`qmUtp2M;rh_Kql
z%Ov1Hrbj=JF-=J(?K5X4?EJ7eiUX4vSGdQ5`DjtF&}r?Xcz2(O-tv8$#{K|?Z6<`U
zR=ExbrOzv`gFt}=pjxfmf`_Z9&AG<9XcJf@!~9WhxVrj{jLZ;oeONzQ<t|dc#SH~x
zAT6Nbz8v_$_h%&?K&XZQ59(wepv@uU+D4aq)Cu54`2m3Zv}JdXX+dhlpZB#lwhPLe
zk#>-&x<9doiU`+uFG54u=lsd~QoqLjM0^9b2sa#9UaP$880y0?$RhDot_xXT>`!Av
zY&CQ=s7e0gILLjMGuiV<p}Y^Q3$hA^5siz!1!y6W0J5Tx^|3GTcYc4k)}vqhjlCN6
zsJ59Va~{*vkz?#scW%GIyg)xQcWURvcaiPdK{t2cKqeFJx(sAPa>RuOdt7al`(hnQ
zM#jX!I^lTeVArkIG9S9_!T^l*0#{whMMhT=6;C~y-4&TW5tex<^_jdQSy`G2GY|`f
z9p6XmGZ3~)7H!~~3EtV3m6aUpL?+S&K`PbWx@Wgmzk0Qx)K!*{Q4U%OIkSFL(gD{2
zc5Ic+iCPsXQ&Z@waP6-)%pPTi>(u`CJepnuSI97S=whY<rqK~hk48)cM&!OhTiS?F
ze)dXZncruZa%RQ(^W2WS&ktUQaDzfv5v|B~ME|3{$bN&gXVD&{_|l8naeSDXLC3X8
z&b55_CXE!dokmYLMH!3=vS3>x(0Nx4vx`Y=;e2QAZUM2;<?Xhysp;u~pAbE8AR8H#
z5SDZ;5vys5?EYT7vIO8-Wcnk55srN48ceu>LQznOMp>cYvx_ZH>R8;yW@~ytf_e2*
z-dS<j_w_*pOn}`Hcp@Y}>fgE^O;vkkvtq;NwS|qlvi%PCQ2Atq7Sd?hq(9LNJ=DS5
zpx|L(+K$c)md1C?IEZ(n9&9^h5lT;8u?)4Z%*PlNwngZpbdQ+=_7q~Vh84jHbmK)I
z#djv3>i)D^_1KG<foB%Xa@iKvlPoeD4qd>D_V<%pu=adkl;4hn#(UEkGW~5|);q>Q
zUi*t&k{Gh#dba0kbz^>X^->s;dCy<#P2%{-9th+zy}B+ld@OZZ+jhnHK}%xr3sply
zD{~{T`FC+2S(XW{ZMqg!dGIjG%qX(ku6M%GVh`5|Em(pHm4}6Mo9nN2<;}#r_^t*l
z-0wvO6&e%oSB2jN7yONXeAmn%)@@;{Jos(PP-j0~T7dQZi3$Yfii(iyEW7;7Ou%Vi
z;*IM*+g14H##7f?!ydTq1#r`KQf1C@S~vQ+Wf63l3ght9V_jneeIEyrYF)S~m~1vb
z)3%{K(<`@Ywi4$vr~{M!CO4e>nrS3Nzk-S7{?1G{-tXg%{#f~fff(xDn4UgY<rujz
zQ8ojdGMJ+u>s!4~aetmCFyH`^db)OfLQ`Rx4?X$iXDh6EdLN7faj`CKgZX6a4&S@&
zu7P6Bz!{lLmZi<4cWd6zd!BaKoL5^}m*+o3*?F>OixrkXt$$87vLVWumNwlYIctI`
zG+pH9Vwt`zZLICj#*#a(&f-WGoE1%1HvJSTN(;pkR&@s9*-4pU@%cUdK&A`Q1W+iU
z0CdRLBx|*7ulDb7MMc0!^Z~-mvmUc{8s+m|)^##tci|$AC^(D*zR}p5&zR^>tYuM|
zqEu%W!UCzV$vRn=mVHrSNAL;DL7+-YPxIKzvZ0X$mtg*ef3v?^m!-AR`T+NV)r9O(
zRxh*8@1TK3mv4mh<6YcpqWk=?c8qN(aKA=f`;Gl@K1BU7?^^Ap<(g~JE2aj!rkXQ%
zWYD_V4eI%NmyK_c!&sXmSl0Q6mk!CndUfQ_eFFy$WMciVX%!0^yLfd}qyoEz>*8}T
zG6n<K%&`egC4--ES@HAiUJ2F%29&`LmZJJvFd@5>l1e_5ebP+&C~M)*qbg9kd3yJ=
z@NsKy2Y&A+2JWqs-qp3>{hdjvbV2N50M}3X=I1kO>^ENVeXdg*)SxE`#Aa!-Cdi%2
zn*9<@aK<HHAaay}7YN|d3;PUVfKZ7OkP+G+8BDs-dAYwCeTR2M9}_&f28MTY9dDVn
zf&IhCG9%T+(i#drdVMUneI9_CWlf;Qo~%5&Fxtp8^($_Ds9plO1IOz~M6Lvx#n{u&
zTE>+FJgj%@U7TASqitXf*<-9d+k^HV)p3?`&bJ8k8$S#4v)*+~8D}GsHeRtt@^%g8
z8aR;2ux>*yE%nkOko8rJ?pMd;1Yl4pxeCy9FCMKHAjSz!B^DvdoQ$w|X|2;OWsZQV
zDKG(Pap(7D7fUF!HtNeJuQ$q`b=P7SC|h9Z?|Et8?Gbns7!^eVk!<jGpKX<5yPpjT
zD+8<FZ3VJL!PZz-Hz<Lm1#2)ZYwI#WTI}IY^gU1RhN{3Lb<p$Un3NZ8MjV2w(RtAi
z+6KIriWT+jjT+4^%m~|u(Zt?^>Zain%p<!7A-9&1z*q|A6aWoZ9LE92o|X~pi0;$~
z%HVkCb9Jnmw}NbwK#tA%1bs48^iyR1u(G^cX>{fB86ccNERRu_PU>RH-1;YFyw_!d
z3z9*nyH72T$A$R2j>QoT=4-DJ9k%k(nL)LA;6NsfY;AT=j4og96K_yWnup~&nAiew
zRuE=&ySvSmuDO^hqX`a_bI~cFK~d!m!ol2lmQ`5p9xdn!2Z1MadCeqGGCg;>_-*!<
z<oD_4=A$Acqv`JoY%P2%zBYmE#?@U%r}iq@Zk?h{U43lNHsx`VpY?(Gv%G^5=lxM#
zxkXl!00PLay2M;=w*SfHNOq%NDUfl~G9%<_b`4`eIhqbzIcAo>wj(QM2E4G|EsKW{
zMBq>3(%zxZ<RF;rCUogEV-_+*+qjnyfRllabthwFx+nr8@r3)m6oB<~2p9vDE%x9+
zHnDk}pc|~Soh!(l830UX87!3FrG91`tzFU<1vX!g?l&gqp{ANul{L#r9YyA;xge=(
z49Es{4IIdXL9EFWYFL68m&ksLtEppOvG>f9O=}UZl=3-LI!7uKP*&?2IJ;IDHcUl{
z$(MpU%$*n@5TWj!aALVfnIFjo`zqKQP=#3(h%tC?Z)>Tv>Nms+x8SQ{a?RAbrUEDf
zB(rO>Wd~HM)G7VyLjVl`3b$5#7xn@fAFXeub7Fhd&L@khOh*-agNUs=H8QIZjJ0(J
zU$%~B>8IqyP^bv)9+5Nau-7ZxcWh@wx-u|>(R<-0qZ^X-R#0RRNwPf}kPe29UM83s
zbX8^o;9@^^#{uSl1Yg7m$zA}umz7!JjtB}N@X=5}o9s3>JnV0MkDZ{7`v73+ZE4Q5
z?6vg_go~8p0`lg(vi2y`)3rA1W6T9hZN~d_eNh=%Hw5+-mBIYJL1i=2&FrCx<I9DC
zhTsnz$R;KyR%ffwTmUj57q5;4s0rlbv+CEkzu`8Dy<z<<Y*j9F>%<|P03TSH1`KYE
zh5?~gql1KekNF0Mr-~#F3rx;3Us%vGx<LT_0D~>$cNJWy;^hndt_SE$NqTgc-GI6!
zgSSyoIhZ9tcjggB#oBvEyd%>x)-e<`*$RU>LXk6A0j{w8hWG=D66-C<){*ly0_E-W
z1K+Qf0mvj_V*^%yT+F(UPf%wvqx^R;L$V)iu8!1AF<-mx%G#sWANd{q0E2ha*rKtP
z4K7A8qR!!lq)c!WOS={pfJ&n*2h2b&G={ncGuxK4n(!TYyk=I1sTuFcAZTs#C{pYV
z^g5|=<3`8KBXQw<qbaJ!SI9oHG-)LAcKpKdJO{F=smUg4aeUR9em>NN*Q2ktMK)1j
z;aL=+sW~WcPHO#0YqKgee^0nPupbQ*IcZV{#;jc8cf1Gpw~Oiq9+gbAbgK(qQHN@(
zS1GiUA0Kz?m{|cq)vJ`O|6Z34>e1t0jCcFH>@HJ^Xm7BH=&Z23^Jg@)0raiAj@G(b
z>6POlcm*$X-Ijq3F1<FIRE-b^G&K|w1Bg73)RW9>7)+t&AFQmlTmPtCUgI-&o4qSW
zTy~#j1H#%43D|#iT-dA7Ci}iBa|d1d3~hjGkBo;k)W7RC1Plz9n^SjhQx3?;V>^$#
z%$#TdgpCOP)Q(OXFTt2|85}dz%lZ@leC^f&PUozFV=_o#p+!Gj4Zo@G8C@Y^5iO7n
zUl={NW{~Y4I5j$b`gD6bw9roVp)N))rf${AU`IZ{!nO$^lO<=D=ll-#5^RbVYE}$X
z*7&TobmPsK*1=)`Vp&nswUqQrN0GC%h*s*B(F<@9y3cp@12KXbl}Tm_`TnleZS748
zs|B8zW1;*h%TUPONk_0G%V{nCSU<C^4X)%hv|g1NbQ{5fV8j{*tI&65t3KBOZKPIg
zjg+VxSr}c9=uc(~Y3-WaX6s#y6t@RB&d40&*#H;7RsdI(b5`cs6Dot+7_z*Up)w6u
z9m_5^lnL48V3jPJyspOjgi)5;r1jwVj{a!n9QSv}6#)$W1XgVZn$}R6ndHc{XMAv4
z-P?iP9aanPZ)yMd%2gr<33l;)Cb}0=q}8UxpW~Jf9LT26o^3)DHKL`Pi))VCH1CQt
z_hHHe0E;=85tRz&NUV>rp;=Lf#oH>UoYes3wE-P`2iJI7fa9BTXl+(vR7zdt*hk4h
z^|`^;NuklOs$NBtbcCxm)T^s2xF@NHrKNj&!7ql*Oy6|@IqnOiA`A#$vmvM%n1$hx
zSyp$zDi|_)F@VJRd1Y!SFN1OP9p#eY19FGF+!gJ0quY!i9deF7AQ<!BV8PDB>{U8I
z{WTf9GQ&!ZWm$|aq`NQLo*5^~5BavP=5Sj^8wqAE4U9Zz?+w=0aToIHHwLnSMp;!3
zE|1pzYh<h*=y5gCGTRug`^a>^q#r`*fiv@ajZ8X!;OR-`9db1lRyL;VhCy7-eOQ5v
zYZ0xY4Mn1#=Z&{jlO*PpBLGAB6Br2wv5~a(hqUi%!ITOiTl=Y|J#M@JoxC0uRxqCJ
zbpWxBwQL1rCkNU6mBCJn;bMG$HUl?qzS?%Q^~i3=)}7@pG*{-8)g&I$O&tX==Z5Am
zPM|CsZ6Cl>*<Hve%ac!KfXMFK3SbosTUM0&js3vB2ODuDa8T|7kv7-l;szJ`4C7b-
zWq^wPb!1z;?ot3x3)U<%14xV+7&YwEh*Bgg&XKq+s0V{<WfJ2%N3Av;RNrYwF?r`-
z5M$(O3%#%7&r;vv)OB9c7a`bY#?8$i17~EDlM@Xi(<59KuT}y!Sv7OEUkYS;+U$tt
zrPPg;)y)zXCEXn1`eOhB+*o-K!G9l083815W)qc#9pge><-r!*PzogmV9<9WdwN8%
zQK5zv9PTZ)i>xmcZUZ5WTdTFE9VlA;UjOQ45?(LY_n1L+DP=|VN+5>kpqnCZ9~EqN
zGe!hwcAa@I(EVg(_-O+oyC$WPSBrAwW??7<4J(%o^73WQznB>qK_%CXO26w`wZElK
z!wx!m({^Pd3JCHa-FX?{ZG|iiu=<PvR;#bV2x2A;fC<jPgG{miF@P+Lju^A`ed?lh
zR;885K&$PIR9=_|EIT3!1JruQBaDd5mb2?SGgo*l7!|4QkpAI5GMldv2y`{+J8Wre
z4Pl!nrL>uZ=U6BM2QoRUr(tBH<IAqf1LtPyH=7)~Zzydd<m9n%;?RXw1ozrdaZ<_R
zyRaI=GA0N_5?h^wT8?IjVAPnsC+Q#pCEY1zS(`eCqQ<#st^1P<kGjl$+N6f!q>^nJ
zRIi~Hx-hwq+Uf;RH|zq92<7RMs(CkhqSqY@u)@VU;qM%7AD%OO$Mdf8b5Z|xZPFB{
zzgrCgtX=UPE?fQF^AREd!huoyOUDX?inF)aJg+s`7tiG)6VmraKcnvnB<;Fmn`hEC
z<y-Y4`c-AqU8@Rq+R7F6iNK?ru$X|%)6iiQAPYxZKC{zP!XX2$cV(k413KHy6CIQ>
zwWp^8Kx4dSBgfz8powxZMi|kEI%6JaU93NK&SKDb0_TAe5%2jc=!eL|j_FEyCsj_8
z1Y`d0Bm3g}-#zlV9Z$5u9&!wJH#_nb)D54Ps$h*w_6(YGGT#U+Zx5O0=2xv8((oXU
zU#ux$a_7B7nA{}8;qKA(7rmF!kLJ_112s`zJVON=))hfj6@#9UMpqTVBP$fNBfD|{
z5M(i6gb`TM8u9@oWSmss8Gr&*V14H+*X3fJ8VsTn<>??17P)_KpxiQ#?EVTM4W(Y&
zAZ2Q{j`I#k#z?%cacZ|DwoM10;t*8L4=9F?8y)Jh0>EjO@pJ@<Nf#FZjR&V{UxTSY
z5hE|4(IDH4m6boA*Ui^lyD}5Tm<slI0U)^51Mh4-2hkUL9}n@Qp~L#XAi^eSl>-tU
z2T*c+S^hpBvtV)B9<HC^T>xifLTUTM>!&UE17|6puD6S8(~x9rQ_y<nsL-4-#74E<
z-ex7Schmr`s|?IkCMkOp<Xzfhqc1ioFX6j^GBVj;u~dQ>8egIvgFRSx=_QEa^Z1A=
zHB~HP#UND>6pJq1s5|MLY^n@}L}g1>)Ta81(0o|+PznGkwMI3d#FUo2BQ~4*imWSx
zyh%F1(Kp%ZJqdBTZltV4%>@b0kk}6tw<#kz1i5QHlMw|71*3ryP8Ks>W?F;_lFx%(
zLPmKHo>kqwRhdP!pw|trZvhEP%~^(Pv0OK+OOg|e4Z5LXldiHRp7@MT$8)weD*vJH
zV`Hz%UF{MbD=I$#jr60-lS-UmMYbGnS50k&111d!+{MX5G&$}lATlP6I5YV;z;K<5
z3fx#`N;=J%gsy?GwXV2)i-JFc&z#}-#$gUGxL~~u2mI{XV-O6$6*38Lg+7b95e6H_
zPIiYw;$e`XJ|PRXCX54qm&dLe6*&Ah=Hq#j8w|*+>XJ5(uUuV*IvysG#i~KdVW2=J
zxyM$WJv$vpER7snvC`Pb;uR7wR+Nsm8I|8xuU=J_FIV>3E`npSx)rF?Fj@CdD&4iI
zU>eBA&7(t*C>CpAu<{!hnw6vFK?#|~+mpD}L6=m`m6fRjuSfTHtW}`x0YLUw;}Qf2
zLJQ>L^%*E{{o-8N_5OcUe)@g87$7B7@rLrh{QVy+U%o~6<i*2Tp~riZmbq}O{OK?J
zz4B{MYJR-jH}U=@>)%s;;HST?+&LNzQ2C#G>c5n~{R<D3qkXm!)y7(pW96Q2{E6~6
z->vCK*<Q%_<p=*^`I-0cQYT)0Ki#^Nl@&3(t^B1Q`#a@Juf@2)&C+-0j+Q_E#UC&K
z<tc)OFq{ovT)zLOzOLLROyt7(qvfGr{0HSfKP47~UrRPfdw%Nc%dL_oiZIH0@u(Qy
z8;m%zYY;RcPZM?s&fK3d7Q>|{x464h>#yT4fDVsy9npX+WwFWo-;e}2`VYVhS1<SH
zk@0~M!<eY%f<H>eP1hmk5Dgvl0oq6RCjpjQDuN}d?Da-5B+nv0F3iTO>(XVCk+G%a
zoXO7J;6vq_K}unuh#~`OomifcK~m9LHp?yUA#1x-<)KVfBNuH$p#**?h%J?KeOfml
zQVPv<=|ql95tu*>8lZBf^3W+3ZX7T*uqURT!sNHf=&Z+7RRda>;EANwGJ^3?x%nc$
zDLqEA<u$!ds}d-~YRB`gle}){%h9JED(`*p$x_wx=)L8x@BM-Dm0Mw{Q*qHH*4qXL
zj`OF>3m<-e`JMkUbAs;S>o$~c`pK^^ce+d{-?IlkSAOqz-dFa_+%?{~v2x^HKT^K;
zU62XfRobWL%8@4@D(`>qQ_+r@I$7Fx_uu@#49LJnrJY8xC(3gl{y=%~BT;{??_d3~
zuPrwZ3;0|(Ri6Lo2g-Xt+<yO!KlYc)EhE{j3Si6;e_TiEGH~=e$4z&<Xx&&Y#uWaJ
zy^;hPZ9m_aL5!tS6bwoUS37`G|6#p14%N)#4?v^!<FPH7>1PH;cF#A4v4MG@W0yeL
zj$`$9WVWj5sc@Rb)dgfK_mO2w%gBo5W%2;z=&s}IXByIT@%cd0(95{mI5jm@>!~M0
zkFQzdgMTinzc9+M<H1*~vVad-;d(*<*jQMDdE;jUd*smi2z3sHog(Gb)#eFQX+>-K
zmNv{k=lThMhC-vOCZZ#$M5tiMdRhQ<W$W(bV34uz1_~hjek?awohvNcgbLkYch8_B
zdO;N9#Ga$_cMHB46Z_us9pClC<=39NI1-&d{80IY@A;ncU4Q4lmZ#5V1vuMrc&<G4
ztADqA_ji3?`Na<%6J|+6pp)zJV#S@?SswiHzfr#Hul-#4;BF?iC0pqCAnIvy>sxMo
z8uH03#K(uO_c;5{au0B$JmMvE?Sc)p>!mcJ=o+NK#__K2$a~~!zsnao4>Z%f0w6D}
zC*m_6e-!VGwKuY-7_%+o$2bX@1k;TErprFFHmvWd>lS@su0>ztp6%#ZDEH|;veBh&
zkfJPyZyRL$1`K59ugQaL$<pOz>FRaOKpAA?=1tk^5)pTzuB4mtw)HI@OA+q12+2;7
zTh5S3lp;Laret!HISWuQt7St%nk$YA;Q1Y7Z9R&s&hv=m3Zm8<nw=FSSf8(xnU##f
zLU|C-2tI79J?ULaa8x$ZPd$Sr1fXUn$&hU?>cW}wyfU%h`GfMv0Vu}d>%XPEchAmp
z;J}V@VBaUp&%GP*N*B(&Q2xh*?<)`f-lOF}b(^({52cQkFZ@TJDtq_6RQB$DvApzO
zzp-q#nRc%1f8_VegAab7eDuZ1T1Un4o@L{ad&>{~(KBV&t{2L#-OrXk{DHgeK&Nv4
zSb6GCgjv1sL*?nCIIj*$xgW6Wx>`Gq+BxB@+>9ne`Sf*O+r-Cw7or&>*n(pR1_@P4
zusn=6GV16<_B)wO!}uKdv|X`1z*AglUA)b78*)vJvM{idwK=SvA?Y$seTZ!M@qWmO
zj6cK><1`yrcrNl|;`cam$GS;ei+19>8vw1`7w})o$iyIDwsw7Oq{*&a*gVKq4;08`
z7;T|n+Z2QV*@%W_US)Lq6+6(aI8JCxJPnT@@jwqK%M5O<@19Hp_fYA;5)MVnJvK~4
zOn0J2GV1yn0zfeNxgHQ!ErTa?|5M)c15jzYRNl#O@96)CM$<a#8V7?|$i`w{8kDNZ
z!4+VwM-nD-Q+6*}{+Vge7~ok}%n(nd+S@~Pp>|!Vyt7)~HG4z<Ubg%CeARCarn${2
zC&9b_l$j~&v%w=D553I8T$3ha2fGybfIf;q3M9rQyJtAQr&Ck-s;rvtMjvY1=?V-W
z%<L&xFvoW_#**anI9B6D#}1=5;ci!N19tjw4v?W`!--=*+<<OOC0BNg|7-xY8`U{3
zI4-q5W3nVrfmIlp1y}ied_^6wKyEO1@#we&e5`2*%bCfERd2if^#j{PJkT{VQH|@f
zB3L4<V|X0yv&Abb8)ab<rfliEJRIJX20(=%M*hNxL|Vq#ZIk5<D?JAlAjhHZO#*{*
z7m|m}F{IkQGB9f=GTlG=HJBTi58qD!RbUK;z=%DxS3if#C^nPQCCNH*O`Z{aR#SPz
zEjvR7451FYsyY;aZXjBj1HWt;V_%?h7GRIN<=>1~W6i3JQ4b4h=nUu!(svd*uOQK9
zxYs1J)hOr|fWEVEeUIR4?x=232kyS_(TKsbSa-X~NyQpGW3K8n)&L0VDg)@7Jble8
zyN9#<5Fr>q0{Js|gRbOYYLG#S)OGgc0gPy_dMgwRy#K9yb%V=)442n+U9zonmZ?Rz
z7{JYkI;o+C5Pv2Ez<9zKLO@e=66YM%RE%#A$=9cB{CgEuc}oBrU5onp`RRcjhTIt_
zSJ<Cwfa(&`sy0aR%*4d#`SJ4uBTfSaG8sC-FGb!X0%F7CORq4=f1axY+HHz)iL+Im
zgi|sRCMG6p1`RTsP?!KHx?K=;*jnATu<kAzJ1X7)OrnTPG2*0Y-6N#`aXkWxS=L^x
zJRAuRrN&Gk02I9so1%L!f)yq@*c%mA>>ukMIm2>LqlQ^lKn+*s#d;0Om%$#8NxSY5
z(RBS+j?f<jvfh<5^n$ia-B;6cm}AeSb&wCaN2=$08Y-@6d%#YCO1EW*r9UiXDKqVT
zhi_+4BS-@odT)T+SmoKTtE7U{vW9)$61;*rjmrCISg4X$<veXl8EqtMBJ;=r4gdva
z?1*SYy+_BKjyIm<tYsnk7Qrt3Y3sret{ZUNLZSDDs}K7j!%%~V0)PwV*Mh3CLk~F7
zK8F{<jWzE}Gq1F+&hTI;MHs(U%QlkN4eKy6^n$UOz|iOPOpN|w<9EJ)r^fimGD&=q
z2#buNQIVAf{te`m=z#*+^x5fab4QNoW@taAeZF_roYr3_p7_+wrQ(w;){Z!#p<ti@
zV)JD)d3^GBm9rV+`VQZ;X+R;$%UpStvFP`hq-xY6`~s8Rlz=M-u6NKKNVZV>+0$d`
z{MLO-xG$fT73(<$Zf+SHFuEItiUf+v)PyrR{2n03D73aWAj429{54WK(Hw9#Gec*Z
za?<sqKHn?QtLx3&qhr14M2FNuH?x0+!aX>^_J_@Io4R|ar&M-+K3%6MTmMoZP{nFe
z?q1r@9)TE%Dbr2oWj#Y9Ww9Aq`{T3#TkFCmyW#ObIH{U!Jl14+A3#L^aa~GTAvZe{
zaA4ekkr~r>R;W?+c}(kfmOb4Y7n{Jj4FJrWk&hS~tgC*GXB9xl$43*pjg(_H50XnB
zAct|Q01SZ3YkU~b48G#_m58Q9dFLi4Wm|;4KSzbmsphyM3)8u=Opfc~<%aC2WO-5+
zb8HZm9w?CM>Cm~-W6M^^fF9^82O*=&Ql<@d_3<0i0cauB5R|w5ziVW=&G0uS9Iero
zdEhx?D1N6Jjm9>VDPd^=ic1xq-7D`^RiG9$U4X76yXzp??TPm|Q_<h$`Dsyjs=!z$
zSo;3Y?=b};pDFWzlCzTBMTPofV=&k!K@65~>n5D3qq?plSmX|L%J%v^NSCZhxQERE
zdAJqA7++I{L?`~*50~%$uo|G!rbCaFW1W|%vb4QW*5Gje)?y?&@qIt}edTHK&}jXS
zKdpPrI+uZ<XWNiY>v|8*AO2AJ#qa&T@~ei#ljVh{dzs^Taf>b)1^d=^>bk70b9fXh
zWlyF><AO5PF{<O0d$*#7ln643gsegk2)r1!aXu;rZmg?@+Zv#VX9%$RyOyrtr$A%!
zv+uPX3XB*_*r1FIG?fYJII_Ky>Ev`R%Uy-=CNP<^`4cLLhD){08;PJ2b$NzCqg!dN
z#uK8gZ|qF6M)hlysWP&Gx#I?kDgtCHG9w#ZE<mQyd5c#g0h5sehn~}B6OalHpq3T9
zKFEoULRxmg3E8Svf?c?C@}xA2-V&_B%~&l<Rh0f&O+>7U-z-c-qGh0EUt8In)DB#k
zT|p5^8KS(bZNA>dx>J!@>+A(&aqU)v8R?EA4?z=?t7U0404`nzfwwbYy)j%rGRwTV
zMWYk{puG2y?m(Al#((_L^6THY5lMiV^`jq@N_66rfBgRPWVZ;}NA^R%_h9*3cgH+3
zKpfdxzWFzvF5h%^Z~0Gu<vrzxWj~olS$^bwFZ9f|;p@J+{Q5_Jw7hLto!aUe1rR8b
zY2xT`BV&Dx?%^&g34lRAv9I_-FePDq!dxkTV_)Xlrgs6)k>!!$MWuty)1Y8kmh{-h
zh`30n&${uY^~b(6zJu-2HD_bLR#*MmvMjn0F|NaCVqNn1=4Y6jXb&@cfXNF$i<c$q
zzpF;=iR?$0_5}6GZpFUNjX4p^K!NPs`Lj)aEe`gpEs|$8J!Rk^*05g2xQvm-gwO0F
zPY%pwTJ%)b&WxOf*~C}qa3k3!pD6$^x=QR+onfXs^YQYGwZ!_Aa|p*uuoG2@adZQK
zlXZ(^v2kn(DU7Ytx#G}gux=9UQ-9A9W|?tzc~Do*Ejw-9J7{JP)j|=Kf<Zq0E>l*n
zEZaI=thdS3R+PKG;m68f{{lIHQ2*<@fHgxo%G7>JnA+NH<*R>0Hhy1+6B4rQ`Z3II
zX~QzsMn$z4^Y-A0YTUT1j(>CGc9&U`*~W1t+zP;fM{%N!XeOAF<5<ItLXKoXUXHnw
zQ5K&AAZB*QWXlR-`VM@@C`Cjt^27#=PtGYAW;B{|LVy^D*(gG}VHg1vlZ18rYM_jO
zt9mA`#!Gd47K!{mswoQxC5wSYk!Xcwf;Ec=@Z@vA45~@<w_J^U(ix>IWooU{wTOwr
ziAg=n;Ev3SsCcoT2a^o}ANr4M4{HE95CnfKSlPSasPT0JfS&c6|I^<sO_U}5ZSRlu
zg?J}jlG#Ge>qh}x{XoOlu?$>dxb`xv)bCZR1bD%6ZdH5+%<ibczN#6<l3DcaB7b|U
z?j!qT*|S&ok-b!Q{MI)W$(SXVFtvxVkL+VFVoj7=4tm}+a!>ieKX|IV^wKls<(Ho-
zzyJNQk4%}`gYSJv_L0HR0rNr7(9rN^V`jT|eyse=yISvuGO^!$>G|^VCx5iO!?Jn!
zW@j54=wY%;f=Z*XZT*xW!+r_YjC-l%rMHZk&=?|PGtD6X&>y@%Gck_$2=~vCvBBhG
z12h7M=yH#Jb>Xs&wLD6ib0v&Ez7LzKDOUg>jWNhOjU!lum>K%H8$s%kP!PLX&m@DM
zk5MgSV_5zk7;zd{!P*3|!i4>Y0vQ<@zv}i?ydtbt>tE!h>l0?7W0SJwC9JDkSyfhQ
z<)CBI#=mr%JB(<1qHKE~Oi26P`o}@a6$>{Rb0C^s?Da%Up{h)+pMP%Ou}*HD@-wRv
z&V>p$p?(+&DJxAYrcMATq733`YScQ-EMwFO%n6E`SN*#KZuUK!K!)1q1ytxWvN3nP
zs<g-^+G1RZcP4zkhirnTLQggPh!m_70XV9+LyU~x%iG@=MqvMJH{=D@l-B^M*!BBh
zYG8s~FQYpSLnYQbBdr>NE23>7V(VldpE1^0|1?GHBLG#eQLLc3#3Q`J=t5+tUOaLK
z<B4+t1Fp-sW^xJYqmg3~g9W)i#h9QR4ZyK=p@LkW-dLy~S?*Yiz-|mrdV&Yi?12KA
zL=27R0ipZI;+T+uv}axxO2t56so4PB`cpSaC}JNR6+8%D4kkXCY$8`&>s4w{zzO^+
zuu<Iyq7V?P5`)UINu2u=>H_aV$$-3Wh(9nzK1G~|l~Zxh!5GRB3J3oSgNVjaKMcal
zqrD+FuaN^|9hZFzQRad0dyVSsD$=%mPmbFidF;Cxd>*jyJ=zB1XfIWU>i!!=0V%OM
z?vr+?OVBQpW!`Sk0#hy+#!Rp#{SJ|nvHl1Vas#{fj~5awiu(Y)zr74Tt3Meficolr
z7oPCo756dX`@IbG5xmkeZm^)}2Oco$^8z?%m#!BYC@D+T{<CO9j6kqoL^am;d%d#<
zkU(5#0W3Vz!$LCvg5~jheIMB&Wo@p-tJbY3W6ClWHA7ma(uMiCA$oFhs;T(6<P)@1
zF#S!`rqx%?A7;(9T8wKZv~*3`*a8D4qT7>(RD80sD;Hd-@&E#38djDf2&OY}Bto89
zCT_OxD<JX@KokIoFqbUbrt`Sy?g9O*m?)QsjLfV{Z?GKjRtjZM*Kb@_!Qy&HN|z<|
zi>PBl+y3ihE;DaiKdgh|kBGXislW}<mI=KJQdFZZ{2rj>_j>BE8TDYl?G*q**DZr6
zD#PiqU%(V}KOw;-2XKIunAGi64Cdj+<Lo+w@@60g@9&~E0VwLqKIJJ08WRK;q(m3G
ze}T+Bz>J%pAp!O;-G%yhWsKT&7MdGt%+@Z9d@y_+VTN-0Zo1%uxfAGHmKJU3dI;z>
z=+0vUvKg(d-f_E-KGCgKLrca)*2uN1K(D8v462O-V`TT;^QN&q2X;1#drCK#EQa5A
z^bsZq&J2r%VNBN8)M<;S=5yDH=<8lo_pap3impdhIGe%DH|0cKXra`!%<X6W#_vh%
z8mJw08{o@)idad5l0f-X$Xy^|FoId+TAj+;oMo9+9GN~q&n)nnM6JrKEjx3?5NjwJ
zx+d`*6*B7Dqve}^q0)8_R?qxXHl+LHw3tbW%Imr0b7ZzaRA#>$2sqd@-MK>*v7I><
zq2TQuG=O~k*jPcjDXf3WKEXas)cWe?>I-rY4)sJIL_S0GMVx#MS>^9-4Eh;ljQpc~
zLz(9_$=IlDqgVIf*}<UPybNGP)E~h#SQ(73wmjkknIzbr&mZ4tjTC51r^daP*juNY
z&3PtUFfd3sv(suc`aB@G=5;c#*I>k8e;5-pxhVS#hz0bKp5P%TcPJ~HK(hd3XV(v^
zkplxVsrahN$%*DHvSn-5H7AD-s!{W;TuhEohGt!QnkOg?`RCaNa36rk{zts3OouKa
zpOkjDP0#u>SQNgbQov6w)LEG^5>+guWC3{97uXRtU6#PkfFe9eha{dhh2cNZrT|Qn
z$)$AUxgF)fAN%X&snxMYL*-<}Es^uee)NaRS4p(rOn`R&@Sm2S|7+h<{)1IuqIdt5
zv`e#HOd9$Om8mH`**jn7%G3Y(@0IVdePjY?vXAU&50<rH+5<Z0ca;zP><^S@RsoDp
z^z0+^jn2jl-F4;)l@z+4yOK&;e~#ML4nKI+_Frk4*eDOi#ef#rLizZV=>Gu0nE;XR
zpoCPZO-~~f-nvATzV2Vk8=>`cE6+U^bcu2UKF5oms!k9Ywf%6u(K<z5GN=Z@AaI9=
zn-RcCaJK$RnUrX(vF@=&B#+K;%f6C<bSXo6zCB|Gm1J<zEciU1K>Ka#?Aa}YYRkZY
zOlagfX;4r}Y24Cv8ybZ@s7B4Ja$Vc#dI)E>Sue5&g)T8#jJ<}vx@pl`n^y2~;IG6u
z02a8<EJVi(hmjChdIkX2GAO*o6);~@-)=FFU~Kjxu)3J;4yRT>w{s0236c&xwGMFo
zc%}PxDHL7jE7^bb#2>w{JTcQC7=2y2>-!YQT!EEq%eVga^X1zv>?{BFYu{1+wwy<X
zEcY+;l%P?6zwyx@EpL~uLJOb}M|x6qVISH19_bb_R^Iiq50zj2hK;s-V0))#s;6hU
zf2#YvL^J--@4r{}kwNhTd~`E07>8!EFvZ=0)?7>;3rzdeG8gYV8&2NR&c=4Q1_{R6
zcgR=BC`=s<HLHk}bG`<jXdsEY5@E>H(+kYioTC$cP+MRJ14>$kW5$p(AGY6=sAjsi
z&E_@`F+#o3aYh=y%WGcU-taMt$>rrhl3l=Jb`g~7b-qg1$W#WSa-QPY>eXfH&_18S
zVqjc2zip=B{#rjD9FR><uNAAc(hN=6vuv$0vfgw)ueA{i;(2!+D&imnS|*^(9dl6_
zKw-kwsn(fu)diC8p^{JcT2Trg4xsik0a&B(>K~+i`Te<2O!VsR(ekab1lEK$_AY!L
z0NYg<sw69lrE;Qn;aa+c-Zxho+_bph!kiIQk{sZ61E6R3*6eHHt}QLW3<{OMPV(87
z;IgZXi8T*}Z!Tz071orh?N+AmAfmvbz=y74CJcZ@cF*RuC;}UFI{_wwC>Uu;;|oIo
zjjL;LHby&)+lLtNk;3qZLkA@8d$d=3o$)(*t_|S_DB_uR9eOsbDYrkrW2RoRwrNm{
z11Ai|S$FDeJAdBXH#{yG@K>!ZCpp8^=vgu}FB#dgd=}Zz@EA^qPA;^0(<_6ls4IM%
z)^6c4Y}Xun`kBonosX_+6IkV`V)xSWbfyFS;EKe4cLm}g10B&$xcWY2R2ft3URK71
zQbEuG(SA6HQR4uU>s6bQfCOLiu29bXM33s~|BaM;f9Ma&z8?za&<~TTKtn;t`ch>l
zLz~LC{PqjwTfGW=M;1-H$RDoDv3LDcd1TK|RRzqo8tg?2cbBzFWon;koz-=R^{m(Z
zzz55V-_QPQ6+hQt(6{(5)^Td5c;EXwhc=i0<2SaKZ}#`$E+|(Jg<KA#9MOeQKILCo
zQPT$GIgIYk89eYLWyUQKbRSdh+Kw8GW8*v4iKCy<DIDLBVT_ClknSzW>rw>NT$lWP
zcMU6;TfE?vfDgtY_EyqJQz6Hybky~#_)P?&Yh*bCzV*=(aeoZx8W<y!0p5h(>%yOf
zWX@py52$_fqF4hLTlhv=3(N;hBt&B|kiyr-dhJ<EAiG+~2=`%Fxx6Qwf$>ybd!yu3
zY54EXq5L&zqUZPK*Zb!cELgh?&KK(;V~hQ6=x^z^%B>x0nHjiM&<w>K-ksTA1`j@G
z9puUspnxQ`nHkhtYgN4&bbH}D1yihd+F!<k@OyxruRm4LLI1Xl$r(0#KdhcsaPqls
zv^RxoY?LAFa0jvuHDH29lze6T)Li6xFT?fuf*b)EZA;9`#}IH>$GYDoWip6_FTl2h
zs5(K5{m>6oA`m6BIR^KHJZpV9{``Y3`^tiQB@putv+4tAVHa93%q%#5ztKJ4KeIm5
zlN83A#7?>n+8!G{hYcMVkVzko$E1)+q!C0{+i9u&Ix4wY^5nG%<KHm}DU}u!g<9@z
zMMF12nNksAM%6cVRejtCt30WSs(`5yli?p|P_;YWgZlO%Xj(T{-0>Dy&`_7DOfrmM
z8dQW;bM|r1kc~hDjAjehW>%&I1$?IUrpqZL5U<E=C0JoZ=%M~}Bee<_>5rhqf?2hH
zyKLBxuF*3vp-q|DsA6x?JS$ALqU~?8t!N{{%mEyXsLM*4zq2l}$1S`9{ggV&gk1Q&
z0gJOgj%!A?qDI}b=vd!y*Rtkddt9?)U<Q7YZE+g}_lQM3c=EZd8Cn`Hj)FA&eGKJK
zW(8j9feKidly!Vu%|^S*M7LBl*U-@X12P#5%^oscBhx6BtMW2yTPBre-IgGZvs07h
z?8KRJZW?<mw8Ql?0>4JYSzb7%_mM$i?iWw&OAkg>ZwUmeOU#va$lJlfajaUprh=;4
zz+|tA7@sqQqYv3~Zb&Bz8ATt3QE6EMuNwBxO0)o*d17TlR=v0{yZc(px&;-mp-3dl
z7ULO~7j>)EwZ7|pC-Y!N>LV~J_F-7&u5tZ6NL<^>Nu_5lHn-xnPGCV1{E%6i7KKoC
zypOIqy4VQT{oMEg3Xp)dBfA>4Oah%5P+4I+s9=a>P*M4XtCc`z(zNE&6-fEwe*IjR
zfSFRt=7I;X;QKT#?T;{ca$Cuc^|Q7uwAs)`u*n&AsQas4Er{u309(!*3@1H;=T+s<
zOmbd0zqT4ff^Y^FATcmTChmu}?2d9=IGr_fODwy9fYtPwQ)TMpi86WoXgPD_P&s|@
zK$$pps7#+eWiw!G`N}dTo5l4Wo%wQZj}^*ER~3QH7)-=E;hM1mg=~s3sUZ8E>`fU7
z%~>i+LX{(Ag$es5D|)mQ3I=b%Z|&Rat9uZ)(M8=qT#!(5&{?^032u?^3h(aoGp`kf
z+biT2KnP_?R+qCrbXgxZZ<8r$h<YS+4i<w9=vpN^jad88o-wI4%D=nG7)=Jynle|V
zZ2beVaNm-ar$?T!Onl3r3m8n*&B?ua2E@!F;(bOS@?LP^+xvM&m_<Jtz@l7&74r`I
zXt27pfbM<e<0SS70*ox3Qw{A0aMD<4U5Vj5$o-sI8pflPX+t8$1mp|$$?XJ|F^XF-
z{W-S#wf*#UP&qe^V5{elEncmkK;$w1GJ8l9R%gpu&*!;nGJ2>I5{qo|<gs#m*URO|
z3(v^Um&)lw2g>Qg2Mo-nPn{^|<PbyE0=f%+`G$?<%;AH=+H_A6audP`<wTFA<LWLW
z#`t}~q@Xauq9wO+H<4ur$@`c9M6@bRHP%pQ09CzIDOTW$&jZ$=w8MSrz|@`9m9qHU
zuf{elZ~a`gQ!M_s0O@K}l~__>u*v}jb_9;?9TMf9*iEhq83R6JT@lrY#K_Ky)NNRO
zskoO4mF$9Gm&58aOH_rfjEoGVTJl<&X>#;|{)%-g?t8+amD~rV<>UPU3?_9OD-o7&
zXNf6rWX|otO|a8LEA#pwGsrMgh9$psnJQykVy@X1U;sq1wnbKDEYp+kQo1-i6`dXZ
z2DVH#%lDy8WOZm?9@A`d55qP2!T4_(R`2uOVR<Qk*ZEk<9_Bx1-KCT{-=EQCq!B&J
zC0%DGCdS{e?T*ohU*4`qj?d{eFh(Y|ye0$Lh@3@c!5&w^rOHa#*MX-WEjvE`P&x3_
zqvh1Wed10$ZKuX6OT(diu8c%!ojR}=r^?zHM(4|^lc&q6Q)kM=nTc{?T(cgC6>gKW
zb#-A4!lrCY9JioBXaF`g+3=hHKanH5)k2k{Sa$)X=M1A#nf6tEf3m=`#xb<ueO8$m
z1@%|fzpYQB46I$QNbS9$472Nv8PM!r<v9W%U>V6eCuuN6i9g7C__ytG@_dGLOVW*(
zGdV;GEIF-Nz=H>)QZW-Kpp<hK3%(O_)_QBXC<9^s>Wm>6(4849jX4Y<&aCL+ijIH>
zFdpCF?95Wn9;3@OZ$@VQA!4j|*?$U3@)?<0yc6x#D`&KDu~vBm0D`&F^_lm8g{zdq
z1mHu)*M6^Kfs8lWe<|+47?7|2HyTYgN4;}$mL815tLQR=N`gI>t!x@CeYZ?L(7nZn
z=UN&A12S3P*_10gx@>tFk-Y^A{j!sh#btQ-h3(~~5C37=`KgbTll%9S^TNIwmke2i
z3Pg;zsdLA{SViH;#=-K$lTVe8|Jf(X@#DwKH5;!fE5-FVzI3Urr<t!`GceHKuZqcC
zS5!Wh#8d#4mcHiL8xuofRMsg+W%IQi8Dq+iJ>v9EEo=J%N{-4XGk~5+*?>`}hpjNM
z4b!X*h^b~rTB7tKFTm@=`%`FkUe|)v4>k~a15pHl1K`JO4ybHoPwyR(SrOLPI{<MV
z27M4NF|aJU@5qi)Ad0jxpG-{mCmE2omaI$P$!JydaYQO=?d?QnsgLq%)*<($0iNEc
zZZ!cz^dZ*p>Q&oASs=v{<*72|lE#Q05-D}S8eXs*xIsZftRDWK*(^SAXkbK&DS$TI
zu~;t*V1{9*b>?{JvM{jDb_7;;tba_|<~sED@?3u6!6?aEvz)Rve>nE%@_ko+Swj-s
zw|t#sq;l&;<seBi#^k4h*_>Yk12P%(+cF~?U$Ih7hn8TEu5Vz@oAh}sP?du)DrHxD
zAO1wy^T;R5i9I_J)Dei#w}Q5bHDv<$+{2HQiPLAwXKuNvY~HlFtlzMqtXR21LRd%r
zpHO%C-J-EPpBxl4);Kg^1VJNkaf}Iotz5ZM%2{7F$N*crZk?33vMd$)KdM_J>RJw}
zXAY^#v`l-YdaJd6@kR4`vuU-9*rQ>l`-`2r<#(e(QXhS1ay7ayj(}^fG{Z`ds;utS
zSl?p3004<W+81ndltJTztjfrx$zsSdb3}Qnv?AJ&%mME}*t`Aaio3Et0)S_*(C5yc
zWq3S5+76|Zf9Ldbw*@SxqL-HyHUJ&Kj_0tR7(pnM4Z4&@07LRAJIFNF+YI2eecoU&
zJh*V_%B{SEZSKgIE<*wh`-<b1YrB=zc=vEqv&yjxZ2hKHxEe1H56Z?)&8t~KtUJa&
zkNW8{zFH0L@zn}sI{q+E#Em^J2G~Fj*Bls-iBfJDnFciIsk96EGMD0sW987ZPnA87
zep*0mM_&+AgL3J(WI9=jD9$qzQ)OaO)+*ANKXLL@dH9jfmF>?wTUM-CUY0FeW}st~
zT^9S5QQ@DY<EiTyP=H8rbrwKoQF2R+jVX|=Tfe?+-n^-7z3#el{q;AL8@6pL*U9f|
z*Q_q%<70gz`&8qFO1OlHX<!8~s+TJ}*Tz)yo#DZE;XxGRzv~lp*=YTA4a)==^`jdy
z6k|jI&O8p=eS2MYrtUtl7G?)QnPe{vE+Ie=^h{}cFb5Sk*~NL?TP2(apo#YBdk9AQ
zw{5o7AP}#31{5fG0xY)|RC-dMXn@09h4>1r3T|2ewbjsnPeCsBJv!2E@mElh*Y33s
z&=0Uv5LuZ)vTM(pEZ8Z0hex#r1812rkgg27Smm#a+G+Gz8!ln4%sepX-8W;hoMZ+O
zN1#NqOJ5Eo1b<-2GBq`^E?c}K;uc%b`^XePB!vFN-d$zyqn|2AUwlTQ70)zGOefv?
zHA~BFH*YPs-MCqpk-CeA%E3cN%d;=;E6>TlBPY+)wHgJa6DLmCKPZK;rula$i*}q-
z_Kk~26xO&fv*pW|m$hrxmaSX2mRoPTt=#*%*Ohzjxx3ta^Ud=48e?dtR;s>e0ma@F
z8n4d;>!MaDz4|PE@h?;h!>t-upE4i?dpB>b?bELu%*fE7m|gL@h1|HE$c~Z)0dVp6
zn5)bLUo*)EC^Dfg`UGqP0U~5d)z#_s#^)>>zgGqBK`92+{yE>pgCV&##rLrb02Xv(
zMx>)Lu?kFlpSvyXv;{~J>s2wfV$CmaScc(%cSfOkoMq7O4iU;d+`k0Q04Mfai~+hG
z*@x{=>%OngK)fs;p}+8|Dvu@w+GVN674;G|EG^hW*O=XLA+E(GGDqeYkjdn07Q~d1
zS+K&DVM5J$rz;!N@cARpZ7+wmKVgxHdL|Vw9p_s%t}gF-+uh~e58PdDyJ>S-w`Qd&
z$|HwQlxJVsTONJt<?{T?`^x^q$I6kTC(6-dXUdtWv%;z{*+VhE`s&*RlgV{jnA+*n
zr^}&3hsujDy;z=j;)(L;=RQ~NyZ^rO_P4*iyx|RR6t=cS*x#~rBusu^Slj)<Oy1LA
zPzR72OEpupRPGGT>$PwB45KlVMsd*Sx}F+$Vse26C`6Q~u__aMVC;w-*<$3#H$Rhc
zG2B~gL|0pr(AnF>`y-nMrUYG`>|+Hcurl2)5kV9=3rE-z0b&FYgUdA6GB_#_sgqFS
zW8r#6RAhEhXBHb#mi?ptSdTCg(Ad0|r7rM#s&-lyC9spRHC<mBUw;Gc)z5;#Jpn_;
z*QCv`QA5G!e;($8tHKpm@|XmB3@sUz(S`l8KA+|fkiGuK*Du+9Vo$UCc|=$MLt?Ku
ziNDqg=^$2sIJCbUeCF|ToG!&w?((Ih<t_K$UjD+Ldvkfiy|<JNYgQQZ(QESBb!FRi
z*OYtixW4S$e^h|%MA?7vXxX#>i2Xc#>{K~DF<B<X{djg-{>fU<v`!j7>c!k#y6~^c
z%fim(SPW52`p*{o^&OK_5(O#$&d9ztUxU%I4jw#MjvhT)cJJO*cJ16*4j(yE-u>=(
zm2KN@G<RmZu<q`XicS4yXa|spBt{#E3Z7%I=j;-G--Rsy+Zh2}X~xVPR48h)6)+n_
zEVkk2QD=RYEF;!!f?*j;F*T2)LG*9isBU|cB;dlVZtPbg)L9_Lc}c{ppLpb81{8u^
z4tYo2$)r#}hNCk{aYQ~M)E&Vqc#`Wz#sw=2?ayc#A*jcus2u4Eg`JZ@4fV*GP>72;
z%8&pYKpd<@+n_+HWm|i!Zb)|p*}D7GL;8DcT$exF_*$pwAfL~{9oFC4)~k6hnHXXk
zr9LF<_`GZ^l%Y0n)f{!oU|fsB#-`6sCm<Ut%T}#1*Uv(|&P`5ObmFm{FW5R+dq`#}
z+qSMRZ+qiy<-WUb7G}2Aj%26rZbam=On`2^fZMIxHrtxnsWX%1*oo5uGN;PX6Q}I&
ziAe--Ow0LK(=sSjxmjk0x(0!WHVvyDmGZ~NM(p=<GO5m-o)SPjS@s<`TJ|0|Qg-e=
zEWaNw6LKz;uBYwZy+>S_C(CJZhpJNl;x8T*FxzJ9X1yeuKy#7)taPFJTteaJ0xQt@
z$Y>Z_ceJRgrdvzdmky~2N`ZpU%H5T*`$!2^dPjDjkrmXl-joG-K~(hGUmDz@laZex
zyM{#c8LN?_D+C<W$j~)R20>&7*d)=m@)^D7!5Q`$TyDs?q3sDa4i{kTks?TtZK?9i
z$C{Ac1(1f@QNPnRVI1OO{jgsR?`QO4k3CWYFSJhGY$bHH0!;N?DmzAc>bqDsMl*7q
zw`Gy@M_;JXI69J4o*D)|F0K?8=;hSCIu1wlOfosn<=n}m_G%qV5|J$tAaj2W1jt06
zEE7c@u0@$?Bjak_4=h8;+)L(Fl&A`H`i$)R+Pg<07WY}GeZI!!B;h-5xvt!M`weB|
z`qg%bU;_@yqGTiMa+wUvmkpJ*tCm}eBAxtG0yNVaxFIY`PYl-2xfY`aKhpu3l9rb$
z1F?NAGLX3Tq2Fm4%EpcfyW1l`_QH;R<?*L?mPem{sl2@Bh$&!Qi+lL94@+RkSXs4d
zwFQS<d+kQ6Z*x_TUh=u|hIYZgKP8h(07yDvcW60YsOc`UH~fmI1StL-WdP5h?;Lj~
zqO!qea)#wYnP%4-04;I^g4Hq9fP2*#A?LvzaueNS>^tPdRA7Z-RvBi7$A03OTY7(H
zS~v?VB%31(wVdujmU=I<ZcsVqwXOV_Nl_W8N26xoCa|DeBeb93!hLMqqs2PHeTE9t
zMM`#PU6>oAW6=y(GP~R#tXqztjQd{2)Vm^XrGYd$M)qMA78qGaCRap-FH<FSyVc0(
zxH}eoPva6fmSF(bV1Vqx`K2-`Bh1o)tolL*(2&n(k?P`8AUk<*udI_DcNb06Xw51O
z@YqtW+p?i76_(V?aBwfJX>+=$dr+)piIKrvaHgU^s$${CDN4egRef(dgcdC#)MT;M
z!11n$t-=g%Ecf4aQ~C5`TgyYAc)UFF#Evo{>v0BV4?ipbcCAD+ZWS<FVSpBjK1-S|
zHG)jM51^AQ>g+9S1i&xYumpC_P^b*?<|rtF1GIe+dQT=38+!qg1d7}Oy5%C_FXbD-
z2vFe6X^8I`uC8)XaLVb#$Y{(3=`SM#iglzm%X{9#MRy|0IVXpe>2o<_20_CB*#-q<
zV=}P_L1yD`+W|(0J!1-33XJ*PT1wv3+^^s1szqC3let?R23~oMjjW5nYGb|6B$%(v
z1?)LkJlZF$*4R6Yo%zEp=T4LAnPel&+9feb9=~z!-Vh}X1ju9<kBaqL8JPxojID~p
zq6g8C&s&+s1cW_F65z>W!fYlcdaST@t5=lkH?J@2R!Me~hKbBvYY-D!srE;6^TiCk
zzCbBtcvu1z#>Yp6^^KR+!umF@TU|C?yH-N)WwW}l!B2kf1!I6mWSvaG?AF_FE7xtk
z&ezJ)zA;cC#}zP=7GoT2e666esM>^{2QJ=yRt`bTR#xJEf}OJ>tm)uu02dbCtCCkx
za>W7=L*xO&<?SslTvQ+TBf^jU0k>RcL+CEuTZV%w30MTk+(3$jpAjfoUewzUmXz`=
zwUgC10$Vaeial5m6=dY~HDDn#g`vaxF~bJ`4wq`kk!&{hbD`$J$|7u^**YLXZUqP>
zKVQLW#sTU~)QpKbU(rvRrRQp9WNMfXr)*9(#+D3ixcFqhv~LFjWYT%c$U<#tgCy*G
z!MYZe=}7viNzI=)J=yexDzde*_I1trRl=@hy=jit31?z;7aIoE^&|lxW6~$<d>u`d
zneJmdDsIOoo|7yj0suR9>?n_joAJK;?kk&Q-x=JYU^cj1QTAn5yd|-#q*(Dd*_^3F
zFE7)!U>STL?y{}gRY3sb+CYhJ<_Erx;7|3A&%uo7R-^pTEGQ&{a61*6+3mw+$7gY`
zEAFNf2qICQ{pMhzzk_K7gF;!b>U9~eir92z8^MRx%jdrTEH-Xq8$nyYc(1War}slc
z2xJM@WNv`Nq8V&_fBQXvAM)wS4}W*-+z4o1|Dn>)0W6IG)R4N0U5mpK=rO7;rF01+
zTRVsjpJjT6SNCce*2|lPZCP{a9<ui8O1!e~Ru{t5sgsrnm<znD@vtZeWn^o_MW+E6
z-K(3E?Q*r$Tuh=RR|q@Xw&j}g*86WOZ+`u)Qco;cYl!|c&pcDMZ{KcFjm8qH3#(r(
z2~6Fea&OOM)_YhU?`Osi2dM_={C%q2T`@)tGN?s(cwVbARceYFKj}(iX~Do8xSFFx
zu-O^uqmW^P#z<xz1RDd<%IMm60<c`QJ8(pu;yVUKXkCZZb;o}lHc#+j+qC4&Ciyq^
zp=E{z8CYGdJ}@9qmu~%fK_~-%H4ZNF?1E!qo#D@M0D1ZdwTvxc_Fb-deI>m|8QBue
z=9Df8OdCkB$6$c$!iDAC^$5+P9j4`#B<|N<7u_$Su0?e#YBJz_>0Y1}E0&3SPO@gq
z(yjQ~Yc%^3R4FePrnq&}x^nw1Tgv8Z*4e|_fBW|BE6)g!9XPOG!u~a3b()%$CL~MT
zEqo~Q9G2b><WzII619+QzsFrt@vh9$dfU~0OJ<Poqatn@Lv9NJfyzAq!qmGLhUe`&
zm4q=Aye|WZ!$9*{2Am4T3R1eZX2BSEN6Q!?o4j>^t-^g#FAXMPIRP3G#L;gwSU`|x
z)DMu3`hb1K-xc^$Vf3cuHY{||>L*JZ3pzJ)_B8FilyYwNGjd_v$?XVwvPZrqCnwuX
z!gJKzfdH9IjP_7X&E>a1(^J_X)<6I~4x^7xT)}Hx!m)Fh^BncvYc59DeWoP9L&N;{
z9?(tLCuNN+fcWIeljWrsUo3m}ND#}EWa01ZnL-5!K$%%3V5;Dk!K_<#!cnDMegi)b
z0L^Yi&!JJ71n?lBEi(+(v$BZ_Mr0zvh;oyVUWw6&{Xw;j)&oHC;7b4$Krcrnw#<i_
zHNY4R9;>S_+;y34H6C5RpMfV_M+=}uc^L>T+EoK&{KIf<Vs97f9GW?UJKe51_@vk6
z`I?94JSxDqOjLu6!}sDw*gR_BtFEf8hl$P~8EX^8OR(8Mma_&@s7&JKycTokSmuD3
zOs`rpSMUQlimO*eBV@T%cAwwIXk9dV@#LwAvP(8yKl#iKiC%oZ{Ml!pDZBR{tCiEh
zg#!l;lmq+smNT-yOmjZgQ-|xiNCLAQgaHliz|!e=`;(t_?{W7`c1JdD#_X_Bxkdm4
zL5#BQhO^sSZ45fA>Wxydw%hZav5GMBV0Dpd3GL_F6!RA1U1V8UU&=11el9s~D$XDm
zBPD_~*uGrN_+3FU#vAJ3?k@Ws0HtI>zhgN4k|oTfkM9YF+`ygPrCJ8pAs6bLeswbx
z<0+W616Urzudcv(e>XfAI%eDD6d8E~0fB)4nbf~o;X{r^WE&qyD?ZQNZq}@BR_$|=
z_gM*@K4n=s<eV|{J<Pn9ZqQ0W8JLC&>*ngck}+ia^SjDtAA7NUMnG))3%km`L#J#n
z6ff<slajpn=#iskO3qQM<f>slnKkiAbH3q^>g`Lw)qr5`yyO}*ZBFgqbxo#X2|UTK
z6G01L7rdM6QPeNt>1BoquS?CfnAsEpIdYU=fLnkT^E4uh1!O=ahkE&EhS$C8Pnk_=
z7JRZFx-SEyQGVcU1c<PmEX!P!#t6~A2(Q=Qqn=@G5%}WBl*}zIH~Z=a;><MNbHC4Y
z&uq(jH7Z37CN&Hhv1%jkDh4qOdR<G_HL@0Brl-#i#0xkOAd^AAqUlJTSy$lt(5o4&
z7n?j5W-7b-?ToLEC9lA7^!UkgTn@_AP0b@C?S7NFsKdo3Ehm*K#nS>{`wt&4&%e00
zJo4mA<<pNpSDt!ymu!$eZejQRu4y@fW>VJvG@}TZ3h&Aw<DVtQf*W~%7m(bASUrkf
zXl7oO&Sb`>HlCIVgDBizZN`dh5JXNyciSc9Peq^CxX5h6y2iZo=y&@)7&bwv&Ch6T
z%~%@GN%O!8XKvvlBv7FJnWeR1`vkn!ZK^WPE<ikwEE{Buu2Z~&s=xzelVzEQF5BO4
z@7=}6Y<M8Th)7JBbz}5tDlC8(AJQFb86oV9HEe^(?q#%(YlLvovhD5qBl1czGYdDX
z*JD>4?0W&oUCwTFXy6Torbmm)`_IVXw-XYztU#6~hz**|)CM`%ugtR56W8L_^trPG
z$%-);AX`#aHv_^Vy#@lrS496Q;~bWBEV{6%=kT1jzzAHb^bQ|6RSq6GVJW6~bPK;%
zxo}Z9E4bI%FfB_b|HQ<!t%2>6M8q#hLgJ?dxE|mBa(U{7-DT&Vqh(Uo$f({lXkct~
ziKM?$#eq*@ZOZze<PW4}uNoJ1h06?=y9Aqx2Lo@dWw_}44W3Na%k*`bT5MgHbC;l}
zY^p$+Xd)Fc6)4xXYW-X}Mim2y_*quIP^7t?P+mOQn+jB)&4;Es+*TRkdr#5h%9P9?
z_c;_f!toi1p<7n$fJ{SDC~a+*8W!3wWCCZ;>DhD0{YZPm7TnFf)2@+$Sz_H5@09*l
z(6yya?FUu(*ep!|VY;gBQ8{@WL&>9GqkUQi4guvM0|Y30r&iWG+bsBsreu*w#*2(L
zD66t6wpB#4L|j<RWMi&lvz?_rI={3{@~maZ5ra*~GQm*~JGJ`wJ?L)#J2UFKMZ$(X
zWNP(YBJ0Of<=JPSlU${{Dod_oqhr{<)_Fajo`(!th>_$G0|A180GW)VCNf3y8+4I*
zK6S_|)zwa4mV-mb*Q}HMa^vN!<XxnO*LiVNgDE5#u&zmI`l%t?lQg)?CZ;jL)8aDR
zBWb8!HaFt-=l7JCcJ31w;)yaT6Ph42ER%HOy5*9%_*wz7;qr_;v+wXJtDq|KNl}`|
zB;Vs93Bw;A5}=m<G+mZv3bBO6qWDY~$-#^EQ<aEAl?6V?2bwkBl(U|l=AdWFUCQAh
zpkl3=vO25zA2lO_f~b6kBW0Z3sbwtx*|}i)Q_Gc~mfz69k&1rW-96`|3{`}tl=Y`7
zMF)DG`Kb!pw)j~Tp}r3L)$}t15!G<2@Kt#Vd8L9^t#(#ftDgO)N>aZ!rX;A~%1{3`
zh6WudePfbEnX-q=I>L%a{opbTrA|ewGSO#Hf9wNeFp9c_@wd_ieK*pTsciJk);7=I
zh<3?0Dg$j3mAUPM0~nz^fX7)24AJ)@K*Xvo-(gFn%0ttFNiWH}N5l|f845aD1_9CP
zr&(}x-=zSry+iNuv|>6e2;^E<?+zPDB<NZuu)&$1jla4|?Wx@~AE|=8CfG(IWV3(d
zKHJNhSeq$Z>+oR2!31U8n9Pt7$Ikhav7}||HX9sVisaE67<KUA0h=>crWy(wv1f+D
z!dy~$B@Jf#AjQDX*VOd%@LTS9VCa+EKNaqUS1M>0-wy=HL{YEFjBG@d{E&3)px1zA
z(cZbg#Ru(}<R)CP;o35~Y`G;3&ew4PvR#s-_wcb3Ws79eKxpdRS0$IIOzY*{2g{#)
z^wILiAA794xO2Y%+eEVlrgc~+>9g*>?YeT`JvWsb1;}>oJtXUA$19MX7PrZh&puyP
zeCQ*xv3sqsgIL!=)_qZWqS<x*1y-$qk48f(qZ1{jux0KX-<F^NXXHYZo+^kTRot$a
z2&`6yC=P`LxPVMu;-{wCG7thdnbOwuKo^8r;+1e(xrJ>?L=}#Ls0#?zy(?#rN>pIh
zwlE1ZHo3wLj8nM5#I$r(VtT)6M?)pe;-Da7FR$;mV~c<v{<*eQlQ=`E>VH~SV_ABW
zW{A;sF{f0T5Ly4$a#ewvlC-)b1HTGV+o#IZ0M=Bt8WUQork;{HXW)i@(egFAmaI*q
zY?Y~S?Nr;N3K+^BjKj*bHi0c7gSjha4GJ+4s5?`O2WS`%v}b`11RA^tNtf$BQ)h5m
z4m6vu{pn9BZ&+BPg0A+Tfr1$YK6xytMZpj<2k?rl>|}I}BF15*UMvhOX`5`y6+=ie
zv-`Nv^7NDlUV6|ep24^_@ODOMEZ>5+yj(Y|tT#orDnB)5S8Uu|mT!<m0`mKU)O)j0
zUm~0F6>W+t>7!AZf0_Xwmhv230|By$>B$>2kd122E%~=lFAek<U$LsJ+<bjmDy;1E
z!TrsCvNIEBg$eDKBU+A>+i%>`WWMhwlh^EG6pf&4<j|3m<>}{lmnWawRZg7_cc;En
znb)1SY%UMTCg=z5yH)m(Z8gjE<SE$?XTE;bnnUG`u*=Uq`gqwPA^796xzQYat`PJW
zBP#aOT|x5Gk{!EiYRIiwWi6@%R23PRX+cKGL@6t)QU#-6<A-=vUE)d$plQdY8#5rQ
zGDRuxFa_<_x9K2N@UCRIR)X;Kh@MsDb550&G7@D5rlR#>JP*|>YOWJ;OXg%s*EF3f
zeN7T83f-Qv0-y^Wu<RZS3KF2uEGaBASv1wfY-OTd_AYbndV*qSZRXa}va}p2&lJ7O
zusOiisZ0fSvOblWf=b>pqVlpjdipI5((=7#R;Ghz1bb*+M;st@K|#Zr9fppFMfx~0
z@bR)QNPx-Es0|`h^3?_EvV&dY>!3QeG*HZ!CZZ0WvP*6q_OYi%leW{g;5xJA{4y}H
z_o01=qK>p*81LvK9oHFrvMw_N#8`P9E#TV<q5_~Q&#{%O%jWwYC~I%LrHsfa$yV@H
zc&T0-TP~>yRi+O7Q`1vpV$^CEUHL#Zb#D6l-1+0H<=B$Weu9P7ui{b>Cbn{uT45W@
z(U+fZfK1n%cJ7gbEO#9&_uq3yave%P&VrIP6X?|lOy-R;C*6d-ZuLsZ*0EHgCZPyN
z1vEBoSXJ)5b6a`Go9-xYe%-C*#_KnhmCMJ=4q=VQ<b>*zrz6dlK66}LiYF!0hfQKv
z5L7@h>3#Ai#fd5hBQT&bwn2**O2L#Ql?xT7PJfTEs1|qziNrJjEKtlWpNd_O3rbLv
zxXMrcXJDMlHr^rSDSyJ6O|+BcRmEm*DAeD|QH7`g!Zl!5%v4@bdI+R3nNfjKiF<i<
zTSMw+1H>e6d#}G+nS}v>{d2}bMXk)mfz+~)Bzbp-5!d@@p#X3kTq-aE0O%^spg^!^
zJIPdHUz#->^)yffv#J25o*K%|hKn;Y$|aBped}^#IiP~>rAp=6J7|QsjNstKy&O|C
zI%>UDuApwHBkRF3T$W&^QJ%ScB|V)QRHJf;@Y<UsOV0H-Nk*e(S1lvcaXBKgKp(Lq
zFDw;zuO{9-@@iDtE8RN~MkfA-)%nHaVxia}Yk9!FQqAVk_qKR0Y-Ra1o64#!H<U3s
zAv&*<X;bzeI__&v$I6CvtICK+KMkar3RuFpu9s{b?|kc>Wqj#y*|YDcDYrF}xOm&v
z4dtHOuP=9sOL6lxYs)e@b8KR2x*V4^wLSX|+gctJuUb?q1)OE=Y~?EZyHU*9s`d4t
zt~E=AVuv=G^$rD4qga)tse&_>0=HHL8CT2|I68(cNE4Y4)|af_##W?EWsp?vuJpmM
za4;sL%BT$aUMr*zm^BL6TvXyll6-Ph(x$u<xL7gpd!d_+o#C>kWKgtrJ0Mo(;PtE-
zK;TX!gR#DF_Lj$yxw(8Bg#sB*W~VGnHZE_KeU7#@gFqQz&QMc<n=U;ECSxyf*VT*n
z`dkk{MZGHk@qrHeiH{vnb<C0BQjQ(jL7uFW8w)m;$SwiG=mYdgUXO&az_m$#ZwJiG
z05M}rf!7&b+HS+72s}(v-HV!EmJBcV&(-p~>cw%<H>Nkl)$QUR6Ir(lXLBHs0RdTQ
zH$<BiynyMobeID5^7R|bhFk9{2cCY+*2&II1+zIJ2U|Y<+)jxc++S|ma;;>aA7IKZ
zsgLG$ymrIt@{Tv&QEs_$Q#mQ?W2$483G-UJdbu&RRV$W?i*dx1>x7&jy?g&*TO-pz
z5WRU+PW4`Y>z!rm8{b}5ZMxo+Uk_t(#s%v&S?v}PCyGnmUgr9O0x-qu3Lij%aRKG)
zYZ|6ldPg_e1;7r<n1Dr4A$Vz7=8p6AIa6FLKeTSOxb>r2mb0v`;guP3xYyi$=zwBC
z?d~b)TW4?105f~&wy?^uDr#pAS=m>nl9DGUHztJXE>CL|n28lh7Rr5(bR#<Zut$CU
z#{kj|kLqeo%%`?Z^*)t;H5x89*ZG~+(b;d9>!>GnMOu%YS=Y_{F3SF5uKHfD2i(d1
z`lk7eEH{6st0x^9&0O!R<C|eQkIWKo`|cib_lxCsk<GN1D3-whS$EfOzfQlz3SX&@
zsd62cQ?S?Hc2~LP_It`HIW7A1q5YL5XoS}Da+u{~PrY33x$XM0eEFELGOk5L2>x8P
zPnFhEVOpEzH0lj&S6UE*&QCjVQ%?p?XK0<3v{Z*B^Zj!#?X{p3^WcawU$%Bb+4Q<M
zmmA;pB?4sE!HTC#>y`SH-&2v(CF8EU>awGPXT#mK)X1TWYRTmTg&Lvh6+~(|a8;SE
zG)B}1A^l~!94fP}GOP+bRgmjx^*zwWP|8(K?YhgQ^s@!7ypr5sO~HN2@+HbBrLRTN
zj~ZKJU(MTX>Ev=;7n9kX$`c)aIhr(2-a&Tj(ach7(UT)Gj^`YA=Da}f%cfjE2xFcI
z{}QXI?nMb`SuL)`O|N@XIVS65lXA$WCKINWw*Sz{@>$u0eE;3s?4)RAM%8U53Vp7V
zj4Fc}Q9pHOQ(~TM`p(mmd1R-o-#z)vPH};rFaazPx5&zCw;01*wdHyPX-s;z?qB1C
zea!(axtsdcC9#;QTKXyFZg<bnuGuKVL94JiSGuzq>a*$R+1xXmcP-wtpd_G%iUz>s
zoSklr&1_9xq67v4WD-%<?A{)d0E3HJ!k1Y0EABC4WfIt;jO^&WZ!9N;l^x%`Lpl<?
zdTRQ7c|ySAqmt9``mNWLyT=6}mI~AEtSij6VO`+k=IYt5Me3l^Q29f`#vXrmM|tYG
z-Lh7u`(vaX5{0?uMqRMJ(bmb-H8_{o6|0ozvXP5rElS`jmVj-AF^@|KL2*Dr@Y|I5
zb0DL+)lOcarQ_qR)4;;62W_v;fizxg5z5Mh$*kBU$D!Q!=5lPu3uWTCWY5rjWzGin
z9Xwe+_Nk}K4RT_%2438-Wkb!d@M>S*53ptpV)8N#X+JJein>|)laD-CUY5v8Wovq>
z>xxZVg^k^90W1sk<bqc#@5TEUC9o)g*-OA&#~rqAi3f&<r)FQu?Cu<hm%86sWS<uc
ze0DOJ)4MFvPuR@5o9`%F-}H{M_J*6Atp~aX>Pblx^@kt%oMfBdZqba)tT3k)d4<B1
z&7G1kdtJBt$fut!k38|BxELjihSp!AOxNFhy99dNAq-PpiUS!Ym$SKx?^=|=q69t<
z60mjknu-7nO*}z!zNvU1j7+i+G_J+-GbE(_JjiwMuha-eal>f@<EGcWv79=v*BIIH
zT`$*=W_90v=5sHUmCKfv@$u2}wl~~iYi1fUe>ni(*2NUWcJ3`7`uG#&!+-Wf*{R33
zaGh`K4dvRq?=P#jZnG=}iwoF;A2y3`Sd_p*lYqGvyNnD0OLOj?8wij|?z{%bMwTPz
z*wvyC)#?~oy0omm?#6Q6Ti#htA3ji~PMs`gjvTB39Y;<~7!y(l^67~w12c6uDzFWp
zpKXp<8Xt*XRCnUDFYhf6eeCh_dk;Na9)E6+u|nNKplP-?3W!~E=j+N+S?_E12raak
zw%DFU2`oxrU=px|9u_H_kA|{*rJAB@POmu!vbVkd%|km5?P+{bBXYz^_kguIZN(K>
zm<CMfCgSztV!ZyX?=BNZB!}UnpSDOwu9qD=a=Ls-*pMdVJ#zF!dC%MLEw^slVwpeY
z8qCx;Jt>=>HEq?C64>$3C!Q$(<If(KAdfwgy<76~35#61dR@8ZuGg3A#3iaAtWlU(
zi}7&<4xz;=ElObCO91;vb+2kHi^=lJl^^UO2)snr$d=@dhD*kp{n7Kjb7tEBWiy(4
zQQdS?$BvchGpA*<^rQBZV5ZFM<DY%DoDi0DTJj<O&tG)G@-ePh1`v6zBwYJJ+15!Z
z|7F?i{P5#1ln;O6$?~a3pDi!#I$}wLb+GAL*hXPt+ur(~vf++<ie_VB(%ad#ck#YO
z2`oxrQ36>4dQM|kk6akKVCgXD@|tr-CW>>^vWTY37W`hTMxM)7U#_xry-ZRVt&~jI
zTi*1xGCg@(^07^o!_PfkrsW_$f|;(FeeUU<p6Oj|mv@~lw{6>8R<B&<35I)p&9Br1
zx)GIy=~-x+Rpes=n1A-!r^}Puca|e3Brlv4qJ6V;&3Xf|8{hdQW%K<HSW2qJNX1u@
z@Z$H25?GYLMI|7azmeoQR+{{D49&GTr`MbVnX)lCXfA-vgCAZqwV2apU%tY$BlS!k
z&B1v6Ti%5%?GkKp_=WAwW@$Y=`mtwrTh{u+$BxUI+3n@-+ixgaH?EU}zDsdvpy!M0
zXB3bDYe>CjpFbn(ZbxK)*v>r%%j3_yTs|Rt*B*ZIMag1+#P+ix%wDz%NO=9md+s+T
zrXaRb!tO1>^VMj0T)ttk_@+e(EPM(0cBJl>py><e*UWX}=N`z;onI=;dn2lBsa!|L
zmR2P^*A18t<!MKbE?Xv>i*GJBybU?*^g8mwGYvCSFnjX3y|Rua4C>k4<^FqbDsPZ;
z!fw5BvmAW6rmT=Wi5d)o^ioK9WJ{?6UJ8H;UPooUO%L(hA!m`juw%caoq9%2gMLwd
zKXz)$QueAVaa7KT)2Kv^ti0}lciJXyWnv?G5Z)q)&4*#NSjR;PT+tFx{bWZCNf24S
z<TQ{bsr+0tV(x+L{P|H~WpYGNWFgVRCa?CrNa`onB)n_3-O?O2qRedi^r;%nsQb+J
z$foH-N1qW8+EX5R{Kazn&0FNq%Z+8T9LlL-`l}_i)v~4ImKa#qzx43S!$(e8(q9EI
z-5d7Ojss=ifurT{@l&=xOu<e8O4-)3_1BaQx7}T~-1nAptpM3tsgq_T(M;}(AT}4%
zYO#z(2`oxLC4iF_S|GbHJS=Cs%<VPjKqiWHT!1XqT$qC__$?|(-3%y^jB?PPrhd}Q
z?|KxvZazNr+*1~suWm=Kn@tHj+qq9pYL@(rk8OXctXs3PT(fSq0ogi90=z;p*DH|e
z3Bnr4ap3T=viHCd+hBe4*y(ac*4+%e^m5BcPqEf$#B0Tsxb^<G%7*8=>?GR}VT(P-
zYs~F9TP$r+0*ey33MHT*rYBP5>)eG4Yv)=Na}H!e!~}%XK|SgMTcGEVT}o#V%+_wZ
zwTv!ZZYiMlKKiM0aQoxsglw9gICi9*OQ-g#yYbM`3H$fLjze}Zrk?IRHYRItl09E@
zB~DBBdJPy+P}7r|o6A|)3P}Kb%^mj|3)^`2eFA9PED^8{w8j3pl%8CCW>Er*5_lyE
z49O8LdIEe0$gcb~GEt*)aN32Y=ED*hx5&t%E6vR)?$%Y3K|@*68UdAS@4T-ZeD;ZQ
z^rdIZ$$fjunWKlwv}~e2$L!G>Mz5#P3ScQ{z2ZUP7BMMd^#WFFZ@8swdi|TqmiymQ
z*4=bF*1}}N_SJmo-z!bP#qSp-uqc7SNMOnE(3PM4UR+c|0%RJ^&}8=*j7a8hsh0gi
z)~lAR+hCdIS8l$pY`F8@a%$gh%b0(B*GmFuyX{P~Ge-}XDcMLpEl0wfm+*Z%Br=^k
zO!uK3%qV17k5^y1cD+R)uD$WLa_wFB$=<NL?H!s2a&awe{*If)nlDOVUP(Z7(s}U|
z<!fYQG)^3zqsGj+Yf%<|&dL$viIEA5NNYcHRPTjR45NCM%5n3OMMK$>p8cgRK+Vsn
z0Cwu&J_EN?2lkcIvW_+(pXqnX*3M2&)clPaZKxonIUY6p{u)^eTO$dJmG$X5m~L>s
z+K*me7=vc96^jy>KN7eg(bQsjcU+4XIo<XWn>Ob_cJADTp>vWoI2f6RVCtDPbDk&i
z5}SMlK4zix0%oJK?j;MO8W6H<-8BY63RY)NpDt6UPnOB!$K>Bp1Gvd!!qOz#@!Zs;
zt#Rp@VfxJSjhn=ExX~Dy0-FYu=&>w|Zp16F-xsU2D1ikofg#=hs!L1hIy*T%=V0*v
Y16pnqswn58ApigX07*qoM6N<$g3qAQ(f|Me

literal 0
HcmV?d00001

diff --git a/docs/examples/demo.conf b/docs/examples/demo.conf
new file mode 100644
index 0000000..302f9f9
--- /dev/null
+++ b/docs/examples/demo.conf
@@ -0,0 +1,49 @@
+lb:
+  - engine: nftables
+    targets:
+      - name: lobby-demo                  # unique target name
+        # A target listening on TCP port 8082, using 3 upstreams to load balance traffic in round-robin mode
+        protocol: tcp                     # transport protocol. Only tcp supported for now
+        port: 8082                        # unique target port for a given protocol
+        upstream_group:                   # upstream_group to be used for target
+          name: lobby-demo-ug1            # unique upstream_group name
+          distribution: round-robin       # ug traffic distribution mode. Only round-robin supported for now
+          upstreams:
+            - name: lobby-test-server1    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8081
+              # The system DNS's are used to resolve the upstream host FQDN
+              # No active health-checking and therefore the upstream will be considered always as available to receive traffic
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8081                  # upstream port
+            - name: lobby-test-server2    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8082
+              # The 1.1.1.1, 8.8.8.8 and 2606:4700::1111 DNS's are used to resolve the upstream host FQDN. The DNS will be re-queried every 300 seconds
+              # Active health-checking is performed on TCP port 8082, every 30 seconds. 3 consecutive successful probes are required to consider the upstream as available. A probe will fail after 1 seconds timeout
+              # The upstream will be considered as available when the load balancer starts
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8082                  # upstream port
+              dns:                        # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                  # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1               # cloudflare IPv4 DNS
+                  - 8.8.8.8               # google IPv4 DNS. Used if 1.1.1.1 DNS fails to resolve
+                  - 2606:4700::1111       # cloudflare IPv6 DNS. Used if 1.1.1.1 and 8.8.8.8 DNS fail to resolve
+                ttl: 300                  # custom ttl can be specified to overwrite the DNS response TTL
+              health_check:               # don't include the health-check mapping or leave it empty to disable health-check. upstreams will be considered alwasy as active when health-checks are not enabled
+                protocol: tcp             # health-heck protocol. Only tcp supported for now
+                port: 8082                # health-check port. It can be different from the upstream port
+                start_available: true     # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 30      # seconds. Max value: 65536
+                  timeout: 1              # seconds. Max value: 256
+                  success_count: 3        # amount of successful health checks to become active
+            - name: lobby-test-server3    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8083
+              # The 1.1.1.1, 8.8.8.8 and 2606:4700::1111 DNS's are used to resolve the upstream host FQDN
+              # No active health-checking and therefore the upstream will be considered always as available to receive traffic
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8083                  # upstream port
+              dns:                        # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                  # dns address list. Queries will be done sequentially in case of failure. The DNS will be re-requeried according to the TTL received in the DNS response
+                  - 1.1.1.1               # cloudflare IPv4 DNS
+                  - 8.8.8.8               # google IPv4 DNS. Used if 1.1.1.1 DNS fails to resolve
+                  - 2606:4700::1111       # cloudflare IPv6 DNS. Used if 1.1.1.1 and 8.8.8.8 DNS fail to resolve
diff --git a/docs/examples/lobby.conf b/docs/examples/lobby.conf
new file mode 100644
index 0000000..46a11d6
--- /dev/null
+++ b/docs/examples/lobby.conf
@@ -0,0 +1,91 @@
+lb:
+  - engine: nftables
+    targets:
+      - name: target1                     # unique target name
+        # A target listening on TCP port 8081, using 3 upstreams to load balance traffic in round-robin mode
+        protocol: tcp                     # transport protocol. Only tcp supported for now
+        port: 8081                        # unique target port for a given protocol
+        upstream_group:
+          name: t1ug1                     # unique upstream_group name
+          distribution: round-robin       # ug traffic distribution mode. Only round-robin supported for now
+          upstreams:
+            - name: t1upstream1           # unique upstream name
+              # An upstream hosted at 1.1.1.1 IP address and port 80
+              # No active health-checking and therefore the upstream will be considered always as available to receive traffic
+              host: 1.1.1.1               # upstream host. IP or FQDN
+              port: 80                    # upstream port
+            - name: t1upstream2           # unique upstream name
+              # An upstream hosted at 1.1.1.2 IP address and port 80
+              # Active health-checking is performed on TCP port 80, every 10 seconds. 3 consecutive successful probes are required to consider the upstream as available. A probe will fail after 2 seconds timeout
+              # The upstream will be considered as available when the load balancer starts
+              host: 1.1.1.2               # upstream host. IP or FQDN
+              port: 80                    # upstream port
+              health_check:
+                protocol: tcp             # health-heck protocol. Only tcp supported for now
+                port: 80                  # health-check port. It can be different from the upstream port
+                start_available: true     # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10      # seconds. Max value: 65536
+                  timeout: 2              # seconds. Max value: 256
+                  success_count: 3        # amount of successful health checks for upstream to become available
+            - name: t1upstream3           # unique upstream name
+              # An upstream hosted at 1.1.1.3 IP address and port 80
+              # Active health-checking is performed on TCP port 443, every 10 seconds. 5 consecutive successful probes are required to consider the upstream as available. A probe will fail after 1 seconds timeout
+              # The upstream will be considered as unavailable when the load balancer starts
+              protocol: tcp               # transport protocol. Only tcp supported for now
+              host: 1.1.1.3               # upstream host. IP or FQDN
+              port: 80                    # upstream port
+              health_check:
+                protocol: tcp             # health-heck protocol. Only tcp supported for now
+                port: 443                 # health-check port. It can be different from the upstream port
+                start_available: false    # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10      # seconds. Max value: 65536
+                  timeout: 1              # seconds. Max value: 256
+                  success_count: 5        # amount of successful health checks to become active
+      - name: target2                     # unique target name
+        # A target listening on TCP port 8082, using 3 upstreams to load balance traffic in round-robin mode
+        protocol: tcp                     # transport protocol. Only tcp supported for now
+        port: 8082                        # unique target port for a given protocol
+        upstream_group:                   # upstream_group to be used for target
+          name: t2ug1                     # unique upstream_group name
+          distribution: round-robin       # ug traffic distribution mode. Only round-robin supported for now
+          upstreams:
+            - name: lobby-test-server1    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8081
+              # The system DNS's are used to resolve the upstream host FQDN
+              # No active health-checking and therefore the upstream will be considered always as available to receive traffic
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8081                  # upstream port
+            - name: lobby-test-server2    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8082
+              # The 1.1.1.1, 8.8.8.8 and 2606:4700::1111 DNS's are used to resolve the upstream host FQDN. The DNS will be re-queried every 300 seconds
+              # Active health-checking is performed on TCP port 8082, every 30 seconds. 3 consecutive successful probes are required to consider the upstream as available. A probe will fail after 1 seconds timeout
+              # The upstream will be considered as available when the load balancer starts
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8082                  # upstream port
+              dns:                        # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                  # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1               # cloudflare IPv4 DNS
+                  - 8.8.8.8               # google IPv4 DNS. Used if 1.1.1.1 DNS fails to resolve
+                  - 2606:4700::1111       # cloudflare IPv6 DNS. Used if 1.1.1.1 and 8.8.8.8 DNS fail to resolve
+                ttl: 300                  # custom ttl can be specified to overwrite the DNS response TTL
+              health_check:               # don't include the health-check mapping or leave it empty to disable health-check. upstreams will be considered alwasy as active when health-checks are not enabled
+                protocol: tcp             # health-heck protocol. Only tcp supported for now
+                port: 8082                # health-check port. It can be different from the upstream port
+                start_available: true     # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 30      # seconds. Max value: 65536
+                  timeout: 1              # seconds. Max value: 256
+                  success_count: 3        # amount of successful health checks to become active
+            - name: lobby-test-server3    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8083
+              # The 1.1.1.1, 8.8.8.8 and 2606:4700::1111 DNS's are used to resolve the upstream host FQDN
+              # No active health-checking and therefore the upstream will be considered always as available to receive traffic
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8083                  # upstream port
+              dns:                        # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                  # dns address list. Queries will be done sequentially in case of failure. The DNS will be re-requeried according to the TTL received in the DNS response
+                  - 1.1.1.1               # cloudflare IPv4 DNS
+                  - 8.8.8.8               # google IPv4 DNS. Used if 1.1.1.1 DNS fails to resolve
+                  - 2606:4700::1111       # cloudflare IPv6 DNS. Used if 1.1.1.1 and 8.8.8.8 DNS fail to resolve
diff --git a/docs/examples/lobby.service b/docs/examples/lobby.service
new file mode 100644
index 0000000..c4d162e
--- /dev/null
+++ b/docs/examples/lobby.service
@@ -0,0 +1,21 @@
+[Unit]
+Description=Lobby Load Balancer
+After=network.target
+
+[Service]
+Type=simple
+User={{ username }}
+ExecStart=/usr/local/bin/lobby
+ExecStop=/bin/kill -s SIGINT $MAINPID
+ExecReload=/bin/kill -s SIGHUP $MAINPID
+TimeoutStartSec=0
+RestartSec=2
+Restart=always
+StartLimitBurst=3
+StartLimitInterval=60s
+
+[Install]
+WantedBy=multi-user.target
+
+[Install]
+WantedBy=multi-user.target
diff --git a/docs/src/docs/CNAME b/docs/src/docs/CNAME
new file mode 100644
index 0000000..54b9cae
--- /dev/null
+++ b/docs/src/docs/CNAME
@@ -0,0 +1 @@
+lobby.ipbuff.com
diff --git a/docs/src/docs/about.md b/docs/src/docs/about.md
new file mode 100644
index 0000000..9a6a1e2
--- /dev/null
+++ b/docs/src/docs/about.md
@@ -0,0 +1,11 @@
+## Credits
+This project has been created by [Igor Borisoglebski](https://igor.borisoglebski.com).
+
+## Who's ipbuff
+There is no entity behind ipbuff or ipbuff.com. This is a domain used by the author for its projects such as is the case for Lobby.
+
+## License
+All contents of this page and Lobby project are licensed under [CC BY-NC-SA 4.0](http://creativecommons.org/licenses/by-nc-sa/4.0/).
+
+Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License
+
diff --git a/docs/src/docs/assets/lobbyConcepts.png b/docs/src/docs/assets/lobbyConcepts.png
new file mode 100644
index 0000000000000000000000000000000000000000..d4d7f9fb5aaccd6daae8ba2c7489a5c1f7d47815
GIT binary patch
literal 46895
zcmd3Oby!s2_wGSHf<Xuhh=}NjqNIS72!lFENl7;n(hQ9-FoPdNN<pN%L%KT!L`lh^
zQ)+;ryY5Eu_x;}c-24CaL7j)gIeVYA*Lv5x)_ynMax!A17p`4^Ac#~#9Ptu@&K^L}
znY-uCfbV!G4O4>u&RdDA*+S5zDDc;w;ET0Q00iBHBoI#&-$X5rIH?914mGXXzIP22
zm6!iVw2}0RsP&VcpjMtD&D<WGNnYbtKG#qSFH1qbv-((<m}YZf;mek@!&YOCjZ}Oh
z{|vkib2=XH(`cr=RQf)Ad3J8@D!cAXPhzPh+E#nk!pq-ZC*QyuOauI>^}DJ>^XH?R
zkJudH?~l5k=Uo4MZ}Cz*`R`9|^so(r-=A`yy%YX((ZTB{@$XNyWE6XUzSV#0DZ`&n
zf{6cL9~K#cnM+Nb!j*dX>zFauJN})!r=i5Y?V#B*$79W;@=q8$YwQQ&@=f%n{}ioZ
zR%h8u9D!T9;e)G+p%COIovWUeE(N*a8b24C4=(69`qE=-0s?XB+20~Km)&W3bdL0Y
z>^A+|w8%QNP5IY2_uP-acThhPptU(t*;<}{Lj&!<It$gl{W9uF5ce`%K^uRaa&Bp{
zYcDzLHN}0^4c%^Mf*a5M>$vkpldN_XvgmrYtQ|~_8d@7t_eF{JQ7G)kN~g)MiLaN=
zvl=PO+!*0WFkEn0N*wyOQMMmEAjsh}JxB8_V(ZW<c7DV0_Sb*i-RTgISB>y}q3RV^
zNr)1c(*^`z3k`Btrg#=~3Ty;W-3>@kU>U6_(8ze5HCSlc$86bJ(ITVu$jVS)Z76bk
zbNR~1t-Iy+zSK*^LV}JM?Ny_-*W~LDz_YMn5<gl-uV1H_(@I3|52a)a>ex99(7D6T
zR6QotAVmubtTSNz=%S*UQMqqV{idIPHY^l-eP?XxZKxhe3A%gBBJ9dSy6fDa{#x-f
zTYNf4Q?=`o=lh&2@izXFg$z1bG{5=yMKc@G24~*YI*nA-8(QVALn)+mpO1#tSDF+s
zf`**$hXs+xIsWe}dT6;9ey&b6`7gbxNi}L|!VK-t7Ra}!uqkM34!TSZ|C&Co$_fbd
zGRSescC0DsAc-w-n(d3$m>mfhnw~-DBwaBQOlj**rN`|~H*emjD_N4<<+7}ICydds
zmPa(W))oq(YRY@D&aX!WxvRdly^!3i36O!qorVsl?z+q#{rr&h>v&{-z3Jk1WmPrn
z<p?S7zwb?KCjaX&kim=0inr8r19SK>fItxLI@?sB%(*<2yZf)KmAG4=*VW3Q;p4%D
z^POlFWSsSC295gInDhmXV$@DOv2(Fy=c*qT9{DhHwG*jx@W#>oxbksva;jIU=h*6+
z&_{<Ct_w}J$`sa1n+|K4p0_Iz2ohln{8d_4yP0i?voO6C5)#s^CBwp~4DMe=o>R9Y
zOX#^)Ct|WaX|8*r4_8MmB1-5VuLjU*ku%+4C{o<fAwGqIT=H+_^75PPqVzX9qtykC
za-;|KC}*ihD*6WDhT<Kl(Wtyhk&xu)i~ZI@rbqi<?qiGd=pTzB8os>BdB?xZgURGr
z!T(Gy^4)TpeQj}DC_gaN;@%Ys_X@*hmF=;sz5I+xuj=1_Oo-J|`((dnutjB59CfY8
zw@bUTz=57&cDz`=$d_d^O#!Qt&sA^=R3b%1)`>1V@g(%>60%6E?Tymw(^p+w%=py`
zxVU^9E<KnlNIILdxh?KI+fMg&;h&}t&dBL-47nN!yS6s_o@YqrhZhArMs@u&q#P!~
zmR}S|>vszTlz(Ul<#n{>ESYcPeGbJG6cosj(Zk(JtRXBqb>s1&uYu#^Z-l}hUL(;f
zQv7PgiyuAv8~vCA8etL=pMw~G`~d%yl})?C+&gdfwMh6B<;Jb#Jn`m%a~!Wl@CYtE
z4XER*9g{#b+|C@^;n))r+T1C3(s|*$8olanyMW)F*cwcZ4lv)yq8&F+<5{b4jUAcW
z!^%c{o^2gq8L7U?z_6&C4OhDp-~9)Q6)Q7Y)k@`JT$Lv$lf=lKCeH32I)2g8c<vw4
z0q5wre9iUHRQ$PfO32<7{Fv*{gHVpVsKIicrI*Y>CDu#I1&&Rn_h>kghZ__AeBq)b
zH|nA-QFm6|CyoRviW%-xQgB}TsIK5Qzq2=nWjOYH+ssq`&C#x-KX2;YXmwzXLo+5O
z!nFbRQc=-v8mr#jkuvmEi|YKJWFq1rVEvTxvf(iQe4jKC$)}RBklu_tu%|cPh#YOh
z)yiI0@5|sTavpaq4kws}x)n&xvPzYB@t|5}$8z$Hie#I{!y|TZd_x7SFW*dVhu&>(
zHQycI(Kth@Cs1KAidt?HczF+|*EU%ETFi2Z-Fl)OHmO*G{-ofbuI^W4wUFvKw!b-w
z5jXn~?^wBIoMEBB^n#<Bw&K3Ue2c%V@U=nS{(I~e`&(pOIXfFwNw%V}vtQuVt4@Z)
zA2M1=R##W0LRjUsh#*ZG_qv-f<qWoW^AMC)XL(K}s|vNrt?5Z-;u|d}h0Ug<VY0TK
zoOL|p&=bhB`l{vcT6T*sS7Kq*{{wQzVvGsfV=PxQR<Te`i$`j&iU*GRinSj8+&+#u
zW;QuiGqI|#LShbVjxQNew9G3VyBalbB=4_jM!y&k`1UjMhSUDXiUiZEh=z!~gWh+j
z8vgOgr5U>IuNx+OjQ;qogGqg+f+#||e~8GAT)KlsL)&fD+OzlGd~N6mO%*5;43Baz
zAKCvFNp45-z{`urtUlFWXsx}H-ihbgv-%1$vtrxH9#Y{t()ZFDa8v1nG!91wA+xnC
z8m^V9U#b57*EaBjw~a2i{QGpTvTV`g1B$r12san*l2d+5i|ODIMpGfR<{&;RykHr}
zk9K;3AJCtDA#A^}TY;^xo$(13EdR~}(rqrW=FAzW7MRYPl&(-hNJ7G9E7QxXq9SDN
zN|R8#67P%t!pVTURWxHEl~ZkGBoElXjs0OJ_uLZ_DBZ)?*AR#^gofWQvEfa|wC%kw
zQJm5axofi>3(`Vnea5~YugyyfwMDXIkz<~nQjw$1)hTC%j;*CZJ%c3ldlr6G6IU4Q
zW$D3}t;8C^sMpLp1|t1F#2D3GO0mj!r(k_B5+k%nn_cf&)X1*2QP)~sExEw*qp0bZ
zMbq7k?5{JIPP2R4-X{1l+gSwS@#7>%<RM9Dw+@p1?2zc6!QGy5M@o^rZttL>0O4p^
zCTfQB_EXk^HG7<nBNi0?g>N%cD}(L5$H~ki?q`u>Kb~GBwpk1t?J3arEbcEa5)Lav
zyC!eOPo55~d+e~>*I|{MV(Ochx2HREjYl!WvsvVH+!0BMPH-{R*XxaQvoznlQR#>0
zy>}A2{@$$eA_Z9V;spc(*At+D?2T|9EK<;drT=pZ_ggn_KSScwN@O(5hgFfd^W-Y(
z4C&WTFZT9#CIXALM-S>n@`9nAH-q|!?N32D4ehYh)nP?1kih1!lurJ7YgJyI!5sQ~
z>$h@yV6YD)6cijB^W9?bdcy~4>=eB2r>`8Ttg5Q_!1h(Vm-t9Imt9(4Pj_(^j`CID
z>C<yX=jWXjWF>uy`;)v!d%6q1bnWS`|Gjui%x_LwsKUX-S6&{>EAA$+*WS$y0$n(X
zq(6s7ma<0<8I*h0)DZ^tj<iREi6n{@HMU3#fzVybDil^cVY!Pw>AyTOTp$rn2N+~n
z<d6k?hFbyAFr=}!)jM?~ZuswuzC3&O4iR_c3mELl6E5?xzMjie$>oUtv!`B}{<X{&
zSZQx_P_H`$%sKF`<bwOitv`f1jxsp~2d3(1=4&y8a}QtWQ&MMGq&c+`6|#x!kOZ5j
z4}%f8+byI3E3UoNf-Tbjz5crG8o0i@4uc5`cjd$aD-~tn_Qu6er&h|oyL&RVHW+LZ
zC$T)Lt{@x9n=bY4*(sfmd)yw=8|lnz{*$`CezUIiBOM4BGXFno;Ks%80+xKBKup6N
zE5p#Lnd;ZI=O*>{(Zx$c0QZ{weZ8)J?5e5|4jbrJu=f^`IIRy35_>bibu~2@jK@^`
z_y`Pbo{8IY!#w}vnIh+%oWRs*sJy*;ayVS~jHQLLG&0yJ?)^0z0?{7T3Fc<mLmkP}
zP0a1-0Yc*5?LS6!dnRZn4(3*&qVd76kC+>q4OT6#@^o%~#zVZoEZ&!4Fd3PyL{Bic
z`e*juwVS6#=l`UXvB9lL!|vs^v)AlK0Ol6Tp1wfHO!mjFwe8b0Ay-??^Sr$NA(pB^
zgX;!KILfz@r%{zFn<@)%CX(00w=HtPJ)Dl`r8<M$kJHf|rpKRDeK8snw#aiuxjwMf
zjRR&&fBNUObBQ%da7LvvF;^(89YW|Ve-d+7RDjn`Q~zT(H&a#tHF$k+G#hMkmWhzq
zR9YxnFe95>&hyWr$hB!!g1{)~WrlUdy>+;pUCQt6C8q_`B|IIyxBiO)@V1$@K|Nn;
z;QQ}Ml|qR7ul+V#?YApbnyn?}s4~GX?EmCa5R-u@+21zvrGGT%9&XkP-a<Fy&vS-e
zu5^dhcJ?iE8Ijv7XkCcw31I_aQuvU9f`(>(K!Krk@!Rq3+L}{G>i-0S2XLOi+px)H
z4!*HWo=rPkQn_&4Nz?&SlpbPoSV#<);5?j~WfOb(qK`~T^-`R+jEr|(Yva?Wg_%t3
zGU`PqRuuYEkSVp;80>B=&(Ky@X?|2WK4WVcaA~jhR#GwmM~z}*Up5U8EYF?=_Yo`F
z{<fS*FBcJ?`S|tz^``pRMjiW`5_ROa55zPw%9-OXERE&xZC>Y(WBb-{@}hl;;6*up
zzo=XKH03~<J2uEZW1Ff`%*LIa|8rX;aNJZGZ?DpF$sFxH-PbBAy?4%R{ekK<y_h^l
znK$DlP@vi`(|CW|jee7E#t13<{<9fH4Z1VFG@^(zXAFMc%=(h5FLrWY%OwVe8iOB{
zy@pV&J?B-DM)FK$p0*Vt_b0tlgpj%C*Cml%<#Pw34#lHAfl--k@81JJVAEjEBDW%`
z{6n77t}@AjZ)%j7`ev!mgBO1afR_L2pIE51A1IN9*W0he75C>Q3Wo{Y6ftpiOFUhf
zpr#aQuyEa}qKM&PMqzDu{q$r)Iifc2wD6T|(YwzXCcvkHNO~<z`&bnuCU1Ey*#E>i
z)@tHkkb6vni~Doq0njFRbnQW!q<;cs948a?Gt#-(qMQ0Q3}i>rYxlCq|HmnUavgKf
z?-zdFvdB|la(z%xQv+@dI*l<Agu&Ev5TxPUFc=<hGxc$gmfZ;L{!cp9QRr_P-K3<b
z2r__njF)(pI+uYLz_xgI93?@}DLC>+WwL@W+cdSvlfPZ{CDq9`d6OXR+@CNSzvst*
z1rtMJsc+u~z*bi$xj-lv|HrpISZO0Kr=kyP8t<cIqd4qVvuH-+x0lG_kMgzL<n0Y}
znNVAEMx|s7ebj=E09^KW0rH4U|M6tSyqFk_&al_9;82{t=6-fo<;PvxFB%wE)JAJ~
zixJb|_RJ%q-p%;(q1-26QBIhRr{@MfD|W)h20*u4^PkShJ-yMbd8u{W;~Hi|y$@s4
zZcNBAl|;)oa~`ryo2W8Um4$nP1#0lx;2_4`T^Q``TbmX(07Ls*=~Dm5DfK@;DKtcV
zUXn*GZp0D`?r05kO;HFtn;*}5F2OY!-wEHVTA$raiQzFTY|MQCtfR&atRwf<;vaCI
zT!R4X<6qy~g?1?ytQ$=`SG7><5t|m@k{?M<>{tselsyhBvo{0Cb+`wt7I#JPJh&;&
zi?j52>D4nz=h??xTQhzW_EjHu=RNs2b{(2a!p|=|u=H0Of?RNTO_X=Tu$)|Suu22q
zSVTIT!+ZkBTboL1Hz2xKr|l;k7c^dem1M9ex7Soj$t^vU2<rFaLK2^~_1q_o3_Q-!
znG!Z{-yL{1l6~0KNZ#+iI0OimbZL9^Ws22}o=E4($%gM*W02-snUju_2t}wR2dlb`
zPG=4Jqe65ayOJWAdEk#EzD-6ZGZ66D5I}7vW9E!OJmxC>b`dw&x4{6u2C?+)GsXA0
z6#&PnQ2sBD<A!tl1GwgmdHMiP{pf#l9NO&P94AiwPbRs-c}Kc@^JB1w%6^bp$t))9
zQd1qfXP#LoaQp8R7M#4wAZ;eT2X3z@`)5?<K3KtkdG+Mf*G&D25{A|sY`hsOVL1I0
zNgqHjgtQP1EmC_MfU?n+TGP2L{7E?XCcBnAM5T0gTJ$DXJ!D6Ci#oHSP1f@iJUmWP
z=oK%oo-enbd4gQAH28&`!ma9$tD1Y8S=AVcq2JVFuzrzWSJ_dY1L6V6)JSFHHA&#x
zd}xtgC=6}=>Eq?HrF5I5c0{-2rezaSP0Y!I*qW8G;AEC$XuW<V3H+eLA37?RWV|fP
z&^n~go)_f!db?}DR$&O!AHo}pGoO_K0o|E6I60jXldaX*Bxd3YT_^kv6>(lpvr$-`
zqg%&oO+@aU0~yMRyj5di@cEcaiC>%LWET1WHRa+$AS$bpkvc+n&}};nlu3t{59_<!
ziYjjx6y@ap!wFA_)^AQoz|Z^#2=5ha*j0UDx+AJ#KB$PqnRFq*_$L;`ylQ(9ezf!>
zOpJ)n_NCSZsP;)1w<FuWp-J=T<ymQV^k!t^Fn^rUMNIK64f|hS0PoB~i~EbS0N1wE
z0)bOY1&|}|AE~`&6OQCJkHx_=(=LP*ddQMqTc3DOl2JF%+xsOg_oq1zk=+}+y#vSn
zKEpJB(t*5Z00I`nyu9k->^DGhGdc>w*R2LP&v-wp6K$$YYzMbSW+=5^6ie<*)T1}!
zZW(oKaZlVK6)-5Y7{OzEv{L~W7@02G4aEB)m73~}e+U)1{=me#&TUr2_zkU(=)&D`
z7wAU^ivY;CzM!CBV3^0sn&IXLmF!)im7M>*bbV5BuUI|n_$XK<H|EIxfX&ghaK^3<
z?&5D78Omq*=8L^am$iGHT*yf{rh;(vkisMRCx`cmXBl^ND3(<_T;WNp-1ZppL)PjZ
zq)?C<OGEGUY$%{gT;5*)oCUdAUjF0_yFf$2Es=R}b@!b=S@Cr~3scS9RCG|wXWr%T
zrY+K#qZgUJdC%Y6Zhu1nF$eGf!jP!Umh+iZh$yyJ9lu-Vl*FgBFf0IE@X*<U^RXsF
z>u_lvh@!Yfunzpp>vdJ0&z5%<v-Sl;b|h5obUPwt209OkNURi;XrbCy{3XUCkEaez
z#)K$PvZYPQjl&~4n6(y<8Cjm$msOHUe;N1EAjqW)J)kauG>IK3A+i?p{5QLAI9Umx
zI6sBJ3hjfAQ1_-{lLKpPKQHN_)<tfG62?0g@UgkN-D8ud6()v*)mmVM4@$kfI`55?
z0~fBWR17@_om6gai8iK#%WsEpy?bVJ`WwDCR&}#dG>r(M^nc@D$A0-C!MQ9OUH#^8
zE&8_yenq-WMvBE=9}#xjzQbG}!2{NFeO44<+Vkn?uqY*_U$u9WK*U4u6E}p4b8)`o
z9z_5p*a^y2Qw`=<R)QL??KMS!^X5iM46nt>6oTFVAS0FS;EbUlD_gl3ap<0~*1fC(
zBajzB;obPU4P@+BuK>imHG|%Nt+g6=A9|yqo8hpSrKRc>mNUn7N3VuRW&owa3h$0n
z(bSji?InP&yE%1x-WFSY^IFBF5GT3#eWD)VV~o(Co?Rh`7Y7UAx*}A7eT=7N&adCN
zv1V@LJA`++_dwr%^4G-qYC2`%ft6pwo}S4yj>a=tJc=~upj?b7lYjL2g)Yudt3p`h
zf3x?h3iSJyKt4N&{|1P1zve=GC>#eb+1RFmX(C!3d6)XoGyW)s$V=Uc`kmYv#gUdD
z?d7#@LA7{VGveOn$M(hI?*z{Ub%SM~&CX<{pwQ8weINn?q)QY8NZb{GPM(GjO5gFC
zs9s;<=c|qv`@Zk#M=jC)=m~mOCOYpPI~g>7NmK7=U1Y9SB6j%l;Ttn#Z=)hZS=oP;
zFZ%#{f0r+i`3c^MO?MTW4Q0XG;R2Ie&d))2Gqs}Zrva71b3jSlV&(0fAV^GiwCYZk
zXvS?0`wOuYV-*T-=#jH6#8sN=V@F*U0h(Dl6Ror$0;Zl@<T=@bY@GNUEEP0V&wHl!
zmD9Ho0pmgU5h8P^Nj!RqE(RWLB#bd$8vf--Q?_-GLT^+7K}vCRD-2`p>e0)%`(H9J
z5?Zd)sl&wf;o@_*VK#H00LnS$6!%wG0m}G54nU=D{r`a$DE%JOqL3}rg&DGKI$ow@
z4q1cD&b^~$YV^Z2^nki63DGlJ?Q4*3>J>}k>46ItLw#Am$bn3vh^T1bWFQ5clwFYS
z`kQ44goAfv?l|`Niq_sw-3QmSs?7NOKAc;96?PYbd@|LOV<*b3o*)`JWQoXnCS%&8
zm9WH6?}Za%8fIR$*JtPz1&O}wO<sfUYhO_WBfsk2Ha5Z;c3TNJd++7nNd`JA6Wa$$
zMvE?Ljl!QDRy^iu`H!Jo!qbF*_Tn;<XDjreCX4PvJ088MVMlu~&h5Wp@+&1SU(#+R
z4p;;kTihS-4*Xb|4fwGe{Rvd3`H&rLHRcevf-G+vSiQYv(rUl}i5S|N{!GT~|3ab#
zuJsF4YZws1Rl0W*hg6R8*tyMr)~d!%WsK4f+aK~RP>K<SE*+iWHEE$fBvDb1@bdEY
z9kv3)42)=<7|8Jttj**wV0LmGmzie(`OyNic59x!LiwpG*=lZh<d|Obc+I11_t(Gs
zC}B%n$*Uvcj_R?3!(T{8^4R|LLA+$+6WP_8f&x**!Qu2wB)|-rXhmSele`VAUt#!d
zw{n?%tgp|sS-8lkH)@-y&B1kUUly5HAma?VS#V{Am;CG!%)=bA<TOVwY*r<9B$l+Q
z9ZJ+hI&YneE}V5!OIMi-3{-$E+^_a_aVO%kiUYk4iuiH_WJLmIdp)GHv28^3_~%HK
zyl351s#tlGBRxE0``?OxNpO;c5dQ@gmDvrpNU})exthuHVHbn?l!9yuJgm=Gpsd|8
zyVpSKk-a3mw#ccVxIaJnq?y6u9!?OK4oa2U;HYa`i%QFz({vY?uZa|pLvi_K4%LUn
zKeao?`k6K-IQfdtZ`!gw#uyBJUQR&=Q0{$?jMnmfiOm!mF;L|ms(uZ(5@Beq#MBgD
zy_`7qF5|WI$pRA=ERp^LrAJMF-My&yP%&^@kpSwAGQ#pvw>zL$e#pj@t?T<LAsWVi
zb(d~mwoR#`T(~b9BNP*h(tq(R^7>Szp>NEl=8e|jf>f}YA4_B*5gve3r7w@RiaZxc
zZ(M7X6@x^2tt=kSwdo+ytF6`1pyuE!+avZYF;^c-+-W0D-J>V!QPCXJ(TeE_3}O@z
zfWZg|xQsvbVY~AZaiG7b@}Qxqi9;<PVNVNLX_16JvdvUpsKFRcQ^nzu383O<6Ap4;
zG+xR0f%-8hiS7M6V|viY>PlDgsJRQpomtW5g*;yiSE0ACV;q_V`)^*yXJD*+We%T@
z2*Faw;B*Agr^1H-X<Dc)@(iU8Ar<4alU%E(+I4iW*uoZ{cw=eoJ2f)cSY~W%9UF^2
z>`vi+ZEN{Dr07XW#ofv+@ti$&?2+;bJTuL1r|wlUtc-SCeng#8$zxU9Ks9UjuGstr
zZuzsVUGH{HTNLlKFBZK!U3L}OYkvlc`*w5)^2b}kLA@qF(64ZVPV&duf+V)ctv&3B
zUekcVoI>G#px|@#fWhFT;jsz+zUZuSHGdrDSX+!H<;A?x)S$aK*k$0q+P!sW-I2Jm
zx2wo_tfxtPU~qAu(VOEN){*VVpl-D>=fl-ioPO*`#D-!i=}`kQ6xU@wni)F*oDR{@
ztK_^1+LdMH>FgBH^+4N&eeLqZvQ#fGg)GYsA=~xTXEnQaof%b>E;+kdyiQD@`~NsZ
zfvKYpIoSWKwW4HkjbUr@V(4WC3hRsb!^s8>S4WEh3uRRpz~Khd;9wTRF2?yGmC4Cp
zonnS~P0n!8A_#x1_W85H{7a|#JM+E14a9Ee4Hy#sY5{C!f<gs7|8W+qC`6lNs39&;
z3-uRjyLoo%uY544xUYGnxIk3o8l@Eh=j2|UM+ej$jgH#iM#hw`%q6p+TEc?^#T-8x
z50q=|&lPjJ;?ag%?Y?>fdySt`T;an;j}Aw?a>vKVi6~?b!YekD``C%x>*fSaxBS%n
zw@7m4C(P~0Tn#)VlID7Rw(*O7>1r9gSrJ7(bnEzh1<}x$qwh%MD7Hqy&NFPTk4?Rh
zVPkRl(5W%@N2E||z3zjnn)-L|aG-3h5OIzl_m+^6<#?CQ0YfB-&$*2?5_6uNrC+TX
z{sy)_Z_vHz=PC9CyDaT-dvq7Lx(e8mcQkGT)YT;st{$E3NT%^t5KsJ+keONe8Lp94
zrZ(GF7hhMn3qgx24#lkMj2%KuBjpm?__c%ewISrojF1o4?!>y@Wl?FCh5rbYm3;95
z_mn_n_WJr-1mSUo(8|jX6JX7%NdxsbM7y$u?ji*r&Svk~EDmAO#yf*PJs)f<s>@e@
zdDatE=iXI8WEx#&sI>Q)?o1vku^7y~HD4n{j(NOUqCl<xy=r~yc+a?0Dw?x^j2@0Y
z==a-3ITyPelvH7a>88yGxuzSF+nCy=wU5Szt_gUHZ#B<4Z=?2GR|Fy*El0}iN23Q6
zEb-ftlGerggO6PY<70HPHDmLwhq8k>rg$IokC#z_ZqhLEi=l$;3=P*TqnRr1ZnNRm
zq@-iI`Hl6!k`cJ&S4TW~o4DlBShO&v(yC)<L0aX|oi0jKEBm`;CJosl+=66zFxk@N
z485Ntfz<={CDfR1`M!sDm9W#Bjf|3yPUr^PvW}1Cw-VmwNKNb}3Wi8yralrrW2(YN
z#QH%{h3#6BaG2AAvPGT}3t%DQUMJXaM%5R#9D5*Q=O)jXbi9E45H)h#?TB`nY?4Rs
z^O{$Wb3bIPl|Yb;THrBD_OgLvy`Gb$JG~dPmY45(%nk`1Oc3(D@hNmZ<nGY_=#Lh}
zO^uM=*tId2lBKXFubG-g2`{cpXuyTn>X(X0va3dA{4SDgg8j#x!ZLk>jf<D7Wt}Tf
z41DfJy2i#99EsDK(YJDhuIn`247kjI-<=OTOPsKc>8hxfAAI5R>znMdq@=K^w~0#@
zW9r=awhr4i!|GCL+RMXlUvqe%>mTZnKLvH}kkbZU5*je4qEK^enk<n*|6oXr^<&^i
zrA7LzfoM10-vZSF`HdcGLHjPy6xs)^a)|kJo~5E<mDCS!F}u{hcAYG+8-9&yECGd8
zS4bt94?kKVO!Oq38)S4?EHx7fH5=+Di-Ex=dvaBt)~|PuY3Pi*N`>}?;v=VrGcA(D
zwmuuuT|h2Ry|yY@Jlr@!9hK-Ip9gf_3-L9&m|qdwTI@5FZ1CfYd_`JBBg31%?5U~i
z!@TJZ*2y<O^fXtuvbGep>r*X;J=%)SM5SQ(lRy&U_XT@BRwCcx(92m8u69%DK|&^K
zXJ0Rjb+kY76kYG8faKaN29wBN3%jZ#8rq~Mr$E1qJ-K{{1JaCcgejYOV~+PdF*@e`
zxm-A|Qk1i1`!f)lJW-iywBe$9=dNz3b^WW1M6dJ;I-(CN6{5GE#YP+)O^uiyOMTa~
zT3sujWJ<ona=Y8SP3=LkQ@t2_R``09>DBhwwmcuhwgzE7*>&_r6IIRd)y2Dgt;ZDt
z#+g5Criba>J+&k1bRU$WG>?87Kk(|c*^Czs4JYfUMD1Wn;p!Wf9d2Es!Y8~Vs7^5H
zQ2N%AQYZl=a+W(=H9mHtxs8hAi;@%(d0&L{BRe^*o9XfSM|XAb=W3~ADu>VZzg7x9
z{DnP^RSu{9K$NE~^D@)ptOv%G(hRMAG|gk?(B}bjN4nJndU=Vd)~xDmpqz25_UqMQ
z8<T=l#It=P>-9^?=HV2adwnEUygk=;N2)t44~DEz3TsgUsN^A<sVR4s*;=>zJgfM(
zftos6JG)t=%?~g^fQyaHvF9fYkD2GGet7<Rh!6_8*9?!135Z7Kt8VDLCDAT=c1B2Q
zKf}vwgU0*v{9vNzmUaDmX9Zbb>SSjhvm@T`%k{l;vMPBw=MJJf?-4yaT_DyD-@U!w
zPaig3ux;KSuGx=MJ0t1hJ>AonWfD?)DbY)O^jnce+bI21f@VYIW_MHIBlLsp=mIgT
z)FEw&4GGdR`;o2NqA!QkK0HrUWu>Ozq}Mq%QkUx>t5adgd5+!j!}~fc^1mv}3)tE{
zC{nl)rLmms_#Vr`%v`=^mNjqGo%J&DG3I;5gVgqNqjARBP?{r0W3K|Qu+KUYs@4jV
z>(SW*`4V%4af4D46am|!ln5Nvm=WV0QAE;1|Dlq0aY5_Bw!y9MPJz891u7pSbeQ%@
z%_fxkW+^1Rz3<m!*Tb3~&v5!LZCLw=hgXlTO^@i~UFMtGQhmotyeP^x81YlHQL%?I
znkHtK)b6eMdX<)XWn_RJzGXJ6HfznXc5xWAQ(<<5(~i(tmfGb}I{w%ktLa35UH_%j
zQ6`FICs<~SE?}){k|v-jaXC7?wxHAU;7!Wi>OJXgpa9tr-#<+D=H}M$qr*tWJ-N_f
z8M&=(6Z&@S1BpGASzj@appBWM_eDo)iq!H=_o)2tE}KjbPvNTl(GTQgcIT=GGw7Zz
zzgg<c*^`NW;985-k8t)nRUbGH<?AN$7cC758V|P0j!9kHQ7=)S>0ub#ajBAUR%&1v
zbTQZ(san?Rof+`nWx1S6!(nk`+wCEf{6ilQA4UD45-Gg|#=Ab>r(p9ihS2$;i;gb_
zYAVcPG-{tER<s|nvthdvAF#09+S*EN!O*<=zzxN%sTIJZb^?d@<ac~R+GXC;cJuju
zPm`a3aUEioAKC;vHXjAu4Geo>v#RIRoL8qK7EGgSq!hew25C%;Y!`9FmM-KCMe?3A
z?<(KEJ+*8uu>a$Zzt}qtC&v-K`a@B~hayiQ?!_LKstCp<I18!e8@u)<4#(9i6tmyu
zFC)X(ezeiwt#}lkZ~Gyh&-I{%?$AXPL1O=2c)N8N6>BzzBjp<_ElF{dI<9$V*})<F
zx_Q7FS@8Ta5vJNia(QxHb2KmK_{ePJ{AJ>jm|wr}1~z0khh_2t24fr}jA!pf3}5fT
zcR@Z+S0(O;4=WdPkD|3wvR#T@*FSdm`Kw=s<61`4?sf~VvN_a*9&D`2yN_z2`V=1&
z>G--L*-^KqM&BZ{9$7RW8|bcQT}DU4vrW9GG*Wt({bTds6~@Qwj%~dvAKz{V;W%3V
z?C*T`*{L9QOSfH#quyTZzZDbnIdZ>9JmEW~+5EnL*1UIp<i`sB`-XL{@hENovR7j*
zO*M3%O163lTvK|Y%C}QFlZA&_V0sU(Hm`I+kf74cQf=k*G#MdzRpC@cT{ZTw>oQ_e
zbkMiw5`~J2w|D2!e2+wBmDK)%5O9DLD*uP`RXfGM=#dU_^~qN;<WPEeAX8B(XrOUk
zHTWeiA^z!!JDz?0ayV~}s+QeU&rp5T^xCS1yH09qEbYb*Ar`*yZyUQqcDxY89A+Cy
ztb?PnMX4s{KDRe371Y{AyK8h{(XN~Cxy+v<eJbyF;nq7GGu7{8C`;JnGcx&l6`I`6
z%NvBp$5R~uZrslWs)63;uT!YEGd1tSxZdP4GJf}>n09?+*6wjV2Rg247v_E>K<Cpc
zYPSTo2i;7T1ZCUA$#IY36fz$13`ggXxN1i9vC59MweRBt!Iwg6691lBk>tyl1`EpJ
zywd-=Z*HV&Rru_2Ly$Sx5^^)W3D@yOp^vo?K!1@{*EDkYD5mFr8ag^NT8v#axo?_h
zeITi1EJme&_t1FI1<>;NxLVC+KP39Nl$A{=S-vED*f|4yg}rdz1N&XA5qAn+dwY7u
z95sCNNi}M$=7;Xd{XfJa;lhyl*y6zFuzTw>-d+uj5>NkSWE2<qLC1ZKo%AYe3!}%d
zs3YHv!1alvh6x^r>e2XmF(<aeE=T(BWaajQ$nNC}97BzK++erwrQcHAT<r#@yEcE<
z{MOrmCm4az>EY6CExz{xhf^g-hsnMS2T}w>B@6Q%6ZM07L&eT}-EmK7O^Km?VPN#)
zh1u95A_ia4!4m9b%-&|sTJZD**QAx7`3!uh&8w6O`#Vvou~E^=iRg7d*UQhh$hPmV
z3o)PUjGYXvJ8_ux?dUV6NVbf8$7R;&P|B722bYBh*ngbwcuzX0C+-z<gb)qhvIm9d
z2awFz)XNopQS915%2|b_sS<&hgS|BmVXBi&g`1Kk?rRnvKpjDbnf~SF^~Ncf|G-|$
z^9una2}=50whUzx>y9$puCxH&3MQ_#Yhy|Q@v`W__9cNQOOZrYEe?<ftyYJFE+<Wd
z59^*IV6`KflJMr;y^^n48k-xlCtEC!)MYW*gXR~ZTth$w%o}Igz$$PXHRtKSEXnR0
z>CV&tQeAT9S!@DfU`4T%)7s)<d@??b23X3?D+nogub*%I%f3!n9&Tm#X-n`J?qu5u
z_&8N5)eU%dD*R-RpOg+aFT2o(-Ms+0F@Jqv2H}<l679DaM_8(>xg0XVO8ehPZvmxj
z7nS83i@6baU*$q)=faql=Kh3O#Ulpo<Aq@lVw}GVKD*e5z1Q8{u;Cmn=hL+{$?HcE
zoX=hZ0EwmatkEnRy94z<c;pJD+5PgO-ZmeAWoN59%8peVqGN2xY=rrjgJ*?z3|l%|
z9~T_Wn98>gaC-<pA;3=#uX*cWToXi1ETf*Ll0zcRdGuk}kH}us_B+ChlzpQV2R1wT
zLEaQHdJ;NEFJkiskmd)OC5~#^<vUOAEQv+(0bk0~AJp?CbKbjrMUj@{B2>z5w+G2h
zwbHWT)e4>?4Cdr$1zuW~C0}64y?$uAIJdo3c*AA=ldh~#e_qVkr=7zubFT=$Mn~a9
zcY=3?wIL`-TYk{Ho8V*p0Z<wTcA7Ki`*>Y7bHL2JO^K$?<lC&S6SemUEwo^<7-}xH
zw%JIFIm*=GSirUf-KV5ZNrh8Tq??_EG=Xd)E`9o!aRKV+Kmn12!GOpv^TFH<FU}g8
z#LTwBg)2Izny10)s&vTEuJ`@oY6F6UxW^>g!Z8ABG^~0gnU}3xX0tE$@e&YGa7JDz
zXxGV2V_!CX`jn9o@!T)SmqzOP(cTei_XxGR8QiZ5`oenp$!1vQv0(z}&Z_=Zk>2~v
zUF9hBF5oFfvTXR(Rr!}PXv<f+fj6I1Kv0jhw=qq?@sB;BnWF%{&9z;i`9og4;j;;^
z(8JN0sSEFhw-xSc28V`j;MuBBzFy|TX{m5u>K_TBFc>GN`bKxMZ%<Z6u_|OG2OK#4
zyFXk~FQGO3Hms|xfO@+pJ1hI9JF?zu<<Sj{hQmekYXd(+^|gQ_>ZaMQD{#>FqmKUV
zO>C0Vd0cGR!&1WbK!Y^q)w9uPM;+C9WPi50T_HlO<+i`LX?o02Qj)l&kITy2hnAV5
z@VvaP^kAGiL2bZ;@3bPx`<p6Rb*Z^>2?>RzOb-iTItlryDj_KlkpLl-jS{@~0$zEH
zK!1EMP1kd8Dzc!t<ZI3Mc6RHXj9fX;w9RRVu8ESg&G`pN9KhzIoVRl3r*Q5&obvhk
zjE^;aQR;<hJ2WrR$x>kF>{9a3+qJ9}olKpaRJe)BpkAts^Il^9It{dV4dA$Bz~=<}
z?WAN0cOv!S?rbf?s;D&<t&?~Saum#+xvm-!R%*P2zf6N8i#)*Rj&t8%51B2lN)}V4
zCF;08c0p?D=PjW_u=RGb3n+_Wo{GK&SsAo~N!0;4z+}ub&m?6wT0R*{N=9B~do_@&
z7`xvtf7_rH+<zxKHAA3=daO}nOyxc_p++uL{C#^|#Z^ctR3-20S4P$sKuDXJ31W3?
zITTqF?B)hOlC)w8-4=kVDefy!m^1=myiaK8uxkl`1(!-(J_O~e^%c^}KHfte8inSd
zh1<8WoOK*vr~JTqYd&m!Yi((!nto}+bOfuiw;6~&L?HUIy1QdzF(I)SY6=US?JB&;
z^a~p`l+GzQ@*Gmk0%?6fh>q8*?&fVV$*2DgyA=E$#o8k>B*%e%?U38LC^~t3ExoSf
z)w3~$rf#3>lcrVrV)Om-F>judUH{n~+nZsyY3j7CWzzRT78Ajvpv3|y@{#3!gwkGw
zhpRhwGzY_A?!;10|NU?^zMK`L=d<pC1%bVq2D>f!_qo>-N@D%pqmiavh=_*)g7{CZ
zttS@22j|p;s26Q)q)O5B7M&5{c>+ulwYFYVI=ek4im)t~i0oU$XP0w<=UohS7<oh`
zytak9Z+%&x9T_*%6F$bu<FI?LS=7+v!tQ>H8v&QDo7eXU9_Kx7Om%B42Pkto;RFQf
zEoULRZzB~@P*bKFKzjHgBdjYcl6re*pCv<Vmrbe^MFRk^i2jOs^zi<BqrP&{%_Rlo
z@uKt-#}DTQxy;&QRwP)^7+BXRe$-xQYYCWI2vyif%?2iJqHxj@mIixQa=aI*jY)--
zGYXL$=g)K5B=uyZmNHMPl!Fk3?k_u7S#L*4a8zyA+==vm9UkraEW!EC<JIQ%+v-lC
zn;=8?AEJX|v?o_o@&=0lPf=hxc`zH;OpsHT3N^LvX!Hfa2eMO=H!dI1K$L9<Xgp*y
zGW0h2yPh3a$Ub-ke-GNua4#^19X9z(adIUzHWr9qMDD-dgG!5)G73v)hXu}G?4FGI
zF5YWM0Ld*)XCCh@ja5GPW9aOXP8#<1uV<EVKp1q~5IO|v>WUgfhB9CZrFnyr1R|s$
z$s9yVM}nvHbDqD@H5n6jwb$@ay0NCpgst>b!0k~2o?%J*g)89aPG~`Gp}FRiyi@Gb
zetIl+v&L?fka)}=NC&%PPXs3A_M00`L>&5{ruaEeI1Xrd-(-yIegjtJn_uv|f95-%
z*{e~doiK|V+%hAaS+PUC!WE0&%6v>C0hQ}ZSJ853AZFh?EZnKuh}(D<wO2sgyP^xU
zNUR~ivCunDz?Y^bNS5jH&+N+}xgR@PM726VSlS4rV4%eNKzsZA`L2>2Tt2h5_O~CG
z-&bOGk~H@Fjc1p!S%N0s=i{+AAUTPsdJP_dJbg#M!WAVgpDNC4ci3enClLrBQ|*qO
zZZX`op$PacE_7(pBW{uf$(aC3GzTPzlQEMHbFb<dZ#@CBU3<0QG~?s1{wdchaI#NZ
zI?u!=WYHCeGyXD-7J(o|D3yA<inp?ZoBV)pBk>r4{nb_ZxzPMRn?`fhcJq8UAeNTV
z=40%jKe>sUpFffFn4NXI(D;G@g24s`)Q8t+V_`5tBI7AkRFtBM@}p^51Gxu|rDM4Q
zyT^Mx`1+ZsSfN6&XZe>Yu5`>IqgGlb=!g6x51vN8@7;2!ek|FZg-yDH+^}P-m!g5|
z!kI}6${HqePBuUJN`OTxtCUpEgFWh!%aE86ubFknR}UCW2-W;O;Pa>Pt2B>@wh6k6
z(LLL-9BHK5MN+Osq>xBB?PJqEa?5L1hc}kHJ+#c6gK*ks?vWcA&5vr8JJL`9yp_d(
z6pbRxl%^9pJWr~m!3qU2L<_q;+g}xvco8IEi$FYb>?=o^VwJU&2Z9T_n=l_H_FL6T
zlxtVnPW%k)X2*5U?j<MB&;J(7S^<qhp;;<Wp4<}z*NHb5a@5^rU&SLtO|1R(s{*F4
z2(NTDkxcadg6Keh&H#vS?b1l-nSm&V4Ab_9y^DF*>%_zW&~SSh*G+82-x6wOEvp>z
z&@819sKYbZ7xwO9P=R2l-0kPQzCX~hb;tH7TI5-105|w4V(0{|ECV+n&bN%F-i~^7
zhx8gCB7?<BTFRnwr^)OoLxscSyOT;tMam{0BzLg?GB+=)7zEm+<EG$d&s^6E#=Fg}
z;Wj(DJ?Y8z+YR5+*)t~Z)pXqfOhw!YKU!pPKsr_;d9dY2^o=Fdmke#aKX>TJfth`d
zA2mb)1f5IeCv5&fL9x2VY`xP0whV)zn=p{k7DwL_0=RCEo}9kpIL3DVJS9WU30~iX
z^=0-f?VHgYu%-MEEJBKzQqO;sws8!N5lS|ar3hftD4a9uWmc<HrRJcf@b>HLj@{er
zrM_6(323>)Lc@7B{6OxL56{b%ctPFxmQd+Lk(ZtPV5vb(MV7qRa6BR*fstAAhO@XI
zeRo2vQU;Ln4V22K$OOM91!!k)2JqiX{GG5Hee?I9lQBt*6alxMfdG0>uA)T^K|fWy
zsAa?RcMRk^t1ZrobyV^k1;su&)*Ss2bQb>lx$C9*gxse=(qMy8@7;&1w}4I<f54;v
zzBTNYurOHKvXH%=8;~XwKthK*aGl5zg<&n1Zt20D8x?TXY?n_2zk}obQk?PjzUzK<
zO$+NTt;s-k5n)yIMyi#~y4j`P<2*hc+QFWz7aUp#Zin9;z&21SyvfhxL<l=CEB6Vk
z9Y6Gxp%x8_KyUB0Zdn*?q#Sr%O${zT{oP+WqAz$aOz`naRhaY-Ssv^1EgGE#fZMqY
z196FBn;R$FX`HMe!NOobtXYe;uDqB_46@2>S*G&*&nLbpT(823H6X<Qm5Q=~l@8bG
zgcPqoa&^O5{GepR|7Z*LItR`?46E9!Daq^(MFNTrC0!qS%cFn%{^9a><tJFzOB%b%
zUipKi^0F8p&7>A|=;@AqWPdUNcF+dyRkF#a-cCxDQVpZtMm$evm!de$Y4YXt_r@;B
zTYmWhFv=qGL{$%>&-@FBzFyjRa=AnE!K6l^CO-+ePt@BD4QcFB_fPNq;<i-#+1|K*
z=62tB@lxbYutl@~TGk~jhhPN&ov%+RC@{wWbilC#r88;D=fKMtY+C{cE0H}o02L$3
zvDa__`kPrh96s$gbqmF`qb+}=J~O@cqC)sa|N3fUYTKk@#(vTm^+*4$d)>cLEuVY=
zyD%@S9#Pz1RuFUa4-pW|{w5uY<X^t14;R>Hl$M!T%f<?)x8&0{=lssFzf+lmOGe~Y
zwbfi|ClBdv%^23WHlcm_a7>|2Dz<F)^0MO=Yk6u+Jjox|Xutj_DHSg0VC*|F0n%q>
z8E}n$-skm%#rRg*Z~+ByqG?H;BH%yy0fNT&)Vlm)vwQh7-#=-nL|RBH|LRv^z)?-~
zOb^7?>~#!Uq@ZwR>DiakJv<~-!#><#Q&R(Oy)?u$=5m|IEQJ5yEQA5%sXu$sJgZ{1
z11^dnBKdjEC92us8xTA8GrN1HqWZ!MJYenf_sz)vaaihWl|V!ZRSjR@S~nS}qjGUg
z)`0^R7{XxW5lH^IBGjyx0x0KY+agST&+4)OOwus;3;R{hz^zM4aLqtOdDg~cC@XL`
zo@UwANvB>qmSg<`-B6z>f;H7~xj7A6Mu1!&XRuqmM=#iXS@!!|!aIW)<t$1HlTl4s
z%-4D)?1kU#gm>1Hfss>wrk#oc)Kb2vu-@(EAaX9<l#{{~@G^WX`go-&1=+S{9{#|7
z6!byMz3yx#YEvK|M!3!`pkoZ3<|m04#r*Db7a%tDPc-;Mp#Gk12g0(rGx6lQ&#2kD
zuDQIp>+SRT-9Mlzefm@}REhpCp6-?qW|aLjx3e#^<Hmno+%WeIt;s>r;@h)aSl%tE
z7Ce{5w8v0^lWd^uTiaFvirf=ve*e4amZDN77O4oH?s8Nq&9nLYfAHC>>$f_at`Hd;
zbF?^+$X0CrB^53m0d&qH(_owOibjcyFG?o*^QV*3NJF5Y=>2$#51Lp9xuD1xhrP-l
zjU_U2Y#lZv>+;o9Uqg~pkL~gPK(m>c3a1x5aoc3T41)%WrF~Ik3?a25Z1@v(l3H)z
zU!*|_=Ei6UF6|nP$!gl~{5!y`XSH_zBmL?x4Ww{?nKG@6;};OTTAJZUN#LXpzhEf;
z!Sq4~&}C48V*_%!$7m35MN*ZOg#$uW&R^Iw9x43EUZ2*?i9Iy#+WVrW>^$EM5jQ-{
znzCr^5Fg2BT-_HHi>!&Lw0TO0&94NEZ|inYSBwxq2OyETN)ew5|1BMpqW}@jY(M$#
zcZ$omPQ3aNWTe`+=`HC;K|1r4rwDa_K5s@pUs&~cv#p3^&lLZjMsF&`QKu3q86`yv
z+7JZ$6wSCrHQ=oU&oxLc076Da4?t`D5q}0dWOap>7W6@0e)jtQ>DK2@H|sq!*e^oR
zJp+N*fXkgM*(vc2=|&59`a`%(N8!En3uJd6$Ptl;)VVk6-M8K`!)t~Ms%UDRtoN$C
z7Q0(MC{UTTv}35Z!L|UbE7iYmd}=1;q%MgIky6y$!0)d6kD`sz&{~#ls+`EOqS=d_
z$?)N`ivJ|aPfjwj%ODJ}>|mzFFGAQZQ<#i^2GliPMRgXpu8B7^a%DbKF}v%ch;m2l
z<PA6+fE)d^(9-qgGmyAIv3tTHTxfmVodKCn3r|A6c%y~XNAFFvNn!R3OOD5z@c65`
zmnf{smXAeh_J`C-{%QeIu;uZg093bd8zx|6a2hL9M@JTukO<B{jO&1;9c);4<~JIN
zA|Ba+l<T~y7;2dMp9OeQH#~u^pZRsXfGs7Dv_)_IG~+qPGIrtBcIylP=lpyGVtC}l
zLg0AO9k<V5O?^rXy!*xjBUvaYKp9?|hs$4#`0I{Fg1PEGKCH(_^q{p9*twFU1LMu5
z`WnC358UG9B&57NXe3c4faDPhvJTaK0X1J#S9h|tJ{$hzv`Pr!U-tC76>!P#KAW^G
zrY{FeP4^I#r^OcFwfG-DWr))Qd<tY8e<`_7AFkg&e|~s0ANM!V1&RsHz8!7ucjY*T
zvg^04kVz9}4@}rLN}0+2K>tH^;UajQ=5}fz7iR^j6bR9R-KId8Wn=Lpe>#Lmhm*6Z
z_S<&L+2yRni3gIQCoM}V!R}PMM3-!r-xwrkIm9b;C?VZTJyZm!;ka(_Gyxen2Xe2b
zM=`6yXhGT97F1xuu8N`4pZ*&AakTI}s&7%)Q8d-R=)ppNhzBU;DR;l}arpaWil&mM
z7hGoA*f^2(aXtk7iNQi3KOKjF#n<><)qPQY*;Ev?!kUzn2H!9B8VWr4n`KLvZt~50
zmzJov9`BCo>YoOUxf~h|C@u|$kJlU2Nz^Ojs(GR0+01e%E~3l|u#6KQrRA41Tj31Z
zivSKaKIZh$jG`1heYd-+?%*0p#W<e5%2^^u8wS%To}2Gju4!4W0quMwXwGcnK;I#k
z1<;ISL*ACwa9}rIYHzO%Tyo=yl$phyw6aR#q~XYHEcif&KX>P2XGt6G0p_>|&u;kU
zw*}MK0Y&VNZHp{weExA`gNf@UIGdscB2aSre@_!<0L%1{`X3{@M`0?f+AZKgSAUs<
z_AgueCXvfV6S;n5@S}D48mcqXA(0xOygoS{^6}aUDGWNo5J4*7!P&1mVM~uge=u4M
znOe(=d*SlsKL2%Gz}N=&yNTDg!gAi6Ni0ywdT!x7e3foSA*Eodx#VfwQ^0Zn5%f3n
z<>c&2_O)AL&dURB<gPt8-20!zJ7O&%pkeKCv8%F-dK=Ub<*b^2!T#O|SrF1gr16mr
zLKahO*-KsjwQvq}LV&x2Lru~k3RLnOvOp0b%y#Pp!$9jsF$kBx(sBC6;Jj(tKLP^a
zO{jpJe`nXEQ+9QN!^l$Zp94Y=2=6S0K&`&=>O4tLIjY=FUW+<gbT^nCs2)Xt=SUX6
za*sKRdi;gWVKL4B=!*gn-n%UUXMYF|cUgC2Yk@<JjY5sv!S9w%f&UVCX8Ltuz<P&D
z%zULI0PAfD0rFCFqImL~;Qg&TzI~kh1sES8Q5yS2!}!zacqc3pTwxX8Fu@TB4y}*X
zfUe&M!)rcd{h*)DUkD0Lyo3xj1ufS}WA#<NVyH*{f5sE}5_CoAP{3YNV{uqb7ITIW
z1bG@z=Mx8qrZx)s()fC9%qQ~fl$L$TCYet7p8?%0_}|FMVjS>2Cr1=F{v7jB0^19I
zY5e$bxDFx-<p`Rx>wrsVyPvKzur}|^!7czcA0Gt5v=0El#a!e&VJp`4Su<~cuZ9L=
zYryhx`Bo$UF@NqWGc4HS2<IN03_jsXz#7cpmmXYioNQDd4h&_Yp!l<Fs$syRp8V&&
zG_tK_Y<KKPMG@G0*xX=xtZCvZ;sM)udnhFn(trS{%*B;tJ#}ofEKHbC+V=p$fIVi%
zq{MTuf8(xD$<b)A=F#NR@m%|OO{&~`MD;RHS*Pk{sod?)#s*4qdF~1Ks4pp&KQtMd
zIqEkg5Iu`9db_<FXy{-xLr6Ni(|+HlQ;1F7N{hOOxgAvws2$`6-oEF4N32TN!JT8B
zrr}D~LzAJ91xkWZ+NTU@z!?-i;GNdqWoA)X`{!_A4eL;~PO`txQ~{@Od$jP?BY%U5
z8|WUIG9K)<^oM~vO~Gm49$82Hy~&vU?H~QB6x)T!4tuqgQLEAJ-v^w5_r~EX9CKI?
z%N%8`bDh@nH<|{*yZ4~<^WaXt^XGj^XJ@3ldXj$1T{s_aIa11gag_VN=X*Om+;AR5
zmXCW#h~d0{4Lo&|K#>&87v9x%#cW%%9D#WF=7GmMxf--)=vjt;W`$1Vu_w+C;ckay
z<!*GWgQM3jXpbK{@84^xoL{--l6?_MJL}{G?DO;%MQ0NO%Z%;n8%-4=P;o(!J#D?5
z?#;7AloXAP!O3u=j;?_M1cFUHC>h>Qe^rt6`JTwgU22xen5iajuSbr`4MOGR;9dsm
zS${sxF7V41&fRu}u6@|p0JdV5w9b`J%-<lcXmaxb4sG8*T2*Mvv@|4!xN<4Z3)R{R
zUbpnWjr?AWIqShL3zMgp__M^Xzc^f7voqcikpNRkH2Ev2UR@fNpgiw{Vwt>wLS?s{
z!T-0JUsbqj<l$@$7=>KY_~+);LXP+!*{I!k_~M*voFByns`aw9wKO$u(cvjvv%Oj^
z&wp7NqM%4lVNQr$pPgSbY<xl&nSWBN%PhFRKUrT|d3m2wCbo~)uV1nD52e8xzBL`M
zO!YlE1$7SKj3Q%zoB^X&X<XPraHJF>DOu^&8jbR8k8L2)?jhjh1ov_Vu(DpUmK`bv
zOO*a@J%$}L?V+1somQOlfUxxVv2zmt+_X~2k#5n2Hw>5d+$1Y7I(ZJVn%C#&?@t1?
zGO&{(`F|~K+=Z7fo4aCJRIU&&EjD*CAdz6QduQXx)6$q^uOy<fwQlq9hz@sWoXj?T
z^1o;6DX#cxHs`<v2BVL@5Li=KRF+MN<9{a{XOo`~=4il3A%A>yh4QI8k+l|e8n2;j
z=(9Nk@LL83Z$oL}k$f#(u?>jEI^`@ds)h!8i+lM+FzTnTPeq4sAF~WpRp`0-zbC>5
zzike5%<pVF3%R`~$+{&Xw6bCHzvy}ksH(oLeHa5#DJek|kdO}P<_HoZaVSArM7p~{
zq+7Z}y1P^9?oR3MK8FL}!r$w?_kHjGJL3$-V2pkC-fOKnpZUzW=A26zX0;o)l;ZJL
z88%Y-D(h5G9n`cdcscJTwfF#8vX*J(7Zn9FWOKi^21uel`kk%tr6ur=j~|1KpA%Zi
z>*3Lr+V?UJ0N9;;FlZiJJPA!sCfhR@_1!K_krw2<ZP)~!<$_0~9(7IeiUtFA0mOEE
zJYgJ#7RZqK=8Cw;th|CSF|mJjmW6g<&o`cjb86s6<=#lA8kUye1(&^-Qo`kxVatoZ
z3|vwi0b+2Hk>OeZC0g0Z_jQ_`t6@alqPMmJrMrWKciCQedErsI;o)InJtI(vxymT)
zw~0)-3+i!wY)^B^_8edl`2{o-o<eWCI()!82EYCLjxE**M`hUYir-R7vZgXjTc^#y
z<tL4&z`^2dO`5OM-U5}jcH2hM+3xN0kpJ~O^AM8g3<!`Z52-jXv>25kB+?UiOj1%o
ztn=A=aTOIXFjY=4Fvt6IYF{zM3F`){#xOZskBZoMizN8CfBENh$1au0C-NfVC|;3~
ziE@51Q~c;=%y(Bt6^!TWYydtOPh`XstY^<YfbnFu+e97+9@H=*ZPkn_h|F4TVq*<`
zCk5i+0=EP)nl}w(4P~7JMrSr657Xv#FB3bJ`!~A5<gm#&I*t~^FVVokmdfoOs`U;5
zmTWu+fG{uQs<vi0;EMCnvufa$YiPG1B(G2H<@rQDL+=+@5AZoCbaw9S@X3@)^Ypxh
z693dx{nht|)8+IC3#;W?MSILAus6Fn0eBVzhs(mkiM#;CHn%L*pZ)pu8;_M0VQFbL
zXRg&%Fb<m=0mLO$Yz$Z;FR|0p2LL{GoX&^)6U)s=uw>tSCEH_WUA~PE-hN)PyiVDh
z%W<+JOYMmU;!ZBM(TPQtYP$<0{z|^E5OmF`Ses;SLn86>1eMvX{I<40X#e?b<l!+n
z1QI8ZNGw1v;l`+zf{L$yX=!Q0AmOH_UQ>u?=-FX&M~1}HXCy0GPM_LjLAt-6&5YQ~
zYbaWi?C=g!HhHUo(zOOx3G|JXDvmmOV{N5uTBhq<NAJ8nWlnZ(G<Ch(m&1)<Qw~v;
zxZ1TK7f0!jt|x+mAEdunne8U<r<=&rxkyQY)X7Rj(?#;@n)GHd;dMQ(<5)T8ET(=x
zjRxtV9KTA#Zp<9co4wrh+zO!CZ1z%dgPox#9VEEV#Kl5}s}|(oXD7e!n9NIRcgTHu
zdAcjn6FuUEs)qk~%rjKrKpHH?y7Xhzv=eJf^Az!LY6{Q#dVo-1`zrsSe>|rp)5NbU
zl*Z2C>3XI>_0fO_-Obf$Pw90)rCH3H-c@@n0%Q^(d%*jHdgatoDHf*>PbZ{3cVp_8
zFSbGo77jecqa2q48sEAG^()QtB3wt^$D%Pz7Py^me$?zr;o6NIkYH_{Z8v{(@F$lN
zs6JmBJ|m(vJ=Jht{8^%)ys6}TPD-k=u>w{^AwCrAbVr=u2^&j9Boh6G+u9d{h|D{u
z_$0*d(ZuRFhVuK1+MpqfmaJ22xvpJkz#fTeo$ZX4){fPZ#Ia>MhhSQxCSP8Bq9a~^
z+dGo%A29^5Gu6lF8Dn{VzM0Y)#jjOL@B0C&sZQpv%1eC_-Z!+0oqROe42SF5?s7wD
zZ_p>c>kub08#l5X((rOa*4$cr3WIT)&Lj<%G?Rm`rD89rp%FSFj4$|1;o+rd9afXC
z&4Px1i^En9<^%9L?#haf{?ewAYr_w$wd;Ih_vN<5+<vCi^EmGCv;C~jchjX_?Lld}
zebg*rQH&Y$4K%O6w})gwZqniBHH;_fU2>jHOll7Fg0Qm?OTj2x=gpnBap7m0bq?e(
z+p94flRf&45u;xf6Xzw}Ah0&}lmvRb4pfmrSx8x#&6N)b=GNF~CBsA{$RDlnO^pst
za3GV)MN=n`3ea`EW5RE2?a=*$zjQX+i@cFPQOST-SePPMz?MwBnPuz2cu*p}wf*V?
z<Prz0fc2do`@S4wi_xL*O_tAWLA!*!F@})~)WT7=7d~x^-IrR1jHKk#hEY(Le*EYr
zg|3WyV#&0uB<MGTzZhvRQ!qdjLfUXTLNo;QH3P%NAjvFh%KZ7J)+w69G@V(S`t^6%
zc~&GH4XyvS&^DE5PvvRxz8k^sba7C>KkhpGkc4CJq6sq>TMi(m;XCQf)gBtQh_&7y
z7xsh#3C+#=2*<}5Yq!CUYz_{Wfh)~I{76ccK=*}SZOpJ`MiGtb%L|JYs5--Y-beW>
zi)-A^7e<Rdov1*036jrF7Skdko^PY@=0uB#DtA=Aco*7mCYfZ=;jrjuAdZP6A3nge
ztE)WD97?%AePxz(WQB20?4fmJ&cH|uoH0VeMOX>rg_NSMfQtK%dqhJm070`|C@D`4
zJIcR25)lUcf<aZ(1@>K16a`~2Um2I+9TCr<-NI0bc0{=RHfOY2(#-h0T1e3zH<hT6
z@T(3g_6m-nHG}iHP^fS!YZ>1z{mJE4pRVWbRjH3p0Vvdu6x*Nb2zwuW8J>}>%1l-)
zVl|*BP|$!7AmlYW-@P05%4B1r9KL05F+ENiWMX2ntJ3?BDKK_9r~ftDfceGVr25D=
zb;*iLzQ&f(vd?4&TT_u~Gj(;fRn~Skn1nTIF)Gu@q5RkDSx~1+gWc_k>5;y^tN~7^
zeY&S&^wa$B;<X4wTg)ud53(8=dQZ`eoxKZdBFOumFm8=Bt0{HNHtY{~?o9AeY3Dz<
zDqY0UTfN6n`MV8OajthZ`~6&Ee<E)gl393c*ENjp`IDd6CBnux*E@T2Y7_Tmf|n*p
z-rRdt(@^|jD&6#yqi0`Y-ZgAz3TDdFZSFm^U0vI(Tw1RFmcF|ddrRZkjAkKfR^_+4
zDK>Z7m~I!5#Z-<16%|iJP?^>V%3d#ni-fhVKWJ6O6(~C()iqq|lnFvninh?C)7G2!
z-SfRyPH(1$g$yfkpm;Pzj#|3P5Z|HgMrIMk-DE&TzK%aZ;<7krtTVuYcTwf%<t>o}
z3g_4H!Z)*aG~G%-()?P(dudn0jKxFk^3-Kgr`pQ!OvU6~2mdM&z0ApDo4~mT*S72u
z^mLBS){aK}CIe=SxW)8z5(~^fdv!PVa3A%QmR>!VK-RrONBmAXN~di?x6bIJo2|;!
z{u3RD3&C|zbZw>6jO(&1gvg4@aOAaK7LA^;gI?3gAoKq9_U_#%oq#=)9ixJEL`#NH
zl#X)c#n0C>(sZT`pOm8_SLZ&?cg^ZdKf6>y-t;@?K!3f$d*RIIdYTh&F>yX{GP2A`
z%wjRSfp;U?p$>W7qY0fm-IhqLx<>kfEZ&?kXF@;C6xdxf3`HCG^_$@_s==`?Ku;R^
zjVp((`NV5j0MNU^mxXlqkiOc<T5s-Tlxhh$CU&43$+?Q+Y7aSGAsMY=iO)`To^+Ey
zm{oQm&!+NcAM?Pz4ZV${Zqg0do2}Qp6jk91Pg;I36?G~?(9@XgtQH09WHIXykjKFO
zEa?<<HCcZmwOK~)M2-s`Xq~`(A+8X7%)G&uAF}#<A`y5!U#C~L-X}W?#dFAhp&;UW
zr|BxbJ3X{JQ|`(iL@46!&Sw4+afGVgc%{{?l|hW7<UBs@IiNpvu2xMwx^gzH184mh
z)~eYMnq_8WmMSV7sL|tx`qaCeBe#Aa#q`VWC+&Rk)NhLNif&JLHrF7Ai?wYYaTJKl
zWit!g<le+VH6Pz{HPJqzb=*4Lu4~CCUp5|wpjq||FGeh^v;|8A{q6K(6RcOlts61C
zTpu@%zQjf$o=R@+4E5G6?9luoeB?t?uEEt{)T2A^q6ghg4Sj+YdjcC85+0t(b7V95
zGE}{;Vmn(|Ty%Asd$J7Nu%fn7+^3>Hez4inC-R68@ebG8fd9$G!T@h?yMy$zE>ytJ
zO(sRs;-c?LbMsW+5niFtKl1q%=01NuU#+awk%@`MqM9qJCX>l3mO=MOM0b|=VLaS%
zTahbucXeBq!~0#_5k<vpEKFVWq>3i!#}}H6oDd4w?@+OfjKe?(;rIw{>}~s0l-}NK
zD2YmCAQ?Fg*|#YAA0ZIRP~WrNv}ddU&F|lh<Byk4NU5){(k#fdSJcqxZg^XvT6MUx
zE+!%z;I}_cI=FM4>-uZib=u-gu(0>#r{;B{g<*ri1B`<)QqWzgLz-035g)2aGjwdS
zt~{-}Sm)@Zzb^K;$RAXtht18fl>{i^I5~-liDiv1B+zxaoaJA6;~7d9)Z^NXmK2Y!
z&p0~Kw0|&CRe2_7YP%ONM8bZ~6ubcK>#D9zo$@1P;AN=4IMN`9Z0>(5Q{#bRur57a
z5#ZaokSrtwNKt<NA5vuaDE^o)D?jTeYZ;r{rQnk^J%b-TG9_2?r3vd(k>_vi*P?Wp
z67#flwOZ4h9X_=@U2V$dJ8?LbY;SE29FXz5O4<py!e4b_o!%8gvz;!MYpnfFf4VVm
z<)vO{(E5V!>P_rr%qijcF8ja^nAG3*v<M!frT=_GmRen1>asA9@Pk#)*O!lv`sLU0
zLKh~^iD4S2v(}C0gxMuE17#VlF(=CS7L$l9O%8_V4VO;r63OmmidTFM4Q<c8n_q9$
z)~@Q7_gE(DNlfDVP_bDhs5nZ>rR)A&`BMK$+}7eutif#}zVc>gh_N!RRrhABZs>kV
zzVo@?5F=d>0C@@3%U2;<z6H*lWBwPSruU){u81%3UaU6+*vxsGGnIuvAend_!T=Dg
zOVct^VqyZfwVHVXWbV9S(C#^>qwN#VJ-YDqC0L6r)8tWbc-*4ky7s((<lwnL`Q_GS
z6@{>H>1di$Kb~zVpEZ|8?B&PPXVc<Mh93a4{ps_2P1Mws&Gbb^7Vw*7Wv#argM>)D
zJD%i8%6*je+gQDRtg5Dv&)2@Tz9#<cEsi!j8QE?-f8+Gvat}L{k!Z5`qC-dXl%c$~
z&MZdc0}1{inv~Q<pz_A}g^jvK>=jw?Y}q<-#lpb{J=MM~H&wG%{{RUBDTc;UX&X)`
zr_E5#1~0aw(T2ySx(p@RH%e&cpbYF7T3V4YRYpS}*a*kCWsm%=1hG-ivB-Pg_1HVS
zz=V^LHyGa~80c)RKGN`@XXW3{uxe9&#;p@@sK33fI8CCZqx_61v1{$i7x8Y}?-OGa
zd6VeNPH05q@84QTM%fw<xJ6?U)vCr_W>1}xObccWlL0>QRr~4F(IS$9kAk70)@R0T
zS<nydtZXbP>&h7|AtL9?8nLd75<z~ldoNV18E8dQ*GX0~q{Ct=<X!6+Nk5mH%%CM!
z9Y_CaXWE-}q<=-WbZAcz-sSu5YNfkLDan_vsZQ{do?F3sNeQ$E#?&U8ClFf!FA01H
z;yI<Ueche8Lsb`#m79y^u3W2C_TUj2d=8YWu}wVEb=bh2_ubg~5XT-M^mg-nL0mOn
zw?7?F>*BA#-7W-?`FTwCnauufhCy-5{o#s)XdcQ}oQ!S0k#zjW@zoqT&d$Ybi;mW9
z45F{>iWcY<h-HnwjAS4A$b`*IeD<e%K~v+vUzs1DG2S`8mBBg|=N+h@^&t+HPNKnQ
zv`(b6w#@drJW(;j?zRzi<d00z-I<94wMNxXyy1a2XAjH1w62NWl<bnhkGP0LsVvs7
z7^*CFC>&w?2~%2AeN--E3kjsk?S1#?l=d9x$;duinP~(vl<VWKG*gkW)5VJ#UeeGo
zeU$B;E?MSWaFSAKu_CDW6bJ8PUoeR_YiE?cG}}AD6UUgZ<dZuGDKDWbJJXR^v2v+l
zt%!i@>Z7=wY*_kXyqlWKYE6W%Z(mczV%`U(@@c6T%X!z8I9RZsyE7*(n7D-R>6GMT
zv83XJwY17VBVS&a-}=J!O4BAhFuL{7vdbHj*~8+iV;YX-18<js2(b%OqPv=`7qJX{
zWj0EmYp{4lqHT9%`>V-B>uU5yx|hk6$A=1hSi5UK7@t9AFtcciT3M~kv=Ek1FFlC4
zX9`<En2tuRebI@u^Te+ou9Ny;`cgDTwi`b!qjlVPvsYLhlhn6a_in6Rg~^YoRtL_j
z!yfwUF>h=O<{a~ItHyCYcSs#7=NH2-A0Z`c>^PW0h}>-N&P-QDX2tKf8tuCB*5>+<
zVqs}>AIucZ%w3Lm%vlLn--IdemR&zKcv?@Pa<%l+UMcITW&$pa8A<WM0?x>3<;kh>
z+U6qYuql4#>rw|X%M}%VKvKX}to!6<e?F)n-u}LeZLPyV<yNZI!UY?AM}Piu9}yQc
zmrU1KlV3KIt-e`8S63VKu;<Bw>PQQN^>#RKUTvM1sRYi#%|b_?Bf|D(HRFi`hsRUI
zSxy@Shqv5tZhEF=%xF*(xAw4iF_t0s`{k378mo2rEa|a+D9KiY=l!;6{wmYZsHo4o
zNq=IzDWWT=9>wg>DIUwLi|^AP9mlz-AF_$h>Fr%=hbPjy6}G&NgJr@9g@uh_!FT#Z
ziK&T5`UoxtrW?#;IiK5*87Pi+Yq>Nbs@T42l}|H-aC44`Fz<-|Pq?Q$N#ihZ=Eh!s
zf9ItYJFWOEq+-1o-R?cr2<x=^`23CDx1jnLhf_KIiLO$#+r8P!ZuMJ}XI&Z((C}ub
z*fKj>8$u+q><%S`?5M8zfBs%Ib9ZSp@;x5pXJVo&*kj+H9wXtO=O`gc5qN9#5D7i;
zVn<=Ukjh82{dy$;IdJvBO5ayb{?-`Qgfps>krA?Z3JGPKX@Y<)(pMGIMxKcQ%RQs{
zFDF9hI@fbh(9k(R5aN8;1F<T?D*+>(&sd#Htl~JfWM-7~^>a~qNf$pob`kEdJYO!I
zLJyy<50>7Zi&ORsH(eN@rm13xu?QJLXgn*F7lrL~Dv-ce_xdR>Lrkf31A6)u%81x9
zXXyMev6w0OMNc>u&XrWW=3cX@c%c~tgF<&8vV5Kb=n|%dWP73e;S+ULpT7>|)n$PQ
zIwETkaaxHd`z_}tT^!FT9Y3p0B;&)?lYv3Ev$I!;=$bQf*-o~P-{B>RGuhk1r_21!
zm>=9(=qI|U<!2^fSooBDanLzCn;t(Arcs+GQgpdsGn{uNjOZtSFll<zF#DBMbOd63
zpjuS~-U3PgQ*kErEh+ZUcmYsl9ID}1*3k@9lWCyMxP<<<CHafP*74<>&LafSw;CBH
zchZ(;-P)Qu+>DPiO$HsF-cvM58WmcP)WJRF6PRf<5)GJODoY!`7(s9H;WDVVrfgv~
zI7cKw#HO1nqf?34oXwXlu`tt!xU9e4<6#FcfF85aOFz)=QOSn~foT@C@2;skI4Bi8
zcuej>=*bUwlk{{`vM(SJfZMP|NJ@dgBnYs4l|Gh@FSLy>c4}!??-)=Ia!LqgTHB19
zuCYh9e$E9OS-gv~Tcz<$Z%SLL75OFu)osCwl7|M`H<&BFUHDc2ZmB{N&1sg>e~{>H
z8enPIw2>8rLT;9YYe+CtUAf6@+#Q{4Q|Y!G)=Svv0p~4J$^F<GJA{X}tLM=RRxhPj
z`gH4WE&%DsM)i{J(c{8A8SamrHA%d-fwp_Vkc7R@`9Rn9g^`yRNMN?f$6D+ZEv=EN
zGXRX{#1g`-1ZNA^=KC`8Xlh;$FbhZlXx=Ax*(x|NZ#&|@yj)q!^mS5G`$Oe^Cw5^s
zb0l>u?H!G2>tj;fMq`kQgf`?c)$6l;!A5@9P$;nR-=7#xg>8cbcO*lvovHb$9wyvK
zU4bB2(2j1a$!)Wi+ua{%12$2CuM;tZ5*0O$CsOEbj@0v84MDOOTbfjtIBysKC@u(V
z@C9YT5c!?iw(Keb-c6f2XJE>a*vucgZ24W-16Z-!4{H<%B7u^U;=bs;P1;AQ5W=l<
z8mdRMF%jvE?ugMRZDsU}i{Cz#7V`%*F*+fiV9pA`b9f1&qhQ}?An8x^@*wFD&ADm5
z7Q5&2_R@L`p=2I<R(Y)R1PD}^?Guuh=ipEGf36f@4vfnzap{r%F|zK=JE@KtdQ0Yi
zZaZfW`t)&?t(3*aoB5YJy!rxJs=CJ-Xe%9GezjwTUJ-^pLL6XMMEt1*{-$E|9x^i6
z`)a!J^{utby50REwLvpSLHg<_&iO@C_Tj{zc^YLld!&*c5?uJP_)IcxhsaF+VBfA~
z{ngnViPN_3NhNXY#Ga-)H|$v6v`MYO>e%)Ix520?94cj?J7p>!2#Wp`_DkqN6l?GY
zAc2T;5}TcO+vBny34#dR|7id1Si9?W(nC%bLnBd{T&JC!#d_?X`H=fTNFuceNBci`
z_+H^_p!H0SyRmFD7X;nGT0WQxHIJom%t>r0$l++$Z|eHxal5NEEh4<Kf4dIYLW+uD
zrczi4yn7Z%>3b~g?Lccm<k?DL@Gz#!*CTb4OG}@JM~A~Wzd1`uiCZxD#26ZY4sV8p
zDu#q6y2-Uif`&Qq*9ax%<h<$_K7Ozt8IA)OaW-*b82-r-V8$2>pui?Om@{x8wDoGV
zWOI<{*-~9zEzk7yG|zp8T3G^tE>Xa~U6(g+)TUlnCZ>gE5<=6)nm<}NwwlSqk;~5x
zj}Hy^*2Z>^`-U8j&ZM2Md6Ow!Zr<TinQg3pq0`&HX%VsLI_zSsth8ke51~S^SC<6k
zU_kTWnSsNiatT-asam_U@ebuj2CJ(hHYW)MN-T6nZ>DCAwyEw{8SgFbE{}9m*-uuf
z7V;@M7jDeYo5A6=H4c@=^Sxy~trgLwAIZqNR%=Xl`%W*mlB_;c2rF1R%gGzzm?YUQ
z5M2sW`2GI`o0d40UcKkzuq$?BjeeTcr_Rp{RkM3lXFCnITGt<@0O1A54TY*IY!L-S
zsLh&0mj3CGjf7-2T4SYmcKWYqOZCYcS;Zp+Vwq^HPxZlRd?h;z$JtId@pu9LEUo`V
zYV1PQdYKM=PpQ{oJj(PG+DtU5e8Q{R*FDND29D|P4lCF;CxQu8?%6)2Hlyg79)2r-
zoEEgn0zxRtu*DLo^7z2{c#6-;ig85jOh11b_m+eyp*mYwervF(S|Eukrtf(=w=lX;
zIi(ccO5gJyyYi%B_%zOfN4>jrCm=pgfQ9oQ-Yz3$cwgeo+Js7~Kw#$hW0a1_6qLl<
zZ8@WGcfN9=dI8!o>o?8TJ7v)QZ0LDzSO(FH-R#ZRZ1l3NrKR=T5<G;@Q58G<G#RQ1
z3)QsrdOsBuD3gu1dna;-H(0JFGCq_Ep>fNy_=u!b1>zuMzf2@rP2?W}pvbNrsVkQ>
zCdx;<EPatVGK)vfcPZRY$2r+lJZ^k_3h_ZF3M2roQs!G9yBGoEZ3s8Q`}xGDgd7Uk
z#D1lK$#Kt>tL>I>E9+6RK;C|#+o%R2o$Ye^l&$aS*;Bx3RQkzX)voxa{KXU~)L_d)
zOT@gc4>{JcLJK?69g_1=KQdDpUk#N6&8vmghE{k4l~DRwsz@m#V&C|5x-9Y}u4L|P
z=Y<L1@HoNC#wFG<ZDpv)T=osh-nwo#?yQe2kK2vpT%SX$%;+es`0d|NQnDFf1FVyg
zK`*@R^LhJ0S3sXQS&W5M7*Rr$%9KOgg(-UMYjws~7_v+=BM(LiXuG@d+1=t8$(P@!
z##McPm5kTkV_a8JDkm*4vJaowZH#nQ=p%jEsnx$FOXN=_Ma-XWCw3l1u3JGt*0p<3
zMiZD9679N4HKuw|IZAs$#g}Vu4B4fP{IN*%n+|F``hwSss~cOfp^#R&d5ZNge|P=*
zEW^yevD^}zMZ;yKI^0*K0$CCZ0lSX{s_6w%+U+v$9@^}xBue}<08nAab)r>nW78cH
z9XhW(RW-A-Gf327cWO7jD%(}UJdQ9EH>w<|qvt)Y3Cz+<QSw4>Dffu-Otx03y$Y$o
zfv9i|wKhzwyvox(FV{=f6No;{@6r5LWR@b)rmW2LF?X0)E3mfE^pbyYK_>F{E|O=~
zJ-;*I5qiF;6{qD%dWz>%PhPv}Zi(D^^-xI2`mInlG}$oepM!A#ffBB$aEfNT9^9jQ
zHIJ%yYBlZ>T`;$5->yr^r)+qQ`fO;X<5A9x^@X#P&wx_;9M{=|KM6kA37O>*y{Pev
zeFQxtE1G>pap~Zdu49<n@dS&R&-<gY0Y!`ddtozG+e`EhhmyUL_J+MHX+x;>3x_Ci
zTPLjCh@Jf1{YjOSUFs(i$XkY6W)SrMnXi=8DiJn5VklNHE+3B@EhU1TTq#}7;F4+T
zTW@bFp_xWo**3NLDu0bDxs*fItTyZY<!e`1_nc0Mt)!-N=67E<`Ubem={gMhJYdOm
zF8XMW*T%SYzK$@lXcm3vY%GRs?yIy(IVk7#7JYESN2h8bIE1M735!!|E5o~A$0A;3
zx=!1q#{nPx7J7W`qESH7+~q^n^ysQRD|EplRYHO++InWbU}Rj{s=t>z+&+^BbnW=(
zW3RfAHr`o?rNbwISH?sZg$B1=DC>Sp!X8~X7dITl03iY62}@7ZD2G{F^aU(cC6wx?
zpSFFl!hm4mgt8s)EY-jRdCSdC-dB{?J1rVTnKa736BhP5XPWPPtv}QFD!Ck4vu{7g
z<|@lek3~mV!5kh^6Q5iW$IdC-=+C;qP@E{<?&jpF%<}m-?Pk(8)MY!Oh*P2M{L1-I
zzh^|kl?x^;EUXYwd=tO<TtbaMD7PZeW`a`PZR=ztc4$#dC`8hXb*`tIj*RB>_0;7r
zH)Ol{X$RTXRMal~Tr2+n8Kr)83<&Ilto*Ht{hlP^IOdfAmz-%H!YC4^8#q-~u?9(z
z?|W&6(aLgWtLraW2V!kPZ6X#kO$mHVJBF2wiEnWh1YKh#q7WTrrQ5X^ClM$fqQ<pw
ziVB&T;r5RZ{l&9NC!cHF!xICJf!_YvpR30nRNk5-L#}6T(Bv;AnU$65PepbJw7Pu5
zua#kaS4~B$M*1cB;xhwLOv%5G4LzIJ<|iACSJ##~tuD8Q@h|0iejWxyNj-YKjD>|a
zKf`*noq@9N&*t#TI4v0GDMQj|dxWg3c1Pp$<F@uZueJUp^(@!b3%&DLeDob-NBR&I
zHMX3VbE@#<)uX=M-ah!Xh06z}pka8!4_b?(rk<wQrd`X*+Nb1WmRlSqT~~_?C-bWV
zlyzLHF)z`e5Ai7<?|+#kC1Yre`YHR;9Q)x5WPx#keM^h4j^0|hH&$iFL1NDujqa$;
z5dx-;;?s9$T?(+<?35}mft0($kB1{R2Rzm>eLLTbyotTGS8=pde~EO?wZHkNLH3`v
z?6ePlK-I$%qVpx)!YspmJ0&|LK|uj8a$Q{Q?ZtZkb#da!Yq-`$nz>f0OboT8OXz#y
zaoG4>G54RcPiDC$yE^^0@7@t$`_I&yul|A?@>Oj*?KC6F>mmbwokN|nvDcFuGv?|q
zf1))1I|B=FDCS$*8&e*0;AyV)4Lrb^)KO5FF_W?Tq(iME0o;0?>A!BhpypsJ5_|2N
zPDW;^H6-+#`l0RPr(BQF*wJekpZsq4&rBYqYywY#Q^hZG>91v}p>8W;D(r?Cl5XXf
z)3Z@1GIjqoSOnF=u0+gBzGP<&*YqHh=OVCWYMJF63l*X_yZ?1xbgy@`a+wgNB=t}d
z<NZMmVnn%}{(ylE(!T$HBm{xxa!+7vTuj1DxSP<_*OctuzM}-}?%|(*L!ZxZsNp}9
z!AUr`26@d$An^mB1D?lV)?znpZ<rXQSy)R=^aYl|aRtcI%M&fAW_*%D_<!FSQ|7&^
zKMTU);))dOnIR$VNb=LC4B*P&yZ?1%ghRsd$JlF%bxNGjn&281gaxzBV(pu+6aSe`
z^k>Rs{NT#xt3yzGA$vzb9;~U2na*=Ze6GhYf?nLtvCjW}W0d(7TbKzb;gnB!D=aN4
z4VF)3Ar34b?%$Wl)v)@xHaCCXWaCqqb!hD3=yqfP!6Z*Q;tw^qov7If$$E-xq_8~h
zzn#htf(mjV#p}Ik`ur10>fvM|3sS6_xLVo~5>_JCLR3%h;QyK5lr1(C<mfeIyI8x7
zH|k<ON@_CAMxzF2XS-#{QAfYCzAQXh#@ZR*nY+iHXJK@SS}q10%+~c<r0nPQ1@#RD
z^?K!r7Mq)|fao=D!W;6PjEV|R%TI8*9<OYMxM$v(h`fy;X7imXPuAlNjcYdt=RccO
zpgZ3iV%L<`94<q6oQiRxnW?NM0MGR|!|P!bLuxV_A&{Ty;;iV}+A%E_d#!(1QO$r!
zNZ3ze_BkC`Qkk*%dqaLD90;5>{tL6PpwH6L^mIpAr1#c4DpV}(C-4i{&$MqZ9K9QO
z;!gOu6cc>o=3FcPNHC*7js5A=*eZThRhbc$Id12@m&7ej@QPc!CB#*v#}19Ee457B
z%!+<>?K|iwStPDr2U)1<32#{fL%;qBQXYuf!anQ3tQc0~u0Dx%1RtGHb&~qd9Hq=J
zUma44-pb*J2JY|ej0dNeE&H7a8})L!dQx!#u8ehGA~~w#3zUKuFi;S~z0FzFad_q6
zkKRP=weY@4L>L%ne|JdmT{l%XuuL$&zsqFEh7z_7v9C~`aNbT-CtZ_ltNQY6vCIkc
zBjE?WPf(28<T-n)hc3Tey6Af&_Rn5PKAG>S6%(!{tOb%(7s@$-EY$E9IAm<%?r|_J
zimGM0j*Lr5X(XZ!tj+N{QEE(NWfj>(QgvI+;{pkK4B&2muIvh&Dnvy}<?b6;5fr%@
zQs>1B?&b2Y48^R!5DIel4i+iaD1iQCT|)gj<p$)45dar?<GHNVUyf@1m&9{DNyZ~d
zdcvrA!JYQn!*>U5XT_-jg%^3|`Sk4%`2Xt%)wuD*dGFk?y=vNOghyMe{a6qs!(~gg
zZ?akcD#>4j#?1EIrkMar9}2oH&-TvVm;UxC>yvxhPvIHQ?Yn|w7XQvg1$F>Uh(v}#
z7MdEd8KOY>Dm5yK0Sq+Bn|K2GoBw}lc1mhLCCC+ktP>}PlN?r@eaM6m8WJWbqR{&M
zU(ovcKD>1JKn$!XxcLgoy`8)FgTMW5|8-aFPS%+F<Hi5TLHq|aIB~`Ofdx8^*go>`
z-<^Msf-;G0u1akFS6y%OBmcnR8zKM{<O|#CG1P%lA+N~LL3Ns`=3OfHq6(%7<hz{z
zH6NoNHjy{MLJH6&`JS+yL~KGOdZGY!lHmSF3MJB;wwEXFJp1DFH~@)a!ruu~PE!K;
z>FW*JzPtGLFMelx_qp#}1|=G~!r?2cPEaf1E$?y0Ms**l*r(Ioo=SbHJ(?*1gOFZ%
z3dp$eb-Pl4k}sTQd5!cZp^-_E&Q(nAX(@i<I6%VBeg8^$92<)9^p8Wqx7Xdp$CyV3
zhB+N{u1N$|*UrYlh{-vuZ6{Thv6_k{fBg_J1-L+SeD-wb!Q?B8C<}iv(=U4GmT=$p
zfh`zQMabWq5(2e}sS)^<g_6L<GBfb**#T~w86jiL)u*crBP-RTe`6X*O5Q4qH{e`-
z?&<}3Jb=H76I$k1X1NoRk@O14d%@qe%6`x%*!5%4cAK}2h)7#SOEP3*CF{)N@p#7m
zMxJue-;rm~LU@s~J@^>-`5E|uI@G~-a#;|{ZYBtr(RO@1r&1=QeY#yu>Ce%h*i9t?
zh~*i(0Gc;-v$C7vyyyOEb#<wEAiZb*0l7<xR?T;3!5Hd4^yZ=RXTQ$6&?-I{7T05I
zc57fv41JF~;t4i^Pp{yy_O-9E(omr(xy(s2ad2j#?R|(+LZtcfXmZ}QB!))gURe|m
zICYAg3RA45s$j3h;g4$zQg+#7^somyN0K|!-(6w>^wEK(6=wFEILN5~Rl~6_juZ30
zL_N-Mn+{o3JkC~jh%YJ~G!i(yz<PWGnTH;fQT})%jo8ghkOq1P!O9bg5LX@^+m&*j
z><51-h~eOi&SA5}hFD6MWxY{)eqQ^J^(HsA{qaHo*9Ad>wy*DFVPt;;O~2-iQGK${
zzK={_(1W^{sfy*=H}<H1Z^LDR!DaUNwtpY6_}MQ3`)i!2do62EwTyvfa99Cw1oaQ`
z1Hurw{C~9!DN=&&oqQ$)GYRsN?4Hy;9oVwLW|xh-%$>igz^;$ciWPuD&qI~F!w__~
zun%X<?(RXe{0A1B1->IimW@`R8DL=#lTmOpDaT&FsI}V|Y<R27qYJFTB+ca5Xyo>L
zz(rE_K4)P23Cryn$(mZu7WlM{H@e?>Xa;N@kybk9n-BcGt_0WAYK;e0TLB7WrQ=nK
znGj(8)$k`%EUxWwK;AggSHnE+C;Z$TMjM1#Hey+vMKIUYe@!})f~uNs0w6CMCkeiQ
zTL9b&YDAwv<`DkZvH{v4pgJREzV9>nA?Ehb!Tq}<bx65=eZAmoQo6A6ALMZsyFo|d
z<SD*9{-w9(uON>;o8Fp2Twu_)C@fUotLUy-J)5urZY+^cr~p#M@9r|X?h`QzJS<t%
zfTwrG1dHX1e~N#~Ht4i*KPCB_{0=n6{bc@^CdO=}0+&Jr@%h4DL&;vASz^qmfxPyD
zRi;7WJ4j!#K{>%RZY(a1ByRTz$z`ZwkP6KRiAf_z)#{k`zs8cnO+5wawcKc2vc&&=
zXw#RVVoQA5vc$xrlJjAE{0RRR8{U8_f}c*L|C@#aac);g!$kS;>o0l!PrHS*ANs$E
zD5z!zMAXFL^wD3DxGk2rMaMfAPmUyxR_k0I;dn9UFbk)*%gdu(S>TqJn6%iq+h{PH
zSx@cs%-lGyaaI%=*|cl_p`^JMRxi66$@yRlw{Y3ICCX9gs_uwf_e{y^<Lf`R8xM>h
zlQ!?QMC^5|PAgU@hvuzF|CAlfm8C00&CfF|$)a;9CMzCWjeS;!VyIYzWL*kc7lFB@
zU!BYsAXn0K>1T09M`zD@N1^3F**H>3qB1|1+ug$j>P|sx@J~IqUopECI;=k(yWfk)
zl<b1aW<omlNg$x1*^kU0EC>Uwp>NyopQ9-c9gmhLkoo18`_MZjC^t90bGi8K{vgfZ
zvz}fmNB{?VT2wOS(?|$!Dz`<&U?85Env;vCqLXZ}F+^~N;|E`|Z0wCUilR;6-33XY
z-at@ZI04p7jPRuLgmgIx39s?20h`h`>a~4$+nbPo{>zB8^O#$25&p<~4J(YM)mbB@
zb$i8EL>=z{sYwA4o+^(+<n!hF${gxzQDg7ZH#=U`HK7Q{p0FuAN<#^}9iI}=CZvuR
zfiFazf{1t7VXosYI<PYM+1^~0-OR?!eNK$0T#xSu-xVVlE2Jy1OD}PAKHqLxOTKBO
z>{QG$Uc9f|?OxR6yI+UcMzTqA55VD20r^+wz6`YV;~cCb1zagUL!6u=w2bsZjsR%)
zLFLoeTz!ywontTpRdsXZMO3mNrk<9WsP=MDkyGiwv<uAoY%)&0Ru&uX`^aubNuCrP
z#LK{b??DYO3!F~2J|wb(sYEjTw!b#Db2-ptmWcJbU!?Bjlh*9o4N;#FN8Ynqu#0nG
zIv9qO{lX5_&JOi_03py6>i9M$<((Uc`a=08j8aK{;+EEgzxhr5dW3nocDPoWENXLW
z`*R5h>HQ9lJB}fNOikJe^-wk;KPb0m8-JohB`PL7+iekNy@8{L#tCW>>^#7mY<-o0
zGCjiaTzs_HEc`>5l9UW80d-G%lXOj>PYArubHmc_?i6bS`%q<Q@=(RnJhgGA`Kf=$
zH?K5RMJl|GxZC;~c4Lh6Sf$FFdR=%I-Qj>Gkn=yZ02<HT+)+;GWTzzsRx}&1t*^Bd
z|4)`5^7gN)TTH(&{}&6DIq&=!`<J~_LniwR6Il?8%wvvhA4&d}yC{UOy$Q2?OF(C}
zJvd$24YzJM`wu{PL!?Mg6IFCUF8M@5qJ|POIaHFyhj>(qxl~z?nWM|Ee&#S*#M*du
zn#^0H66{WnpMPEAlc;jtP^LG$%Y)25lw*45w&deYMf|<4RWlW5T=;1sxpw}%MJV?z
zCp(}8e@_K9#FJPMHIc3XzN2HKw;=HX`MUC24gX?(EIq47cb8=Tvwix^;NY9%b$naX
zkWvlv(^<(5t7OjS5fw+WlV1%PBLAEv`G;lv(h7Q7E2aS}ysTrK2Ho?JkTkqNFQct{
z_oO@o3SD5;XMpP~WJ0J&lK3tU(hI!{SrCV&D?sdWg`GDy4C2jh;O9P1w}iunq-Nlr
zyG`e9cCJK-49(=GSHw?J`fY&Wmf1g~Cydp}(tYPwEDvf$MsHi>p8CfIPo=DRJYXj|
zp}&b`L2whgo#<c5YMW>STWPx351#N<Ym_K~Xmtpq$uA`hF%S}#J~~<&DywT)8@PPy
zC<)4(!&g{+Lhx_Q)V4R19M$lF+MEJE<twa9Wx+9~qgac$1=|XH6_{!qPx$iLe#nej
zjvh^j>$k*jiBbtQg%P}4^X~J^a7_N^EWL4Jt@@k#;=-S!S_jIG(4_(iXH_P_1{<=t
znsrn>e3{!s&DMHvy1h*<q)2UAY|d&j;Ro?X!9Ap(ygz|#qKh~y){`N`admOOJPA#7
zPjs#-0*d4G)~OKHnTlOyglhknyTgxgjM$JE=1QLs?fy!vWWFSG^OdrFDr2j8>~lS{
z7Q?4s*?}!gff>PG5YMcHzio?b$QaW*ZjoyE59j!{y6u;rR0v?E|Hn=F8J8^%t@^V6
zDNWExV@r>f@7{o)Y6xPwBh&G%3#h6=LIOe$EDS(1U^Mir3$xS!O%z!oBeP_+!r^)Z
zCI&h9E{+M{&H3JOC)PR!Ls@3&?|T@3EgNhovmNSd6=@>c*#1`_1O;j1^O1<d3ArTh
zdmTA4LxU-~*y|00QFpIb-2W%2g^3iw9dEBlj7V^DmUeBOm{tO=cea7K%3S<k9s47j
zx84$xeQZReH$+Yn?(c~G3PSJ+|D`$ZKOoChP-yvAiO0T>u507WQN3`nA=UHlm|!Wj
zFq*I%o{)!F=5`zQ|C`19G{W;o{UZuq6Y_;UnB5ajARcvh=WaDaQ9T%H2IkF_`I38j
zY1KvlT!-6eIu9NEcBYVW1+8Az)Yz<r^i;l(VlkVkY4Ax5_2#159IqLPE`5If=+U5?
z<@H9_Nw6y8E?R}l_VwLcOaA)<`1^a;(%%X=LLlmhWsq$^Jwl>sqzUG>VXkha{K0P5
z6n}Ad-3lNkU^6`xm?7i-p%M*N{YY~c&F8M0f?Z`TI38K75KZ-kSIg_4lAG$(>-lC7
zCLv_EYxy$|{C&foj-O69l6;YGPc}R<2skGLgR13+k3o*LEEaz6a<91P`k@U@t^)%B
zc1Du(mA0Po(iLaM;C!7wT>g#q=lr?*yNQ@?IN8w<`rwP^47WWqXq9yx!ozOe(`%se
z++il|&mndPwAV9`yGSzKLKB~T;onL3-X^W^hh{+z&u+7MUm}SM3n~C?7h4K>;RpGg
zYLY7H2E5|x!g5;stvHp{+DR1^=|-2P>AfFg+y{B;>X;!0t>#LENJwnBgoIc58{3bt
z-6d*VYgP`&wx1C)l>1J8!}oHQLT3Y;=rZKD&d2_W>=`-m8jr}leDhE8SN?#Xlw_Q9
z42$96VJ4gH56uIFLzmlW^9ds`0-0N!C|;qOFl$)FOZ}^eP<0g^0s~)5;sw46n?CP%
z;1IeZdZS}&hm`YQf}G^KY_2m%3jbJopc`MOEjW)0om+|y#1{X$f0AxHXuI><b4GwD
zHNMVsSjhhXtvt!^$2h%R@UMpBFMP2v`eNCR-Ka=bd%#Yss8o~q#DLqi%X~-h)^L`R
z^sL<Z_Lh#jSHdl?x?Menx>#HJSdhST<kvaX3RwQfE#=0L_;C$r)dg&zC3Au3;=EQS
zev5wV&q1^sL~-{jsrj$Z8nU=Qqid^1uSqeK=kfml#eg7r;P!BudM2f0bv(+)EjZ0y
zkD9R!9%0p}R`;ZlfVjlRnd+zeZU0YldN8m4t}#W@?c+b59}8k=Y|!Ogb+kH*PQ0$v
z>9|rGe>v$(09&BR-1G^7fUR$`P6d9=A0hg;!d{s7QzQX_2o(=KA_q1J@OE`6L|;~u
zpp9cK({<wM&;TV}i1RvAZT-r!M%lm`0T-Lu+NXStFvP`PV!CtM8EP;wVjNmji<}Y;
zc8~t>;S8XIUooZV@#r30Q#}61?fXJP@h9v~M8rG(J8o=a)1Rr|aDIC;thKn2hVGjR
zqhfrG(|Smv32p#KG#@v&S?71n$$f1y-J0wV|B%{0r~YQ+0z>pO_O6AybCI1^>T4eM
zIA41-=x^%pS&-eG=?@4waO<cS1cuxlm%XQ#rXAj@u9<aIiy@47XSz%R%>B&e7a`@l
zF2y>$K$mcCl~{&mOrr`kUaj27-9EG29P7zYvb6xTjXTjCX5DN6whVy%EIG^Rt7CzA
zJ95V=%gL45l}67GFnks-n|(@StYsS9IzCp((*pVd-+tzKIZW1{3}~U4tf@D#)QLo1
zw|xU<x>_$^XLg~$&8_O%0NJ4XWWCh`hl)7i^&p!}CL}2;sluGqCb{tL;UtN!9c&>2
z>)0pw%C)n~YXJklyqHx1f0d%`aTSxw$*12-kx3W3VDA|eR=(_%Yo0I(v?UNI$O<=v
zz!<pBM?z3oz645*L4N^_k`d{0=voYE_VN<~vqi({=i6)DyRr!dE?HjAwnTE#c#N%b
z_aPHJNX?2{;;44O5Pdql%;{yO9q^*rwH!eoL?VisYY(NFzFjEA6><JA8wRtNHD%>*
z_gUM$v!JDr+t}-<0f?}q)r$rl5uUz=1FvDqN^c;E*D3$B0I(foP7GTX%iLdW4ndCj
z^)Xz#)0aJV@|F@5ktacyL8{AD<hMfshv7|u(>-rmK8-K%pFM)=en7Cz!}A^@{hniI
zHf3o%y=X$YA`+mzsv>SeH-9cePcv^})KN{o{O#uP^~xaC%;!q}J~x%!Z5GEffw>15
zB>dpGg!h3Miihrrf9{VSxN<aGdA8>0Y%{>kj7>(%Es&E_;l}~3+Yfdo!%mD{HPHJp
zpk&5DZoD4N&u1KTdXmrQI3N&3A*=Q#%GI>Z_vh0-e$~tJvopB<PW@aJ>bt1&ADSb3
zdCP4Esy=L$6%`dm%;fd2b%V2bT3++DEY@k;Nuk;@kF6bFV8{>n`=#gTDFvJE?`_Qw
z&yDfxuUKm3mY*Dj++1#sB$=qdVHIcAR>zyiee-aUBRhXv%wb&u@1X<L7c^HnW~f&D
z_ns&JFk)PN$LbjXD}OyP#%#A=$HoGey2pNety;|Gu#!52F?MD57_8kJBAi4*21(q<
zIG)YIi>O1WWR}b}em9&+*uJI{&XRSKl*@;PNgmo@eZk2M@%IcYq{ol1K9@);+H#~B
zX_*za)NhtYn@Wia)4$@E1_{h)%xKI<_<Y`3&WK?_@0<h1kYD6lpuZvT!CpA3U!5GC
zIxt)cw+g6EWE@&INNu9{Y~o<~4M^MU)zdT?gdopc#|*w-pE}%!`Q+ocxx$v9CN`6S
zO(^U)?~lQ;Bq+)`B}}Q&=X;jbdZRV5QuamC``GJz5{-x3UrqDc1V}1~4lg5uYnAZP
zHT6pm=gHRKU-#Um8Trf3kJotG4&#N8HTj60U{}r%lhiPemPEH>0SkRyRCTZit8}(q
z`=c#sJCA1rTQw&1WTjKG>5)>r?LN=vt%$-*Ob+Q6H9TeO)t^k(1vO9Dppz$4zGK|s
z<Yo+q@<mth;3SgQ7hP9$Zq5qjjd{xv`BS&ilGDg&(2X~8;)G)a;2YTU>-5>6#tL0{
z03oa8ySBvBgkNnX9I;7RHC$K($0TMK8hxsDP`G-@Ik%<Z(;mL?pefglxag4Z_Pf2l
zeMq6SYNhjBr%!ZX$}P<f3v1{B8Cjc1<sW678qXbn^VUzz*LO#0N?xjg@ZN`4+_|3<
z6fWDIX`o|7HNasWA8Ms9kLI0=AK2yZeEP6=F^pNcg|cwHeuRNvbf`)D6*D-}QBv(t
z*$9U?)MdacK*;V~t<Lx+5YZB}R5af?LZbigdYmoaAljRrg1_}R3Agn)l!K&}n$^-&
zHR8j`Ep7p2@wFC0RzzgOme1JjW(^m{B+j67oV|fV8|7>)owI_`plZa7o3{KEbHOCw
z<MblAlxWB7uU|sZR6XT8RiEDLNqF<=LLX`H9vyg$pWjT3d5bZCf}B!YN#QSHy+z`$
z7VGFYi}tHNx>yy)lfD%hyRx{oDYe}L?E?et``cfO$ivAzL?4X(ew;e_;e44G&mc~c
zc&W+B=>3l&R$0^c@7@fgv)+t5-tON-emYhf5O{ab)yCp7wy1rlx+KxpJDEsYc!r6=
zYB)vbLsLY+Qd1nDElJ)FG~Xs>^_S91<OfEU(9>z_(3jAcu*6C_$Q-6F2|lAECkq>c
z*`eCttut#%?R`AmDSGTT?-X=tn1E=QKr5mBm1>Ew$7?A&Ix1z9k}kh3!7=mq_kD`F
zzXNJ;jQc<hj<USKbLMQN6sw<}0}Hkc==(^TL}X-gRy(*$F=Z~Rk=PB_yL=Kp%LnQW
z{N=~cM@9bLF6mwRU3&$ITzmUv=SdO{d|`NBB3A6|qXxosH!<J$<wQp3T%i)7O1Lx@
zR7HE$%b7^fz4agHkNi;j5HsGzd2cundKOf?jP=3kHO(zNxX6SvNKED@dZ<H~K003>
zWMSCh!yYZI3rtPtQ5(7zg($`r*4UY+i`b|zOYVb^{Vk#POWKAXrg4|3!U-F<3mOPY
zsVrZz$iFZc%l`1)MdtfknH2Suj3k{8j7NrO3Z$5heS$iv3UeMz$Z{37her<M&-X8e
zX@H<cVm1<Hd|<YA8u_)QR^M)ye}ai1x^We1I2n)GFPPG7F8AD;FMm8zSDW;L@EJV3
z=(DFpSL2g#K_91`-f7m4@&3d_H>aQoXP4g!qSQC6_d6dC0yQ)HmFIlUXmC}E6e1#Z
zo^H0SUYk?2b4cjkgO6WMZxR>@zk2U~^qAVdFOi?zn$dL^=c;bL906amD;cBUfEUdN
zQTn<`@G$p(BTWrUOCv=0h10GrarS|PEK%X+t{?~x>y}V&suD*8P2-Wv%;Ho}(bfFa
zSKrA|$m<4Fq!ij#&VG&Ww#uye%*pTZHObqv`=T|^FBht<Cfdj$a;peJKp<UzS0%7z
zg)bDhO9v(9qm_?#L(B%zG|WFYrfdbtqRFC#V(d0mLY6Fqh2>hu^puLS)HGcTDgtr>
z_+XDL9~yq1T|u9a5tyWE4rY?ctSp6?va}kuJG1vc$-^4R`B?lh5)%C$BP#fD#QO|0
z1f4=W0rA`Xd~0elI$ErT1o6@~k+yDaV^`Cp2xc~BMbIDIbapupoxf4-cxBifJ-|)v
z?8AakULD-~!=*CQz~HFoK#Z4Zkmkf{<U;>aC%@C4EF4|argAKQXC*F701X1C;I&9t
zw`iMS8WzFc>^7C+$TfOURA2A#Q#I+?t;%})yM&$#O|)LDW(?aKI*ZbVF1dq-mCi^@
z**aymU)Ue-jJ3}VzX{O1CL!LEk}`Tyhbz~li-56jE78*gzw`H%^p8M!bEte6UuXv6
z;27nY5tugy22-Wuji}lC1fNIkSKDzvh0DJrOSKCLH#C<|`Vo4Ef1q12fv%S1Tt<iz
zZ~J|apLi(p)UmIxf1ya*yOS%A`cZN0GFwN_8>Zx{C8L?jXFO(EuBnKx5>><!UEiR5
z#35f;o?-bVt384m;O-cyPMLl3_}PE0(xI)L++E8>GtU&P!fsG>nxNxRpy}T<nIA|W
zg=Tobub94eZS$plLMJ*h<Rtcz>2}k%K30YNdC%-j$nnQjE_*U@(bnM%6k!uL(;%(e
z01;_K#JhYklgsleL$u8tY=%a~=yvs5wml(X{BR~wO1j}>5USj7Y*5vF3+W`K?i8RN
z6nH%-P;6_4j)d;%tdJ5njUsjD($sxdQt`S<EM}}EUR>~mWQMVnDP%;;8r!aaVOVRG
z0CP72G`h#=F}=Q2Li9bu)|uriW+|QPP!%F#^X+SJV6GfYRsW8f>^quoe7!L5(k`Z)
z;qn5)8b0qdfaZDsAqD9P$31EtL17&{k^7?+pG3yL)kRe>)KX94sS8iEspFND*jl?M
z3X%yvZ17@vMDhK*sF0&>5<XQhHJ^~TXZY-;i{`~M42tttOw|}}h46%rZ*{b^BFkKF
zQlFdBx-i;(YTisL<Wz^Zs!LGTU;O07Z{lWcQ)0t)g>R7HuSlszrr>)w;<UFl!uC?V
z#>Jt5zWRI@L-iA7&s#StZy31m^`G2HLEcN)B+qTC{xQ>=i+|Q=r!#oggz@4+PO9j8
z7*S1RNpurzjCaD$Y-%n3w!dq0knLauyuVk1q!P16SI%*#NMrwKgJTa?BCdys&M7nS
zn(?nxKF(LH8;dgQDe8>Ye3eGReZ9QDx$tf2&YL?OivuLpuKmxS=aPrBw)Z8?tdijD
zDdR^FxDByF>TPuNm*b|omK$pfFHwJ)L8@D8t3Fa_n2%gVlO*b&JZZMD-d#v`y-qYc
zAGLo*NSk+(xzLvc*@yMMOnlO;TnjtQ;RG$q&<-#v`L6o&@F#Tx?GNIwzC8}<Z0+pq
z(O9^+s!qPP{Y|X_KLQ85G}aFO*497pC9)W)&oU)?k%=S3MaMxO#|qyJsT%W)mz?X9
zcQkg}XhU~@<R`Dum(*z5d%|hEhR1oo;~5o0`JA0TEMwryRKV6<?V#mkl~eOgsqpJc
zj-u>wNV~r4?;hy>JMP_N1iH~4i8BJ;))9aa&4Jv}{s1M=#k6Iq%U$mR0kWY|kWIY=
zQeAIyLpUx&;`pey22sxE%JN@RH?IGFBws{4!C&0QiFF$a@qE6UvUjZNH~`B(vxcl%
z9d6HP#@mlmy)DniBc_K?r;+5%)gDhu*GzI|78zYpQNCO=CP72m?Z`plwsQn-VENC6
z!7Llp+kg+XG0I*=v-Vhru>%M9b-4O>27LKuIr_}C!{n9XmGL4xr0Iu0252r^kiKf>
zGR!ts(AvIv|1qEg2!VNWT1n%Nu0yNOX{`1RPL-$VDp;;q(Wmu0rAg6a>|@HiiW3(D
z^TQ2hrjD!}uNCJnb(mFHv{`^-j`U_*dl=>G)AFTssQlhttESU)T&B9zS9T06AoB5K
zuj2pf?YpCzTE1{&0~7>oAksvxq9Sk==_LpXB3(qJMg$~CN$Ao+Kv0C(0HuW@0@90=
z&{QrUz4sES0YYzqkn$$c=g)iB`}>{6A7^EqGiPScF5kCj*b{_NSRV6kuB94#CsmF)
zt;G;Ecaka(v}T+zvFJ;_)W5A`<nW&T%okxLKB8cQf7|NrJ|&Y3nD24`7gb*Oadw;7
zm2-<FY*YeMx8f6Zz*Qki3B<!XrcSkL<Na6(!QJ<Wl%>k%1*g-y&C_UHJ&cUQ?_M1G
z#HN1o%3l`Wt7?}<%`447kDH5p-|tSxl*0}QTsjvHgb6;W^$dbMl&8mBG9{*KcB7&e
z@Hi3V`e~dmKXeO+Q*3S&&ax%#@EgW`dLBN%&$8AhSS_!jhP1ZSQ&cV;0(ujGOy#{w
z`MZ=*mcTZZ`!3ea;alpcVUGX#*3&#^v%nfsmh%`YFG6ltGffLsT4Xqo<DSJs9n`B-
z5q(&1C5fW`6>GWA(uAB032<rnz!uQf^s3aV??p((710VS=O@_quaQMQwcZ-24Yae9
zN05N1NN^CCFo%rHm6gtXM|A<&gs~)qJ>2<_K(M0E6uI;xi_xpmznAvv^qv4e{e2)#
zlk4LgSGUF|jj3d4pFEyei+72fsw}3YP32nw;orLVeEz{62ox-Zbr?z5?+6HOU_5HP
z9kQ1jo3+ZBt6?R6Ggyw|Sx{LWGLpQ`wvqKodWoI*eKucZ*n`Jo>tOdmfm7V`!c8c-
zJ24*5ku@tC-lkr*C=Gnv{B$z(%04f<ZWDxqm+-mMs(eJt%SOcd4Fj`FpiVfW63)QH
zjQ>3kJ`KYHQ4*SY-zS!{6}4a%aje^4N_HiLF&CX);rkfA8q0~x!MnBFEn2qViYr;n
zQ!66*M%{|pCqh-AW%d5i%lE2%8l3%g{5@w;Edi!^iF+Vz;vlV&5G7isVN8Hy^`ol<
z^}8ze7s(xf#4}=MHI{t;^6=PkN?*=U<7jUL`v;3pL}(|#x~6Ott7S5C#Ox7ggN`w<
zX`l3I@9=g%zKo2Z`b6#a8kWNj3bd#e0p;ls)^#g@bd)2(IpQMl?r!1sLI|rf10>!>
zE<;QvpMZ4Gjd}Y|5(i~6d+qMy!pi6J{c*72@Y3cw#ZF(-NvKnx(<9;i0ooud62NgD
zOE2&m+~uBBc_Q(ytyX5`dh?@F3UZsVd_bf)uC9kPV@Oz80&hSZz)U3_X!4++pfK(z
zhrB!Ow>#zyvs#q*k$>3q#OC8)$8)HU-Q2KP)U8Kfzq&M;j3exjSHG+H1ILgxYTSQE
zC^(EYEZW1*=tZ<&0r^fp6XewO*?mgPZ<p!CoxkO{cf8zfe?Ms>BF8h3V{@-gv_`I|
zh=1OfM9zAR+h1LTXxv{DEpO}xr;_31@y*;-^y}E80>S8XwETwJLnSXWMwwP7$dCe<
z1LGv0boyZ>j>Y?I#-XB%ZXR{<I?%@*M@iEy!D<zG##G(d>h0EN>g(M#ql*43M(Bmq
z$`cq1TtNb8H)xu1dIC9#1e*HN<7L<0JxR5bTOdgaQF=v;$f_a4R&MxdybaB8$(esr
z;d)TfIU`?vvSPC*tOxwX?PBBo<*|=Sn^w`EJ?;8uauRCX{Zw6_g85TCZ%&&(0b5K2
zEi<zCzU_wvQc_aJ@AHW6UH3Dm|I$tWaPGj-prh$&I&sm8IoTgIfe&ddddS-}<m}ok
zJec=a$hk(jnoH+2P%C_&!Vd&Q(ld$>-G7R(VFH^)I5AU%C;Vl*PIv?())#L=&X2jG
zU=aQBdIn<l!_u2`Zs?v__}fs*cb3`3RzywJ&f<CMc~4wSoz)!wFpSo>JxEaMSwz?G
z<sKVas4!Vfa$JAn#5sbVPLQ$i85y(Yw#=)#D2XGpxx4v0xAuFa+u^oyU0(T04@*#7
zvWf55zxCG|0<S85I%q5jqY8nigVZEEa4mse@3L%|ReOQ-qfw26;ywMb^0_MNzU9np
zrU!KEhe6doV<LR#S}hsgUtk8NVV^bQ)I|P27U1^&^8L>z_9}UUx>mn6W+Hw#FtssR
zs?5`*9B8{DudLrqAT3aRfx{sxd`@o;yce9bpZ1;{s2lYAy>AKbx>4jAQXVNU(c3_5
z*~PDz)R9Tl^K>Yu8$hmHv9_rD;kk>;q{4TX6a>9K<*-9~=n-~l!4+@V_IU(7O0AYk
zticRlusL^i(G%YX%?+#AT~t$LOlTbi71AJ(aaB3^JvX(|If=YQBj;Dta;UN2Y&<!m
zaqurT@~cUxM1+KL*iGt9F7mw>(R-Zs(d^+6(wh_bVk0M{MqBKHo!F)9?FCrrhh6f7
z(BaWb3c`-w3%%_RVbUVm-6QXqA<|f$6V?V!wr0L<B;nOK7TMYi(NtA8uCu`dy7^xv
zDC?`aDCpQ`0V)(lHxNEA%F+EvML*i*APMi<Y$gPCJga4FHa>Le#85rqv+8q^$@scA
zSNI<9?6yX9i_ZE;&FqD=9YZZuy<tNP8=bu^6Ij;E62|@aX~!?|0xs?`3+@rr?2#Jh
zX-brGSn@L!vq`9cq5w@ROF&)8B>i=bxX-Qz8?BsV3(~t3|GazBm&e?2Spu?(s)l-Z
z$90YPAWD-gnNm=v>Fr$vxneF2y1`~+H-_;FCd?igo2>Vf;>(q{|7<e7-Hsu-;n(^V
z*2&_wdbVI<|M_vfw{EXeTv8EacFNUUT|XxK(7_tl`4cliI@J|ZxdP)}0>K$W`HoqF
z?ziH{HL<|lN_+FXmKw94b~%)?kXCd)zWtB^Ve9Y7B+LpKwpFaW)yMsKy8UH4(^fzI
zqgGBvPX6@p)OI@{k_h3U5_oNjsDRm20*vF$S&1_SG*gKMimi0=L4(-6@+(X8jRcgY
zw|~=%X5x*+fwgfg)nEXhoawt`c@)y&?pi&*dho)lgBOCdcP`{1VXRSh4qp|&9@9Uk
zt@(ZyDGS2nm3_t->$xrw4MEZw;O%*+TqmXI-u_To6>|VbnTxgh=$f#K&3trpmH&=T
z%#<XD520mYP{+Tps8applkSf-`3s-zyc0(UV@E)ujQ!T|HKCd+yeaA4N~#?xefIh*
z_HV;KM1cBny-W|BBtu;9(6L-XLhdBI&BMf%D|PoeUdP<Mk8ikUIZQCc#MzaZ5)uV6
z=%<-{Wy=)KdV>(MdyCLmCvZ>&+$Jj~)1pZ<-86p1hHJB_Ck{j%SZfml7;<O!Vflbu
zVW}Od;iUZ?69Gv4**~3guwtxB<x<&Cqicl;b83A(_tO`h7}RhGfvgPw%X4(H&KtH>
z-M3vPP@Ehl#Kt5Xhf23&xx5kg$QuJi)m0jv!ab7d$R-tkD+bpTN-+DG5iwI$C`YQb
zE-BN-X<vYssRmfbgPfnpmM(Kc+!?)aS*!Jx!Z7RImt)1;vdP>Qr!IfHs?1bSfCTcw
zb&sO`FuVF<K{0geF@IXrHV;XPps(ga7Bzgw#~+A6Vc<B8Vq)DEo^u$n^<&UmgMg{`
zua;XG^<b<%rpyw_Z!ZbpR`AZ#Oi>Ocn+CiYq*!T3Q!WoA`L8n%1*WdV;n38NNtw3o
zHhGkj;+FFPFVTn>u06-IVXJ!DD4e^GOO_s$8#~pHisqkH!@(>Jl6%KMTyA^CQ$8SE
z7z0Fm{K0J#fdFk#>+^R^2W?;LZnF{6eC)24njs>Rz481x%ikoD2+Nqjv-ihv@|y!E
zE{utI6_b>pw=)WJyP^>;5!CNDEc5l~DBDYI^Dbz!4U|p(-6oASIPOHfVrFzG9*wh?
zUKdmBPMu~X>d6VvR7%&tH;VmCi<Bmi_#0~^>3;8ly|c%qyTL9A2*mh(9lYSAh;o=#
zNE}ccVfVay1>Pa)WBT+sfk1J*aNVO6{`VZsNmJL)z4_@tk<m+|x+h<b$@Qh5;2R~0
z%&9FJINIjgk!%o+=H=4o{a%8QIwEBXRHYbH%Ku+a>4;`xfj3k33>&#%C?_t`{&jff
zkxbw>fDOOpU{aF%Q?rVd<&bw4u=$NknzM4JWj<J^lg=YTkSbtAmFpVSq_dpIf{sqp
zEnnoK7WkU1?4N49R2($Fyu|GWn?@Uo#`5Ia4XmzxV5V-jcB)#0o!pr+gtaU#52vU#
zvu&iZ-ueh#tBG<04pSGa+g}b<Ir=n1lwB$GUr-3J<ChYpgk^VdYTFyGam-L2V##Zj
zQ-!nI7xAr>fZe|JrMsfK?6P+M6MCzWqPUxpz{K-E=`xKc6JFBd`}c;)cvQgN4qFgZ
zzzigXrLJ^zhB>NVlNC5cu*%81iQe2^Ozmc=rEH+j`hOqlLR!Yh%pY<Zv#z%SBw_6G
zY^1OC?vx$uZiQR#SA#6p+@s1YFSy~7vDT2|<DAKudyqw5+CnO5x~;!GJtd>eoC)=M
z)2RH_%n=0^WhOSL|1ze~Sk+y&)G>J!6XISWx{gT|iZlkm!_S)2%7)Vl8nbEo$m)|k
zq2WO>az#9V%J!>48|)F4QwVCa7HVm(aCOtbFWSggA%s0LRnFsW{b4QpLA|z)Y&dmR
z*vri6MxL;C4;uJtpjdL@9-?Dq(gNqNRg<i>ucoV|X92t0{RU3>1a^0gA)dw#9X|&V
ztCmNcr{g^&4YxOAi4zToHqF)JkwIb++Hw7EgA^&THM>T-ZVMGi`segIMsanlVkVWt
z*wO6$pJ6J;o_+#zRspI4{SQ=--GA6;BYM0&=i~hE!HjOtt*{;5>ZHyXl8K$I*l@p|
zMtjA=K?#b!uF>h>l@9Okay9y4+h-vVjx^d{04s(m{NNM29}qYw0t@h0bvNyNA*QrN
zB~RgC=iTP5=KgB?os!W8_vShP7h;!vrHsyy&-C79`a${=n>%SQCS_titiU~kY>=+@
z!D#N#9iYr`=yUDkAfZwsAJ^+hE?7}39}rJT2P$KC(+~h8X~duQP}a{H-%x1oyQ0%x
zUApyURW+SmRwc=H+kik?%p88ITKr>CbTfy2QP)l7Gcb@y>Q$N8VD{C(Rp9lDI^&Nd
zBm>yz@TWftmRn3x#5Ep?_Eclku9}&+cA;|*ai}XuMi^^CykXwn;6U|GLK$lCi9kD0
zNMkI{A1hCJV*_F^yYl|s{ZchM*2OFuJRdPi5Ql$p7vPh=%BJI5p5qF!m47J{)*o#?
z4GlFJ<JxIW#EB$|Jf?ZLZ-`-MSHQh-$Y~3K;A@DN9)681-`m$05E1)2#ym4<$R0AA
z%`=^5V4Es3j)7$ptzYo)5S`WEtLPbY6u+2#0se*=#@v%g0U%mM+n89wit4LXnL42*
zHFZ7mlw;HUX}}<G&jC3%P9mYD-qR*eYA8_9f3=R&$8*}FIai!aLKU=iMR~Bqc}|UM
zHRnC+B-e9Nfp);OpvufA3^`3`mf>)I;54WA^$kG&0M^gUVGsCk6pY>SbEZ0!R#jg1
zX_-10glX76Yp20#PuzOb?*7zV68H40g{(mE%B<pQU-<1dS8(*iU8chswiyL<6N!ja
z6}WDCKOT%D9=>#}Tg@#3V*LN`^8)&c8RS;jr1*5unzi9$^iJp6J~C6zgVAI+dT=*3
zHxUhHT4R0PiK?^WN|ZKr3xu@M_Eh}VU5}x_?#`a6?Zv!~xx)-(F4+3*u|vrQCMZX@
z2r3T%>rBc0b9A=8Mp!d66AYlz>X`q2{io{B@PdRC0OHfb?i|Z+!^sbJC9u1Wh1Yl0
zvU1qJWd2KSJ6Yq?yo(5L<F}$keIFA7FIezQz1YIt+q?`Ydaq-v==bRG(b|fNdVk=J
z^Z^{9og@33D&}~9Y#-#Ec3Gnt{*ku0p?YHgMtG>U@JH;*|1kX1Bv;d->he(Y<NT?>
zw#Yxjjocf>vlV@d^6p(9P({^ept$vZm<gJ)VuI4vLEZ0S<h|aPoDC9U@^(gAAnDX0
z-0`6B`zn7?XEsJD>CK<$sncsQX~?T|8j*>n;6Cp6Wu_ZMQeR1m1BhLu$sJ{;1Z|;Z
z((5^$0K)*#5p6*Ke#gD*_|N-nIwua=QY%FK=gwA+g|If8Tf}(y4X)YCJ@@!tSAE$R
zVD!s-E(6#m3l1juWAHt!r%*UQaYTJFfzb~`sC)Ixc9gyKZ|gt!3@q?7WyP!f-O<E}
zQ&e?U4FC_4ENJjiX-AuW^u~zH_nlO`lyu+i@Su3!h|LIAR9QHTxKwMT&;|~Dz#a+|
z|74e4MAyMhtxe^ycL67Xd}TUEq)PJUPwmM8+lc;`VF2uDh}`JHzx+skj(b*tB#7DK
zl5l@~`-c%4*G+=&1o{QDj)&Glffvnow*#pQdM-~D>P%8|3k*;NS<a5V({g5Dhyl7o
ztZz$|zbFicmw=gHySO%$LI-q#V}Ud=T>VoF!HQpGzGr=ZLlc<;c%iwj<((!Sl0G{e
zW?&-FaRk7>-z|gur?Cq7w){rJue8ZKp6CT2o`V{C;Mu@GdqI2Fz*oPD?k{^J`VI=D
zkW+#3KTIu$*+Y9J_R@ptZ{-IEJhWy*E2}+8LhZ)4&CUd`5H?ERUCLeMPw2?ZJpxDl
zsrcYK4hXeX*8Xi&)i+U40FTupg1X<65jYRH;eQ^)=}}gFz=%ZJOLE|GrVGbL8{C$?
zfj<~J6u1S_W51ON6qQd>21!yn+5{<6kP^y{d*OFURpVz$==h&{3+VOv-j1I8&86k_
z{*SorLfG{vdTSm0E-B^yrv6}bIPO198;oxBJFrHO3|j01x#M7VzeK-WshUfw;pXYU
z6Cf4;Bf24ULY*8?T}H4IvCiUIEeQ31J>6p7Kg98$c6sGoNiS(W8ZqqUnq}G&)&{)2
zk!JMvm&YK^IRyTDgdIoT_D46X_-DK0F)H|}2e;v`2jS6^P=#;aAoRd*{Hfre0vu~v
zXD4t*uK|5OOr!5LH-Tdrg!8dWDY->_DgTc|T<>uolDvwdP8o&k9A_5rQScF=Wq=!!
z#4~b_Ai?1j|MPV~Ad|yx_5jV}ly>%%OJB9f0MPayq3aGIO5y*J#nmYg#(vJ=^ejjD
zJHDtT3_$@v9*2-GgFwxG8xfckxZVx35ZVm(0~Xs{mz!*6y<vIT*h_T-u(1{H|L8_+
z-xS<AVb`*`$Uy22v%neB89+;CuCIUD4*X=d-!I}nva==K+fJpEH;#n!N0ql9Z<mdc
z3Qvmgd9i^RSEhBF;g=19Zpor)*k!gM)@Bq|0uyCbKM5Sk!A)?|q=2l<zim)S=q><B
zbf+)LKX{3=JEiL<@4kFq&mm+s{y*JjpLjgFI+N<Z(D!-AZu&vYOVNj^Mv>GHsvkh&
zCgEQp34BM$Nt$=9$3}+Y@{=M;nSundWGrJH+if$!ViawRW$u_m1&s`l4iqH5ul`#E
zaJ>Mx9ulZLJjU^+PJ%L-Nw@=^eMWosyO!jzDMZOeRcilG%`b-BwAEPmbu|d+t3|cN
zBjMnB`V5wogI!~X16e-+lnzK%bI~+U<E!v0LGOwsUnvG|faDzLvu6+L_9t=g<<+zH
zO#{et5(+Sz>D7>TR`i*>u?5K9Pp9=o5&(OQKu5Ang0@L@D}a^;u(QET>xbWjQr;bF
z1*zn$+#|d+NG)<d4%ERKW$$>Qr6vi|hd|w5eG*h=0^AngDi+>3VZ8zdFUvrihF`5F
zDR^sa0WRyT;W9muw0#Z809k|ld?F=*jy8XF@|63B`7odYu{LhJq!B<z!Tp26cTcn)
z318o(Q<?#gLsF93FB|lUco7&2OTbjh<pDq<rnhyLzmI{(D!_k;Dlz}x$GCxF%ahX!
zb8j;pnLl=sjeMEA^(RG|r+eOCLev)igYaY$is_ya5mY*VDjEDE$nWtg{bGxAfGz&*
zm;_Afo0zggh;%zmgZ6-VgUmjKm_{Z_gAe^l6TPt&!LEA7r`u@T6#uV80`wE$(iWdh
zz_e<QA6Nd1L8xgK@RkoZ(ttyD07u#caOBgDl5k}DQJMp?8KCN!XUU{nLkK%aiqU<c
zCwxM;_dv?#A0yclpVq1-)l83K*Q^8Czo{&bdjT0118V|aA_wea{oQO*+E&z(UG<i5
zJ0{%<Wy-@Y^+kemY>q#(L^)pYkB&l0Pb8dw9ZI>kp3TiH)l`>wM1e+LQ`79=0PBBK
zpgFYw2LO6qRUo)rOftrEtHJT}j1jMPDEk@UM`#58tinYzw+Q&2Kbj5b+w`RnoJkGQ
zh%7oT_htm1vqg0sWN1Gz+lxegqgHRJM%oh1j#Zqx)9)+`7IIpumYN?)+cxf|lpa#7
z5Y_ak&jYk3>A)}bfeV^MIywO`m@9uN`0rVkpVoyR&%)HZbe64-w<IGXx7WU8ae8Iu
zPP@iBbDAPstLHpe2`(aB6QO2)*Sd`E;5(nXfqmy-M=`6Ypsb*v?BrHp>9W}HGG@ze
z^J{MwTP}z425NEn6!qB}>b6<7<lM2R<}$usVcf6*B5jirxLVZ@X<;PShw9#Nm{9MN
zSDM&xEbqIaB~(-hR1v*Nnr;^5U+oKvqquYr%OF7GSOzwPDRoxY(kdX-rd}|PJA~a0
zHWGc5b0&*WwEzR`p4dxx_?PMdug6=JyQ74qit`ErS5KclM}8fu*luS}VTeqjioCPX
z#z%D`l&IA~_1Kkx!bPEALB#6R+k;{Yw$jA*tk*}u)xAVPY|f}%k$00#P<%`*bXdl^
zSrCvgwyIFutyl(u*vM?7$D?6m3SNY{(bQ7w8S$*htK^NvMVNxy`ac3>M%H=st613|
zT~HCMiJ<?-hl9sq3EJuFr#3z~^y<f?-C)>X$M$Y(f^Ax>E^EdtmSb+2b8xqCr=+mt
zWY5&5DA0c;uw$2|D=;m~h~6=uxr$y#2WQEH0uw<Kt<N5URo^2CozGEOFqvl8RZLtz
z!Y3OQ3f9qAh6X-B87^HQPQ@w-1jFx%%XzlEZh9M@c#lZT_VWY#23K}7^CU)AM=|M7
zi8A3-g|vRtWkV^F%dHn*jiT0D&RQC3wh*xjqZ{efW4*fOFKgz~n*9mNwE?RtHX}~B
z^VGxZAE^=x5u@v_Y^>-NRPat#47Rg5&%OP1me@PXn(>OyD7Li|DNAqW8pR0YwQlb&
zQb^GioAD{9@NUI{ZPHEu@odpHxec^8L+jAXD;6U!20bE~+kGda-;43YJ)R7yZq%RA
zd?623vbn_GVjYKxrPmVEcWNA)%#dFV@LnD=(N#4mxt)R^u^&t*uI<yAdu-O_>Oq>1
zc75Tk=Bu8>L~!>z#Iye*P9}+q<i+Kh8Z!Cx@@e1@WjaAAAyVa?Df?SB)?ahTwHwMO
zg(z-gz0K!Dy@;t5&{)1go7#_)frck*K~lv`32l<Nodr|*KBuF+#qvzNF4QZWxaQ|k
zjl>`DQ{JH9?fiB|*C?0C(+SUtu<v@Cb(qGx$wO)gAB!K%{=4w4(EjVQm8$KfMrX7r
z%1p`33oeVjWPZQ<nQoNtt7Eb?H{V=nf-OsPDC|6wYq*ZTPE_$QFN4oKAE9`|xH$7T
zefeS)+&e*fFws)Cw7U|OCce$UwRcxxg%Cpw#S44*BipCNpZb>~dYj69E8Dk+0Suu_
zqpi0iI2oi)+IST`>^krEcS6z2WYT&S8t>)>1i?dHUEh#fFLimNcurh=DShgnQtC?<
z)LEmx_@{H0x7A_=&3*jVLe6@O$yzqm%}k9KElGD1*5>7WlCpa`tT%c@r<X6a<T7uQ
z^IxFro#eeXv<Nw-<&RXz5|dSKijkw?j^(RZJNFpLxy^4*DP_6NR@c(>A5-66;=*h-
zv&2AG!k@El+?<W$IxD;x5qXfqyXhiNx<arTc5|z}kGc``h0jnyj*6$65_=~3$MSuQ
zx8E-<1IR}oT+TU#iwX)C$t8iMyyxXQd=?E8-6DKjPwk$vH~~0o<0`sYUknixiuWP;
zn5l<}{w@9eNA`IUyQ7$V4Omg`EV;);Be8m^mGN-rzT7g8uSNbmM>e^Ic=7UNvX0ki
zlb)V&-)y$=<t&?+L1>Od-^nMg({%>g<M#+1+ZyJF%kZfZ=m@P9j<&*5v1bXrKalYx
zvX8&0R(kiGkB=F&2k-iAPP)0@g}i(C*7`Q?X|_W|w`$^&TmGA$`D{o)U%y1LU4KWe
z_->2*U0+QAidu^t&ky7mASc%+(H=Ot`3>1|*RvPeh!`S_@od{rtZ{#AQQ^enH=@#)
zdQJzkSF3Zjn)!74it!Q0C+l=5({tr91`P|umDmjN!_B1Y{5*U!$>C*0w6{68ca!zp
z;Sx5*0TI<piE`)0Tb4~f>zdUScwxi7pwXF9vmxE9;YxGV+QpxilyvyU_6^M?nVmtb
zf?d@ZvGoOla%D|y$(P?3dGqCYkqdT_a`S|xk$zwr6VipAF5@~*H(OCgaoqbDOs**0
zn4G!cQC(S}$CQBh_R<zrMHq=nHjpbBiVJ2}&g*A>pL~_4i6XnJTRVs5v*HsUNOv7B
zsfDJCd^T#Qj*nTphq7yFX$et{ZPcCAg%h%1giT(qem`W_sQG6TsU`S^)^eN|ho!tG
zfV`}pb_an<1Z*`n)Y{m04HT$bj_x|6?yTqMhhY8kKUwuGf770-taeRU@Au!=vBT@L
zyjrR%TB$f%x`J2Z^D52m=XLSt&pftSXQF5h=a!ty$<i|aW>jE3S~8zu5xvBx%%q~}
zlbu|cpWkFu<KKB$DoQa%?(cC|o&LC7--+C_$IN|xB!pw*-%kjiI#lDkfnr|!m~*Rx
zSp|D=@&U}(qf;6GK}hxbRX!4Y3_p1IL9sVAE<J<d^>q>kTiMu_*6Dn_QG-(0)>fa-
z@yA@5v8QZ_KWsTE1aU>?Y=mBbKzI}96Imb*pXNGj2q-O9wg|iolC+RU^>r^UZ4>Ky
z=e)R^#+qK_x0#@t$4AK7p3jRRET1}YoW0k(D+oQvJ;ljaAcEO_KF-BOW&pB#)nzln
zt08G1JtgJ#Hrvb9-r1+Whfg7NWIJz!_{85diidwbr+ZiJJ!YdCkH@@8gjsoy*Xvci
z_WqE*IsaaUIAd6N%a3?&dN9vas^>V*$*8xINRo&S)_S#T=c$l;%{25x2_u91vqK&D
zN|j0dht(dg_$LMGoq-GqhBr;udP>(zp;C$$WII%FTs*@L6B^#9{K+*7=NpYAsU;du
zt*kci=s{tb^7d^LSP8GfbWB2`W6QhC!iKqbM&s!A4{5trOW$(#{^9UekCM6F>t8D$
z5TzghHtE+@fD!38uJ)T*%dO!2fxhvl<UG^(s|y7SFzkG<`f4mU{ejtmN>!18*ELFR
wCl*<0iy^d&wp)UJlXMLrIQsSf?<XqbzV+pjgs)z-gg-?6hW7Pb<@-<m4?OJTwg3PC

literal 0
HcmV?d00001

diff --git a/docs/src/docs/assets/lobbySystemDiagram.gif b/docs/src/docs/assets/lobbySystemDiagram.gif
new file mode 100644
index 0000000000000000000000000000000000000000..34259d2f7d92f307e3ec2915e4f106ab97cf2a99
GIT binary patch
literal 29954
zcmeF2Wm6nXw5<mi!(D>AyOSV;yL$*ua0m$m2$n$y3+^F!aCdi4f+n~OZoz`<-1pq7
z`z!8wK6O=B^@r|SyQ|mQt*ojfE@9n{@el0=B>(^bFd(uR_(nhiMIen62nYm$$w0)`
zAhr)6z929N3k>1~%OpVvs33#_5RE)20UMT41vb4Qwqi1_RyN)%I6k#BfnhNbAt8~t
z3o!<S7{pGB10kj5CbeoL!yuu6uv7BuQiC~ZK=cfvdW-~^jLh<k9{o%<<;)mR77!VS
z(nn6cNG{kLF8`n0bfi2)m^^~Uyg(4IxB@?zl3&e5z%WQC{EtZRn5ejjs7<U`^pg00
zxD>p?1WPgyO2)6sF%inA?I_p=DMa=v3Q#Ggtt&%;%F4<rPG8g@AhrL<TGQ|;(#${6
zqXy|?f%PM*jm?ZqD*u@ZQ=0kbyrF`clVO<04qCuCto%}}zRy@y?OJO)ziqm7{*P#9
z7aE{T>X_&7-A5fE?{5{pJYZivnNKPVezj}<wi^Ea{sCh*A@I<!$p?fe2%*Ci)wLP5
z_!un?iuv$5F0Ud<0XMm-Be`KHdF3(9MIl20obl@->pv#uv%O5e?LXy(d*zo`7ii-b
zHgy+mPnGCFOG3;`vObr#C6rk(m77tN=OtDw-d1|aSG9Lnb&gaWKUY_kRoB<mcnH>}
z+Saa@)r~DS+@jjr+S;o!I&M&%j#QnoHl0ls-PMWRr_ViY6+OK@y<67<_s>I~OhfIZ
zLqC2EXPJ*Az8?R?`7_UDW_f2eRABb^@7bH@Kgr5-2iNoUKJ)YQ3(?{WZHUFKt)-fv
zrCRvX<MVQs#`0I4<?HU1@$$9hm5q&!&CSiN6xprq&F$^&ot>TC$LGDhz5S)({r&xe
zgM*{qsH3B!zyI-!Ixf;Vo{B#{K0Y})Ijyxk{f{Tq*>vIA!SvbL*?Fh?`T6<3fB!E2
z1ND4)d3p68*Vi{UH@8jJx3{-<z3zAa!^7PJ>V6{d{y$L951Yjg4-b!vv5$|BPg|K!
z$AwS-fqH&E&V9b9c)sj<zMXu&Uwgj4e|}hae%yV2I(UA5Mm^l2Q1>Vl3V;GIps=+R
z4fN$@brc18`7zM`(*wgD5QO#L6!(8)!2ieu@xLPZUy=O(ED|UR@PtXNQk&No3MJ-z
zGg_NJfFNK}%T}o?7>c0~a$Xs&D;$ZZmyf1atuGo&X4fx&GgkloM>@alc(!Uo@vpDq
zo`)-A4JDJguuv=-wZ_uvLX~7r^YO;A*%F;XwQp)o<$o$n8k|?hn=0mOtOlZK)SD|8
z8ysiL&3`mkEw^}Vjek>bsb1~yy$AyJw(vzzTe2R{s<+l|3`7zWAOBc5&2oxnQqR$7
ztKW$kQ)t@gBbU$pktZKRt9f5t$`a6%V)3iJ>1f{I;Vc!sqxpEb)pLL(91ZTg+8c^Z
zrxlRT-klr6WjWD#=eS5g|0-9jtNp62bpFlyL|4a6)rdd<icY(`^DaLdlxsQJ-Q}O+
z7SNNc-P0WyIpWE`KGM_kUnv2zBjG?YM`SRRwG<hGBg(EHN}$BP5k_L<$PjF8Ub+!M
z?Y+MdtjvM|_Z<jy+>Bx`7SC7XY~J6D;k5^C#R|`<Y}f#R4qI`O*OBz9(qIm|1btkm
z?L>a?P`djUk%R4I9VL#P6ayotom3P1vYj;TkingFs|b$W47)Um9ew-avfV7#=CU1a
z^|j&LuU>Obd*7`7jZA0zULWk`1|F7?<ig3E_w%i>+V!(*??(0mvCnttl;U=w9P&xm
zJ_g^@ZLoTaUP>)3eJ=2J)+x?1QYimk%otW)AXkN2a+a&XOVcm=juv@T`TX0tLZQ8W
zoJ+PFkMwVCNznazRev=Zvby2^{z!gOG^Vmq)-c9Zc3}<3;|S=-m~1Kj$HEII2!B=G
zG?0aj-!5II?p|`zZ#LVR`o!k`>Q-*t_|;y>VM6!W*$>_t6gb;i8%Wj3QwIP%R`&{D
zalPmRnYmi_V-1uO4CBdg6O0h^RT7U<&MW_`zoEr(|GY`osWpCi-V`^;qWvK7^I_ue
zhYHaxjrUs5Lo0EUjPW?VzXb4Uh<_ohJMm^zmpip)wWydy{xF(-X&MuA!@csi@TnBi
zuq8M0n%pm1rM2AWUlovd`LS|6xr0v7GG(=lGPs%cVOy<O`>?lC-{8_Ri}!N7^+{LC
zo`N5w^wjtP!1^4^)K5Y3hZsuNeAqC8@!K(MlEE}34^Dh;fCG@&XLrAzkmQ<Z-J+G{
zmDowMt(Mp${)E>KD@d-^74ag`g<*)CO;2b9^zr&nI86RN+x)Vn`CCE|dY&Mu=KGF7
z+EXDx%XoT(SKx=>M$r6vOw5+F@>UU`7xe3m!QIYtc4!#YAKOvMJV03Rekc*UxTVsr
zY&b=N^+z6J#C<mzEVvh+=HIM^+M!R+qp98Jj0-vdn_w?G5q>b%pb8gvLYOp=5lUc%
zaS5RBJ9vS|M*b72-^$h<0k1&-8FKGXQ_2IF6K)Z0YSc(C@#G*68#F}<0R83stIxe#
zw4`rTFd<1pQE#TH_f&$38CzSf-u|MSH-mupN(kBHbfXQn*GW4v5_n$MGR?7rC8ze|
zn0(<>$6TAgelE0R6utjKNrHvnL*5+<6$pR55d(xsbih~>Wt6^BN@TDne|i&)zAyzR
ze7%Q%MktHV!rzNU$w2T=H;-6G2L_#?Cm^tQ_iXA^Bom(k5EU`d-t8+8>K&-N|COgz
zwu&W=Hh%fJG!$o0W8m&y7Ym&^1dG}OKo<R;!0dhe$7*7TMDeg#{QE=)L9-Fo#nxW!
zhz}{~0xX<{V``sUiPGwezRS4Yp*r52)Tj60?DFI4{Iq3l;QK*sE|mM?my^*&*5XR>
z90{lm)8oQPnA%}u;x?(rDJfaQ)K2!2;U~HmJ!W2H2~i|6l6<Nm)w8vi)8<8pct&W}
zBXJ~~HejqsMXzwDXiIg0gPg^gh+3g5Qb-yJ^a~3{YtwPUh$O)F%acV<tlgs~=?&3E
zh7wUBsbv)D2ZDO#Fu3Uz*wGmxynL&1GNIwLO2}~E{jC?uy}^7zy0HQ5zcaNHdTHd)
zAQ&DDw7-R6;KzhmgHkK3N%>JR)fXxrfYbyu;qsS>St`lgO=a3&oH<hY|CC#ZRBUgR
z8~1U}aXMF5I%pofUcR4eMNKqS`}{hxc(^zI2=uNEmvXfsUtSnd5@iV7c6!U_KNuAj
zT894VgyQKOkKH$~<ahb%wCLC08IfM}sX{P(1zk)!10?A=z!G8th|)F*24pNiq}Qh4
zWXL`eM-u?mW*;7%h7Vo)0-QPwi=^8mEjvSz(J6LZd}2a@F0}Q{D}y?KSZNB{kmHEd
zN<NT&Ff;%?QsL$H0~kw~iME;sZBH^v=JVjzkWuGI$76oH;+s4#mRQK=j75AyAU*!x
z*LUa^vYJmPg>-VjBD=SMi5IV%V}J2LL&r9(GGQkDB+X}z0+rTy{uG0ZtaVYkKYQMn
zF3@pLtjC!74854YMGZT$=EdFg+0tPw=Def$khtiv&CE4O8$$u3&Bl49wl>v9nc*%@
z#FKDnk<O@J{XxHb*^wm=Ha2q$u<H}sp1bma(B*{YfzaC^!UHvAxK|jw<0Kg5ety)3
zsy^#Ut!36{R1G<iuL8~-Puh?H$PP4)W5QYcgm-_M42E`w$M-y@uIT^3S;1I3aE6h^
zfkA!tI{hx~*N+q>UrWC;@M|oFXv}?F&nQ}%FmVxy#+d)cGFI)+6KWZ6w1Cba`WzQH
zP0P33WVecF=mNMo=`SxyOo$#do5#*w4J>~Gw6u<WNx*Q2WBcRSwQn__$n_VkwoEjs
zvmeI?<J*<&qF}qYB;xB358G}EB_=HawlBD?477W`uES=y@Gr?i<9vj7uO$!NeSd6k
zMEn{SsXPY*6E-t8m{`IDB-f$rcN+|>4X2}&_zniGE6@9<SZ7EqWA6Tg`LuR928XL)
zUvs?UQdSOD-lfoN{|M=I$Ms0sf4(umgEu-aXTRZnWKantF!(IL-0|%r{B-_Ej4yIw
z%-y?@EqmBSY+&>0{JNFc>g0jiXH|JA8kgUi#>xlN@*nN*th1+8IS0%!1{s28&n*O^
z#P6<JE2i?*6>uL3L=%-oqTjq(ts2=6X{s3R{$baxDG2E6b9g8DH7kH5_s&E@EDoO_
zo8E-{J!+qr|K^9#EUkCsr<NWbpLVwG6Uub@6#PIf4Kf^$iFnLQDyFAtqn@2%QOKe(
z7Rt!J^>^Sp#G;EW=*bGYo$igLjJsbFgg+9LyB7rR!*8?#DAD8bG`znccj4-@x)XC+
z)hA#r(Kq%$=O_X4!qj+_aTn&_0V5@ztt8SsK!4^*D%d_pu!hL*_&5&);O^qq?Gadq
zp%>JK6`Wyqdi$$QIXy99Sc*bq=3Z)v*vGZtJAs1?8}Uy)Kv1{^2GE&s!B%EY?URz-
zF}WX!gO5g<UpWM@c4jBj>Z73YR*5}~J~2#VAxwMJX<sDV&^P=!A)Ku_+#G6QNfBX-
zqQHM!>Rl8X5gOs(Hy43>8-WC2gJD3m-IpJ4oiUY&6PppQyh4Dw=4>$B&_pL&=1BB&
zr+iUogd@0^l^`$$1C1V{(?_095kkx65>QJ1-8T$J*RIn<U4+bL^f#I)44Qie1j1i?
zPO1AMG4F=JXT91EbNKCNXp{Sx!En$yKOQFxIOKuj(Tj#JZutU$SwevQ6KE2$gV`5u
zlELl=p2qK@$3*0zNzr2_=->>o5p_EvY9kQWCF0ISh~ZX(QK-ca3d~=(vD4yTUcdda
zP-?lHVPkXkWkWn}$2abvHSYKpd`c02v2S+e8~@uY*j?Q3p%I%h0WE|cQyhhf`72D+
zD>9+bQR)*EuXvwiWfns$Dmg3xyPV!4Q^#U2)j|y!JH`H`RMC>h141?CFxUVEz|bm(
zL!~&PVe>@zPGt0Z2?Gm+mmVOp@DRFQVDUDTAEq73pdgg0jko99#EiY5pwsgk-^U4E
zHxC-$ia)Lcq|^auA&rN(H0*lOu#oC_pybR250I?umqdNZyBHbe&twL#nj_K#>eAd)
z2_`}5TrBBcWrl<v=?y9AV0QV3!E|b5dL(H^sA&cwGb85CI1V#2sZIN?H0ogx6EsCJ
z7onTI_<r}dZr);ooM{?cpVXIg+xrBpaZf!Ck=NWH4BT3^DtT!^l%jr*0)e`SL>EOG
z^-Z#DdYbS1wCRH!W?8jXA7y?Kg+-9<o8R~k^oTv?w?lim`2{)O4usDnQp9C*bscgm
zqs(6w=8_HOqDL#eoXv&`<cq&g2p`S{nG!)bzX=lJ;~m;OP2mI2ZP1GF!!Z3E<?^VV
zRSVDa|2YxKY^&@D6@1FiKaxljTp|{EDJ@n`@$z+E-zbrk8u>jEt4s&|6+Nl^eZe?+
z;dQ!}BD8?`ybyG*B6nD@Bdq(7pgI+m_cHjqEJ;z+d6BtVw0^s};mbmE0odjh7L9Yj
zkIZ7pwgAf|A#3OF<H5z2Ti>mgibJ+au(teMD6`H#k?(C5y+PfV=yFo-4;B}gihOxp
z3dkxkcv)tyU&dlvn!#BXrB?Rwu+)e1dv0{8O*>E6Qdv4>Y1Tb|#p@y_-%|g>;$6ZD
zGR|1vtdhK}@_D^7@O^d&XSp}@JFG3Cbi8CpwiM<_G>%24++J3Am`M^{+4Qosm$QPK
zv9hMTd@-wn<Gj)mEmujoY+a}F?_K8HlGRRo*<O48!TtLcEWBf^3MoXj?HCc|mI68)
zGo{IK|A6o^55kuRz~#p<Ji`hlO1V0$I>n0JC2_)isKEC}AYWEsV~QJy)*XMSu~DtM
zr+oK#Sc4&eM@djiEsJlD1Q^m|#^!+q08md#QJffdQIvm!I28-&*91bd28o9TSPc6s
zs+x(+x+%<evR@n3T-fBl)^OF;WKY!;F?(eF_e{|t$P@+fH{;(};bFTp?oU~%ziPIt
zVATfKImm|?7&W^tH(P#aCVSPunBSbe)9mfvqKDoh$<;!O)};4}0MMa54%ft*LesR$
zoK92YA%NiB=qwC|ydlB4e_L3ikn?O%OGW^y{I5U^s(1f>*+&8lUj}}7Nfgjhx0;7L
z3&0(N;|yEj4D#dj)8q8&bo6+1w0`Yq@95}U?&yB#=%woHf7Ll?);a9o*>2X+%il2o
z!>NhE83W+X=HagD)cMUfG>%u7b+lJKwAa1r7)Ql)ZocZ?HtXK?@7}KH{CU(l4CtCs
z@0$A>FydFP+|gBe)LzTg(dg2#zufcu&;y|EZL8?+pX!{X>Y6p{x;<=czb9Z)H)VY#
z5jbd3&<lM%<*|pvc;R8`fdsrY#HuHO^z>rwrlG&^z_ctgEWa|eZqojy15SonNL#(L
z4>xiiGCD}Wj|QOWCSXQ-0Lc^j>E5TE&f%8%<4*VDj7_!QKD5`W<LFQi=}6)jycseI
z7&6HodfhqnW@X6Yamb2#*hX^Ln0v_n@8BeM*H|ykv<L2Qv#!m?LVB~RPRcCBfI-#H
z!O^L~HJ4#sjbS+TXo%!!*qc%FzazS_!^fzKVb{OIO4;sb<GsAHgX>m<OYlLppM%k{
zqx!C+Igev`)Z?K)$NnA-`gaa~c^ppQ9{F`x$w<}29HTTTBC$~m_>^bsxQ&0u4-G3Z
zyw$g}?ZvlJc2LIx08?xIf%Z(ImaJs9kA(Pr`~i;MAf9IX%tCYxxXBYet{sS3p|oo`
z0e6-Fcd8fXM=g$e_Jn`u#NU;PlgEiO>dAkSlb3HMuLCA;vnTKWP8@U&?)}7>BEX$Z
zz+KMktqpC4%C@9ZPi(!J*jt&@=$s^ynkF%yCJUS<!ktD@Phpr(;m1q`UHmHjF}3YF
zvA;4&@ok2)YleGu=D2eD2Ve?aa|(>2X?|Z}g?HWy_pg7RQhwn9sY5osHwt{1!WvN4
ze0nXVY>%6pAPJ&J3mtwpHY|hjfSzCqKm$O}5<+63$}d5n2#5Bc^9iTdxNEhzOY{?4
z8WTG|aohtZJZR=WNX>hh&wB^X`+l4E>zWT(oez4Ne}6pZj*E-NGlfxwyNtwLuN{Z(
zHf9ZpzYUyolEQV-TnKTSfqz@f>RQZRUCeo!PuE<Swpv((FGT-Z5Tlt<QlE?AS#*|K
zO5<6`m0E5zUv3Uu_Mlk`*IfMmZ6Stc<crjZ_QSX-q}9+R!!8dEz^{HVr3}ggOyaIS
z9e(1DCfMx9??^!BHu=~|Zj*pwGAZH5uJs5{Fm~6vT$$E%<6@gz#9ov;z+HvUsrlfh
zNG;WBF5G@wzwcUqTwQ;DS_jY~(f@nNSRlbc$XmDdh(O%=spVB9?njD|50WDRdus%=
z>rTIrS8nUjwGG<m4SL#5#<dMBtwo#@Bmo{C(OPD|)L5dk3mM+}zp4$Fz;&jeE%BVK
zm)%?8QcJ9B$jB!oVbB!!+Bi#Hjkl6%AAwQTh0XmGwqtEfxj43g)=p(FE}!Wt)`kI@
zNaz=T340@BJ~ABRNH}QP799yO)Y_>-{<8fg{#BtyFz&xSUB}VdO8K_u*S#08wioog
z2dCW+k=_rp*pCR>k3a?O`Q+e!|FQt8THw^eJBv2Wyjn=&#rr_J?lrL=9k&<xe2_<b
zSRj2^gm?ID4f&-TH$JF(Q}`ftyQ~6tFT;H<s~Y!X(Bb!-qxSBj&b1@|pu<@Aqw;5D
zCGWwJ>Vfz%!BqnWR#;Gaq0sI=DCncb!$Jf&QF-K#@@EC<h{(vA)OX$<;V~xl@!|RM
z)Md9VstxXQXH^GY?nh_tN3qhUmlmhjL8rGlr}y2bkJ6_B)29HsGjy4=E80_V%^`?q
zJEm%r%U!+>Ec2`6<Z}E(DfSFZcM8lsr|db8eLkf|ozvHxlH;F3-whIUpKVT^{i|5Y
z%{t+bIVV3kVM6hpGFV=S=Hk+RzIfSlE_Aw&`T1XE^*@sBmxR{%p|t>2dT1;hOdW~$
zOphz711ZSEbfgF9r}W8u!_0y~6m;-R;|ThY0974G(wQ6qKlq>F7iNzyi%|RvD-a0*
z_B9g9;t{?EjSHiX+b$g-&;i9GF(aoypL$ysuXgM4@c7qHNaN39*Kgxcw+VE2NiugS
z+IIoEcNw{NSv_~D?*>^vFGa2&iqf>0rYI58?M0p5olM+SuHRRqZqrfs^)e6HHTN*O
z`{AI!H530j$BPlU_c_`R{W6b9bPt1{A4lFj<k1}{Xx%H&5ta}Gn-<ZX&Tt(`-1urG
zf7upHpuE84vuGj&kY&eXkSzXZeht>9r^<t@9j6R~JT!s?V5wE)6YOhq*^mArG+Zlm
zO!Zs9hBguw0=l7DfoNNIcpuH>%PYrai@!(q1`h0N77n}9NCg33=xwVcv1sN{V*&tb
zX*}lL!fm=t!|%vA)WY@?^5uM?H>AMBNjB{WJO;HQ$HZcdcl_U^!?QlTH7GYU7yRy|
zPp#$ka{2u7g~4Bw`nSKZsN4UqCCX*-lYRE^O}pOFT2~Bdp;5I(AEP9diHB)w==6O|
zI)#NyBUUIaGqlaMKlmK*Fd)Vz*Ipk*T)29(c;?tAO<XRrl(uQsD%>LwPGffMy3~Yn
zTTd$^x^Z9Y3OxGgM!0g=edNt4>^3Jn-K4x)?@e=a<8}C_>!3NuyyJLZq{*EnefHLP
z+gdf3t&3X3tVlIgX`R+G$Q^KT{O*)D+xND53uU3i2dl#(uI;@LT>c3IVQ9EWMK1Yi
ziDRxGRm)-X4f4z5ig{_W;K=|56bNs!bb7wF9-g-TW7fxG$U$;M^FWQcbXy7E4GJjZ
zdv4b$<GMU*F+S@tzZ=RWQ<$MA&s29)x^cb~P~&(7v{K^=1b%2GMqD2CFeQ^D!1zbF
zp|TUB3Kw-?>o@9347p}JT66V94O*{G2Z>cu|7|yD%bceOO^MNYjmq%#WV@n%QLK^(
z>PVo%g!NQzQX2Kt54?mYWQT-)t0>Hp=yY9Cxbe+O@F`yDsp-FM($jC*u2<KVWzp1l
z{cb2#LwC{jLUwNrC~9JjU}-k7jaR(ZOig;*Z0e9JGB^J`%vH~JfxeuYZxI;YZ1%2)
z#oN?lgyqK63H#6W(Dnyh!)e9uJYp7~Vn}@~{EwyPE1c)w-f){efW(n~8m}~~6u+j3
zT8ER{w^}3UB7Ch=8H-zOV)%kubpmg8Zn#4%e>ZD}39z==B@^e|+NBx~o7g%_bQ>Xq
z8~)6_O?x-IxRK(y+vboiZ`5L&8GP^KSQt-sXuIp|y||l`JM8OFS`yKUI>-%{P8pg>
z5xuplC<8xOmkqEk8&`<nz1Yo2bWgM|o=mHAZJU1Ke^R@#X5t1|q%C#qMopw5L(;XV
z-VNX@OTHf>G<JGFLWg)fZ=4OBex2X4)^wD>wAbl5N#p$JIjt-c@PV}9ndGbvSd%^9
zuZobmmXlBK@}AbLnbWUAyD|H?K1~wfk?@|a+jlEoS^93<P_O&bUM^zo@;~2WwH8_8
zBjtD8vX{fK+X0bz+^xfZ_K7#mwFtPHA9?b>UboB*==*h3;&Xp0#_zjPx7YI-g@RZC
zKv4WtoGCa&!3upxtj9ZFI~YIA3TS2w!!()-f&Qj@Cfe!6_MSq8E)*gmisJn^Gm}A-
z3LBp;TZ#yq`9m1ItZ@Wd`+o~WMhFgWpjl_g(_Y6%h-l;|87;^&UcW;qDirLf`SuWl
zr=v0+tVzC$D{>kMM03{JkTta`@}A(TngeYqh8!um<ECRB8aIh25lW)X0={p(Y^k?0
z`dQ1T<LnY`X{VveQrC4cjsI-v+eVdT$@HRq2GbZwKPdvZXA-%*Y-k82RP!WflAsLR
zETowHny&?uzmYJrR6)iSgOXAL8w;5g+s1>l1rv(BSg01sen|HxrP<qk$9?xg+3Z9x
zHpSpAZ@7d;128#b1gAhCu}#B10u%7-O|f9U#IILs$yxKLluVJjHce;e<geWqyJACQ
zEgo^R+1Q+W5`Rp8IaKR^Iq-6joCRusnoH)sY;=%DMQ8_3G<<skviIJ;nDWC*$%AyI
z$`U%$hx7i<zk1k{XHjd6)cReZ?6R*2N!I;xm|RHXwyP}rawab_rHG|!U)6A_C8fGC
zm-QouiZ$hI=CIdSktU8;p6#>f8wTH{cQ}NCDGf;QQcD3M<r-#w22rf3Wj&sU`a3WF
z#ON88M>ZZBCZ-uy#U)qZKRFv8v>Mb|2vxon;WC{*<ZG&K%5(e3B{)fGoZp{XP15B8
z+siT*JWj3YzpSu0zBhJclx0CEy4obd7E~!k>*5W^P&O}K>5j-5)g`m2SP5X4YnWWu
zWiC`wzB)1;3=wU_rr~iiv|0M)eBEeQUg^N{utYyRSKsiRN7fD7bj4<_sZCMOS?b4Y
z<fe9O8jJh;t50u6S$*nz46B2^V;0tw<^yJ>Tt8NsY5!HaZW;psz|G4VyJ_B?H(aOI
z-~J0HihY`DNI`%Py=!l6j5{uOz6PFu)qd)3#s%E=2SsJBU18li0!3>j2_Ik60<4H&
z8nrY&{_9YDw|>&Nz3>ex3!H|eHqePjuQavI$GF=jbwDqr3itSep6}3;^LfnVi>>)<
zhR)dp0mg9bP3kS@5h=30cx@_6z$MzKk5^?(JW8X2neXnaCaoYC@Yim-JAE8L#S>p6
zX~p$!ZWxfzpOza5WQqBtVJCVaGTmvao98?3q-D+8h_i>B$ebuh5wcBYh!zzV?^Npc
z%mYa|eoZ37aOoAuC+%`n3KglN80{mcU2#-1UYbcC_9_<Xa?<iyn#~1&ELD_p)=OXd
zU83}{+_1~psAcI-O~l8_w^A;z=a=SMM9*v)c$}bHOY=R&_4$Oj|Km#k^gn4(;|Dm}
ziY+g~+#A%;A6=b|UkzH~H8eGKxjjb9jnD3Sw+`XHVHEOT*;5j;c8d*GC|O=Twcv_2
z#Chj8|4?>LTGMsa_3o>v@603Ex0mnU66Jxtf`s5Z2JC$`vlLy~z(@EFvPi#=HeT6G
zmuK+3=vs{NS=pk4d>U1h{*aU`m=sFtGG^HQA+2R)hY!&<7!&=kqI_;wY~<6#$8OJ@
zo0UBoh~HGWv{wQ7>b|nF-%M(^SFzaYfi}YL_q#ZmeVYq<y%E2;rtXi`KC4HT5dVcC
zY47^<z=J=_Y`>xolgpV_j%nSB$j8dObCMEI-i`Rb!Ni>CSWdBWoAgIcW~%-{qs<Hv
z>O_)$o^7=aaEziWo}usY9Y>G=+SNPE{>;XW8LwRo+O1XYb{pxw?>@~{e$qzMVIF~0
zUR1d1$Xn$4Ej7%FTTlj?DuUW)=TU1n#JH>Z3!)FI!_N$ZsK9@jP<VB%#R<B6H;veO
zT%<zo^!0zSi|`bH7$={ws7#sucIqhTs*n`Y8z!@h2BIG<q~BHkY}zmLe8C=y1^UnP
zPm!Sqgzbq}IglUu7c3M?zbAmn%|aCU0W<_arMyt?4D=Zj8TwnQTlJn#tsyiXG9mj2
za}zYZ{U%Jwct8G7EI81Z9qhXx6HNs1(n)Lz?p`}8J@AKOr1ZIYBACR{+zBFm_aUAM
zu<MH6iw@ZJa_{JVR6T+0z^yEyMn5SxG}Td79u4+JqL)Ol`(s8V7fGXM0vc98k6xrq
zaBnZM3c_zHl$;$7rbk0bCm@($+-xSXW_jp%jsPkO(8Opgwn;dn&VLyOMu0~ckt2Y{
z7eorg`a9bVE)7<Sg!tWt($x-7A~Aw%VOK)^H%xM$6Cf<~=*qrmAd_IVfC2IBftQ^F
zl7q1lc>sf3G*Chax_BjUG~8J{ROc^%1`y74fG`_Hf5jXu?9mgjA4abO$8!uZrtk4f
zmisV;xgtc#`#Y~OlJEln;?ybR*NTqW8*0K1^*%#mgJGL503?tQty;JsLAcH>h8Pmz
zAdXIb7H-KN;Xf6QKZT}p3*@8+==8>l!Qo`Bq1wLanDiJlzG3okG$CMgfDRDq7@~Xz
zd})Q@tAjv^lw#;k0fiF)F!4yuK^X4u!P_GRXk>`VemGG8C=jmvsYuy>P&sg0`SZ_M
zuvM^nE!fC$%rX+>s{`gC0P4bkoTczLXNVv;2-gZt4jK+42=($%N&X2`5D&p-2e&K}
zI~4Wr9g(|s(mA_EMz#)9{caA_0n@PqK(%mYN8s=%LMj7p6N&ig3%997NSpy^NuqNy
zU_TZhIG1qyS{xtWkn0~fXpunANQB1}9NQ868HrGY0rUXT?^V#4bP57n5&q&teozbs
z6P$#f3V17nT8(PKPz0_=sPF!dP=H3?3Z!57rx@&~mr86m309Efch9`wKZCFlg;>-i
z1%%WJo$fEhi2&_MzO~X-`X5|2m{C2ZK&g-b@$O7bd>Iim3eoq4;lTmC1W+fPU%uiH
z(u|NHBoI;>qRt+{)TjBG0)c-P672f}iUhX@XnY1Jzn4^FR7eTZ0S!vZ1tTG*qv$v~
zaCCM!v5v;HYfqv^k5+)rXXLND|1meTgG(nLvO^)G+8RLl&$S47c62-)IPtfTA?jcp
z8t4TT07emcMI3^LD~_MpzpT#~8?6;JF6UJ`aa7d6_bGx+1#av+$S;oOg#@B6gyr@k
z<Zsac?1RRRh#N03uF8)_jj2{);$XlCR8s9V0YHOdD#&C;(^tmf7LKBYhnen&^Pd5h
zfnzvD)9QZ}7$_pKK-0LLGu%?s=t#X^;=}}`&_I<*cJXl2(r}MUh=U3I&o)f!Y!=7^
zr=l<jZkQ$s9(G-tMxd)V-%e}ohz9Wk2T39?8p60df`w$EF8e@=(I40}!8{q^udDu;
zm>_unXwv~^g9!8mcX|O|!qEO8WUT;gk~896gEy|zGY06Aq)@3;!`DrJOnVK@Sqwf;
z4O8j#1)j;hADp_u){!YSav2)ubn4p`PI4sq6Mk<{*BR&SCh8v<&R2#I%g_iO?W2YQ
zB%skYZ{crDWD*~La4qy1ebAG=(xcq}WBFb8hj55`pgKM&6!jx^*4Ja|<wqmOKiZVF
zI_&fdg1>(hnGOLN<QZ0GpA7)-AAjLjnOqc2dtQM(pz&1-9e|YiP(NdrSmUr|h<9Ev
zWhsU#ER0(RK<|i<GY10l;1!n$KXD8mU!bmz3i;?Cu~C4Ec(`AeGL4m*k`4y%0>u1D
zPu*)F#A6g3siK)T>YoRKs9?DJf;p$)G2iqPnKhFFj2fr(1A1Rq?Ys_nT&krp3zstG
z|A~;Lhbv7X41E>f|3&yWqRE|w!Foe{BgZ)tR223@Bu$ijXK}L(=cxlbvsp?H0-!k{
zJprm^wb2kF9XQxAxP%!h0@D9XKTKo@AdW<D6IMqZa{(m&B3|DrV(bH&x!)x7Ec4UM
zX0Qy?nG7hcK>R5bFrdMLz8D=}WbB&;zx>jVC&hXTu-IU+z~i^r9-3oWf%w5NUcCuc
z5J!Lh3o$K~$AAu7|Li^%3g*-q-l@c&4pf@i`CTn%?rXlvGn@5WwKu>mHkSaGrL5>{
z6?2_c;^8MNb5)w^Fywe->{R695cX=;(DdG*DY`|{u8#Tas%W4`xB+`G4ZQywmbE4+
zl0tYRMAq74e{tMQ24g??`HOYdy(OV{_vBRx6)RSuiuG^#IC|bjhGOd<*2c^hP?ot3
z4DU^Dt)v%tRvf(MoDqavYt}rhwqct#)K{A*w7GJ0i%mgq+rBJQMvHkqi!EX@TkfDO
z$u)L%JS(CJQpsH^(QYVgZcDDagcA)(IA_IWU=3edly$e0PutF{h{}5EQPe6`nJZCl
z)@r!e)&}qBknQNQ?&yi`=qtVbQ@%ZYWvkS^G0PrZNb$p<c;|KVj@j_eo4FnH-JM)w
zbE9Fq*9>+=2f8kg5$;nFPVfjj7}%B{Y(oLICIDOI?ON9Ex(x5S&h5JG?z&&^z60-h
zknO!^-TNTA=c%;kWwiIve$U%`&nIHfH*N1z@t$Avp8xP(K)1a!80<s~w(+pHQvo|>
zfZg^Z3{N(VCbm-=wtiPl#7#xGM1oQFDqwqedk1fOo2mUTYx~w``|;p|1hRuf)`KL`
zgJh+H6r+Pw`-3#^gY<}ljI@Ky;)AT_gRjE}*>eZqb`Nr{4|2iInY;V>!~1ZueLJfN
z$5wEt^nO*Ib-2a8u@bJS^sd`zgi|Eg(JJDtNksIuvmM~5mh7mG^{8I-s6pwd(dekj
z{;1jes3qd4HSMUa_^7@4sAKr3bMB~X_o(~&s0aMFm+WsJo=Z)&W3@flF*3qwG{Q}M
z-?G`1N!q5&o|vV2VtxVa*6Lh2;ap`OF}Zs<MRq*RdORa~Jgap4+vxa@{qdal@qEPb
zLfY|S@$u4sePYAMD|5%IyT_=t>*ICs36kt&L+S6Nmg|s(>+oEJ+Zj04<B&Jl*?MkU
z(>{MUGBO$&`Ew$|r8U9{`PXsZ)sf)zob~jd=;?*h>7~)>mHp|p_vuZ<>22ESUGeFC
z^XbFz>Eqn#)9&f>^(hK`1|a|M?)E^3ygR#gKbeTwIRSs6z<XBNw@P!5khUhtiHvcK
zb{lp5wdQ_u?Qse|Cm=s3WIHDkJ115?Cow)JbvP&UIVVS)Q>352C^@HWIj0&qr=CBj
z**mAbIj4jCqlbLJzd3U?Iot96yBp-e=smFyPPNYYeu($us5-KBABwx~;WqV;XU~J_
z<{uyAf}i|CfbBw1>;fgEd?9RnA>wc$>T@B6xDZdjkSOsKGmd&Wav?c?A+>iQeRClL
zxrCuU@UnSvpGIbuMtvQPB2PKPEIAAHAo$~pA9n`jZn;z+xzw1y)ZDw&y1CSbT<MTs
z>9SqviCyU{Ul|x*89H348%G%-u1wOeOiQj_w_KTxT)pvejfZ)CWsg&Lzhuij31aO1
z?TC+Mjn%1h{np{y-sjo@aqXCXouCut)N<`Ia_u^Q?Y8G_kseh!m1N0hGe+j!$SHNi
zOG*_S|6q0F?Q`RUxbaQD`Q+pCH}A%O<R)PLCUEa2XfmEY_)M#;UxwD(#vy;4m6Q@K
ziOc#n!six&xJ5;#-$s@A#x5jAkKD%2-+tM<ja$FvUW_-9pka%5UiD0u`;;K|DOKMo
zHO=QP9dVbDewSHtmzA4fSa+8_fA?+gF6ZVh7Zs<mnBw%}Q<9IDr%$?@>Ycy!eX-Ad
z3F5vq{l2W^-Y@^YV&uMZ{=RDOz8aDike`-^d7UJ7S45uKTKBcl_@T++q1ng3zU*sD
z`a@gELwk#VM_X2b*nOe0U(0z`aoa;L`C}j3WB=!bR<XxH<HsR~fHZ;ZM#6`#y@zf~
z;$NSrmir!m&OiRzdz`p=oTQ^!LVKEKdzuk@npJ+99{DzBo%ge_;z*V5Ht}h(<Y}qp
zX?f&n1wn_pnSNTkd0K}&BgvnUmU+QGT_N+P3)%%c4$r$j&wGd<%$EiGCC`T~&qpIc
z_^%n)WP`%)^Z!CnXXL2!$>#$$)P*wY(inwx&p><_<nyKNKUel{KG&iE^)P};ENs8=
zDSd=Q2BJfVxE;^v`@^uv1zq>g7zQJW*z_tLbr}Hwa<LD8_s^L|6Bw0~xZ9@b##1<r
z>s=52vHVPXVLMalbiq22{nF>3fzv;>sXRFZ5s!0<^>CqDx}e+PrPElB-uH=Y=PS;+
z%GZ{1$A?#33$?Pz(L65K+)IrQ&Gq4?O*|{DANFRdTyA*RI{j|e0)O1_A$vn0#JrF5
zH5;hGXmTO<zqbN*Un80Ht6lE|?YokNJWu}K3GGjrh{f=_-3uRf7U?&*AK#1ot*Ee_
zt#*5L`FFY9=i+2lyyX<xkC+5$J&OO^9$!T_IeC=u+MO=ZuW?^)z52VPZ@Yf-^vbt)
zbs(8<(zo;O@^F4jVe(n(vGrtYwgx|_`|0uCWpn)$h4Oep6SoRNC-S8aseF+^AG*V{
zKp#eEbe$JQs->JC{=%8v!jsA`gEoRLTAb00A<5Uqm9?OiF@~EVkuX+ZJW?S>1goUr
zi$q*TRIF5gMpT@v#e9B(BIV*tjP$U|R-$G>L}9Wn-e_TxjM}Fi2OXQXw}GmhW6bF&
zYrW#{8E><czbC=6+IDU1>hFrZEheCB-$L6=*>WcGISR8r-7k_Se#TPE&3+Lq!Cv6D
zn#o?+e4MG9`$g^LpMvDq<5}4Vi}nM})DQOu4*p75oMnQb*PP{pEM-pRWqwPXm0xrv
zoGXjEUvpK5GxRxEXRj@B)dswkbE!>xe$8D!#`$Bm?#Igq?nVv~DxRi4*DtG@7M)#=
z%9i~ecv_#WsCe6Ux+SXH4$A#m+K<{Fs^gCPU-5M@jhpdx-zoXlbU)oc(Dk6OB+vZO
zhy(ch*I#7w58%qT)D94;2iUeSmwyx(e&Nz7Fhb-1Sf}?*wv&34<!gZ8I7daN;13k5
zx#++5JU=9beu*px2u)~zF|7+Tynhs$lEs!1o>rs^6rNG#>JpySeDx&!TUT95<d30Q
zpvau5i@As${{!pPoOO(p=;GV2fuc)J6<wmsZXMs6VR4_jsAN6016n@Y4Xv_HLdopJ
z)`I6tZq}mEw7$wBu)A;l!pJQad>?=fa4HTdPX%ydC26{}za&gk{ZE2!2s%w8Jy<M*
zrbv9NDtYgA%lmpYX*;E`=qDj5yk252C$yXBm9&aZ1ao9|Uq4s+3n0E^WykZQ_X~k{
z3D$|)7Hxvk1~4ocv2)uAt#6;Z^<=Vf08p8;!G=kxGj?r)i(_$osi)s>e@|SZfQB-!
z)SEhjad9}$qJ8s<=vwm7A(U33x<vzY|8&p^F9D%wB%8P-CPVln1R=u01S|zy!Dz1u
zAn4JjJ{$)K252oNdi8cNA#ekWQn%O4ZUcl>3nPh6B=YwvfKocba4BVBe*1k9tOW8x
zwR!}*eeyw%6?7!VUNWp?zz^D&W81y-7-R`Ho=;Ol5U>B52z7!1c^-L0lv6;XpK=tQ
zjsR?>_c)3;^!V%&2z)^}M8CHW&Gk$fb4(c<bcrOQ(HO&^f`yq(Vc-%)hRNJdM+s`k
zk))mlV^e0}E5h<H<IjLJ3jln-3~S#44<I;pDz2iJFX$-4lEgMD8x>oL@%b)>2I0Zj
zh7JIrnQM$mRwIM$D<^5R0dkVGD#13w1azJ{3}|%hz|Y&Z1l@09g!ranVbwso=qUhz
z-lLtlAo2gTFWTK>(B2TJNQUIgeU4=UDZ!Ox9SH$qmrS%z>_d_z^$NRHTdBq=EOJ5$
zKR)W{ey*Q=%a7BGfrIP~+q#95>m|iYDZr`lS7agI7N?u0m~b+)AtZuPNr8=W;VTBJ
zlAG^w6iPQBpbXeQT3-yZC0o3uO9-K5FB*u19sq|UIDrJ1WCeDGIHN<m!wl$R{HbhJ
zuA48X(0+t{_$c;5R+)z?TD{xk9oqZ6F!ac?R}PM-Jb;2BK$lGi$Eg@d_bw6!QO{EK
zq3)}4XDJ8ppU<QXGSQ_>^^(jmX#STS5bRbebDVlaoAxpSKCxTE^wCXwh?)Rk3XEGn
z!71-X44UnQa-@z5K##<OoC7AyyDPX*JswBBPk+oaQl1%FElh!z5GqAt4Pc54&0$*T
z=T7>%Vp17e%}(fKp_vuu1KR+OYw~in3M@Z=lLw3GR1z5+;&%kOQ!|~(X>2(y1~Gpu
z<E%r_a3Z6RCJHDzm&XiMWANVRiF%a3b(68mM<dzSY3?pOeja>pX13``kKYxA+9Z5~
z!5>WBCn<Yq)K0b+=Y!{~7-cbAr;Ao^*Nl2NQ;g7M#KqOP2*#wylWC99D2qd5Icsv2
zJah_^SE?udcsUmMQE<uIF14pqk>C88$_h6dPAMBPcGK@;#r#97uc`4ZDTe;s_%Q}u
zXr9Nb-ck&?un<CLWWTgHjyZw4*zl)Lc~)Ur2xE$E^OH#!sF5D3I)w%X_5vko7tp8(
zHi@<A0nB^WAgoSwx;S>UII*%}<x$g=B5Dg(Ny12m&i+6n8Ypp8C*B8&%<<5>cU(B|
zQ1@DXx^GaqgRHY?TzQ=klK<+3$Y|dSMx9_B;C71UFNXICg?TvMj=T&3U8$P`c-RYa
zFP#%XcocaUs*Va-sr<k8{KVTg4N)U6ROW*z2hnJ~t0O1_OaLzNj9CO;KpY%`fnOY<
zSd?%WkxsC!vv+?n%oQkol#jp>r3b472!_e7D(EI-P(KY(VX@?aaR{ubs&?&21cM`)
z-oOx1Z)~a7DMlooZ)2>fZC^~bnp;<Z0Z8`iR8KAnb_sE|_}OE%r@Huzdb>IaA5|H6
zc2euc<1Bg<U83gE8B;?x4?8yuE#kn*uN;o~{1+jtaHjlLuwh_IVM{nv;-?L*5G~ic
zc5}ghA8I$7`xLcb&GHRc4>jujes~%lIE|2lkf5Qz5zmiDL(^b~GGwX&I9imk3=S-W
z3pIC2y+glTr+pq6xBmF5A7yru)kekI1M2c$V=I2Go@b3_yKiwPzPxx^epkJw1u--H
zJZqC3_-_aew$tbL>8Fdt$zhrQjO?lZvNkBZoB2D2)}#g6ZE$xTz~8*%mp%FRZR>=k
z@^KV?dhB-2u}Srvb;LVbq(jrj8nkQh`PDc-4jlK10)bVmW0+EEdLJWmK*}$9*<@$=
zz=94Jt2F<4Zc$GNz2jKDi^@eEgxw#9zO2oq0+Is_`q&uc$hT#i-OLby3s2uMBqLvB
zX1>U}T1U56R08I?;nLS9rlKb)uLkDa<y#Iu8mpCtlA6G&TeI**;Ftz|m4E0U5hl#4
zR86K-&52f+<6r<53b|8-v=~J`P}3Nt(up%$5&cutc$)+3S|xQK!W7)NdB1Ud_oaW)
z9H-feyg2_|fHjsV!)+b?ixc_MJ}XkWe9AQj^V<9qny(b&;WS1O{hAEu&kVF=o2Yyw
zZM5O(&<3?$J}D(5^GgIR<yS_s|Gv@`yqII4RAOYy8D>6NqmtfW4I06I$;jZ%$hkYn
z7LiZZZ%#d)PoHDWIbrjzvf!sFBRr*GW@D9orhrcidJ??B6S2<4NJIK>laJLl8fc5v
z{Ehg;NPu@mpc_}js8Ga$Nz}ej)SXGpyHHH<ml!lpD1uR#b`*_sRjj!1Wi`{Q=E7Iq
zOp?R4e=5J-;G&qQvzS<CHpIL_MKv&lnK1+@LIns0_@SZv01Ub35IJ6EdC?+yX=Vkb
zA_XmGMWZ4`3uYzzA|-cbW$z;8AZC?_B9%C1)wCkj9A>rRBDHE}_2z9kMrMABZGM7K
z7^A!(Y(UsiUM$R(>Yp{;xH6v~f;VYN`rnp_0)`MX1`J#T!(tYYWHFH2;n!d>H2Q96
z!D3|p-N>EA*!#P25Q|B~cau04)3ooVIV`V>zrU_#F>C&A*3I%}`1_j)7W26sQzaG)
z(YKmQc7pu!!f!&gPMGUh7|}Luc+;%UL{_BT<wZ5*g<%*%+yjE_EN>Y@-&(NR+ZWrr
zvpRSeI|QLv9V3bz<5->2ik)&;or{Z|t65!|i(R@|U5ATZCs^I)irv;&-FJ82>J{s$
zu?oTDg*D_wT?e#g3bB%GB{mC5lE`qP2gCwG#au&0g^O*aS?vTdyw!@m-PwG+OMHUZ
zd?QMH<Jdl>m3+!!^D8d#t7h|WF7fYX3m7g5m|zQ>D+yd<3)(FSI$`^K&+7fm>H#kC
za2^o#9q_~}uB+Sp3EJ`YwJ^#|6F12J?~uIg2SnZs2pc#Eo3IIcl_G-JBO^*9<JhCp
zN~3bvql-(UtJ!0kOJlm(V~0y)C)mHtm3~=ckJ~McJ7JH%E{%WQk9XgXu-^~2#|ZWg
z6$7G>Rz&vJL|a__jGk$9Wx*I;dZk`kCE*sOY4+^t-eu`Q92pU18F3t$X=Rx?99hL>
zS=Ai>wS#=^=Exo{%bwu)Hdpp-jU#8bEa!wH_nITuxh%~-G?9q?Jtez1fthx_4OhEO
z$hNUfw0xMfLy~uBszsUT8_r^zvOIUr67TYoAkNZ=^3piYvb6HD9M1CM^73lVistf)
zZqCZ#^2!O$s=4y2HO}hY^6C@LnqlYS=R;8-*LT(fPujyIJgelF2g#IMp-BTNdK_L_
z?B9)?YmF+JEV!EOE1KQ8TD&V-g1A~EDq7>X+R`f8a=6-yE845MI+`mwy16=sD>^4o
zTwQY&U285)T3kt#j^ecC4Fv<VoQI(zoUBXVoDyG$$+<MLmNgz$3`lbiDpd|@aSs_)
z4q0#y+gA>|bB}mejs$U!MpTZ*agU`{j^%KV7gvr~bN^_r{PB`|fXJne@<02g(u9XI
zPk0ojYTLl*+Rypdlh^ep9?vvc)if>73~SX4FVC!K)vPqnZ>6f=T0DP@s{UB;%-L7X
zx%13>SIr0UEJRc-#8v$SyY*0V6`;F@tZ`2Wa)!PkokaiJch4>UyJ~f*YH_z}?SyCj
zx@!HI2MMl5;_+^fRd3MpZn9Qy^73wpR&Po3ZYx!9Yw_+FRqt5v?%JHJy7Lw>qRQRM
zc<NaztSRYNlnz2CswTaw51;?;Hdh~Y^Zp&K{yV{YJXd|Z#(T0`eR9HkdR=|`%zFl|
zIm6>SC#yN9<@?84^N*MBUv>4xOP61V7W?*#z1?mHS=B4(+?VcrH{LZjL43CnHMenm
zcWE_uIehoUHTTtg56v|X-F%P3HIEZ~PjfX-YkbeUHP0t}sI+(2YJ5%t6uV7s6LO>f
z!d?T&4JNPoFvMyxWcY!~wLootkZ~=@k{|5Aj}dy3+GOtjWM`gTa7bOt#c_tpsRftR
zV%6|tx71?y@Z*fs;`E$hqH54j*8rg&P@z(6UTwhF6Wm;PTzmmS@;X8~lmHQ19TA@Z
zu~;3ki~xyp9f`I8sc{{tr2v^j9oahpa-TZ#&jJ+c?+Lih@V6#q*(0D1!|S6=R4sK>
zJp$Atb<~sZr*%%B?IKBL>S#{|=x*x%Ta#X0^En%WpRP>nGAPTR$jB$iBv#KPBgm{=
z&#W!TVqDK+Dah(j&-zY~&8MF2vmiU7o;_ZWBfXv@SCF%$p0h@fl_~5}n1aD<lyVP;
zXTF|iU66OL{--$Jx`E0jeLXLvfgfK;fV@E<9{4x!Jwx&)-|4!5jF7N$gRpkPFBNQl
znJq@jGngA##HT^*vyeE#bF_Al>p$~aan$j9ognKL3GNxqk!w&H>f+^t&8rR}>ro*)
zUs~x&PtKVnZK5;00Z)3e-_jSJY`i4PYZrnJh&`u2a#X?!TSLadj31&4t{97*NQLWD
z43tP<7(d};qdMA`@?6vaR&jIHTw(QuMpb2DO}j9+FSd#<w0&wD{m1D_<m#%1z04XR
znSJneO>?cw0p7}9J|~cRh43B8m2O9)x?NbvCw@^jwgX1{#2v5N6a(e&Kn~M1#|>h&
zmP@r2`In;%umJ^`FfwMjk5Wq)`}c^@BuXQU7$cu4=|*{}vJ|wdCG_tYcII%!Axphw
z6Z|I~0$g1}j$Xn<Vs(Ro#*Z)(9XWNx063*@ztco*et_x`MWWWbPNFb_#-d~CLjlT@
z18WBNcEOdC0dzmt(d9&bK3#;&38x6I%#>N1S171vCXYoCzR1*-oa(<L(c#DtR&Tmw
z{W!xGKEs}>_aa-5vuZ}Ibb#2dmnH+9va{FjGaM8d%yWw_QsgBAZ9yvPy|<NnSD5|c
zBL%g22;ZO_2TrdiqMxo6&BQW)X{b5GzTv~1DCxw<nr(0ME?M-1kOjh7X$oRN&}4He
zNd#_l9B!@jd9n=JZ`Oo(PT#9d&1NtX_L5-AN=W>x^+Iqmjo@Oc9$|veC%E~#SWw3s
zp_3c4Qv~lzHuzpNTxOn%zL!flM@cqEe<)4ZwU^>AN?wmI*Z=8OU-6HDp`kX9KHB?!
zJ7NhW!ws!ustnE@MQ>=ljK%+H?<~WjT)VzMLpKac=g_Hui~@pyfOLa&mna}LgouP2
zk?t6WRz#$cp$r&WN<vzM5h-aAkdS$<F}B=sykG9;efF{6_xTJ5Tx(XGYyGY@|5H_Z
z7(dZ)UrK?_GCX)1x@VRXE4;$H;E)7$U|#t80b#iM(%5o2@tjB~>ryM%SAztEq_b7M
zhTEux;<QUKN?swI_>WOrL%;dcdKwRvb2b8VpIyzyj;xk3X}oQP9)UoTp;W%+%#Wp0
zbl_kUR0w`)oV@Q!SD<y#-9YFVTzu@3-WcV0;~{HckaXbfzA<?AK2;wY-*H@Cd;cMJ
zUwusG^t*%V=engfxsO+}6ik))n?s2onbIcTvOqRY)$V)qWs7tKGJ4K_7}1xtG>u;C
z%Z7r4mZTrmVQb>I7}c@k$9DBz{0A(IL1`sl8tb03F0nR_1=W-&JBS7{=oDz>q6#Wy
zd|7Sl{V_UwlH6YqGif`-_w-3}CKUc?CH8D4Xrr$-OySZpFN9rq?8;n3ijvp6K-PwL
zNe_=$t2QS{|IrF-XOL`{%~56=qT|LbxvVgH*>C|?Jc|2cG29=#K5b%E9QZDAwM8nb
zZs*a*w#a1BK(0=q+;!CHLW!u(H|<-{5WZ^`R6w)6(^zdi=ZJm@3v<k^dAM=WBoaJU
zqAYLu65@yWwmhqcP@rn4#ZD9~4M{%D*yNNr+HOuc0KO~5Ks5*v8{Gd!&y{6%i2o*k
zpLX|=oH^Dv<kWHNMbzR3#nAKop`d)s#YiN>@nX>(N6@ROt-87kT%Sr_t)B8;I()Rk
z!6(vDz}J6igQb5y<6!AVdmM4cvj3e8j*zb-cX+F%*Odg>WaK`pVm$;yW;K16Q?!^a
zVK+79)4-SNh`%hXT*~s1-`^0^rCr!t#Ow%1wi+()W`vk{<w}(|EKt9aT({?3Y&zbM
z$L`51fM}!=Z58hlL->s96YZ2Dsi9XKzf!VF`>sr)?h@a$=?p$rxOZAQ*-<@(Uy)3?
zA=ybY<E&jr>i*E&t2m}HU?-I-OF36QjEGJq^_u=e)g(US##C3sBHjEeX)<ZohoWV~
zuYX+f!aAFz2)(>VcQIXL;sFZ=Ws#AxSm!bMSW)v{Z>G3?>mQ`}wR<KuO(9@ndf7}*
zyVghu|J4_nUJjiJP}Ou<gtt>qhPcb<3xto$n_R`iX>ySbF?)Ct@7?p-78j!F$F5IL
zR+XAmqP!MIt#JFM7uy?xgG8C1Ir=P*mTATYZZEXvsb*Ztz6D<yt8y88l^x{2F@ug|
zkk7dtxV<=7WYUxq9JIHA>CDi59~eCU#E{>Ce$D*G*azFzYY!jz#Vpt2LA3PHNw-?n
zi)tGu_>iszVfPSD>C!q%j#8@wt<;JX`fU((k-@f8`da$!bY^aY?F@FY`W;NJrGp(T
zUf5p!PPV|+!A_2gZ#ShV5Mg`|T&pKKP$g%&uPKz%TP`;X6qkCJ5{=jk*WY|GaRo^#
zSUPaoxvOoU_uQbCVIOS5ZMg3OCf2ZDdbxDC|Ke7!;TyUA)!{etU`nF_MN-kX14<Cy
z<X)~gSz2}X+N}lTP0$O05`Ncb)sF;WYj20sZf%S5&o*y$AW52DEIe>+iM^tA%{I<>
z)XcSPWYof|&v?u#aBXDFCXDjxxLuU!=(t0Y_SFd|g!|}(OMcu{b5|>Pnz8Y-uo@Oa
zbn#n*36dj89-VeklXnl?G=zJyyCB4@XSlz7?r}3J^EbY_)n_sjyuUU!69T3(oed+!
zo*AFL3(+yfL@;@bV<MsPrXQjN%f~;&i1&ZB531^;H{j)6OV0vjXNeAbzlNDOX)D2L
zr2P3|C}hC=NXG(lvG2-acHsKNVs03f`BHw=naQPxNjm1sg$R$y<)Zv}bJws(<&&RE
zs`|}W${N-uZ{&DU1tF_k&cla1UcNj%oM5CAIA6!0y!RMB0pGJaqnnLbsM=qj+Gqk(
zTW+FB&%WDih3HytwKLs(x77(vu>Aa*@WH#!J>qXHxBH|w-fh1j9}BWj7o?pixQV*#
z?^K8Jc-fr3%x=c|oWFhQ?F*GRR(sQd8`FC;Vbs=NF;QpVf1Lve>Ha+8=KH`wLhLQ;
zgXQ9i_XjIgZ-5=#n->n<YE(Nk+*4+pr+2n*qy(+ce9B?V+PhKl@^F8-V&?d8>x~We
z+y2H377J!n08=G~5=zd3AyV>TJc(hHzO(pHMnzJc#PCzGGkXI>dBg2QmYC}-paF&!
zf(Q+(RR@#j@AfXyJ>3i!^~I3eF)A_jC*FhAU?{yZmDtu3BjvtesKXfB=*g7tt4Mx;
zBxNe|o=J+**7`t}FLjYJhYEfTYO}8(a9MQWO7O}#OqV0Sins<O+DUSbX)yB&tUM{s
z-FJ=!!>B6VpA-+TnPc0^?4%=8P6+-o#{p(iQ>02xj5wNOgpghlDtEfg=YXC1R9&y4
z{vhHHrq@GHe7!HLcqFG}fBDF-$fThkpPX7KIWMS>&@e7fPAl`B7q(kg4{J+KN7c-W
zdLcBe){`?{8aeW{XV6VZRl^sMAH~hW%YFMO`D5F7#PXT6U3F3(jMOZ^su0@l9x2G_
zFAEpYOgdiiDOvN69xL=Bbl~MF*=xRw7coq_ftQC7Ev%0vVwlt&*U#~FTRv_SG1Cp}
zPst;MEh$1C=tX#($|i>|DM6X_qjXMZ;*}NgYSx|?K=)-HeG#~u>Z;;w|0S6owyduI
zz#y$WwNMnktZBz=i0Ds!3_~qzdkGnaeM~Kq+ga8HHcaz@4O0~q{}rstr>+z)qg)QS
zkjBxzu5fbdQ)AR8<EjV7WgclIRy&_e(9Bn>;?sZ?(-mOF)Hv)>TA4e1#R9`@($Jq)
z4(D|>fHe-@zLZvx7cFEBW-&!mrB_D4R_!22)AlpzRdMiD2Pli#Yn}7Oc=@YN;z+YT
zkMw8RJF6~=EF-Fo<qw15Pp`@0nU9pGqsriGH|&JXdOFf;QK&U{FQi3lfnV{WaG9%a
zj|GM*qrM%s?v;eJoIjJ%&<9`l$!D=zW;Wp*My<oEkXCCR8PBJ8Jp6d~EoO=Kp3lQJ
z0tb=SJLO{yBTgGZ7#5rT{)|`ca*qQ#58ocFXEc4=*$9~;$AUoAnazaf#e(;vW{!4u
znkoG@??PE;Npv$?=*l+@>0a1U-pp)e+Z79!II@EzWVY>7dPV7H+0#{geWmTRg~NM8
zjiw#2+O0UR7sykKnVrBwv%KGt1C$!k#X{wsl$7PjJ#6|~+wXJAsa{6`T}1a|Iq$Tp
zEGJR_`EHBd&l#uQI*BD9dX4FQ5QACH8Chn1?ta^G6GzU{MbiB~wcFWpmM*dz6TJot
z+qvL4dpY6<1Ip~a`H<`-YM}>%*Dm=!gt9H;$(awOv5OaqX1i)P5ey@DYtp_Qx#}l0
zie&Tc6!W`YH>!9r_|$o)1VMJg><u%InkNbEwd|EGY@_+u%Uy3i)?`u}>Zyk>_;#!E
z-Bu!InJ4;23#zi&)}Z)7(3bRFRMmZVcdXe2iQR53x~$j{5Ld&T-$NG1(cH*IPLt3A
zJG=uPfhi4Bg!{WMwzSjFgJ#M1cQ2$5TP4D=$XRg=7{n(&8GbgaYlpt;B@??>%8Tdk
zXzRWv;Ganhv&ov%1QvIt*gvz5v3%f42;k_FqfDug?Eue6^^hKW0Nc6?Fq^7sO%I>j
zF?je#qx)~vwbnB5v!?}!Lr>q&@ulX5E^5rw3dpYe6zR$}AsA&wkl7UaHJI6tkEKV^
z?0!{Kd{9QyyWO2ReyECU9wM{?)vH9$+BezQb$H$3^j41l%Z==f;Jw2cFh>BII%hND
z!Vw0N8_<3>XDiPCXb#E|_?rLynrFu0NAcYK^TKVb*T#+(73H1Fe5^PbzusEX&pi-P
zvf})9_1lWwhT}tSxm{G<w}ikmJ5w7ud*bQ)%RwBsF$s+GjGITBNx4Tyw^%=R`yX#-
zYj`c`<{qTTew{DL4PGm8n<<|;-b3Fk^zXcQG=Cu^tix(+yCV0SeVE@Nrs;66GxxYM
zH{{zE$HC!ZE;e%}1Pk8WIz9^`)!QPf1VJh{sl>ocG@JC5V5sK?yBMC}z&c+gp19{4
zpa3Q<w%T@sBis)BPJw3}P3*_X-crDUHOGL&^6{+_KV1UGYcU>;O#(wtLW@m8c;b@1
z9)bD*f&KvR0h;y7WkNHt3+qreKTlFr8L<lu&vhEY5)6g40$4_YSOLSmX-6dhqPwF2
ze%#FQ6iP0YhhGp%YnsSjK1-yx$?6yij)t-?K`AUb*_JTWcS7-*^N7B3^0e6DcZX7F
zaDuI&95PUn(n?ZmMNDQT#HoyU!WL#a&vYAr#fnTd3N*@K$df!gZ!|}3CD?S9_BNFM
zErwKLmP!juX&p+qV@JcsNp)8dOu$Jy6vlR~nS57~Z8VQcS@G0>0v-s%-GadvQJ`=`
zGkjKraB`AKfFbd-c+qGGw%BXbz7j<BfnYC;<FY+Re;Cm_PWDX<<#h<*p&}g~C$)k-
zl^G4ejV(I&S<)Ar?BRAGHwgQBnEQer$t;?qMG@bVlkEePtwWJ8mXrM;pW~4t!FV1s
zTk^;)Jql$zE)_dEgJz;N3{7+>{^>mKA_dmPS?~ie&uSQX(ICe`*r~}amY1RIrJ>}j
z&4gWc5JpahT7CLz5b(<&vRQ&&DEqM|g#s75xgDV2#<Kt>`-78&qgqhDkMs~sI0q%$
z2|LBgNv2~*e;rMn1v<URiI+OS@d-^K8%m;2OZ?4_%4(KXi<A0VK3+f=)o?yX76$(o
zh}Joup`{t0;4?MWMU0o+mj7Zh|4mMj?9XE7`ba}I2}U-F4hC7A@`USXMARjC8o)dU
z`KROcIIbDcUH1n59K@)Z{0Kvb5o7=8c{Xj}thgZ^K{K^8^t{74dYWhFMYY9U2M91w
z!LVjl3q>%`ws7lb)+v3FnOPD=F;Mg@!Ri26KpyM19kntoPY0Cn>k!9<SyJ-P-0tU^
z-h;`?huK#_Kt!;&rN|<xFYb|E$fqIMwxc1*gM6{0dnG0%c#1~{LTC@Xk_^L-AK-X5
z09x3h1B0malj&JGDeEyzPZaRW&#}@gP>nk?LG#Gi(Whwg$v=leMtqWAos(VU1goJr
zGz^q4){J8>$0<5`iqF|`EP*Kj1p`_P$?CA!9)_t}0iQFEbU=)FaX{c3n1H;QFnoZW
zHJ^Zjlc0N+l3ntmN()Vl0zPvy!Bbm^ZYr9+xUO9Cg~4gQbRjv-@bkN1Ek!b3Js-_M
zqv7*n+7qdxqcz%?(_GIbb(Y_LcweKl<vYACsk?79v|FPKHXb~d)FXur5TW!SbZ@9&
z`b;~0^eBDk$l!t`pjR+9RAC?vo9sAiD7`b@SYfD$8Y@pwQbHN2Y9DC9j7{S9jZns_
zWnbgp7&{pc-MM+yJ?&~x|Dgxm1meCMuwz0Rx8qA~8fDynrD8>^!Zgj;08+4>zGK!|
z`q}?Oyiq>Nyllt33TA<VTQs07UhY_+VV3Q1%hxE&z8%X!nAHf}Y64|7y<>%eS<l0*
zmr>ShJJwq;n;p2#KFa3Xjt%&{Euo(+X{{~gt}W!e9i5*YQ>`7_t{wEeJ+Gg=V6DCA
zuD$qq2biCObghHj)mA*b-&%wX_*-Bw@Qq>+2>}R8NbvvO59~qxU}_LGV4x`oOL{a$
zOiBb|O#H$mHDF8yqT$Bt!jR=O8xr$swCQbeP{(ol&=9CsbE+p2>0a-B;_c9LpVa2E
zk-(|umPk>RW1n_f9@T)uU1=V~+}q|n0z*DaDKXC9ADTU=4$K7N1O8bl@XuJ)5^Xtn
z7(uoQLq&P5;pN_-Of`rCmB}VMy=+>gy$S^*jOrt%%8@Dw?=aPJLXRgojW;Q8l_Z6W
zC>5sJ-|Kp6UNZ;e7;QvaQ>Ydtty^%k811Z{$fUA9#o*->Z>UMA^UYrjbNQj!31vIj
zN=2DPh~rE*90@PCsu$SkwtDLC@&46KES`sOfTvw^<RRZ^&zPq}Co}P!`_Y^7@z4{}
zly0CrF!Of<%D)>>`P%@c$P)(0{4#*{hXMFF188`^8*nrR;ZvbF=boNrX2`FTAtTtW
zTr43Fnl8ZmNmhD0w<L#M(OJ3SrcGO#v<{5UbY}+r2YHgm32DCc(xy7kZ-_WehV{|L
zfcgGj%{sxE#vp75rN~!NOiLso|MBz83Y)eBXpBhd-j@6eNBk2J?GK6ue83C%;OSrF
zgZQ1!+A{fSkGa}Dp}KX8RKK}1eZmZ9ZR+k|t0_e?H*H#PLl&nk0E`hAz9DgJV&bOo
zJA}eOzJKS(j{#W&0fhVXtN;1aSBfn9kpc0Bo9vghOslx=86HYfz3Y7VP@R2EnQYae
z+KD4XD5*v=N_k#B{+ytFC1UuIc9xuf$EteOV~uoWuw;#3l?xRT&kDSDA8mXk?Qpl@
z`s5auQJ5K)O{?B>dF;2gqszC~+2rR$r=R;YeVDc|;hlM|hy8#OWUQQN38dy;FY&6f
zY>9`SrHVD(aBL5sYk3!Q{zM|Dfz$yrcmOkc{?&~CLmuEHDg~<@)DsvDUS%PM=6j>W
z^|>0%AfysWy$73*#`zIy*9Le#_f}~Y3LwQ)Ts0@kkOGD5KKBo5hmdt4z*^wyxwOJ&
zkEuq=((6AZDy<sI%ctQUQ_IsmCL0<7q4?zVS>Ba)EdqOj*1h#xuiE0d<?o3!cy)Kj
z8y-ycHav6b%Te+n5|ydx9?I2yxUO{z*3*YoMpBaej<Ot(1YjROVBf@Fm*=(rn&)LU
z)lGQh>{<Z}m4F1Na86Wd)m&$y%NZn2g42mB-}OCUpL5diWk7=Smie&T6T_0Laz4nF
zu}Zs}Yolu%Yg2W7x2EJ0_eM`vwPFzK&!DXR=}i_~S)LtS%%}{fA$9Hs=M|`cq$N~h
z1%xnw@~E=Ah}za%Cu`4@A3^ENT?BP?rF~tKG$}h&b6;`3DVs0&6Tzh6yjC7vQh?!W
zTEWmuGq=;<AzF)?4VC2WrJQy?y^WF9nLafJ=e-=Ec98m8aFl#7cl!D9<cH~?I^mh7
zz+k-hH{fD6=zCjSI&S{r4xLd@mUP+rO^2QgRS7D${h1jQa6td59b63}`f19{U*@>y
z@XV>Yo3FW$nssNYt9m|vnlAAdu4xLzC(e;B!wCfxMfG;n1CEPT@%ZjI_jAv2j@#C{
ziPKJ%+eR)AKQRnZA}t5BQ!CMZJgR_p>ZHZZmB(^^bsp7A;pD0pPA20^5Ft<!X@Fpj
z_@`u?RS2Qs28J;q;?NjI@JCO=jeO;(B3kF(`(blU2^@j3mIx)z?)#M3GS-PjCuJUd
z7kg#<Q(X75WaxIYNF<jAa#c+18KVtt^+2*g9jQz;3j^s!F7|AnG(PqwvjweBndq+w
zW+-(YU(EEx7}fCW%VZs%Jy9k)fhYTMTs8tvcC=WLrx=2NO2{anG9Mj5!=|B3B93Xh
zM<;6CmYFo$aTkzg5MlKG*c#8LUZ7=`?9`J0C2Z`yCh=J74_fz=O18c(zXLQI0aQ&5
zI)!*G85Q0#bGo|%NP`CNzA6z%j;d>iVm(rnq~=v>kDcDu?uZ&wK-Z!v%}ma|kN4Qo
zQTb3dXNCqH+$Lul^`Jr)9eB5UYAhCa82e;3@_V>&Jkm(|qR&Y4JGch^%#&HboYPXJ
zd5U)db6D?}0>Zpq^cqKXrGPLmJ-^T&9aRri6PO8gSa8C;uFTJhal*VBaZ~nyFt3kA
zSID$CV9xgAI-D@?%l$H(FmF=?K_^a_ch(~rseuw2LE@EN&yI$zTrII8EMU>3w;KOl
zygdnb6~n<GBA(!(Mj$yWY(UbM=#^Vf*Jqj-2^{9V>b<B+gPAq^S!km^cBpwUzglHz
z)$Wgj-Ce&u{P`LPp>*Yvwlt5;KtfgH<U6UY*~G)$wY01`qw#mxh0&K&2R0`T+^O%S
z5ZAN)xBBq<Giq82kQnFk@G#J5>OK74X!aSZ6>7BW!T6}lY<=2R@oPm43$D4RTd_#2
zOg>?}%oQk1M_Lv8x@#z6veUG~sV8TsFHFQyQr`n@Pg7`^YFj3)?EY+`Y)by2TH5aG
zQ6FUOYrMKJ_LDyR2vP&Hd_TFya6Vl68IqPiLJ}*TbzjW>ax^6_B=x_GD+?W|;KY?V
zB5^*PS9QdRD@SR~RpZ2!Ulc<g;KY?LA4=hTsH);@(Ot7VlsHxUEk+~lX;;{Ewf&mk
zFLC7?RX<Ih+cBa7dCuW=d400(GQ2k5-R?>DzB5?%3)#Zpx&sIL{^9EOeS#`m9*%99
z_!!KbBRc7<;qkcXIZzinb&&Jn*4jKP)JmN`7M*630G#m>Wf|pN<JjH;W6fK(CtSAy
zvI4W>^wdfEap@OXo~P&w#H;1ko7sSnG@C@$csUTS3_!eg;)JA`Pu*c9mH5~cj60=W
z4Q9JDge-FYAT{Lcdm#F487Cy&o1+leeZ&B)aTcfqFK9Jx3m7~CWTgK^NLps?E&)D>
zLhV2go`xSfRR{8}5BL9)YF6(l-pkgFUopd~boiC6w3as+eJ82wMa)-GB1GJ`Gx4jY
z3wGV0({-m~8$5ezlfcyQ_VEhqMp6B0wye2S!&Ge71C^EilhJtux&@{Ou>&UNoUAZB
z0hM;>2z*?H@v>LCPa(=)`owFlC7zuwT(Zl{Q9Y6WqP=88a-mu(Ba<@)(=+E^bI5{%
zi8P3Wjf^u=I6z!?o=4+!tA4C(rbb^_Rl?g6IR>r<Av)5wLd!_|P{ymD#;Wb19xCL`
zE0;^$o}HmEPZzpkVp}Mq(&#yJDbK_w>*?~|OkdW;`D5}Ey#+ov>gN!In<4%zidx?z
zko@~2&;BfmUfiA0?9|RYjMcMU$$S?JWPwNSOv1AWryxDYcR31nQr`R1uY_v-olw?4
z6N>J8LN((OYB*M{J6uIVq6A2&E3XKr{LZ{fa$Uo-MJAQLf5w#CPe(qSW>INb=KQYi
zjq3z!k+;OL%jsf+X6(tSm=c@^n1E~laC6*$lL-r}KZ9n|7YLf+B3#gzY^Ul!(G%B-
zc#U5&#wvCgz*Zv3om^#|6#F82SMXkv`^)mU6~B*Wji9&Ar(^1XtvD}qi*NgA$<?P!
zdut9d=R1qDqOlNI^xKW5lN}EO81;Aefdi-)-1q&|p8|aF?^NOka@%8$X?~p)0zXya
zPm4c&@qM@#bHLSH_U`X0@eS239foX9-EDe4ML3ms<}bwtoYeVxJ_0~;e^Prae5f$Z
zJoFS$i5IqSzwan)#A7%7)L4ezLGPKkcxkrgp7T_UXa4APkN*d&n48<(Ynt_*EltPW
z3lUMHm2;i<QD=w-cB-6O{0U$63hz|Ayb8fKkcp%|>3j2J#QC`HW^PZJv`%48nT*4m
z@G`9X>eniXwV8;MbE^ZW_NUAKrtH8SU<ZHW!TWE|4d6dZR`K_A`5#A583z_UqZ|{p
zo)gY-nq#8fjh-VP`h>mD+Qi+NdQbVnPt2}0401T~9KasUQHza*!Y5n&AJ_obggyJ`
zr~jYD2A(4aNKFRk$;N=?JAFN4<=w9W^6~m__;}7X-P_^PSvBFFYlz@bbrzA@vhI!{
z&W-40a6i$J{4Y270XYA!^1=T>ZomeNcepm-2Mq;siv2szB{D}x5~|FD6q4-0AZcaA
zKLmvA+7rlN9z0SIo-WqGAKV}}l?8?42I{p*Q?f&)|HutaC*A(R4K88R-XXX@H34@8
z{on=(05@3C`17I?zr0^Gw0s1hp$EO17li&j4NdqrH1szwnEY{y{uMyCR;0Slb0*#D
z3UJqolS4iLvivtjU2z~w_8by-*NV%jhB6%JVToD20)U>LY3ExwkhO@I`3`#c>H%I*
zLKK;t1@Hog3vt?0JEM~|odr{U&-d05C-KNj0FN+zr~P4oxj!4XLrygC!aVsBJ~2Bm
z{ro}&x}5EIi;kUGqr$k+350?7SrOu$>Zvq@)xG1yPKrNJ!7vAa3Rrey>kWYYGKstP
zOHt>Fb#l%-&}WlY74_sX%T4;i(s(*^fElH_OF~tx>@4-YZ$*juO2z-sPImqYZ5n<*
z)qjo&u0Ny1jhLHD+nVG3TGAl3Y%)$&zU+cTgTiRV)V?Pcbql8S)w<))f-{}6?tOGK
z<r$W^KK#i~=w2ec_1+`oo=0bGU?JDm=%AY|DEL(bfyIT$KEvB}_ELr0ryZW+@KxQj
zH-nGV4g@Gp^!Gm~0WK@v1J?Y7lpr|K78D9r=LorGH4g%=?+IlspM}f8#wu(m!m2)t
z^-2+sUW(=3Ylz~JaNxN>Zm}MNS#a(^$oo7Nd2n_iF;P?ZRm0vhhthJ%b5}&9KE4XR
z#l0v+x4YX^@3T@)e{!gv0*M2K0EbJPaSp7j$U}z%gQnI}1pr1U88rS-8_ZXZpcAxq
z%+#Oj2w{`+pdj7iR!gRrFVK?qE|gC>W7DGSYLM51;JGn*+f4r-ZY&D<)xn12SjSUi
z9P1bke7ZbR!dNr<aSP=Z{~);gY21UFGIf-v_N|B;ba&Nxd@H!1wc=)zFN_Zvr|R99
zMqWrKB4YWjdzeua+>Vwxf<-=Ymw669tgBfbzBCc;F?`Q#wsr{rWW)LY8!7nlVy+$M
zz+a?5tG@iZ1JAgrRu!nk&=R*y;jWyD#gmIZ%Jj;`T{#tglu^ywop#2dC3eEQun9Lz
z)D%DC?@z<t-X&l*TGC0p;zKKH{$*+C<dsu=zh*sU93Yr@hMV<NzoeSf0M~&KcH@^%
zvnm{pPYcuYB){}aD!onqRpee;#2S^3Tfn?c2Z-SATk?jpUDZ)rcyN{Ra?4sy?c{0X
z+*^YbZ2c|58~*?Z_WyieRCcnq{D;%_{KU`qq?l!ZtrqFw*lNW>@k9NG_IYH$RelxH
zw!8Zpey&$|9Gke9qF|y%6x`EyoP_t*)N0`1(mtv46%(;K^Y<c_pRSFS8J}C98cTJH
zH<V_;3g41k2G&1MAZ>i`uNQWIR}20Z7yR|e1`6)|`JP|ocODS4TVB)SY>gy=p5YPr
bb*WrHVu4B|E3Z&&mzdp&*8M-<gt+)$z{JyW

literal 0
HcmV?d00001

diff --git a/docs/src/docs/assets/logo.png b/docs/src/docs/assets/logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..fa6b75f8630f4de4b9fd4896ab05d7c7fd7433b0
GIT binary patch
literal 33765
zcmY&<Wk6M3)Al}xM!F=Vk?vHw1f`K~kQOAQ`ykyQDUB%74TqAHkPhh%1*8t$@NMq<
zdEWQ^ekh!M*lW#NYu3y)*UUtysmNnvl4Ak@fc@&F>}vpkg1<rmbX4%iiRZ5?@CSy|
zOFb6=!0CGU2kCVzv;ZHHxxUbK)o`?O^)P#H33zyTaN0W9xtN<dS#mnQx6arXB?kZ+
z;FYYDrf25vqF34zty3YyL6LDWlMnCgE1FNi$XKhrt@N~X<a$Jw$h?rCifBf@Nii8Z
z=4yVLen!4UF$_FnZi+ti&va4Mva%NPDZnhF{Vd}r28)bx<G(Ed40MVq+kfY^CKor4
zMXy9ZF1WOHyqexFHaLe$qtgcC{m*~QQXB37_~49#N{4d6(JuE|n@!ok+kC#EyNm_S
z7qLcz4a1Wrg2>f5zSBaWQ+v_{#X@bcOk+@9-Y*>RL-bJ*1kmpvE&bmk`cK$`r%FYB
zhUmOPq6x;Mni9Xd=_)IAWW_fE5I}~dAh&tmpMfPlr%S&I7HsCo6n;P&eO1a%PFY;b
z+z?|_HrZ{y=~|mXfIsu<Y9UN(inv>z9Fz?aA3G+{#Y-ZDbdn`KT+<}&<E6&rXKgdT
zfQ$J&4#8;)1mktmPiZM<qmGsVP0x8u(&Mpo4Ml8zcY3J|GPS&T7{qCIPU^Aybdz42
zWv5p;vT1rvUWRQS1@iBIza9H?%XBVqd-51yYI^ef6-RCkpXpB{1EXQuCv*=R(6Eso
z#955>r8)|DvgV#*boWW&YpdW*{*($lD7<rG0S8?0Z=2K6Ifp>aGgZWJH#ML#71VL<
z)rs6TFD1MB&yH{+Lh6S?uHm<But2_f3DPqcxJ!6vqWr@)RGz6Pb`27_i1ZqBBU$4*
z7|{5jBys<<G^stUL|lte3P9SydNxc;Us6Js1SN&j3mKdfr#e@l>-up3Ff*d?NvDxg
znkaSw0-kPIt&Z{?YS7(Z_t+<2su7gT%_u31jSt6yV>U|cVBM##w!Vu6mkIBT7kQW-
z=9d3f1$kW$?lMzJZ-a8SbG;;%v4}(W>*GIP18<sU_OJxq_*k??gCc@OzJPOtLk*t4
zc^lp_>9AR;NMGzM5~Qa3u+z+ym?me)!1sk=v&TqG<&>^w9&i`*x_@7pVBgV%^KG!a
zT)aSr%l!ALc_$Aj(&M10yAc|3#eW8A30lC3=YqyP4EyhsT+4i>Z6LHUi{4Q-e=(Nk
z*GE)IbXv?poqAR3q;_i#{HvxcsY0z2i6n46w&EpW^Z1&ka;k8?|IR`;pu?I|BMwJG
zue%9hzgw;Riy43}#`-#NusC~rZ=D2QfcZQJPudgPvhLlkIo!OkvU?AZ=6H$?Q0r0X
zwmJ7YD_vlw;UXP&05QmTFqAa^+yHC5onpoefCI@BgYUZ>ISKae#O(`jOBMYWIH2OD
zyEe`DiZ8o^V<D>MA;J1yl&G~1nnMxD+5JkBfcHFmO-KhW%=Z|rEbW{h@^p;#5$%tF
zvXWxGN2c-f&yS>{mvIdnSA4<!bF*KB=$Z)p#)`U7;Er9t!6n*#ksH-9)xD=B;0Pyl
zpc?&lE#1gQvrvBqdnEt%ZkJ`yl^@1qs%f^Vu$4X2=>NwYFhI94H)RPop3wF2mYiSs
zT8{cSyG!<fz(rjMP|{s<N6ph#(K&F-AE7`Qkf3PaM(IB`89-m)u6(yjkCH7PJ~DI3
zN7aD0LJqhu`}pSshG=VN2%X$|9TW~SMNTvov%nz>Tkf$fcv*Zl-8W$iv9!OoUn8{x
zWhLnZjEERO8fEwd1G@OQ@@8V=$y;@sJ$gp!9`Pok=$~rMbC)JcbCW?jgFXso%IX$V
zI?B(xpc1?8v7)*~ns3_?ar#0{l(L02BdEE4hHkj~SPMw;2AfiCBP7GrH%lKjjnYk$
zDo?vcsNbUa34L%jqur!kSuIT#2yO9L_6f<9_nf$@T0XG-I^_QB0!5+fF<KqRv#C8i
z>9X&wIZa;oKm8i{E*hf1i}Vb}Z(QsC%R<kWE=gac`VRryih=%Clmx)-R8Vla^zi7T
z^vKf|>-LY$^}MSip!P=v`YaC9{F*mMs(ctpxvd@@h87EB$VwwAr4VSG+GF^9Q3l?F
z^Ronjb9^%#fNA8}flBc6o#MA7<y89fLmgfrXg2L)4%U?{`FerZ3pljD=J)7fxM5m4
z$Uz;wkj!1DY(F!oKX?)yMh<BB-P>JeleZr_R!mm>&99}W9J8LgZhxmR1g%vkP^UB5
zf@9h;ulK(5Vlg-QQ9%=>Od)(;1n7`l!SOs;!v%h{XYI%vIz@tp=}=GPZ)aejDZ<3*
z9{i^Fino<X=s-dbN0)^VnVaywbMMLXYW5trsCimhGv7RjuE^V?OPZ#>7;d8tIRD-`
zWxieHy{GbO8fc=whnLC!)Yz;(&MU~FG7{O6W}=ose~hiq^T!_;0k17u8&&nqQny1G
zUdZ7mRMT6CMkwAymP5$Tj@;<(BT`9M45Xx=Z#ZG}3&YhEy>AyUg}^@@rjg}9^+(Pn
z6%?LNJ2lX00!`eoH90WQD}=Q5`*q5bF`em{^tIn2#Gnh%nKZ=d6j~gvV!{${^ZT_?
z<gkf1OuA6NqHJZj;~wjmudkQ?dQMyqdFH`2%^rRKAUcBPq${HJMGo6=p=oH3rZZzI
zwh4jvW=9Kvz-xB9v~!j{obJE6fTmTJh>E_rPKU#Xw4DL`3WpGmWn4AtBofA4s=5zw
zUk604HC-UJOS+=|1rM+#0)H~ROl0L2)SQz+tLo~RVkNxKDJET)fU&d4fP?5PzQTx;
zNHDV~6gElEM7=_<52-WA6}IdmdADAPlq&HSRCiCs>%MfCPotm}H?$dzr5Y7Humo*^
zbt$FWs^ps;GQfOs7z)scs^<OD`Cb0jYt;Sjv9gr2@eL$5Kz09|1GKP?X0S8_A>3u7
zU%Gya_t7<KMcTCgRjLnv+rsozM``4thJWYu#+r$^yC6XRb^+%jE|k+<BnXjmR{YZh
z;`C+y`Fr`zQZnZ|bhrk3m~8%?hYzZ?((`&IsyVJLtB)drnqQc-I87?MhwwV}^n16`
z%?6*%?9q6cWzLD0H-*jf1gF|)EUK6$%5AXy4K;K%vRUsbqKRHwWeUbU2&BF@@vuJ@
zX(F;CBpjyxRc|`?06UnNNcJaq^~5Ll@Gz0b$S$hqX@iA!7p!weoJGQnWE<M|usR`Q
zHt`)gzE{+@{tdAhgx>2NX2K1XHGJsD?Nc2=I_wvIX5R>mzw&G`!(~8>6S8L%f_8DT
z#{^;i)8*b%M(uy6_Tc@-g&bOt+xtfDkI&*mL%W*RcTDy}(89L+ioesE;v*_i_tK=;
zNDTRHet+Ld(tiA+Ta~<rq-oMsdQ74Rub+GM*BhUl)8lH$GBWUJahMj<;_olKb{`|e
zr3#k>InMEVN)_?NnLJ}_qi_h1L5;h$Z$`wy?^1z)KA-dN*6?s<4u5Vr&}-v6w#d;N
z$}cS(2{HY6hBXc(v48g%5$0}k&Hh=8i5-E&7XPdg8uXDwWhTBuXgZBc#V~arP(#VZ
zg=NoN>Yr-^8ST2Seki6LMslqLC<vwzG_RxOJC41(uMt6huBCjF8isRI^(ry6-eM?o
zmeTf^S43tyg#X6b6S01cvn7b3tW2RLPx$)<lCy1T_U4=CU6Mous%a}|O=m;>6Bkh<
zp)YLF3x?21k@jM(AHjcin-u0kPD1Ddqcp1=EEtHc8s6Ec?*2*Jp<}>)$5LFjSH@%S
zSTi6gk7=V#_9}@BTe4{Pih)8GeHU@<1G;H^TR=grP`WKC(BHk6aGjBX;7E@tX;h8(
zvC7@d9&)Fjl!QH3;#u13OP6pX@2N>G-hA3P0z2i2%&+Y6%s%9V-#6XSiAie*K~3<p
zu!Ms{VsIw+7~bg2Ros$ZF3i#{z@EFf7b-IJXUUPIG*C*T(0TVh{PArHbpy8K+};x}
zdV6<~4{G1S%&<)5#N|^1O!Y77swJg?QS_V8d0I_VU1L!lgJ;orbwDj>yi9(?i|9XP
zP(I-U>X#en)^_4w_9bjevkZ;b27tpu9wEejyQ8n-M|&*B#&e-^xq-MP-@xxy4QBW5
zu_?Ri+1|ZKNJ20G*aT@08eruXo(EYWN<e>S=OGe?Kt=t&<sRzGLwuhjwVO0qTLNg#
zP>ztB1ljQCbAQAGfEWN3fd&uSkk2@9hpy5NcKZu4mly<EFXGT1JuWU00agy?IoowJ
z|IXiwgVS6DqXPD}$KZ7iOZq*+3ECM%tQ5WWcdSuw5aG$+?}PBJ8od%(SA1Cj_~72l
zH>MRX$MK&RgO)SSp)ehz;Wq<wn0u>viU*4;?l`NIwKnRZpAOta!u(R6KsBK!P8X6;
z6B`dvNX3`6!!S)Ng0%_pS>EI{hxdHpl(x{~xP#N=$d?<Su|#(q^PTls7&g`5r94?a
za7Ry&plc<8E$@5QU$Ev9;n+PkK7ED6ZTj^RfC(85eys7LcWqf#-g#GbDkSzgpnl#f
z*aOSZf7uSmb`p`_-`Y1j7~XRd3F%X<ta5n5H(X-`LvYo6{jL76f)DqL5J|ffQ)T%C
z*UUXyY<SGx+48*}qyS9@f1N;x55tl6&(7j-d_KSRHVJ40ZW6v4g^A*Pr7I{Q>cM{l
z7e7W4uH0L)?%2IV3B+2dmT5MN$`QYf^BYVf#F{o)f6czigQUahi`pLKu(>6yg5@8u
zqyX0lzd<Jd8w;#wiYkaEMEB-sle`QUyO0i3SR8jlTre`!$cG_*wJ&m&K2_r<<=L0x
ze|tTf!AwckFPQsGrNwZ4dQ1O77+Vq}T-ezq#W{aA?ebj+ed{QI1-d3>dL`7ApE67&
z*yt-d=I5>7P<aaeQi$BadgSIa9K**emm{ymE#hyDW->blr*PR)x#E#vk%lw`&&hLN
zc_m#aTGJi2fZDy=?U196ty_g4#y&9uvgiE%O8DKRxohHD6e<p#3c0Zzd+-a+iTfBN
zg?79<KCnbAI&99+_ml<cEL}f_n}hP%-x8d)-PU})EZ6=dAO3xIoh}*j?)YBeM`}C$
z=Et`2>A0xa?ZCa(CwC4!D!*#Bt=Z@jZXcy85e3CYp2Pt+Lwiqh<lDQDaCO~6=AX;n
zNryV~!YXDcRVD438ZRX<=`pHwe2l&dJ9T&ZgkM4dmawDUsbw@Y?#l+_nJ2Y1g(*1o
zGv4B(qfTi@rk`!14HnXm><SrIp2BNxaK$oSxl6>6a2);05;VglycdmI)l)ovp=F8x
zneEK$1!co~vl7%jS>Qk<ev_{nnLnne{i*z!>^H88*E0NU*RFlsD(XbaM0x$cAJym5
z3E&6!f(~}&6$jo;&*-F!XycUJh8%8K8_sAdXa^BDnl8s8tb7<%Tt-(4V!7{@226K!
zp;Vl%x%UdTwQD}TXIGWBN+|5}JGK(}xP(-=a)0+6hiN01+Pll<1%qE(2ieB@uxy<L
z`ZcSPS8kM-?OWop@|4<8bxovmIb{{IOS@_fr%s(EB$j;I5(K(1<I#Y6?g?ee#X*C(
z4DQNr+Y@(6?HHIleCQH_<`E_=r7V%7bH(XDkq1#n=kr+LfT*9^y!7*y;$Y;iRY!tn
zabnloIDAw&1)K?ZMv2EVr-5vb>m9}fV;LEd+T}58?13$Pu`YVlip={c=O_aW1M8u`
zFHue>q%KN2z0ji#PQ&qKs1E){t_d}~>yWO7q6Ko}qAWr9WIWkrW@SJW@jm?M`Yh*H
znxh)AT)5$e8^l8MdP)bS)e7G)j?_eEfBB0z>IFu;V1P`Yuf@XJ)FPK)Y5Cc95ZW@%
zhw(E1Pdq}F=@RXk&ux?4UL5KPz3;!5>KbYH<s=de<vKrIPYGg0_*y!B-rd*s{*Z8W
z9KJ1nO<edhx|d5U^<{Xu#+g(vA>+lo#1nTcK57{yw4l;4;1o5V3tbN|kemSu1nK<4
zetLVY91TVVPnEY?z07mEAV)1(`g@MSr+N5p!M8><j(CQ9?L!c6x;s9M1sMyjVg6mk
z(?)`_tjn!s-evQzmX%?$0>hEsQ_hxxrnzspWG9T0X!E6&i>h;ldsQ>SUmJtBK7VdT
zDG%#%19}sBr6@pcSG?1_8hq!mFjih%!0c})XTm+)dqQj_oDQoREQIDAO|)4@<shVl
zsOP*d5OR*xcazI;9^RL24Nl33LNZ0)u8xb(?b7(`bXGUR`<`!Z=svx?QL<#DeXs6{
z4FJd#f7@P=a3JS8m6$jn)mCI2UhujJyeJy$>Z$Otyg>WW-W!;CcV#blt))#zUWb{i
z{H(BEFgNVP1Bk8`$VOBZU6zdgs#Sl-P1~e03%6nVnr=WfPD)6o=IJ1;1-Vhm&D%$R
z7?2j>VsMkR19BTz$P&hm=h{_>G&N>do?Q@davxW0tZ^-9CxHUFG7^jg9a;j^%<Lk%
zHMIe|3%_K-xz^b42ljP2c0|-INmf7F@b|6c{82ZPiDW5YkHZrreuo4AMY3z}a=Lqw
zJdMm|sepSH(xRNw$^vHmKc#vDKq;JW>ciLf5|361{MLJ@p`>PQ(8XX`X%&B>a<;!9
zBj;XQTPis5Ndw|9XEsa2GlWat^BdDHa=hL2W`0-_`U**Hw?G9OqAi~D$ZpW$eSNj4
z^hVwm1pu_~!5w)&sW7ehhiFBh3;o5X54EY~zZ1iFO6ocMXB4Sfo-QaU6hC&{=d>8j
zM&g=y3w1Ezm^xS}X*h%<fjiM|N(J@hJC7ms9SWhPwwmL|P=syzo*Q8MXI;|@A17V>
zJ6d=^rhLe`@}Fhq0eabNg>Mi5HZ@gB7B>x90KOVDA9<WCiQQv%ZG9~-VAjq`IVAul
zhIP9)_0iE#{8~}DQRgUCqd~|qbJd9d8Bd`EGSeLm{}Ikj3~S=>CnI#j9?|9({NsGB
zniMSCY0*<s-$O8v0dyDE*Tdy(2J<_sEi8W<T6zVm<uZWlec40cA~i(@{CamdK<a48
zcmIn%p{oCF<Y!s;X$W`h2eYln^>FATtt~#XEo%=^zH%x4boEcK!hMtN!9%jLpIYV^
zZ-sv7=kS*&Fc{Ga?t0G#kLF2ObOXFYMm`P|M7|tpYErNYegHlyTH1HUW(>4R%-i4*
zjaSVmez}Z8%e9X(LA}yjY1<BU4lPdq+<>gXGXDs|p(u#V%E;2@{v4R!37F~C=_eWO
zj8bR?cgsRUBO|9a5ySI^+3Y^e4GR%Z5|ui8WLJ4mzV-|S2L+TkYJcJzE^0n_L7>L3
z1mHKXzzd?u5(Um$-}`3g<ELF@AdZE7$Gj&i&*@n)s8$4nl^%~_FZThW2&MLO4PbFM
z)_N^RYMbJfbfJbIsK=&fyYH;p`W<;ICC#+nAOyT;Y!a}8`W2}jLD2q&nqAY7twuYX
zp2~Do286{SxcH`y8aiJ}Gi&)jF16uLj%4Cw7_EzBo8G3R#LcZzU&Zh495~WNM<1v0
zfQWLItdegyZ#=^{DdLXB>rXa8sw8AuKV&Aw2mX?5;<bLY=8OBBmls!^-dXed@Zt?r
zaF%SKnl}Dh2sybNz%LL-5TGasXMde27v9M{4KC7@k-*tX6X_)@yH8~Hkhp>K_Q@)y
z9j4<ORO8C$+T;LkO{o%*<mkR<jB`vAzci7Yo)7@UD=<(oj0#C!=<2C=K4V+=5hsm!
zQe0YqU;s~pY@Pd^zDc)pFx1;<krX<)p}wY?74hS^ABv$)W4R0flDt#_>7P`fh=k5+
z8G(8dEm=Ay&<Bainb-U9<`$qqds(sRlW3HiabU}Toa*^aG|ir<L#J?>Dt)fQi-P9m
zl_*=hZOZoG3YzqAB+plc<@>;yZ5-s;OEbMhGL6>}Kd6bOh>Uq$tUSal9YSLsp$3+#
z_N?nXrb(`3A;qDVUYRyK9>5PgQ0y__RC}UGgn?S<w~-_R*(n*VHE;LjhVfi<t}_Ti
zyi+9)V250EdyYtRe>mNQEBJvNA#iPCEBAar^729rFr9IjA_7iEg^x+W#pm=TCQmi}
z@P}<b62`o1*9ATLa`ki3fpkaT;>JtLuX(|nWfXjkk>jpB2cp3aX<6i0EsBF}mP0}w
zh)6G1c*Qck7c#;NzTEoLA`?~ew~#xvBs`3+Ck8x^IMeDz9N-zwSmC0<kaU&gGhYVu
z<yw(!DVN`CCdN}SpA739Hj+dV^1doH5D0SJ0g~-fG)*BhS5Aw4EFR?&ru}#!>K=;Z
zu*FvlN-jfl$B@@oF<E4(X!JdcM|mdtr1jGfS6o-uXdQC7nF4$h+-r{)6X_%8F3BK<
zu8S+#uX49g#v;?lT+;`{Lw*O*l-K#T)Ph_IcfJ$F;47p`rm`|U5F+$M=M=IlMi+U@
z_aYUZ4ol-DQ0I_%PVMU|3nCu{M><^~b2H9zN?s^e7ZoX+F|4ZZ(SOSv%<6!L<Au&W
zy5BrCEztFutPUtIZ?d_UR-(af7ym*KkrD391Grgx5f0;oeo#Hl<jHRX6<i=oS-GVB
zVsu#d<1HZC0o^>_6D!iY2&v}oteMiD<mWz21aO?3<_LW&jg3LRDx&z2BGM?zPuVpp
z?pAEmu;O%NVZmg<oT6}9%<)+aYy7G*H(+oaXyDK^k-%>+@=8iu{PeQWH$>MH3#qpJ
zZT~xDeh7L)yeUw13U{MtGAXPs<_C-{7zqNZNWVdKE6Q0Z?W<0GbMscY-2_4?NYg>n
zhNejxx)&lt7f|}U&TjcklGQH}l+T4U_e@>D1G=#Fo`^bpUwan$B~pBlE8QWT?<}F|
z^^=Q5^3Qs+-(*6aBRkVO%~De8{J7OpUhYF1WI-GWdBBlOPRI2k`%W9l9ILTzS^`2F
zZmeJQ#qk#F9DZz66frYmOU4cs%ntaaA6NhtEbQ}P7;$Lyr<>qKdy-^4c_$1jbMNUF
z2F~$j?%)BPy{}AG1VfyIduw$jeRE(rO<C(MH=|p30{M2WNshF(fc?zaLQBt}MH|+N
zBj&*0AFdTtJXXx5ESckT=_rWLS$W7QsO=~nP8Uy5W2;26KRHNgOvojF3ic=^Gdg~X
zN&v<KLB{DJ%K^_yg)7!Kzd|bQ{xy>|;Z7Bu#mGHn-ao>n+-=!~k*n))V1Zpce%`o~
zUO$Xw^Yx9F?*g%l)R@cJ;}AsI+#MBqx<LCtg&j4)ub}Bo4M}pCuWWvi1-m*@Cx^lg
zZ>LmO16o}jXQ?2uJCCUcZLS2-uh`e*a=TiU`Rk&<y>%P(mOyCPekUOg(dtHxB>;E^
zI1AEO*BAGkS-lwtHsXeK*LYzRfNpUl!782D7l{u8oI6Dz24i>G{0Y+&G3Q7LfyEY;
zpW)Ny$fQlB{rr--qy8CW0G((8j~Ycb81Bn;2;U{3O5*b^5zwz4Kwh%2`{*;zURuOa
z-`eDMrhir=h~S`Ud1qb7j_j&pgIIZ#FcOgyy~AT2TP-FP+*>&b<ih89-XoI1{EGb^
zGb=Vs`ls%IZ?z`@jHCE1uam3r);*jGhq@3HiiXjk0*PQ9S@scp6F&2`Ua<X#&TsWq
zznbbJc>fW)s-DEzwHQX)ACL^hpZM+G^Aj!h&CisSZ!>F&fbrLI*8c<5Xyb?60IU;i
zch{MFZPq5)>C=OQn`;Z)z={|A#Ydbu2t2mL7C@33<OL%;tV_w=?huB(AV30&Qc{F|
zcK!rX{sY~%RuR+0Q$)p=zV$-L;}$ZxoxE6-?ITBpmF%+>_o7<P!Du{_4U`>>L%8>s
z&v9902_Osx`r7H@_ZVKKSj$=ei{jL5rX!r}cBAVoC?%z~e@H-SHyvNycjuPi#}tbY
zDS0Y9xCBV%hC5Dkc%$$%&p1HzT4SO|Q%!<0xQ(@xoT1=Ss;lyJQ2rSV;po$)8;i=B
z)YF3r;~dEEG$``F-PcKx_l*5&sqzBfgplmnn~CtE=VGnQa}xGr4X0CkfBx1jBd<?m
zmJr}O{GyjrB8m0-xY#U?cE%kIQAk7wB)KyL0jxUE5bMy9Yn`Q6AgG{^uf5pC69*Gr
z$Y>tpGS${w4au&BAvbB;8p-J{HyrvaWs$$u*V%YcW9mT(d=(Hkwk3rq<tzn-+dEb%
z2d8QrUgT)W5oB-N#sr+b$j=mne?)D6o*CVnFMERoVCK;OU)0wp|IM})+CJs8hOCEP
zs6V>dOoTP>V_O-L12F|z4I$#&k||{J#DRlU)OIsag&g(P-vU|vk-Ut5$+OFB>=#t^
zl+BjG$O)*JA?s&<1WA5tvz3oeepHAk1#O?`iK6FdPx0R+;OZfP7M*GAoD5#`qCY8N
z{5`S&MG~=PG`#v#z~6*ET}y$Gce0=xc~Z0ECXgrD*FR{HTd{cfqv5qB)vEF<O`?h6
z0H4H(EK^&+aQxFt(UE8kz&E#Y_vM?N#z-gK))!6Ddlg8dY_P86P!<g_>%py&+{!&@
zbZ=tB4+$bU0;(7K^_nW{gWJ2L;0Q?y3`=KvzM`;ctx1dA9F)5Z2U6?8VwU%hYfCpx
zj~lC=Qb1V}6u$a@cp`x(p*&Ih<~g3+M#O}^Uio1>YP+R~zP@%wx+AoGgqeMwGFT#n
zuIDL;`k&Zm36vnUzs~6T3hC2;hlbMTik`Vzi~b^u`ku@E5y35Hn%p-woHX&Ae;n|X
zayhn2+;)X(I`FUk4?ygLbnTl1oO6qPEp!<}#*o~Mq16-=S>hgis?<r1jK$$x)PT%^
z1JGQu5n%8&TJ2c?HALD^QBCqG<fH|$-e=3%d(f`rs+s5SA=&jCy<n)8K(9aW$6r0)
zmX)40f4=I6^cZgC`1s9#YXKaPDu?%;T)sgZ8Tz*w619A(6R_(cJOzX#fBW<Xdw<Vg
z56qg+!~CYJ2ck0w8%G?(zIvt!6SgSCQmvg*q47zc2#wKudJpSzT=Kb?dlJY{4SFg@
zqiaCEBojaNRUEORdLbh-M(L(k`kI47(ezkLH3d7+9z%dX8gNQjJjA-;oE(3B@)(-X
z-2MHQ@}HEf$?)%UMWhw=pSo{2d0HWozt@s9PVCQSBNe~Ri{mSA1Vg-+{=9rn+J`#O
zZ;VD`<Kn4*eCeq6N#4_>vh|Ke?2YLAftgYG;_%0Bnu4?R-+E)g?bhW@@a&}9W232M
zV^bitw)7oAqfd}Yo+R@5VKM86<%Is$PSMhZKz_^3%^bafCXT?xopO`CU+UdEM=|@G
zNPcgm=vQ1Pr{-Zf3o6NR)}iIui4!Cn;J}8$Bt8-R_lH0V3%iJ>xt;n82D*}=M@m6^
zA+YrF9T1Odto3~}!fkhS@qBH*P{<pHD74Xh^ddUyB)%27{VQ18QQ4*H>Fd<KXzxX{
zhSC_DfSQZWkdZ!j^Ce43@H};y67@>oUJRc<+C^)U$Rz342QJ9VSu(|HTD4S^ot<93
z_}&p-I2Zs^7b!BdFk6r^?NCy3@vM6QsD5|T0TL}XxY~>R^xoXlQlNp002zZO3q}!0
zusm_fWQ0==Rr!5FXZqSidb%*#O?p-yR*D;7Br7Wsb~{q@E>QCi35eq0nufxDp3H^;
zT!eR!PJEv$zY(pgLvQM4p#($OhWz)JA2J0Y&@T{X&Khe+zH9Al>`_Nz?Nf-W5A&P8
zy%8v_jXO2clQ5fFbcvWuV)U>$<W=_Ob&OxNd$A(F%4+bJ#%6TE^_7%G9~hx#;hN^)
zUasdy?Z4aplG49qWu40pbTg6<r5#>81x=x)o|Pe0G^xh`iu`v`66hJa{gQ9^IQP?+
z=B*H;3)AJGp`WfzuRyzj-DH*t#xzk8P8{!Nh>s3}kUZ-H)XPvByxPOg%j)^m$YE<g
zetL>VW-(>yf$rM8cxmhqcx$)kkjLsy4=mTX_rA?ca07hQ)lCBE&`oMYvN7N*XY)cu
zgA5DAHa5?ca4DiBFZf^y?r(4GeTCAxo!l&HzrJRf_i&6_jblD*kM1SJ5`HZC8jN&i
zJJb+G*?d+fI@&dZ@8Y_rAiB2J>^1Dj3lw&nH37|nUrr)}L3F3}V7w~iqeVb&kQb(L
zR8&{pj5{53d~=?Qm2mofmAcM-j)MkUGC{F>J%AyGDKLJ57SBf}*IdK)_*3LdivTTw
z0m>kIF;tqqP)Q#G-slO*G}C6_kjv?K=;?b*L$WBj+dQWR!DN;1NIkfa3(ce~4@q>~
zJ!=ouqE325GSd8hou3DOJZdfjLxuqf&%`T$sI^BH&A?ua`eDgNLq{*{eI#J`#4$0~
zEZ7=!>@+!I*VAeGD>#;B!EDl}r-Y|5lodP|DnS2%{_sWHzNZxoZ5j#h54Megr%S6P
zs3rJCo;Mu*`b-eD#<)wop?+~n-sl#GZx}Fvp|cLjS*1Uo$$AQbpiRc3jSJxNrA$w^
zUlu0bAE)>hhZE9uUL&UpWuB3qt(8l2x4><g7)YJK@j*FTX<sdARmH@KPDITOX0RUe
zURJVJ0ph3M<&A821@{Jl<Q>rzyGT*1-*WYJnw%i=6_l=1z$-dnd3XAr)6zEB#cFt$
z3NtLf?`p}y$t~|2z3IBP1i8EY0FK#8MM$<|4rv=j!+r6w&DiJY$oF8vEPdW_*@9OE
z34s=(<@TmYCyta4oPles5am%l4l3O&-WDH789MSg)h-?)H=&LdmMxNn*fEn9RZJ-#
zQ=*z6<&GMhSpwOF=*Ye4hbc2cDO@wWHuqY~(6KT#FHN86uTrkF?a7ZgwcQTUcH2bQ
zTFU?7|Hh$}b4GXQ&U`60Fp&U^Nc~an@}*Oi_vPbO<GVr68!1oJKYmtMUY<E52b#n5
zI0UY>VrBS?cV#q*v~yeUn8%srU>Y8s*%oRttW*JZ9&Iz?#a0A-{@CqBb<YQ+PQFXA
z{h2qCua$p~maAC@Vh~SXaz6jhwVd=%_@jN)40bw_d6o(w?)OkMY2v{Aq)?XE9m*8L
zVPN8!)HT`gCQ9bP`FS_osVL_^e$sfsm%?}GG32>cD`s>9F<ps7iF*sVHRW~)9C8tF
zDkNOl!eQfX#d{n8g7J^33JeZ(J>9^sML{~lFJUM0PP3L`T9fQ(Kkd)FW^V2~-sFg)
z7J~43LaV-)a7pQO=iAX(8gsA>e__}Ty&l^&r(_-TjoVw1z;b~=nb%b*Q{`Bs4@7s6
zHfO_Ng&7fK2&iWptRZe6GPT>ttq+-w^*x|+yKeD~6@@Yrf+ho{)347=anO%;<!Jz`
zU%_tvlAHI8Cvp2~W89apA<u;~|MRaj7NpD8A8uW^Nv$&?ewcs=BXaL1bIl4?{3I=w
zERDL)f@@yf=WNawvyA%sHd~v~4W~V^<AN7vh)XmBS)n#%-=LhMMyts9R-HFPZwvIl
zZ0C+0L&rrT%`InzL*}NzE&tS%{#8*Z8X5hxG1feno>&!2va$SoVHx&T-b%AO7nZE&
zb27yzLGN$RH=Vs1cu6YL+tW6F_#(H+rW0@5XP-Jw)}_W|e>opM6H9p|g1N#&6Ak1`
zz^I!22L$m1VTV+biV<b0(;kWv5)RHK>yI?PLYVoQ%%Y(PQuKV{6eBy^DYET9dKIjt
zdLKW8Iz#YD=Ew#}s59T%syB|vjE!QOlcU#wv1E@92(k#loCHdN@(u;&6_>RfJ-}4I
zXrP>Hmw0=13+jEfi)LhUDLA|pT~%k!P&QWk6xpc{_XAP;FWP5+)ha58Jnn1R#DVx#
zM2lD6m)}|Q{_s5QKb{g6fWgNpzshyTg12T>xRz@nDlX4?Cjy2Kq4gu#-=`j8%bs=2
zfivJjwd3WjMTmf+iZ%Ng#NJ`nK6$%C())mF0>A<dIH?Y6H2o3L+rpe&$6e1DvbLb{
z-UJ_M+{BT9N-{;+joq-3kEpqZL)qVlN=rpE(9i!H1~eF&4SkdmG(mGkh}j&ZJ+Bc-
z+r1aXr&4AlxK~SiIiqPt+V#QAoYUZh|Hw0$5A6WT4<-pl6a)q8o^zXwfj&L+#lLZ;
z+ESQ;FDCw~oY<QmcrpDW(+=GB)L8uWVP?+|F+W8<Y=426#xEYGgcLUMcc#qEIe^^Z
zTl^G!C$k5WMA(iE@`Hy~qIbG^n`~A`5RMrz7lGCQfi-QuiLPvQUcXHft{XLQC!rkp
z0CEUPsIeO4Jp%=*2U1F@b6o8KN=yV?#g7=?f2HWr^L`mHpSS13f%@l?%zVgGQAyBu
zPRJHO2HHWYH_e#}2+2@E{4Y;zb*OlLa8C`)??yjetA0+#y)|vse#iG_;7xVSUbPy{
zsG3JGmEavlXAb1aN_&zjpKaK;wTP(trvy8cX%!58cCa<R2M3{-F9B8a7-MWHvb}rt
zK*S_XvcCuK7-oA>W88){2q3qqM;1m$nJg^lNw@5*p9PXIt{;+5R{dByEiEZgx~wbd
zC`4Ley9kcPebto=;zWmzO;)M*Xp+8i)n9+J)L$^bCXGtT*30bw<cJ7e;{lRjY%w|(
zE|=wLGN(n$=JIJVN&?1CX!MOgex`YD4n|cT_vK~|le?4oraJ%)G#zjUO8UnE*I)&q
zN&H(|uSE7tEYpb2YWj$>P1erUBZHr<6!rm>k}q=e*SWu%i56@|liiXf9Xmwa%bcfG
zrS<0+RXwKddZvuKeGe%li(W#>j>Y&@oZ#-nOBJ`4-MN=&f&-4-oNRBaXM1(SRC!Cd
z+X@TxC%JG0El^&uRTb~;T|n2L&x*?HAD8f$lT}P0?fX(1EY+nHnt$+{zfDiZjCHNH
zajzZ#t(pi7vWmA~{GOA=1$a#Rlhdh=1L0zJZ|Bl5|9%TX=!9rB2O++x{b-Oi8(N!K
zXd#RCu#e$b#SUx|;Kzbogw;Rd{__w)vqm$BJ6@eof%=A-bB5Y(EzG@+3ZodTvy0n~
z?#^~IZLOxohRrk^I4(Mr8(%BKHknKR{x@{7I;5??Ce5{=fR$PrVO%q5GYYib%O!jL
z_;%xQZQSN~Sw4Mr0v$<1rFGzy`*fH>s&7z(l3lUeX8?RIVJ5;csoCLb6^<sUspfqh
z>*EsExq85JK_z1T>NrM8P^j&jU_vu1nAPQ|PwCtb32}-dQ#33POa|Pu85Dv^pTlvx
z2?xVLwhvC3Ucvs85*X8Z2zq~91b`WbN~ywWA%_bjataqQiRP^;F7s<s8nz6MMmK=u
zc(U@o?7cy|(sD6x9KcFWasDVYrjdNrD~$6_vE$i9G*c_<<NMA;RLKp7PcIj`b6p^=
z#U%=xTeE}tHej?{UU2?Nxh54!*Up+<-L?#A6vQZ~7d~Kx$!h&S**9JdJv;kSbTBWZ
zEqJ_NzUTAE5AMmw=l|xc<cT9A0qgXWi0|>>=<LLC_pi*AkSnFkX8#-Q;Ogj3T$7H>
zQ`jVHBDL$85P_UFV(6!4fu31rb-}~^6|6}^7lLl7uWY+JEGy1Qf!QoZkj{dRFo}aj
z#%2#Gcu_tTNbbJdlYhB(T@wjoJ>?4e>Pu2sPkw#<=z*aKoeil8-HLDXI+-h<Lz`b>
zztV5!nNg=oDnY8{I=_QH>5<-*$Nb|eFS`jJKOk3PZ}Gzy;{f_R$d=EGN5!EbnjXmb
zm^*d+h|DjQ1=hA_=X!{3;z0AHP-hJM@{rrC^{H>td0-^buVQX40ouL3{#J~YlTOvX
zl5oU#&6eL6!@9d6og++VvgANQDkTR;iSm#TWW`z&jL$2&rwFCGp6O^QSNyf`M-jv|
zT_c#mHJx6}b_DBBE>Ij=y-J#7Eg8s9L8Z|b%g|dJJ^P*|+wgNx7j18@HT98b&J3C@
zAbXddA(Wx?jd1-Ov*fRAgDURy{Yx|D1CZ0kGp^!GQoF$hZ0ER4?_F%_w$GP~cvTzG
zC#O|^3AwlQtcXBPxNf3PxNTdxo|;GGn4Z}iFqvVVT2KRd1Ykbt5jtNI$<u|T=%@al
zs|!-M@Yk)l{q4=SNI<sSzq?6F;Q@7lSjg<$CH#<{FCiY42F-i@WGw0Q{zJzkj`AgW
z!eo5(&};WFwL*FiAXvekk$?~40PCFh8Eg<G#aRxq`L)mLtZH80jEDCf8iYpunLj$H
zHf#BA&mY5Uq_nifz%u)zpo`VH+OsDwrp^lp9|u4Mp$n$vdOo#=H{Zc(=DbWY#|V5g
zR#+`aUAO8UY<U88b?)$pQ+6@Di^ukYO8N;7k6K(3m;xsEJ?RYTE27;nQ0Px5n`~Qa
z>>iJ(1#T)Li8A4#$0qOjd<ToJ)$#rto-aZ<{wKP5h8P@wZV+%<f(@k1lMTFRqK&uI
zo8IK{wXJsiEp2J0pb73oq3MigO4>eJN5ri_w#6vERm<<NX8(c^kPW24WCYnAGd)p!
zWJ{4+{H+<yIo|?0f>{$SWiHbXWxarAFa;FcaA9=9hs+rpNaW4OHvMq5vmyN)wsY`{
z-#aj~LFR|<@Q-DI^@s^Di)Db4qsmN=4P!2JRU8<2NCZ|Y8EFa6yxF;wl<6}2`?hJ|
z&L7aMJ4Rnz>kwJKhKC`niXHFKh<aEk$86Mar{$})&x~Mi)h|ZQ_mG>Wka1ph>+3%f
zO=Si^o$7e{pE$kpylI{aYpis40<`)s%#^2fQ@)FU$*xtUu?3V-?Df(coaCx<=H5j5
z^A|$VH779?OQ2tntbnTaVhtW!SLY`ldJ;th>#bbM2EIh1c~T`tVvvgU_ZtjR*jeqD
zhVbNm9gy9bUjFha!NIQK^DGh8Z0taEFW+mXm8X1yia3#%L}CPFCGyeo4~9T1Bs&h4
z%0DE`L#%38>j!EpnjXdhXl9;mP8q;6{MbfNx8UF{_=ky4+80}aT2+<>1vb1~LPnSS
zJA&fWaEp1O(YNm`qMR`$M8xBOY~Tpv`58#2L%0?8(?7Y_O>pE2j&zKH)+Z;~iA{tV
zRxx|3|FN?;JfkXjTns&vD4J9UZyl9FX5ycS#KoN%_p1Vb@pgvr9a89GQ1+c|521;6
zdJ*Z1e0>{@ULvanOj8&VUx8#p*Dtp6B#u-?)mILsbfR(KwrJvpi2x3v#Ukp_PNUpc
zUzCo~()i?OsgPC1!gI`r%a{(bpK7|HBJoL(5{Ms+$}+XnxBsFJR#-{A$0H@qRb7G{
zAjczjK=Y9#(b_42cgU3lN(UX)OGv(KHqKce-x<hc2r5}I&VLgn(9<dIQy-MZJ|*-t
zmyZsV$@-K)#hAnO(f;jQ7c22qez2RtkQgg$gcc!PxR|@~P{FbH`MPI(MmNuzF9U+?
zaXuhcO&&W-&{<_5P1?p0ECb&zR6xxo-uFjC(#7c60opLAjb(+89rb;|?i}Lc62GhX
zjwncU9oag__rDMQUe#UE$sKBm(MGc(9aiA`I9HC3Dqt}0GFTCW3+0aleyN%kgte==
zw~9fyE;Y9K;ET>-)!>HXfjLB8Cw^dyWcAC?BBD-t(dp<9=94C^u#wxgYOEfSQ3QK?
z9DOj;RtO^HJ2rYqmxL*zVsF@*Csq*zgmX_!THe|<he+oQkorEyYzv}BpZT$3H{^e7
z{ZstW?~YSdLRx@kMpr17cP{^}2m899<aHBS9NR)rZY56I(lfg^^6>4=(u2T=jHY~_
zspEhb6F@f77Hxb*vT;uRU%obd1By|ZD*}LiFZmnVpl8cQT*#g1BKI(q7P11M71WUG
z;#myNq`WNkFcn|L&%SrX|NT(PI9e(fC%wlvT$f^%mEe$lTHKkga2Q-jO?f*49KO(7
ztMOHW!1-n^AU97W&!q?0zufaXOm(da!whz(%*Sz5yWco6D{q?xhBndjD@H+{{mf&@
zu^K1u-(Ie|pawf#;7S=&I=C12SasB}d7$`gj!#+KV#+Dr4Fi1{tuklci)crQP{MQS
zzD(FpJ%_ShyM)iipOwnvZzH_qp+>aeW^U5-7X(4<E8P?JWwqaeod>?+f&s=5lAdv9
zTf%1IKr-B4L&?{fb!zR3me+Ttw9C|z3uVg}=)QW_Heh^UMkj7hxKCY6Z2R{pvYY)S
zg>}yxMa)k_Zgq7KF``VI&vshnfwNJR$W2chEeB#6HnYEg_YM~XB%T^>b*j|7Ur<)4
zSxWl{FKk&88eW+Vm8<&euF2|#L!S-BTrQreGsnz_I(9mS`C_@4RB&?pzhfk*8)k5k
z2kXwvrLo#m!GIOx1dT3zmMqF|rQP>4I%s}GIc!K%30G6qE^8FRL32ToHK&n{`|de(
zWe4Kh6>-_JpRYzPwAY5wM$tl6w0Hm{&_&@Y)Yq1}K1-)RX=>s@T>7IRKB)}Kx3gI|
zf2sM}eda~@nIE+8qFffF8lSk)6dY40kp84_XkdC#B*od2e~6aA?7^j(cL?Z+bYL+Q
z`;3H(b+h1(E#l!C-H=!e1LGI`qibv43nsu7&1wNaj0_3v=#S2&yP1lsTYz`th1s;7
z`Z;8)pp<!)Wuo)>ONO&6DxdO;J`tpsU%60Lt$}k*y=Ee@Ne?uuSmQW&a|SS4ba{j3
zE+|koH{J00ux-!B5tX|ykZgix!9l-4;dG>)nF9pUpYge)&G|dK)Ed!*SCy5IRbRVx
ztU4dw2gU6}oq{91f72;P&mfc=EH4V?=Nuh5&w{eVA6^N^8#qAU$Q12}e#x5PIiGha
ziw_<e5%D6o9K;hVcnou(9N9MUNY8mVe_gm~!p+nW^SOCfJ=P(w#8~$Ub$(%vjt;-z
ze(I2w|EqSQXUET*iJ}#UWTj&jNsJgle<r;6O_e(H@R~}>Sbo5t1VVw~s%<TLXIO6T
z<-10MM^Zef@rNCzAHRq&*MFkiNXf_)6GPmg#HbX^203vu?HL+u;L*~X4Yo<RZ6+vx
z5Dl#D^Vt$#rk1=&?<}5&T$Pi>NsLcIL|ea-{7_bF6qLG|j_P|WP}|_pI4{-oW?DFz
z)ZWo2GcjxaykML!YOm$dDkZpKYs4|AG8w}AW<4mFC060wVq}WDrwDQ?%IUEfE67Cv
z<|au_?+i4Ct6;hdw~5kH^#e9GT4M4$RHr7wW1b5X>Pxz;s+mV%8=XQbKk#`bfeL3C
z9bt)S#~WC#*t0&ic(;~!Xl5#k{yCp`nB^>5$`#3Y*$KPj(|3xdFI81J4wmK4_SeP;
zR=OrSGR48J;r#TFz9?`chON~rbV<0>@9VRF;*6th>>y9yH=^iq0BM0e)tEqV*b45{
zD4WE>>f2bGU(|CAhu2tO{viO(YL`J;^waR&6Oi6^0TqrBRJf<~q(%2QJVRmQH4~R{
z1zc)D1qCWp)DqaaXp&$}Rcjx{svCFCE5~4o_vTk>ez&qy%&04P)>dD_UQI+>xE%Wo
z4>I*ffMR_K{=36e9Y>|<U5RNv)*ld~`;37w6WgnM1ZhjmV!K3z6XzEgRTPxoKgKF|
zx9Oh_FAcS@pW?$AV(O0v-`_w6lK_dK@{rf>f9zlGc(1_^u*`C9{0=|5nffL#@h`D&
zvGZBG<9>ZDVTJgu=51|zjy}`3vSV>=yo!7&N%)lI*C_XgvR!ka=a0tb$4Ngt6JdZM
zKua`S2<9aGoyxxq=myK;BvRS0h|#+qsofus1Iv_yN5l`Mnog$Tv>O`ANtIb8wf9&(
z5$>U?#?z15ygazi+}@Wt5jp}Fn%?wBDaDb2S6BHj^GP90g~g4ys=S4?#BprbeCT7u
zpvsJE8_X-?hWO{~jFnhd90Z0q;)a-T-gW0vrU(Wu75gyd&@Gaahgy^=5z$zyI9jk<
z$5gz0fMMdPc+Fr;%Ir5*DAC}&{sd~Wki6{Q{|EEtcg!lf_hyVsl_Pa~*!s4Bx!W*(
z{#b6Sa~D6X9O;Qym$^uwgEH?uK}7I&yRY;v*ctlSPz_9Rhz0rA!<YH3<biunw}6wO
zXO$IEYI_{WADG72ByJi?kU)SnFa&53^UiP%w%<rH`pllq)=Ud?=ivD~1w~<NGE+jL
z4P4w^(EfC`np3eKS3C@R^fQ<)?z2hnY%O#8?7ZVRSo{W?MDAf=lEz06*lK^N@tSJO
zN>dFl2QgYwmg%z_W$5yw+_koQCG(XLN31T}j18rn&%M4B-^sG8=1npL%N&`v+A_&v
zfDbrd^pt~h`p>?1MuA#sSwu(hJYx2W56KU*via_o=QzmUp_iZ^alRFUSWvyQ<}VHr
zbW<|xDFaZS;nARUQWh9HKYa+HK(CU(2SVCeOu?y`{OGeSJxa0A<@+f-uj#g0d$iK^
zt(ZQ8ywEEQdv&b#ykR9}kTZMy>Ve+k%fUPAW6EZ>YrC0plfT>QTH-o+Wmo;T;>VZp
z)IE=*$kh6`Qx^Xpn(2%3-HNF0HWg;M_){T6@*8YJLNHPnR$FUR+<Ug|p=5=@l!5zS
zAThtTt1QI9v1K96%-{hEw|2<kM&khX<S;)$UC%r$In=e3N{3;!d!VG1FM#lY>j$zl
z(MRws*$*3L?huzt(1vgGda`C^7*<XfJO^eqCfma*)qWMs-tTLRm{r9&XdmAnaWnkx
ztz)~Ue{b6S;q5}ts8zw*p#&>4V{pj^4vbmE*XG6$W^sSY`vxD8+$Hg&&BtwyqbdfY
zP06q2RB*vX^|hrS?E=`d%giRawvXriE&y!>-@zJx_(~O*kcsLPQr)=M+l4iFZg7(b
zhPI74d^EvfKj{H=WAAqv5Yu3=Vd)rWzF_^cz;~zf_;N~O$^UrG-zG&+Yr;-!kl0GX
zrV_H__HEJ3zD=z-4aDl9Jg2I^IBTMD;^6U5FD=cCve6t4CVHy44}>4B*7!puIqxj(
zCFgM0^IIEMVX=$1?=f?&_=v6=?U&j51Hpz}%fJV>TN{8P?gqp&t5RQAKf7p1o*}&$
zOucSvPyPPOKK=VbnW6ME<%c2TkM4;W9tS{9hOb5uW)g-*br2wBf3Ec$AMS$j4=`4s
zifb;T_6@`ZTs=gh5TWnH|K!IRdv!O@+_4RQN^}>A!*c)|e?OmGBDtA1UPRq*Cp`7u
zyiCyZre}W~pkDv5)wZI-<@q19KXCupWAAj)rkz)R5tV<GlEbW+4z{u~7h+z;8s2nM
z?V_37J2q2Fqr*Y0qOkbX0S(W%=jfQWKSdOZ_cW?^q#SCQD&s%goz25<$9~IHJ-A2n
z?>fd`Ox*{8LoDI5@4W$A)mBkKjo+rbE1$=gRWCHF<d6Kk`!FU!TpT4vj}6!>{kc*C
zC(A7wYzK2n2h~c}cC#r<k_dn8cp;W1cmlj}Un87Sz_;<ud<XW>!CA6>B0hG7^@KrA
z^1xn$gt1bdBS9E5)5953^)SHc!|5y%ZWh9;AN1wLw?;}yBHDrpu(vok@nNvAE!l@Z
zk$o0Xa&X>ADTDs)K^#o#DSl|XKiFFMqDW}T==|w}=tQ9CwpG5p&6H9^Jf9OE<k5H-
zBE&iAL7v1MYIV7X&oA;19pv#|L|>@E>HqVVSsz+MU+*(Lbmqk1DenK)0`!M~3$#G2
z9zp=r#w;14I!yL=)L@4ZZ6?@|&rGRT*1w1T8CjPd{P5_(XiJH9K0LsaYoe4wXL^t`
z>;*k2hQf!3`}fc1p00<_!0{a@K_|w;OC6*u?#SxU@GDU4e_wj_bsi#%L38<>;I|aW
zD=2IP8EnMSf|p$n(M&0c9^&0VDVYR-UDfoSKdZ+QPt>aA&rRWy)NGb|#3^Ua2e{(~
z=w*8Fnuwc+DPN850iaB-aQcSd|Mt)Ge&e1%#wHyh?`iK;LxxxY%EukQU}wdq?vw>B
zy(=CVp7_B`XgDUPP!9bh=j#!grr3wxdR9^KD)M03hdqxwl=~hhx$BO{R0~!!23o8b
zS`|aM@!hGh`Gj@Xef+*GikV*C=p=^{p*%PvGGCiFNEVbZHQM>Si8Y)4J<^a`??IGX
zKe8b}4L3Ju?(dDqo4u<*w#|EucSd<1*`Y*Fg9p|qGMw50T?cvQhcdM`hhH1|Ci*^)
z+b7lh57B@tRzishW3A&<t^8r?^43<hhpmz>{L)s1(W_g_tp9POdOEuN^7S>^^>^d~
zku1-}gh0OAU7s4ijg7xx@9=vjP%v7Mw0o)qM<VK+OVIGo)$=54H^Wg~%!t@G5vgYE
zDNM;v5d#T0b?Il@?ojoc>L0d-?s`94F#G;#r+&I-f>h|lhKAp{m;V8`{0Wc1hBoS<
zUNyQ}5|%js;S<<8*o_!zVDN(6MA-c)P>NcK9Q+kXflLupI!4S^EGx)Ht>Z)Ji_1#%
zuPC5KyY4Bf+*A}Z71y&T{h77%>it>&sNcnpE}G0$cO3Nv<G;y2e#-k+!k0gyRuZ%m
zz*6zXUgL31te8~iH+seJv7E<1-c}UbLbw<A*qfaX+Ut?N;eCGEJX1{y(h{Ft@q|I;
zi!_lp&7oL80itIwsfDA+0K)1%X<P~en`ug<C@+j$4l|Bse#+feETQF=y3tvQcYc!_
z11m#d3$0;g>)Y)en=WMsG#2ZJ>x(5```Zc@u=^m}AMB+Mia7cP;p6u{U)pPl1{Ec1
zYw_ZU9t!#Bz!oyV*w{4{GR6XS-USTr(fn2bjp%rXr-{CPLd7{N=9!H*Gc3<Ev*{RB
z4B$SAp|lN-5#&yRd9vVhgoJ!;wRissf(n;?Sz)>9lYZSPL(gllRob6>xyJtF%OM(P
zKrO>^3qtt8c#R^&E!b!hz9rN4P8Wd7?7nwA7+%k3tq_OZ4`&Gk|G%o<I;^UwX&c{%
zICM)lNQrcJhf*qC9*~v>={g9~DWZThN;eXMw9<`~v>>f?*KhIsp7;CS&p)^>uj{P6
z*IsMZ%sn&r%o36%e)0|tjnt&*@9ZS{>E~aQdL{-BU&f|cvPSxqOxihKHa<y8#fq+a
zK>AwkWx)JwRD_XzS*;OiG7Bt`OBM=F_*ye}cmp#af4@2;;J%w7wm94^bKhs^TB&m&
z)i3J}FI9HNtRYdttEMF!_$#Ok%?RzcFmEl<Xt-(EK3(o;ncsu=>Z4K&(hMas!9L+f
z0`Q+G2kdRw2R@Hhai#es$wn6H#lv0dwBye21?^5*dBiv^O+Z}dznS0I-EO`zZFqbu
zBf4E1P{PyOd0CNOKeNSft_+ql-F2<uIIDTjvnZ$chKvbM%~#AyhC>``gCYDsjmRwb
z7@Gxn#OvWL;g^K0Qv2lGi(AKncb~tWIBg!Y+5XM)#`QddEWhlSwaWFj1ajC+_{)*L
z@bBH)A5IDwo&Iu_xN=LP1k{m=0?W$UkVlqKUJcHBNs^OpiGCTkcNJaM***3AXYxf&
zZ!4~G_tr|XAz-|&29mV!c<T>zyUV-Rjg6?H$qivx`uy(u`mHz5bK>ZkZ9H8`4cC6c
z+XiFkE8I2;ZcPQ<G(rU-LjWCJ(1J83BF*$`6CY<1B=|YkT;DE7^cr`R-;7SBc0Z!2
zWqAX0wQ(-)9w-oyPusyykpk!W5*y7w5RaU1#mJiGjZ^9VrG6I0TeJpRG4jU-k?r1{
zIe4p))NW?R0Ud3}R?*!r#1?AAAGZLQIUU#9*cc<EL+pYs06(&HD2U#d%ZbaYzvL&?
zS}n9{CN7H2d^ayLJd<Z3Eb-eR_nK*}1qPVLz$eCRVnAq2*qL#)wVgt?)-vCDC@K}G
zpiztPoxOzuwzu`ZbN>`f6!Tyfg4wYzD8eB@Y+0TXfq#RHvl(CAmP@?XgKQF6z;o>9
zy)Edo7LG}Hi`ztXlzPvVG8#_C>E=ZVQAW;u2GYNZ!L9^gSBIR4&#%+c%pEB5C`8e~
zbLsH**pc{QZ)X2p;F{U$mrDwZC>v!kWB~*4aJi(260fsRxpey(6rej9*o+_-H;w6d
z=T5E^SvsER(p(*1;jS<GjkpcirPib5DD3#wN*9W^y>6^@s7o%$J{UJfAui=Ya)tA2
z+HY68C52fNSO>sSWAc+{9Gn{6mm(}~@7l~B_~x`pWzmk*Os}u<V(p8b`;tJW>nI{r
zUBp3z`m6FVi$?@w%0z%+JpP_9oBN+}8R!Q+{Cf+Cf$;C9*~8ByGdU~mR)iQH40o~I
z3VJsI<#!oDKdd_cPx9G__dNq@tCK|eunSwYgqk5<7fEo`yUt#|R7O>1q0om+QU+UR
zhw<maQuJ_J86{AoucMe#uUa1>+;`*e0f8l_faQ*w(V=&+qbS2D@XYq~aU8u?8{bG-
zn8mZvL=AxbFFanHy^^bReeiH=qy8%;582;@CMcJBgXhb}FAcqdGZVq$?qGr{@EuKS
zX)yHXyX@9<wU>z<!tugs!OZTfd51Q77(HxvCdC&K;Nd#A@-;@-!vwXXU2h#`G1Ka|
z9VFvyv8z@V$Fwu#J-vlCFYLay#=WGmbA<sBqRReBl7_h?Sbf!Dd|4wdFAW&apMH?w
z#*Lfl+?UnHWUmyBgPFl7h@_|jPEPh2$tem#c)$NP>1g@2yf0<tfr(DWh(QGjS59x?
zo&%dT>YkG@)#S565K)A(H15FbY{S_WUmbkmZL!kbbeljH_SRo#)tq<U(n{3a;(N{J
z-;(s!c<xbZGwInaicL4WE(txGyN`)*;w&wFsL@~|lcPa90nyre&_U6#%p$+**6uHM
z8Gcvz8XqI?Au!HO$q^squ}_UbnYZRB;?WAiFoRjc7+%Y|P%Ew|ok*@!g~&8>p$WEs
z+x7#^`(c~~bR@|aZZW!{Ha(0bccgjD=5Kj~1(92^WxC+5v2BEyl}zyIup1IxPF=X|
z8nunaH?5HvxmjpggoDl6nOSGsccpDpF{Z@`Jw}rZ{lq6A9B{!VMP+YBC1?kI*H7@Q
zm>|+&{PJnie2gBmVP@-LKGB*XE#soW&7R)0TE*5@PFTJ!Zv%E4L&+iGp0KP2-v@jA
zt!<60i9QwOHPlzdeGVO?WFvmT=@$XE^g>lMkBm@ohFN%HN2?}kH<1eOo3o8+S+aU)
zAsED7SR|I28p5%64jEtj5wVSEn>j@(<sF{h{+&15<H-g>?rDDU8BB=NkiVj=+2Msi
zM0)*Ea^cg3s~XU`Vzs8PZy~VWk0}Hd>N29mXcK3;3dR-mRLU#SAzx?C4T3G>PI$ao
zk<{8nZ?W-+P`9P`8O5adM*#CK8yZ8M{k?y-XI^5oQ$wkpS$UC^S&6JDce_tnp7r`^
zyIKG6Aj^^?AyXCiHIbl@mCK{|`|h$5c*q@s^j3=O*;4#O4wim8dq<v+-sC-UGR(_U
z2W!rFUr`fy!1-Prb;Tx`fUcwrZf~F4EV)jaoU&3;Ro5Mb$G`N)9MG=ukTMsD3E#MG
z`=i(0^XW75@X4`I)D7N}OG(WR0g?2trFeQN>!)gSTMy5BwnSiwcEPd;5YWTTBg^hA
zjYBoV3;uWNEg3r-c-j;@(;^!0$PWAZ9=SR_dZjSC^e863etXg=<NmntI}JKV!dsFP
z>E|M_LD3@18D?h#+WUw{s0n#3{>1dyWkaYP+qn4M7`VQ~IZwv=*!>lclnMV;^M_P^
z$2)p%mNvmyZ51%{9ZUU)!r?-EIQ!RF-B<Gx_f-Mon-`c#E#AcRW;2ic5tXz{KDb;|
z@ru%wqW$aM{yni8Avdr+(UO`7hvn0y{QzdRy6eBe$5u(jDI>NXaZ(KxpUTc(mME-B
zlq@oYV%OGQ2Phw~K@+eO(a8AV#qRlkmroJS{k>9>tZw&Aj>t+EXP#I-Cw90ZXhs~?
zO~{pwJeNK<LKd`hSDY$x{V2O&sou^y-r2`tRNw!pM_WSqid0tHEGg+MrGcX*|60qo
z>K5T7&3|DJ)f;3eSW@hp9%W^_d-Z6W1<ZWHN!jBq4a!I{^&i>dv|E-}qeqR(_yluF
z<H`6QK3*CZGS9Ye_b<#_p;JXKd^0j59tGY4UkWN6V&Y#5aQJ(zVdQE!u*INfEaE?Q
zn-Jy$^*wCxCk{1!Z1i!rZt2$x9`LM)VXfcHI;bvPkNol5ESQ<I?RKHL?yZONUp0AK
z<aRNn7jEm<!s8N?E?DtGVOMA~e%A>6j(2Y-*QRP-NsVfZLDO^plFl$2C?;hp{*6BJ
z*KAi&WP3g0;DMh*vEt?{vzIWzw^JDKeRUTphQbg+Vs6Nm?{}nlRo|&sn<Cw<U>PR}
zdEUc3`$iQ+uRirw%1O%^wru{G>h$F7zI6CfUhe7Zr#9eWnBxIQfwcqtix_ZQi}O`?
z+&v9Q^NE2khCtx1>vCpre_FEhCfCozGNj|G8rwdfVIVO*#Vu>@<%_Cm6G5TBmExMp
zu@An&=<DMXYf#d6vjQwcPkSb^eg~8!O;f{S>b?%cyq*5`JPL23AW3zFAxByJSW-7U
zDCTx7wEB^xHTCRqocs(0|DaNi)*}XT%9VCeswD;3JBxKz(I%0ObKEvz<Og0`ETV;|
z?S1{yg>c`~NB+3d^phf1TUx)}G3mS(8SekCK&7zqATuALLJ)V;Hxb+WKO$V7s&e@$
z=J$K{d)LzsbP11HyHS4;LGdW#F33yR28KL#%wGlvh7mV7nSGn_o;QN_+gZEgBrCbp
zpEJ1G`lfy+2c(7O5)nxZM+OnO*1)FnK9{*qa>g~-G=aS>hp$AGnz%3W`x0kq?<J1%
zL(UL;m3Z_<s-shvol3>`Am5;69YgsLy13`jG^rI#p^xJnp~?7fXB5__pi~_8^P0w$
zkk0*c%p$(gzN)e{e$ev$7EVg`zVAZ5Onz+pVi@$K=d3AYZTQCQ(N2#DS1?q{yI#Zm
zyr2DOK+ucsy$qFCK1sqdN5t7f!njS|h07lESY7XMpLanyVt@F{X&YA)j|fU<Jc#Kd
z9#C8{L*+-z`ATdf<DWinHBsgF%hC9?sVHl~_8yiliYo1>V8`_1Bf`6*PXjU1g4eu9
z+lutE6c|G@M2lgz^n6t)>ZeS8Sp$;-<H?`<*QFg_eo6nnZYx>0|H}4C5Ne$;{GQ22
zp_@0k(w>v$vC_0@7_dEwl_DjvD}qjp;-ZRLS#J3_N3W;VX72}?NhTHzrT<9Uc2iTp
z=ZfN&_vVa9DL$ZXWGwq%+T<mjrH948lq4SrLR+d4k3QpvGxPdN1<HJqaK6d%Gt|m&
ziKi5(vw84=P}BSpZq_eHg0bP`3vct{isMHdo&|oHN-aN;h~(*##ldZ1TbO3Y$sKD`
zQR(i?F0iVXy;Kc;>SHT$^Q3WNU~lSG*VhPT4LmX?eS>S(TCEcN=2zKlnZD?46eTqf
zMB)6T;*9b~w9(DwX1f#HKCEn@VQ~m-4H3vCa^p&3WM@qn9%PjB<<r!WX%PtDGG-#{
zr8rgw9LEd1*kf2j^QP-y1_EDlKlCr2Ga+{kGXC^?x9d3`iiKwxOIuGp@=t;tRg1n`
z(fsYsL?^MLYFlIj!>tilYx%XKNlDUGK6*2W=pCx2Z^V@jP_bB{BK;BSLNzN4frex<
z_-j~t>(fax1pB4s6jSR^iMts%80yR3f)_ax<_EC&68hJn>y$`=hVaJe=*hiG4PB9B
z=Wq0%O0kSf`8502n|Ty(s;y9gW-TIadsX7T)9;}|p8H3(f9(wy%sVVokS?KDeWu$Y
z|1`{661U@A&!(3;lsspg<;c||ytR1CZ1T%FLyV5jHA%y>g3V)r_Z-D+q0H0eFazzt
zO*!sQ(xHPQpaz;XUA%>U@}kzklplR>+%lVQa=L-Rn4HwF%d8_YRt_3ByFMBG8YAZ~
zqMW=S&qW@1V_Q;LT`joj*^Fscn!8<UF|xU@x{9iF99k(gD|GkmQs`Z$WkaL1!+86@
z(_ASLf9exuTiJ3`O_%rj)Dh}O1Le&qYqE9tL!o#hXZ*e*XLFe?)0bN%(In4L5s<i1
z?*!&Ho?Aw$t*y8IBPm9QAw9gdi|SrB-u)82^^HjSpaO!02M3n9M-pgh$>d<aY3NBP
zW8R%WZR>^^EH=D1*dp9{UMQED+4{z_iyt3LX@xp-HXe{^2n;3C@+(PK>Y|QFzZlB`
zRIn`?sr@Z80@fh4nS(vi;9JF!T+_s!MO{+T)NZp5qH#{`@8c%b?q*cB)X0x}&nF(D
zc<e%1+Z8-VKaLA3-EZ+o#UuAS{Uz|USLtU3A$t`~aT9^co-G>dbdMJ@{?j65f3K&A
z3m=Vtx%3niEY(d`v!tcnAKzZMoUd-T&|0+I=6L9N{P3AFDOd64d0u%`)N|?9T`b6k
zqc1n)OkQfv)`{AMk%qxuVERNwVB=YdK#E8EgMiz`FCgI_LP>I*8{BD;sH(bfl`%+-
zd*kw`;%xdb&Lp;<z&PBqVyAIV15m%2eR*6mi$sDT+n2v`$nmaVvRdqYtEk%1B7_aH
zPr(9r3wuGo`q=_dmKaLhQ>sP_mZ=Ml!$+HM)7*#=PD}{iJ$z)I=dGN1)RR*?qH=^7
z6xb=;T$k|*B_*t^dG{0Pha$0Tn+~)OUaGyQXcv)hePyF4WMY-_YDgzYI)oiYAqV!4
zlD`;krnhJ|Mc2Q#oMrDy>xY!FJW2ZKb8%w(N}<jza%T@7LQZm)C>2mv+8=@_r3j6l
zJPn>~F8KAe97mQU=I8AgM(tn9Lai2A1{C?)TwmNLv2>A&cW)pAZ}<|Q;!m1l0}wlH
zt5_*?8aur*y3Zq!$JgRCuU)O=9GAx1{)hV6!OcyazqCU*d3`xW#G%NlBl8IQ$hFJ9
z>1D=zmh=I7NGocC=2I#7GF*!0IwRLt-e8E1I)y@XlCCVm$3o_E%+HSv(>=B5sW4e@
zz)jBQq?D>*u(D@``ZP)Sh-e}S@h4v!Ww;Tu1nBerPOC1|vR4d(Q6mx)GrzpDj#XEU
zoEb(mLnTOmGV|u2+oOb7EN={AZ(*5>8GpMdrRMWt<jb=3h<oKfG8OBtxzU76H9XRL
zO-MymXOQv8vON@wdof{*02Z^gIr6&!N4F%pZvLzn$@MM?19yM1%^RA%kSyMzY{goT
zU1C+zXwwY!J90T<h0cBGRaSA01tHB$sKNNHZ8uC?`9zN0(jY_0GG2z_iX&uK1QA?p
zk(iq*>b6G-Az*u_(9XW$TLpiV4vVFqAxF>uz9{M3S;Ijqhvg9U=}C`1Y%VN(eA9x%
zR-=Ymi9RG_lMy|O?@F?Y&giV8<Lw`~_yV$G<t+V4nMW8K*b?_nWpM&y;q`9FhCEcz
zNjWIXDSL~NjlQdUT{BC4W|`WW@5?VBg{BlQjU~vVr*lLSDqp>zE&A4!3W>JEPtS-)
z_x+N*w$|U;13!_rC2i|5Z>n_d+lU}491-ct`ijH)T`t*z-TQ5#I5FdLqPW6m5=}E1
z9gCMgD$QgIZf4`*w9B`J)<qMkjrLP7W5Z#EzgjOjGF(T=KZ-J@cN~zDK(;(t_re=n
z6W)(XwzPzh%QOsb(J<lUYaU--oETy+$!f1q_P;Wfq0!KYbRrP@;>z%?%S-l*TekbP
zD;n~d_SA0vUv5--(yskLXWH8>+D_{0rajjRH1DYu=fMo|!tDjhENlLdmn~_<?(If6
z?;K|ahPSzg(F-efpJ{7F>{Nnf#A*X(;!`iXlf7q>I&L3Mi)=PosBg_mr1#^8bD|>i
zH2&(Ayl+KmKH*_B;L1|A{ebXLcqwENJCa7Tm&rNeNLr{4w&7iS8^;F_)^0(|eQ6F=
zvo|uqdO;|h*l)91XLipqmTQh&RuE&?V%3B6xS0b>1+YT#p+nMngbUrj7Gr4$v%69S
z^@(s1X{Z~RjGgu)<3rgJg@}jKK4<Ej1N5+Oiab=Jth2*$l#Gtf?mGVMZ72}iX#@Ly
zt#8BVD`rcUAO;r{lFT1NtQ?ML-$>oR4$B8zvyvW%_6YjzXg#*A5r2)+Uy9FA-ANs<
z+kW*?Cgn_zlQr(I&Fii3{3xo+g{z*S7o!{Y@Qr(Lah;zQOQMJeVy#{byaq~AjQoRS
zc#woYwHXAp3#(-+!gcjdSaY}4<JrE^)AOoM1Pfu0s^o{+iJG`3ls;Bua_+QBN0Xh9
zGwHsMSwZ%5f;PJ_laSIP8ZL`^-M@vq$%N``lp$xCIrXO)J#X3{y=5ZKzPopa7V4t-
z@wA%zxl90&ssv@*10@y$p=Z5QR~{akL8TmS>0Cf8pW&1aC2+^aekdJc;4jV1%~IxV
zu9t*4Z!dS*=qNw?p=4POgD%MR^sHa8$P0s-h!<lfY>=(4PIZiS?}vc)CB~>Ntem??
zp&HR&zr$Q}lKa(pAje7PdSiiGr4`tED-Mqu0E|duvvFOfjAa)IWUO^pzTn_!Jj^p%
zNU+q!uAHRJ;8WqM9Mrm2RwVWe=<;{fN}#t2+&goEa*Vfo3u3Cd(9y-Sbcx+W37w*?
zG#Sz%8RG7X1dTrK?9uUk;sWR_KKCsP6*Ugd%a<*m!SeJ?7r=OVF_0wj{X*F+^mXE)
zJ*5r(9?W9~+{)_p95G3hmY#G-cYTzd-V?)`$?eG1Ufe4MB`G+Z!eQVPBSZ>e&7laN
z$%j!i`Y*7dy{r;f(IVQ|e`^(A<m<%lV7p$;U9O(@{mS6}L3OokYKOx=J{tF-IoR3U
zK<dYp-k+Ncg=twoKei8Fpacutn;>Cwtg{2nb)Z`^<X>ym-4Jua>#i+ArW#_Zz&JtA
z80M~udtJRWFWkK#nwEPm71jgO<zAcXu(OifsAgI3E^6G&3h-5SRl2B8eobCU6UhLN
zmo7#3m-sp=kn4d>U1JHfm=bkz21)X0WrQ{bhlSvvy(fp6Yu0u-^(WCdDd0wpM8h*N
zI<oHR9uYVEpvTpGs-uND?l1v*m&~oSP?lQTl;aw&3rW@+(8^ot_3=8rIcN5nL7u23
z`|uZ)v;+#lJ`Tocd|we0B3M$B&uM6}o_{m&L};q}$5Qx}(1boafMy(Z_7MKn*)l$>
z`WuZ8YJXp}Eft~a4J^FyAWRfP7ZSpNIov3v?O8I>1ge>TiV>j5e_zAzcEs1_#Kl!~
z*68s8^~==CN57sQ>Zg||!A1a&ZSVm+2Hk!1Ls>ikMkQ`^d!u|j5o0W4mX)s5P}a<H
z*m8o+Ekf2>1TA;Y2&+<si;F{w_$x7*ZiNP#e6xr_Koc;5M-g10+Yh_bxHGh;QsVB9
zXRhfwE7{##8J)R5HHnYmQZ%!#==~7zc8%0Br7Yc8WXl&}XFQXgqvA{+gS5f&H)(Ad
z#amdTrge@GCRY({m<={0;aGLq{oA~Rhs{qWlMtJt=qC@%TLWK<lEc$FDTV(lF{Iog
z2th~#QC|rGCq3PGN|E!|?VFfy94^xyy2Y0T&GhLF#5q2U$Wn;uE*+B3#)u*?3c%tr
zNjbJKQSt=8Rfymn-SK7}h!hbPceA&BQG*B3B7gn5c{x69EJ@Xjll_wYQnoF5L4&r2
z&-}HTh7{w;;3R0*6Jz+3nEsojG}eGuTbdNgi|>WpP9HC|eGZ2S&{p)JIo5DC!NGv=
zKFOJTAEg6WkdD?}WS^deKZvvN10`D-nEG;~_9QUvD}~2vxw##AxtWBQFD~KG^touZ
z<@q-R<j;ysHvD$rXSr7&{Xs-)ctPk*@;47%3yN1c;E-Zi93MMkGh0!UShC1!eeW2(
zOy#3Qz9qoKZJb^|y~WZlxX}Gc^1_*B6xz`n6LyyNdKoU@!q(;s=c!GVtNnpdMy3Dl
z#X=M1x4245{x693t3@1B_s=w~0-s>+@vs!pQ*dyVB&h<>V(4KJMMXX97Z)c!bjiv2
zUfK6v1kv2dwB2R;&{*ACmK|0eO|~yIOZpz6(l$It751TS5U-!>_Ud<0nK)UDV4dA(
zL(|itGaXZ=Xx`q(5Xq745#^mPYZ~=9bH}|YQ-#6og75+3$q!e&Hm4AofL9uiX6Nj`
zYICAnV25O4jLaN9{sPOkMhU7o%bw_rnoZlKX(;t6IcV!R5u6M}N2=rRx>0t`KR7ga
zV|Jh;yE;_WX1y63%R@+M)4nPhB_-OfWsp!~%!Q+t8c<ck0x~>?t)CA+S}xfttSGb_
zi3R(ivd<mUX2GVhM~JOKvl<b#UuiN4RskK_rq_5Hc|jdVi&%}u@rq8*sQQ>%WX;ep
z`_*x+q*Aw{DFt*ElHKoXc^r$V=E;!oK6%<pU<%J_$*XdW1!rPa4>UnHYyo^*D9g$1
z%u`E}@5N=Q;dXLZ^<(x==fWNis3Ro>3V0#$YJ$QyoTx=K-6WVac|<oTW|g^bqlLV-
zj?%pc?mM(s#Y3S_K4&*xG}(PS50O0<J6t1xauQ%>RjE1L8vV18NJMgk@}hZ&7Mgc$
z?%TZBPuoHW(?6<8$BLPE6)aLA8&mlhB+}6=#K+hx(<mP^G0ap^_t5vdy5b+X(;xO)
z$o&r&fS|JYa}EacA79`q#Odm2t@42c#PdUpkb>8|3p?Jzym$gOY2xxz3j<|nW~rEG
zLRDd5q*Pxu;gvd1d!I1{_G%mZeaZD@(gLC21FDd5u}DXYZ`ll`4`Z5BzM&>8s=-e4
zIcc76vi?Pbb~!kD*e7Ft_M_M8F6uqgT4e$6S~$?v&%#?mJ0#uUo(rfi{`0)<#f5=c
zHjRe|`s2>kh#{8-Q?2{m0%saZESJ<_C%H0&q8d-75^VtG!6#Y}`!k<^23_>vljI*x
zM=(?)Sjvp!_@76tDn&y{0@g!wH1R)%(Uv`wNO4m4N<}EHg27zlLHg+6E%*-%bx{xz
z92lLSPrF4tqt5;=wAW_xemv}?tY}l9Sxp8to19eli0I7KnZf05pw`_$BBGclRG_6M
z_tdWLn<~y436z(L)x>5&X=$Dt1M9*2K~WEUBlikr2vdp+GkZ`$s^Qy8Sy2nbFfLGt
zb)@!ls^r)1eAhrZTF;_Fu<w1U2@liO1X-@A2aPFv**p}uK<~SygDg~Qs617$lUiO!
zl)=+c2VK{lfrMlzb?WE4h%!?@tPr|qI*Abe<x7+);KRG6fB_X}BF^cUT}0O1B<!J}
z5e|P+Y^o!KFUP*Bn|A+0?Uzr#6MIM*6z}QY|BsvD^#F`}2gU`dr!2k5Hy$sn6x7rC
zS^6-3@P|d!4~UpG%=a5DZMCW6a3x*bB#NYlp<I_nOIq7}f&k+C^Sh-8YyEP>1}T4}
z9nMDVq|s*4r=<}?MjCPNyCJD=-%tB+>$%c$Ca1j#G;5}NZ>N0sg$~ph4-}N%ghx8_
zNo7{CKi4^G=ujMz<p+%5-=iC*W^<Uj-R}g-51fAqV&o(kKaxrWDvHpjef{(~C?cQP
zSAR8Iu6=M2b^aMyP0T>+E9gr=F$Fz2kmz2DY>A5lbt`8&KS{m<(nR7V3XDD_(8*I2
z=G@Ipq`O^9`vdwYbx)NFDY!Yh5uh%Kj!f&;4BfqqxV>*I6g>~#BQ}g-g5JSfvof<Z
zo4w^(+R6KMP#T3I7K_9Lh+>X+gDYJKH}b1v>M3$)|MOd(r7r5r!XmbGb?~}b;1z_N
zDc5vTo;58@pS|u=)qFc${l^00AW^t(VN_6;aU;4VjaSS>*-(LW9Hl+p%1j;;Z*4^Z
zG=mS4!aa5^EdeDk@wOdr$Mu5SD<MBm+?YSsVb$trI?7-eTh|QqE?v5}&9z0xEpS)X
ztTM{CBNa^g>-NPqj-0;&73uS6Az|((@4LTRvLNxk=Z@;*j%l)(CFQ>TFVIbON_bNP
z&Z*mbk(?>yQwLAU#KfU|IkAukbz!KQShiMC^h)osfF?%e)2F=(u{sCNH;v*xCQ0FU
zZz%#`woBDU=18WyV;rITzPq<)?lBY#IuyX~Q{~@&6q<^JCfOf|rQhLLUERF9&jKWw
zo=1VLt#PpNq;$bCdF&NYqX$3oK}YiymziL0f!}y|^oi}=sB3FBJMD5Vb``$%FXMD{
zv_z3tf9`!PsH>9+u^%hk)6o~b%CDBh{}9nF6Z#d;&iB0DK}^+yu1dSK%Jr-AFK^!W
z91je0tEwuq^Vf_4fc|)=1Zi3mzY)m>C3Vh>m@vL^O|K}j!$2m31vT$cY{T8c4%ctg
zE+UcjM*Lrt%2raywxa<yQ~SciYn}nF`w_H`Rm;s;Hcd`-3;Eg&ffGnMC1%kjZt5P-
zw#22x;wNxsh+uFD%k}NZzY`#q%!pfD<c#UivxCi`ih)5?Fk<E@qLm~6>yTL&b<~3s
zlx0e1Uhft#Ana~Hp1$K>LP#GRp_nyqg^(i3-LG*e12<lPkuWnhQpxh~FazJLB{%9h
zO8uEV$_H>}9hAWY1)dfC9EKh7OQhqjh&(u4C9Wwz85@El?{yRT2{;-R42hDrY2T@o
z{p{BK3v2-VV!?rRlW(t0?v!m9dj;zXxj5QXyQkd8VJbll31BcCa}}0Q7mLSFhui8*
zMZ=$CF2&!C-wZ@BJSi#6ti%GkT9fzfuQF&L(}Rv}?N&FHZCx?X7*;AQ@RRrV0R_YC
z9f<Xu|Dm2zR>&0mWEW3wu^bG9f%1!$^O9nGxNY$!N=&|iMP4zUu3PHYWJrAsGRXPN
zLQ0^*gCSa6eE<KTLVF;kG{Y|TjL`F>PK&fzE*{%?IaX?j$q>toc9J<(2>Pe1m*ASj
zLy^wiBq^Q+uB?b#!+{epc3F<2Q;au(bm#o9A(4E2l*&@HN{a2o4Ud5aL-XFpyZLc5
zm~ZB`UPd_p84;y|F+$deP;sfq@AKFztAbz^s~@6&dE+hUOCI9<OgA3Maic-Ko(&*d
zaemL;Z7>!-sKK3-{#7&k-!YxDgzTI9)W4Q;(jhFZX<(>+h=AHni_|yb`>HGR5CYZR
zM#3L2g!|<DI;i7kQ6TBDqUYU*MPs&x&McaD*zna~dc7q1(~v44f@)x6Z9BI6z6lb}
zQK7OS+Sh{aPw1?=2LxP7#)Bm4%dJQUkUAHATi<wr3CZwFWa7<5UtDNlGylQSK7<U`
zVAFT;fDe&usH*G_e5!~4`qF`nBtQgYVB={bBLeY~T3c~neGi8JNIZB07C#KE%t!Br
zeLmhH3_@+412h?Px&L@Kz-rxH4zuF@y4{r_-KG&*$uy;&ji3|wN-Ucs0eOB>$s11W
zvO%3L&!t0M`5k%2*<4&=b*h2^^4FqqU02j8i-<slZ`o#HeUj(jcT%D1dm}9`@M3X<
zfP`ijb4W{m9)11Vo--U6E`E^GUuH*dU-FU_9S2hB?0Pys3#5{hJ4p=&dzV{Yu4+e-
zqYe~+2<j_rWNg&qIN`VDQ~n;w%pk}|3HXXG_fW641;Z*PKtA%_n_h)GpIE)+(Y^b`
z`~+=X#ECt#1EN@MRKQtR?mJEsp`Zc6`~)cMWr`cwB{YcbBX?T^>hZDZ7V#f0cTSjz
z8!K}DN8Tub+%FDD52%&mV8s5<pELzvl<M6mb-RFzTSbt}fmxX!r1lEHQmj~zBzK<t
zW6JK3Ds`Yuq5!%xdSZO+2m&19fH$GCH=&b-H4+I7^NK#^o8J!v{%~0**`QR;fu!T~
z(PmZyP(+~3RiR~2=g9LT43q+}GWYIQ6Gb2}wQKKlRWK^O9vSN*(Z>u-c06RrtD%&t
zArh^0>?N6~$7KA=hR(caAlR;$1~f|DIu6<p^GN+&kbqF0QE4_4TjMZIl8geQPt$d%
zI$*N&xN(hYxJ~9>^8Z3Mcz0wU<|kBHH<Z!8QQ=a>yjly}#T5vRHfs`vUR0W5$%LNL
zurMyyid{iMGWOyPmX5p|S+ioG#_j`IDf6)}2B{y4nia#9St4u>v2*pS5AA2u1EL=!
z;V$`h<KoBM*OI(9xrMpWSOma_&jth0z`%ev@>G1+9Y@|Bm;11gOq~?f9eGv}v=?ua
zp}2{kUlhPPUou=hda8ty)2>f)7lj>F08^bk@O)*0wxoJU8k5yuaEr^B#0dku;+i+|
zt^tFMIH@@=pK%5A4I)Syw802~!7%+ms8<PXJnJTMk4H-KS}Zy7JNYL7!gxXAxAFaZ
z9sl{pe%Q0R3b=sN!35gBuyX<FP{3owG(Pz7UQ>>Wq>G|!7*^S+_&YjcP#6-VnL;26
z`J*dk)zluxE0&{iNa}rb4XI$|CCN$n#$y$E6;5`d{dC#<_v~F5syw`)wU9UQEDCHk
zCoDxw=h5ND1^a|gD2oAs$~NY^Av#(_QAEkrN8v$$*7WqWcajC64$rH=TPr9T*r4zA
z#RJSI5m;+_C<z0oJsef4_rJ${)Sa-{Q$(l$9|Fz4_+^w7P-xR??5kFL!vo~m<QCw-
zCI2Dvvuc~OfMN~wP*zj!v|2<-_Er`3@})GM7C2n8kEE(p?!I#0@n0dtI|n*t%v@E=
zjS8r*X`;WAfW#gVhzv1w=t4hBznQ21RbxT4#fqFfeWv9f3nnOi2YJLYj3b9%DdiQ{
zJtV!9<Mn#Lz|f7dUJP7xnGjakoi6%cKnDR1Y$YCIu_YOzHFFcCj+sq{6JJ`KJjo_H
z@E7s=!JMele#VDPiSoszSyy9OKgCCb1DkvU>YB|7z>;I`#oFn3GZDqM<UNd^<^gqV
ze<05kimem={>Mm~e4v=1SJFssC6@R{gwKIN6S#!Q?F56Vl6{LbfMg?km*GjCz)R1i
z_WW1fF#Xd&BPkLorWvnzqi&gwZdQ`}Hk_(xb<sb#4O8j(AQKGqO-^o(+%y8P&ig(c
zero~$+YLJ5a|&57&WDjK^QPE*uL$=Qz&$i={Vl~0zJ`24f>CbIKWrO8)>*rsRi&?u
z?|_o*dz7_kMT?bI1NRKLS;*Vhq2~WT-Wd~RQ-r`4luS&XOkvhqhYRdsNYMy;Q5zMS
z{nL>JbQOJKJiOiNb~co6Mo)W*V`JZdz|Z0{9UdNFOCJ6ac{?S*+qSwFy5@GPY{xLl
zY#omd=Y3q~H^}o}caI=j_kSRczJ6A2?sI8SwP=v9r8^-DN7o={xRTaGEavmR-Czu8
zL+U||kvY$IyJDGj*NINZ>}?H}L4>mHig>JIYmiE61t^y%Iy@D?raUC^vKN8zHudYP
z3+x$#=3!VlPl(%|X<IxJM(b0NprV>=d?bO6ERJmYPs9!LO7&^;H-HE$70s=zI4E@U
zaR{wF01*iE)L~6sAWBeWMOiEQ-`-xcqW2s)!8%~ro!BUjtz1wdpR<O0HRjA0@yDx%
zm!c7}-f;&r1wm`3>f9)9Ysrm@q89n5&FO#z-P8DdVnU(4VQj~nNzgN_^DpRJa~R_^
z2iwT7#NFiQbu-3ht}A##B`_k=Zc&q{H9Z|eIeVNE$c=1$P`vRX|1uyLxtXkVu4ug+
zRjOw9%Mo}FYwk_6ZM*N_#G4n-P)FE$&-7GKx}DX{c5FCks^{B~XLJM+64=bFW$?pp
z<OvxC&kvG|#jvuMPiq58U0wq>)0h2Krt^50ikBmOIyXwr0(I#>@_50UXL8NyN_rTC
z=RXj-9=uIoSfFp#T_hVHz(M~coUE#*^roO~eVeA0@!wZ7T^gIx=uZ0^*=a{8lOZ1?
z`onO5hN-H#UrxeoQ_+eXN`B#kN1;tGmTkq^V%7j>Oi|A#Bp3s;VQzJg%a_S84xkNA
zJQj6}&@U$kR^(hfKj|LqsuxKu$M3`K8uA)y&(S}7ya~`qSvtVyaD2QX^n$=P?77ap
zX%EjgXDHxtlV@8GRG9u;V6xIn@h!ji7JZ<0>yX>L^OhOrNQSvMw3F-|3_leLnWcOF
zc4iy%BLjlhfWRfT_%&`CHP3@ahpB4as%UkTdxo7Hr+;~6b}cRD^a*uSRZ=>kGM=m>
zfrJy!wZ$tKQj;&i*Cyb6wVywT%N(^-g{c<pnP(S9Fx#bwV|oana~7w4l?D9Z(mh?>
z*w<>tXdsxk>?=i++#5u;O(9m~+>xz<=^sZrWwWP1iym3h{qSX^v1>r0>0Kg>iQVKt
zZFtMLUbAgyhR;JN<F25ll;MLX#z4>oqQq-cKzEHu>U1-hB<d~v=H<jk8HjMBTFx|+
zTsWp>ZU_HuhuodR3hAPn36Y+gAQq*E^Qx=s(|m_O&1R3NGq33TV4MN{?8WRNyYNQE
z+yXsX-%Z(ysY@z|I=w}?fCB4!MvEZb%#)+Yg;0t(RWrK;R+#qP>khcV{sY`-fYM8J
z{qB!3a9dvXGc~A!KYk+>40*B?S&;d<Ic`sCbp2SWYo)vYIjau?S)?G}{ynIeb)R;Z
z?cs*|yhq5r33p(d6_tHnmc*eiV*vEAfv=cnt@)88$~$1;67rwgqCxyvI-CsRKO)y#
zC!8Sy${uw;-u&NDZ-u#;i6l|bXMK<3C#1*e0Qn?7O_TF#yRsZ7t;)>}zgwJ|!0+FS
z%si-T*i~Ms`JI0UG%Uty1p*OiypUmx?3eXDo!V4f><x8pDY?FJOeKKV>izO%-1xLN
z32V?W<}160#Ho3r?>F*Ks?{FL{_2J<j5Dlc^xO(Oy+N!|vm_*9XAc8~jc=JUMMm?g
zL^_z$Bkj42MJjk011K8lvURxP84yWTd!eKhUpT<*t2+KK_!`K~62k*Qr!OEuk!c`!
z5heGl2+iS{&Vkt{lM0`blK3Y&!$bfn^h5xj@d}=>`tF~h>}U`eS$QB3`OluGX;n4h
zgggC^Y7||#@9}#XrUJz^A}t1&809k@Wc!0HqDl^>Uxtw`XI!MmJDNabVtA*|Jg7Ql
zBFIUvpBhq(x__F-UH^8DDho@>ci1*q#*MT+qMbBhgMBmlA7n^~8>pfr)#N^ga9Jh<
zslV~|w9Uh2%A-#2`v>p()N?O|;~I~UI{e32(1!^_-;Ek?NomD6k|CL!tu6jZUixe|
zB^C+5Ffb4lM?94>zPm+H%=)jsbvN;zrzEkDkrmyj0JztVIQ<kv4X^#_7Jc->31`Ud
z9Zbp-w=E$x(&UGh9W@JPBS*y6Yyf4l|G`0PQE9tP0bv~D9EVvgbL<u366Ta2OObju
zgp(V0p7JBmNAi^PzlbrRi#z`Wi20Mq2$!bwQEyXVKTCPzH*#v3*>K@5?<U05nbVn?
zP}eH%)OkFc7SmEz)Z_mI#SAi%*q%N{Wq7v_50SB45(Rn8P2pr8#o@2dGWT6h=CY-?
zr73+&Cm2KD+y(EVH*I+Lyp%{yaedp!G0{jTYVZJPe4uD{m~|8U;YDIkf8Q9UHZD_l
ztIx|&S1?;L`<E9F{~c$*WGC)R1I$Q{`y3>CxPZBOw>PPSh!Aw5C0Y4^y@Hv9N#W=b
z_KL{%-2`PQ9_S8GBrt@Y{Zfet<{#h6>Qa#F`ySw_PtF}^<gQf1H|@jSxlhMG!m&Q<
zaOG7K##V|4S4RHVQI?%)VH#-YCC5};-chlF00zfC3&%~x95J`<rdB`LT$E0)Jl>V&
zo8FfRdBT1#YTJIwbRcx5?<H|@fKYHM<{O%8x~+}94mhj23*Q;pA^KUbqG0jMu5wlK
zy!r{Edrv%MV|qwILdRRwSFG)+l@O)=xrk$0$djI`5>4<nyL|#mH_8DS5#iPG*1?2B
zXM5}_@=_Hl`?j-;>ev4_E;cd13Kq|Yl#~vBJGbM4B9j@Re4EGrR&`dm1eHAjM<%2P
zcQS8uJJq$OIts+a1SKOI8&Rx;YJiVso>tN3$AaWf>eLQf6K=Mu?74R_u!XkC)CNAP
zr}V%6GH}W3c#_WqoW6}djn4v8TT{>2!WbVOz_;0(yW?g)V8%jE`Cv@TXbR68+`{d+
z`JLF+1Z#mKbMl!oHsU>+e-;$K%ue%7U7zm7=`d=M4k(AaWcMy(y=YXhqRYWFubLnl
z`wUY9+0}Hpc)_6qILfT;I(G1vMFL7u?tf#?cW5!wze-WfkBsks>|;BMt}1BF|9WAY
zKF0CcaZ&T%pcSWe_t;<^8~?J((cJMA`NeNvP9(AR3fAf7^2WqV1uW9ZWUVw+*_sKl
zF?rFJPqpVBB^H?LcQh1YZ*B-=Md|IiPwh;Pk4sKZ@V2|vHymI2bceXYiD*&xmZ7MV
zy)rljXT%;Oaw_udhg@0S0%Pb{i#vcl5adANx&NdyF9X+h1(LoeAreXnWfLNCVl)Yb
zVc&l5qDnPqNsgTU6@fQaRqMxV#l|MBQPBbbmUE^;i0vTieL&dx!@hJVF^rZP=QnEC
zoi(FX6piK~Jfp(|&X>N98#+b7=BVxVKN+*oFUMB>nk;*y>Q@R#^)foMCG8iPj+OgM
z38eAmywsp0s$^aM)mVt2Fe}NvB4jb}(_p6m4I9DUQZMSYE$2?xJ7Rf70u}oK6E(~3
z3!)@x%dpMZjE5)kAoDK<)XC6lMH$^NTnd%_7eUBA2ky!j;M%Co_H&DUP{n~g@mUCi
z<+4S@8b{5pasAx{-JB0b8V??+5H5$AuD5W0#5kyzqf@6gMFtT}+xModxy8>-Ir5n|
zpB(fue)6hJvWhsX{yphaQ#QnyUIK!8-XXE;(2?#_=N+5gxc4G;<s9n2F-eb4nDCc|
z%6{c9(pB%EH#dcRg7q+Ohih?J>Hl`(Wn~Vz-9<duUz)6XV_>?MEP?VL;!Bshsea+8
z^Z{u1FsHWsZ7MtkV}C5Sj?56wKK2{b4cRTppi)@Yg+&Lav6vPbO`;QU;?@%=p7ofS
z=zy$gpjQjxJ!~!Vq&iaDK<y#i0-OJ;Bk-jk${~4RShQYX5z+j=QIc_fAJZJ=-s)~6
zaJ>;whi4(*&T&Zp8;n2}o%1TWqPj26h5h<G<9CPwS<@)DQE&ILA;vO54{nC;0N<t1
z*We97&}iqAS862^*xE6E3)_lk8JcI>xG3TE!)dkB##7{*d=crMt9DUseRbZXOmwk<
zm}8o-mGR6N2^SS?t(F$N#rc#ToiEoM_g&omW<G77oW_FA^_7F21t+Jz%|Woy&w5s(
zLA7x*EmcCgO%3*Sx|E8;c!t7WjBS9&Flvf>)jn{ao$*A8Ae@}!@Db!??_Q)(SFpFb
zSf5iWki2PoslcFatS@Yrg;6W^mojT3{|=w59{ZA`P-b|Kk=*XHoUh(+t~=I=M{HyQ
z>p)vh=}o>hsch4y$E6gGe`ER22-x{K9Rowdv{y~f(Re+b7X|KHFZE8<zp(v~8;hR2
z-1oN5N8t2`6gWa5lelFYe~x{#!U7h6ooAm{7_Q(<eP-)HI4Y&^UML82q#1Al!#=JK
zA}pVQMt$3o``?S8)~14rQw{#K#X0Lvz{<+r`$a^ewJ@#^goO_`p?^_~yv?g@=s+mu
zHfN!WPU5M#)(=$Qd3c9R=}?sjuB86lq<_|gnBu=#Y5PfEsYLNN?aqP6_N{@fB+T`O
zfwMu*l2qgALV4WhzoI~qv70(TLPpTKafU?&h4$nJt(Ji;id?^qzxik;l33YvyY`vr
z{lxocpV2H`Gi!V71#Fz+F8wm_my+j$1YNCgWlS6|W7!B?SZXVT`uH&z!X4OKU%d<d
z8I<kB*{?pc=GKHy{bkjBhOmcm^1YV0ChGI9p|YI6W_j=_FN}JrhZwgJJ0*o1e-6)Y
z1lgU^&ks6=M|hTF=-y$j->VmHt-M_PgD)FrhQz&Z({bZ`1C4a6QdP4dLvZcv199ND
z6m9r`MLS(cl*QtF)4{KyA#oIp+Dac-;Qm<~ta+Q+T>naUP>XJfAS9OC>~P=%WxVi+
z`}bn+2X$Y8f9DoW?&V{>flC~|4D`0XK~KHU&wfRQ7_T=wn!_0@J^zg*vN@=yND<Ey
zqtX0oIcURbx&>q|njE6VmmXo6{AO1JTe!J4QNW{#ZR>_@OzP!DHRpfc_^2S0dYFhl
zMfO|G1U?VPXbC5F5!m&;;&F%E01GsdjenH$@>X+}Z)r{8@%w@8Nml9(>B(euj!*Iy
zR7h;g8zo+#D1L|NEz04LvkLfgF`n43?{AhTL%#lWja;@}UXR~P9fYkklJ9%K&5I`}
z)yERXSPg0Ak4)~;-f!#H>}5rX+UTZ~OJv*n!>nnH$0q%oz>#h;i{E}GdOS!E#bi`8
zjX|PwV~IAGn6H8-#0HpL>ha46Pjtq9UHQ5iA67x8P`;PWgjKG7$`|eE*)%Q6>YYTT
z;w|hP6jaUIr2`ANDjiI8?pI<`w>`Yo0TBKggm9@r>N^=o--U2Yy1&DNAKF+z+5eHE
zX^9B7F;TC<;K^zdWrn>`9WS4~Em_)A*$4~c`*$7mu~LA`D*gA7G<WLnB-lWec)04~
zk`<t)E-gZ@|1$GXwTE3AQ|(h!>J2T)K^L#hkUrGeWf(D^zyDH6Q}HuBc|)ja)=;ax
zya!H<%V(ErK?uM5Q!I0VbEvW?70@B+fVoqPVp}U7PWXVxJiQa)3WL-sINc$dIOM3F
zjVgHv&8+|?;{j?2evNntHd+kmWZzD~h_|$?x32nO^3djoJf?Yax_9#nvj*_&I@hB<
zc~KvZKJI}Hdk;8c=my=EjRy(~MZjm6OEs;;g#oQxqRF{fD4|%q`^s_D2)Mi*LtxHw
z7PZi?r&1hTqW(&|{M+--AedMAZo%f`1f`A{16v?IqvG?P<f#%zurt#MLK>#fHh4XG
zu&{B4942F9QRfyE<#0DMOf%$rz!DAUdR9V$$*3su=R0>Ynh~h(T-oo|V*_9F-rzqY
zLMX&sh0#gKK-c<Linm|H<r~>C0^y8`nIn5%CCr7g@Kz2yWT)K{pnoN>c7EV}UL_t1
z=B83zvX@Mg;%9YVs!QGuqH%h%UFZdsg4MH&5do#HY)Q}?!Z_Yn8sqrz!Fq8OBg|VG
zPznH)wI~gvC9-g4iv|>V8G%B2M&H-61cn)mTmuBCAkZY%#t?|<vYLpjdN=Dmw*@X|
zA0?s2IkH)rlc+G=_x{Z%ONC75wKO~oNAsQBqG6R3ebviMT?XzCCzRp?)l2Deg1hxn
z5QHlKNKsD5%P^x87v&#yU9lAj$m<QM2Ja$k{-J!=9`FL?Z<ve&8~k&pFas+<mD<X^
z7jV<a3GR=f7@NEzL&_Lr<TX(=cx@c`WP$1(@LP6cK8gI`@;X5D;@x+~2;x6IR3QhF
zlkjd9^spsyDymQ{II%AQKUEZm*AE8ZFR=lWLyPPGEmnB(@P|wioFN?7^q@x><reKk
zx~$J^jGNOjYuwI*kTF#C!_?l*y=*-|fL9s#Jo*XLtnGci#<|nzKO7G;*?vou0o^_D
z%Gho@9UXYK@|dLX(v;>mxGN~oY}rt?$bgBI_sm>S(D5+1!9flvsQEs#%Q9`20S-gy
z)1b0Aus#n+D^gCmlTJ_}zLFY$yhB=0LLpUI0D^7_A(%^VVa*jNd!Hr@Z=$o<>FO@r
z+$JBR1F?NSHYtXa5{m<SWtd?lVy&q5e)#goLW|}ME^~D>UwduK969<KRdn6}x3ukX
z@)sBLvEMZEn2Arf!?e!H?7GIGD6W`x=(_lmqmwOS@jjj`oq^1YXUNoDSkH$)YTc9#
zMPJIkGWJiA%47DI(gyCkXt)cZp2eYmSVS4oQv0>`&&vZeW$<}%-4h*e-YG@B#9ZSl
z#pM5v-+L?J&*5qzf>Ci{d4FYoTOYp}J^Lf<tj1O2#Y1)1t!hS2I@8gz-C-9xb7slF
zZ+@Kx3Y@8%o{$n{<A5;At@R#q;dE?PBNEpXY#B{Xz^W3nSwlYT2-WhRlox4;(?h$D
zm$q7KhG2cdL5SpAd}0g&&xMOZfi!s@bL7a|Bz|YX#t4(~yXIf3q<EBl4JZ(|t)y`0
zne|-FVD08|Mfv_NKER0-7O(BEU54!#8qq=pAY9PX4S#ZvIAY!7jF{(+g*B}Hj4`wa
zFN;nzr)T^4c|=BRn-}cfQRR0xhzD8twZY>b^=4@)h;aHl4Yq6JyW15xCn)EoK82eR
zA{Q8J%^cX2F-Xc7_J}F2cH23Xn^iDpe5T|WLo3VvQ{$(Gcg0E)&uAtX5)S)GAd5i$
zHe0~&P=?e}y|D^nf?l1Tw*YYh^6~%tIq1GcrF3+qey{L=1OopaDQPN}%bUIa{{WV|
B9`*nL

literal 0
HcmV?d00001

diff --git a/docs/src/docs/configuration.md b/docs/src/docs/configuration.md
new file mode 100644
index 0000000..4720a2c
--- /dev/null
+++ b/docs/src/docs/configuration.md
@@ -0,0 +1,180 @@
+A sample configuration file with all the configuration possibilies can be found below.
+
+Refer to [features](features.md) for additional details on each configuration parameter.
+
+``` yaml title="Example config file with comments"
+lb:
+  - engine: nftables
+    targets:
+      - name: target1                     # unique target name
+        # A target listening on TCP port 8081, using 3 upstreams to load balance traffic in round-robin mode
+        protocol: tcp                     # transport protocol. Only tcp supported for now
+        port: 8081                        # unique target port for a given protocol
+        upstream_group:
+          name: t1ug1                     # unique upstream_group name
+          distribution: round-robin       # ug traffic distribution mode. Only round-robin supported for now
+          upstreams:
+            - name: t1upstream1           # unique upstream name
+              # An upstream hosted at 1.1.1.1 IP address and port 80
+              # No active health-checking and therefore the upstream will be considered always as available to receive traffic
+              host: 1.1.1.1               # upstream host. IP or FQDN
+              port: 80                    # upstream port
+            - name: t1upstream2           # unique upstream name
+              # An upstream hosted at 1.1.1.2 IP address and port 80
+              # Active health-checking is performed on TCP port 80, every 10 seconds. 3 consecutive successful probes are required to consider the upstream as available. A probe will fail after 2 seconds timeout
+              # The upstream will be considered as available when the load balancer starts
+              host: 1.1.1.2               # upstream host. IP or FQDN
+              port: 80                    # upstream port
+              health_check:
+                protocol: tcp             # health-heck protocol. Only tcp supported for now
+                port: 80                  # health-check port. It can be different from the upstream port
+                start_available: true     # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10      # seconds. Max value: 65536
+                  timeout: 2              # seconds. Max value: 256
+                  success_count: 3        # amount of successful health checks for upstream to become available
+            - name: t1upstream3           # unique upstream name
+              # An upstream hosted at 1.1.1.3 IP address and port 80
+              # Active health-checking is performed on TCP port 443, every 10 seconds. 5 consecutive successful probes are required to consider the upstream as available. A probe will fail after 1 seconds timeout
+              # The upstream will be considered as unavailable when the load balancer starts
+              protocol: tcp               # transport protocol. Only tcp supported for now
+              host: 1.1.1.3               # upstream host. IP or FQDN
+              port: 80                    # upstream port
+              health_check:
+                protocol: tcp             # health-heck protocol. Only tcp supported for now
+                port: 443                 # health-check port. It can be different from the upstream port
+                start_available: false    # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10      # seconds. Max value: 65536
+                  timeout: 1              # seconds. Max value: 256
+                  success_count: 5        # amount of successful health checks to become active
+      - name: target2                     # unique target name
+        # A target listening on TCP port 8082, using 3 upstreams to load balance traffic in round-robin mode
+        protocol: tcp                     # transport protocol. Only tcp supported for now
+        port: 8082                        # unique target port for a given protocol
+        upstream_group:                   # upstream_group to be used for target
+          name: t2ug1                     # unique upstream_group name
+          distribution: round-robin       # ug traffic distribution mode. Only round-robin supported for now
+          upstreams:
+            - name: lobby-test-server1    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8081
+              # The system DNS's are used to resolve the upstream host FQDN
+              # No active health-checking and therefore the upstream will be considered always as available to receive traffic
+              protocol: tcp               # transport protocol. Only tcp supported for now
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8081                  # upstream port
+            - name: lobby-test-server2    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8082
+              # The 1.1.1.1, 8.8.8.8 and 2606:4700::1111 DNS's are used to resolve the upstream host FQDN. The DNS will be re-queried every 300 seconds
+              # Active health-checking is performed on TCP port 8082, every 30 seconds. 3 consecutive successful probes are required to consider the upstream as available. A probe will fail after 1 seconds timeout
+              # The upstream will be considered as available when the load balancer starts
+              protocol: tcp               # transport protocol. Only tcp supported for now
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8082                  # upstream port
+              dns:                        # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                  # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1               # cloudflare IPv4 DNS
+                  - 8.8.8.8               # google IPv4 DNS. Used if 1.1.1.1 DNS fails to resolve
+                  - 2606:4700::1111       # cloudflare IPv6 DNS. Used if 1.1.1.1 and 8.8.8.8 DNS fail to resolve
+                ttl: 300                  # custom ttl can be specified to overwrite the DNS response TTL
+              health_check:               # don't include the health-check mapping or leave it empty to disable health-check. upstreams will be considered alwasy as active when health-checks are not enabled
+                protocol: tcp             # health-heck protocol. Only tcp supported for now
+                port: 8082                # health-check port. It can be different from the upstream port
+                start_available: true     # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 30      # seconds. Max value: 65536
+                  timeout: 1              # seconds. Max value: 256
+                  success_count: 3        # amount of successful health checks to become active
+            - name: lobby-test-server3    # unique upstream name
+              # An upstream hosted at lobby-test.ipbuff.com IP address and port 8083
+              # The 1.1.1.1, 8.8.8.8 and 2606:4700::1111 DNS's are used to resolve the upstream host FQDN
+              # No active health-checking and therefore the upstream will be considered always as available to receive traffic
+              protocol: tcp               # transport protocol. Only tcp supported for now
+              host: lobby-test.ipbuff.com # upstream host. IP or FQDN
+              port: 8083                  # upstream port
+              dns:                        # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                  # dns address list. Queries will be done sequentially in case of failure. The DNS will be re-requeried according to the TTL received in the DNS response
+                  - 1.1.1.1               # cloudflare IPv4 DNS
+                  - 8.8.8.8               # google IPv4 DNS. Used if 1.1.1.1 DNS fails to resolve
+                  - 2606:4700::1111       # cloudflare IPv6 DNS. Used if 1.1.1.1 and 8.8.8.8 DNS fail to resolve
+```
+
+``` yaml title="Example config file without comments"
+lb:
+  - engine: nftables
+    targets:
+      - name: target1
+        protocol: tcp
+        port: 8081
+        upstream_group:
+          name: t1ug1
+          distribution: round-robin
+          upstreams:
+            - name: t1upstream1
+              host: 1.1.1.1
+              port: 80
+            - name: t1upstream2
+              host: 1.1.1.2
+              port: 80
+              health_check:
+                protocol: tcp
+                port: 80
+                start_available: true
+                probe:
+                  check_interval: 10
+                  timeout: 2
+                  success_count: 3
+            - name: t1upstream3
+              protocol: tcp
+              host: 1.1.1.3
+              port: 80
+              health_check:
+                protocol: tcp
+                port: 443
+                start_available: false
+                probe:
+                  check_interval: 10
+                  timeout: 1
+                  success_count: 5
+      - name: target2
+        protocol: tcp
+        port: 8082
+        upstream_group: 
+          name: t2ug1
+          distribution: round-robin
+          upstreams:
+            - name: lobby-test-server1
+              protocol: tcp
+              host: lobby-test.ipbuff.com
+              port: 8081
+            - name: lobby-test-server2
+              protocol: tcp
+              host: lobby-test.ipbuff.com
+              port: 8082
+              dns: 
+                servers: 
+                  - 1.1.1.1
+                  - 8.8.8.8
+                  - 2606:4700::1111
+                ttl: 300
+              health_check:
+                protocol: tcp
+                port: 8082
+                start_available: true
+                probe:
+                  check_interval: 30
+                  timeout: 1
+                  success_count: 3
+            - name: lobby-test-server3
+              protocol: tcp
+              host: lobby-test.ipbuff.com
+              port: 8083
+              dns: 
+                servers: 
+                  - 1.1.1.1
+                  - 8.8.8.8
+                  - 2606:4700::1111
+```
+
+!!! note
+    As Lobby's config file is based on YAML, it will fail to load with a malformatted YAML config file.
diff --git a/docs/src/docs/contacts.md b/docs/src/docs/contacts.md
new file mode 100644
index 0000000..69d68f4
--- /dev/null
+++ b/docs/src/docs/contacts.md
@@ -0,0 +1,3 @@
+Lobby has been created by [Igor Borisoglebski](https://igor.borisoglebski.com).
+
+Feel free to [reach out](https://igor.borisoglebski.com/contacts)!
diff --git a/docs/src/docs/features.md b/docs/src/docs/features.md
new file mode 100644
index 0000000..1c1f1a0
--- /dev/null
+++ b/docs/src/docs/features.md
@@ -0,0 +1,187 @@
+Lobby leverages the Linux kernels networking stack for network traffic processing and therefore the load balancing is not performed at the application layer, but at the kernel level.
+
+To set up the kernel networking stack, Lobby uses the [netfilter](https://wikipedia.org/wiki/Netfilter) framework through the [nftables](https://wikipedia.org/wiki/Nftables) Linux kernel subsystem.
+
+<figure markdown>
+![Lobby System Diagram](assets/lobbySystemDiagram.gif){ loading=lazy }
+<figcaption>Network packet processing with Lobby</figcaption>
+</figure>
+
+All of the configuration interpretation, upstream health checking, DNS resolution and respective traffic routing orchestration are peformed by Lobby. This approach is perfectly sufficient to implement comprehensive and efficient load balancing capabilities. 
+
+## Concepts and Definitions
+
+These are some of the key concepts and definitions in Lobby's context.
+
+<figure markdown>
+![Lobby Concepts](assets/lobbyConcepts.png){ loading=lazy }
+<figcaption>Lobby conceptual representation</figcaption>
+</figure>
+
+### Targets
+A target is where the traffic is being expected at the Lobby host. Currently a target is only defined by the network protocol, such as TCP, and a network port. Each target must be unique.
+
+Targets use [upstream groups](#upstream-groups) to load balance traffic.
+
+| Definition | Description |
+| - | - |
+| **name** | unique name representing the target |
+| **protocol** | the network protocol [`tcp`] |
+| **port** | unique port for the specified protocol |
+| **upstream_group** | the [upstream group](#upstream-groups) object linked to the target |
+
+### Upstream Groups
+An upstream group is a collection of one or more [upstreams](#upstreams) associated to one [target](#targets). The definition of the distribution mode of the traffic across upstreams is done by an upstream group.
+
+| Definition | Description |
+| - | - |
+| **name** | unique name representing the upstream group |
+| **distribution** | traffic distribution mode [[`round-robin`](#round-robin)] |
+| **upstreams** | list of [upstream](#upstreams) objects linked to the upstream group |
+
+#### Distribution Modes
+##### round-robin
+All outgoing traffic is spread evenly across all of the available upstreams.
+
+### Upstreams
+An upstream is a destination to which the traffic will be proxied to. Upstreams are defined by a network address (`host`) and a network port (`port`).
+
+| Definition | Description |
+| - | - |
+| **name** | unique name representing the upstream |
+| **host** | upstream network address as IPv4 or FQDN |
+| **port** | upstream network port |
+| **health_check** | [health check](#health-check) object linked to the upstream |
+| **dns** | [dns](#dns) object linked to the upstream |
+
+The `health_check` and `dns` definitions for the upstream are optional.
+
+In case no `health_check` object is linked to the upstream, the upstream will always be considered to be available to receive traffic.
+
+In case no `dns` object is linked to the upstream and the host is a FQDN, then the system DNS will be used to resolve the upstream address.
+
+#### Health Check
+The [upstreams](#upstreams) may be configured to be subject to active health checks in order to monitor their readiness to receive traffic. Lobby will remove upstreams from the [upstream group](#upstream-groups) while they're unavailable and will be ensuring that the available upstreams are part of the respective upstream group.
+
+| Definition | Description |
+| - | - |
+| **protocol** | network protocol to be used for probing |
+| **port** | network port to be used for probing |
+| **start_available** | if the upstream should be available or unavailable at start [`true`, `false` ] |
+| **probe** | [probe settings](#health-check-probe-settings) object linked to the health check |
+
+The health checks will always be performed against the upstream host address. However, it is possible to specify a different port and protocol.
+
+##### Health Check Probe Settings
+
+| Definition | Description |
+| - | - |
+| **check_interval** | frequency in seconds for the health check to occur |
+| **timeout** | seconds to wait for response before considered as failed check |
+| **success_count** | amount of successful checks before upstream is set as available |
+
+#### DNS
+Lobby allows for upstream hosts to be configured as FQDN's. In order to resolve the FQDN's, a DNS object may be defined to specify which servers should be used to resolve the FQDN.
+
+It is also possible to overwrite the DNS Time-to-Live (TTL) field.
+
+| Definition | Description |
+| - | - |
+| **servers** | list of DNS addresses |
+| **ttl** | frequency in seconds for the name resolution to occur |
+
+The FQDN name resolution will be performed by the first DNS address on the `servers` list. If it fails, the next DNS address in the list will be attempted and so on, until the name has been successfuly resolved or the DNS addresses exhasuted.
+
+In case the `servers` are not defined, the Lobby system host DNS addresses will be used.
+
+In case the `ttl` is not defined, the TTL received on the name resolution will be used.
+
+In a scenario where a FQDN has been previously resolved to an IP address, but that later the DNS stops resolving the FQDN, then Lobby will keep the last known IP address instead of making the upstream unavailable.
+
+### Config File Representation
+A [YAML](https://yaml.org/) file is used to set the Lobby configuration in accordance to the features discription above. The format can be consulted in the [configuration](configuration.md) or [tutorials](tutorials.md) pages.
+
+## Feature Set
+
+A summary of the Lobby feature set may be found below.
+
+Feel free to [reach out]() in case you wish any of the feature development to be prioritized.  
+
+### Internet Protocols
+| Protocol    | Implemented             |
+| ----------- | ----------------------- |
+| IPv4        | :material-check: v0.1.0 |
+| IPv6        | :material-close:        |
+
+### Traffic Protocols
+| Protocol    | Implemented             |
+| ----------- | ----------------------- |
+| TCP         | :material-check: v0.1.0 |
+| UDP         | :material-close:        |
+| SCTP        | :material-close:        |
+| HTTP        | :material-close:        |
+
+### Load Balancing Modes
+| Mode              | Implemented             |
+| -----------       | ----------------------- |
+| round-robin       | :material-check: v0.1.0 |
+| random            | :material-close:        |
+| weighted          | :material-close:        |
+| ip-src-hash-based | :material-close:        |
+| least-latency     | :material-close:        |
+| least-connections | :material-close:        |
+
+### Upstream Health Check
+| Feature                   | Implemented             |
+| -----------               | ----------------------- |
+| TCP                       | :material-check: v0.1.0 |
+| UDP                       | :material-close:        |
+| HTTP                      | :material-close:        |
+| Start available           | :material-check: v0.1.0 |
+| Start unavailable         | :material-check: v0.1.0 |
+| Probe timeout             | :material-check: v0.1.0 |
+| Probe check interval      | :material-check: v0.1.0 |
+| Probe healthy threshold   | :material-check: v0.1.0 |
+| Probe unhealthy threshold | :material-close:        |
+
+### Upstream Name Resolution
+| Feature                   | Implemented             |
+| -----------               | ----------------------- |
+| Upstream FQDN address     | :material-check: v0.1.0 |
+| DNS backup                | :material-check: v0.1.0 |
+| DNS Load Balancing        | :material-close:        |
+| Host System DNS           | :material-check: v0.1.0 |
+| Overwrite DNS TTL         | :material-check: v0.1.0 |
+
+### Non-functional
+| Feature                   | Implemented             |
+| -----------               | ----------------------- |
+| YAML file based config    | :material-check: v0.1.0 |
+| Hot config reload         | :material-check: v0.1.0 |
+| API based config          | :material-close:        |
+| Event triggers (ie alert) | :material-close:        |
+| Traffic mirroring         | :material-close:        |
+| Metrics exposure          | :material-close:        |
+| Prometheus endpoints      | :material-close:        |
+| Graphical User Interface  | :material-close:        |
+| systemd service           | :material-close:        |
+
+### Other
+
+Other features and ideas for possible future implementation:
+
+| Feature                        | Description                        |
+| -----------                    | -----------------------            |
+| Target IP Range                | Load balance on received IP range  |
+| Target Interface               | Load balance on received interface |
+| Packet Acceleration            | Software and Hardware packet routing acceleration |
+| IPv4 to IPv6                   | Proxy from IPv4 targets to IPv6 upstreams |
+| IPv6 to IPv4                   | Proxy from IPv6 targets to IPv4 upstreams |
+| Rate limits                    | Define traffic rating limits per target or upstream |
+| Source IP allowed list         | Only allow traffic from allowed listed IP addresses |
+| Source IP block list           | Drop traffic from block listed IP addresses |
+| Lobby clustering               | Lobby cluster coordination |
+| Kubernetes agent               | Configure Lobby based on Kubernetes services |
+| Define Source address          | Allow Lobby IP address to upstreams to be configured |
+| Local traffic Load Balancing   | Load balance locally generated traffic |
+| Configurable nftables priority | Load balance locally generated traffic |
diff --git a/docs/src/docs/index.md b/docs/src/docs/index.md
new file mode 100644
index 0000000..191ee4b
--- /dev/null
+++ b/docs/src/docs/index.md
@@ -0,0 +1,133 @@
+---
+title: Overview
+---
+
+**Lobby** is a simple, yet highly performant, network traffic load balancer based on Linux [nftables](https://wiki.nftables.org/wiki-nftables/). It is designed to run as a portable binary app on Linux systems in amd64 and arm64 architectures.
+
+## Getting Started (without docker)
+
+!!! info
+    In case you have :simple-docker: docker installed in the same host as where you're planning to run Lobby, follow [this](#getting-started-with-docker) instead.
+
+On a amd64 or arm64 Linux system, simply:
+
+``` bash title="Get Lobby"
+wget -q -O - https://ipbuff.com/getLobby | sh
+```
+
+!!! success ""
+
+    And that's it! It is all it takes to get Lobby available on your system
+
+This command downloads and runs a script which makes Lobby available on your current directory by downloading the Lobby binary to your current folder which becomes accessible with `./lobby`
+
+It also sets up a demo configuration file in `./lobby.conf`. The demo configuration will get Lobby to load balance all TCP traffic hitting the Lobby host on port `8082` to a cloud server used for Lobby testing at `lobby-test.ipbuff.com:8081`, `lobby-test.ipbuff.com:8082` and `lobby-test.ipbuff.com:8083` in [`round-robin`](features.md#round-robin) distribution mode.
+
+The only thing you have to ensure before running Lobby is that IP forwarding is enabled on your host system. In case you need help with this, check [this](https://www.baeldung.com/linux/kernel-ip-forwarding) article about it.
+
+You should be able to get Lobby up and running as a **privileged user** with:
+
+``` bash title="Run Lobby"
+./lobby
+```
+
+!!! warning "In case of failure"
+
+    If you get a permissions error, make sure you run `lobby` as 'root' user or with `sudo` or `doas`. To learn more on how to run as unprivileged user check [here](installation.md#permissions)
+
+If you haven't changed anything on the demo config file, you should be able to successfully target your Lobby host on port `8082` **from another machine** to test if Lobby is working correctly. 
+
+This can be achieved in many ways. One of them is with:
+
+``` bash title="Test Lobby from another machine"
+for i in {1..6}; do curl <IP of Lobby host>:8082; done
+```
+
+!!! success "Result"
+
+    In case of success, this test will call the load balancer 6 times on port `8082` and Lobby will load balance the traffic in round-robin mode across 3 different Lobby test upstreams.
+
+    The expected output is:
+
+    ```
+    8081
+    8082
+    8083
+    8081
+    8082
+    8083
+    ```
+
+!!! warning "In case of failure"
+
+    Make sure this test is performed from another machine as the traffic from the test machine is to be proxied through the Lobby host to the configured upstream. `curl localhost:8082` won't work and is expected to fail.
+
+    If your only option is to test locally, consider using this [docker setup](installation.md#docker-network).
+
+To stop Lobby just send it an `SIGINT` signal with a `Ctrl + c` from the terminal that is running it or through the `kill` or `pkill` commands.
+
+In order to setup the load balancing as per your needs, feel free to edit the `./lobby.conf` config file. You'll be able to find the full configuration reference [here](configuration.md). 
+
+With Lobby running, when it receives a `SIGHUP` signal, it will reprocess the config file and reconfigure the load balancing based on the updated config file contents.
+
+## Getting Started (with docker)
+
+!!! note
+    Before using the examples below, please make sure to run the commands from a directory in which you want to store the Lobby configuration file `lobby.conf`
+
+[This demo configuration](https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/demo.conf) will be used for test purposes.
+
+``` bash title="Get Lobby Demo Config File"
+wget -q \
+  -O lobby.conf \
+  https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/demo.conf
+```
+
+In order to run Lobby on docker use the command below:
+
+``` bash
+docker run --rm -d \
+  --name lobby  \
+  --cap-add=NET_ADMIN --cap-add=NET_RAW \
+  -v $(pwd)/lobby.conf:/lobby/lobby.conf \
+  -p 8082:8082 \
+  ipbuff/lobby:latest
+```
+
+Now, to test, let's check the load balancing to the Lobby test servers with:
+
+``` bash
+for i in {1..6}; do curl localhost:8082; done
+```
+
+!!! success "Result"
+
+    In case of success, this test will call the load balancer 6 times on port `8082` and Lobby will load balance the traffic in round-robin mode across 3 different Lobby test upstreams.
+
+    The expected output is:
+
+    ```
+    8081
+    8082
+    8083
+    8081
+    8082
+    8083
+    ```
+
+Finally, when you're done with testing, just stop the Lobby container with:
+
+``` bash
+docker stop lobby
+```
+
+In order to setup the load balancing as per your needs, feel free to edit the `./lobby.conf` config file. You'll be able to find the full configuration reference [here](configuration.md). 
+
+With Lobby running, when it receives a `SIGHUP` signal, it will reprocess the config file and reconfigure the load balancing based on the updated config file contents. To send a SIGHUP to the Lobby container just:
+
+``` bash
+docker kill -s SIGHUP lobby
+```
+
+## Learning More
+In case you're interested in learning more about Lobby, you'll be able to find here more about its [feature](features.md) set, [installation](installation.md) options, [configuration](configuration.md) reference, [tutorials](tutorials.md) and how to get additional [support](support.md).
diff --git a/docs/src/docs/installation.md b/docs/src/docs/installation.md
new file mode 100644
index 0000000..6b55e37
--- /dev/null
+++ b/docs/src/docs/installation.md
@@ -0,0 +1,144 @@
+## Requirements
+### System
+Up to the current version, Lobby was prepared to run on `Linux/amd64` and `Linux/arm64` systems.
+
+### Kernel
+The Kernel must have the `nf_tables` module loaded or available to be loaded given that Lobby uses nftables to orchestrate the load balancing.
+
+IPv4 and IPv6 forwarding must also be enabled through the kernel parameters. In most Linux systems `sysctl` can be used to check and enable/disable IP forwarding. Check [here](https://www.baeldung.com/linux/kernel-ip-forwarding), for instance, in case you need help with regards to managing IP forwarding in your systems.
+
+### Permissions
+The Lobby binary must have the `NET_ADMIN` and `NET_RAW` [linux capabilities](https://man7.org/linux/man-pages/man7/capabilities.7.html) set to `Permitted` and `Effective`.
+
+In most systems this can be achieved with the following command executed by the `root` user:
+
+``` bash
+setcap 'cap_net_admin,cap_net_raw+ep' /path/to/lobby
+```
+
+Also ensure that the binary can (only?) be executed by the appropriate user and group with `chown` and `chmod`.
+
+## Binary
+Pre-built binaries are available [here](https://github.com/ipbuff/lobby/releases/) and are named:
+
+  - for linux/amd64 systems: `lobby-linux-amd64`
+  - for linux/arm64 systems: `lobby-linux-arm64`
+
+As an alternative to direct binaries, the [releases](https://github.com/ipbuff/lobby/releases/) also include scripts to download the binary and a demo configuration file.
+
+The binary can be located anywhere, but consider placing it named `lobby` in one of your `$PATH` directories such as `/usr/local/bin` or `/usr/bin`.
+
+Lobby has its load balancing rules set through a config file. Lobby will look for a config file named `lobby.conf` in its local directory and if not found in its local directory, it will then try to open it from `/etc/lobby/lobby.conf`. If you've placed Lobby in one of your `$PATH` directories, then place the configuration file in `/etc/lobby/lobby.conf`. It is also possible to specify the config file with the `-c` flag such as `lobby -c /path/to/config/file.yaml`.
+
+## Building from Source
+The Lobby source code is publicly available at [:simple-github: Github](https://github.com/ipbuff/lobby).
+
+In order to build from source, make sure you have the [go environment set up](https://go.dev/doc/install) and then simply clone the repo and use `make build` from within the repo directory.
+
+There's a tutorial [here](tutorials.md#building-from-source).
+
+## Docker
+Lobby containers are published on [:simple-docker: docker hub](https://hub.docker.com/r/ipbuff/lobby).
+
+The containers have been built with ["Distroless"](https://github.com/GoogleContainerTools/distroless) images. Therefore, it will not possible to run anything else other than Lobby on those containers.
+
+!!! note
+    Before using the examples below, please make sure to run the commands from a directory in which the Lobby configuration file `lobby.conf` exists and contains valid configuration. 
+
+    Otherwise, adjust the commands accordingly.
+
+    [This demo configuration](https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/demo.conf) could be used for test purposes.
+
+In order to run Lobby on docker while using a separate network namespace for the container and exposing locally some of the ports consider the command below:
+
+``` bash
+docker run -d \
+  --name lobby  \
+  --cap-add=NET_ADMIN --cap-add=NET_RAW \
+  -v $(pwd)/lobby.conf:/lobby/lobby.conf \
+  -p 8081:8081 -p 8082:8082 \
+  ipbuff/lobby:latest
+```
+
+The `-d` flag runs the container in [dettached](https://docs.docker.com/language/golang/run-containers/#run-in-detached-mode) mode.
+
+The `name` flag sets the container name.
+
+The `--cap-add` provides the `NET_ADMIN` and `NET_RAW` linux capabilites to the container processes.
+
+The `-v` flag mounts the local `./lobby.conf` config file in the container on the `/lobby/lobby.conf` path.
+
+The `-p` flag is used to map a local port to a port within the container. 
+
+`ipbuff/lobby:latest` uses the latest image for the `ipbuff/lobby` container hosted on docker hub.
+
+!!! note
+
+    This method whilst it might be convenient, it is potentially a non-optimal setup for production environments as docker sets up a NAT rule to get the traffic from the local port to the container address and port. This adds extra computation when compared to other options. Additionally, it also complicates on how to expose additional ports as result of configuration changes.
+
+## systemd
+Running Lobby as a systemd requires setting the lobby service file in `/etc/systemd/system/`. 
+
+[Here](https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/lobby.service)'s a sample systemd service file which can be used after replacing the `User`, `WorkingDirectory` and `ExecStart` parameters :
+
+``` systemd title="/etc/systemd/system/lobby.service"
+[Unit]
+Description=Lobby Load Balancer
+After=network.target
+
+[Service]
+Type=simple
+User={{ username }}
+ExecStart=/usr/local/bin/lobby
+ExecStop=/bin/kill -s SIGINT $MAINPID
+ExecReload=/bin/kill -s SIGHUP $MAINPID
+TimeoutStartSec=0
+RestartSec=2
+Restart=always
+StartLimitBurst=3
+StartLimitInterval=60s
+
+[Install]
+WantedBy=multi-user.target
+```
+
+Make sure that if the user is not set to `root`, the lobby binary has the required [Linux capabilities](#permissions).
+
+Once the `/etc/systemd/system/lobby.service` file is created, consider setting it with the appropriate ownership and permissions. If unsure, use:
+
+``` bash
+chown root:root /etc/systemd/system/lobby.service
+chmod 644 /etc/systemd/system/lobby.service
+```
+
+And then finally reload the systemd config with:
+
+``` bash
+systemctl daemon-reload
+```
+
+The lobby service then can be enabled with:
+
+``` bash
+systemctl start lobby
+```
+
+And it should be enabled in case you wish it to start every time the system boots:
+
+``` bash
+systemctl enable lobby
+```
+
+In order to stop Lobby:
+
+``` bash
+systemctl stop lobby
+```
+
+It is possible to refresh the Lobby configuration after editing the config file with:
+
+``` bash
+systemctl reload lobby
+```
+
+There's a [script](https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/lobby.service) which helps with the Lobby systemd service setup. Its usage is documented in the [tutorials](tutorials.md#lobby-systemd-service).
diff --git a/docs/src/docs/stylesheets/extra.css b/docs/src/docs/stylesheets/extra.css
new file mode 100644
index 0000000..c408ddb
--- /dev/null
+++ b/docs/src/docs/stylesheets/extra.css
@@ -0,0 +1,5 @@
+[data-md-color-scheme="default"] {
+	--md-default-bg-color: #f7f7f7;
+	--md-code-bg-color: #fff;
+}
+
diff --git a/docs/src/docs/support.md b/docs/src/docs/support.md
new file mode 100644
index 0000000..08391cd
--- /dev/null
+++ b/docs/src/docs/support.md
@@ -0,0 +1,3 @@
+In case you're in need of support, the best way to get it is through the [:simple-github: github issues](https://github.com/ipbuff/lobby/issues) of the Lobby repo.
+
+Professional support can be provided by the project creator. In case this is of interest, feel free to [reach out](https://igor.borisoglebski.com).
diff --git a/docs/src/docs/tutorials.md b/docs/src/docs/tutorials.md
new file mode 100644
index 0000000..b54ac83
--- /dev/null
+++ b/docs/src/docs/tutorials.md
@@ -0,0 +1,553 @@
+## Building from source
+In order to build Lobby from source, it is required to do so from an environment prepared to [build go projects](https://go.dev/doc/install).
+
+The build process is pretty simple. Go to a directory of your choosing and from there:
+
+```
+git clone --depth 1 https://github.com/ipbuff/lobby.git
+cd lobby
+make build
+```
+
+Following the successful build, the resulting binaries can be found in the `./bin` directory.
+
+There will be two files:
+
+  - `lobby-linux-amd64` for Linux system and amd64 architecture
+  - `lobby-linux-arm64` for Linux system and arm64 architecture
+
+## Getting the binaries and running Lobby
+The Lobby binaries can be found on the [releases](https://github.com/ipbuff/lobby/releases) of the Lobby :simple-github: Github repo.
+
+In case you have :simple-docker: docker installed on the same host as where you're planning to run Lobby, do not use the Lobby binaries and use the [docker](#docker) methods instead. The default :simple-docker: docker iptables/nftables rules drop all the forwarding traffic. In case you still want to proceed with the binary setup in a server which also has docker, then you'll have to edit the docker generated iptables/nftables rules.
+
+### Download Lobby
+The simplest method is to use the [`getLobby.sh`](https://github.com/ipbuff/lobby/blob/main/scripts/getLobby.sh) script which will detect your system and download the appropriate binary for your system. This script will also set a demo Lobby config file which can be used to test Lobby. This script is available [here](https://ipbuff.com/getLobby).
+
+Start by creating a directory where you want to download the Lobby binaries to. For this example, `~/lobby` will be used. The directory can be created with:
+
+``` bash title="Create directory to store Lobby"
+LOBBY_DIR=~/lobby
+mkdir $LOBBY_DIR && \
+cd $LOBBY_DIR && \
+echo Successfully created the lobby dir || \
+echo Failed to create the lobby dir
+```
+
+A way to download the script and run it can be:
+
+``` title="Get Lobby Binary and Config File"
+wget -q -O - https://ipbuff.com/getLobby | sh
+```
+
+Now if you check the contents of the directory, you should find there the Lobby binary named `lobby` and the demo configuration file named `lobby.conf`.
+
+``` bash title="List Directory Contents"
+ls
+```
+
+### CLI Help
+To get the command line interface (cli) help, which prints the flags available for Lobby, run Lobby with the `-h` flag.
+
+```bash title="Print cli help"
+./lobby -h
+```
+
+### Check Version
+To check the Lobby version just run lobby with the `-v` flag. The version will be printed as result and the app will quit.
+
+``` bash title="Check Lobby version"
+./lobby -v
+```
+
+### Setting permissions
+At this stage, you have to decide with which user you want to run Lobby with. Eventually the simplest way is to proceed as `root`, but we'll proceed this tutorial with the consideration that best practices should be followed even in introductory tutorials and in that case we'll assume that an unprivileged user is to be used.
+
+The script executed at [this](#download-lobby) step has already ensured that the binary can only be executed by the owner user and group. Additionally, in order to run Lobby with an unprivileged user it is necessary to give permissions to the binary to run with a couple of linux capabilities which allow it to manage specifically the nftables locally. The capabilites are `NET_ADMIN` and `NET_RAW` and we'll follow the instructions described [here](installation.md#permissions) to set them for the Lobby binary with the following command executed by the `root` user:
+
+``` bash title="Execute as root user"
+setcap 'cap_net_admin,cap_net_raw+ep' lobby
+```
+
+The success of the command can be confirmed with:
+
+``` bash
+getcap lobby
+```
+
+!!! success
+
+    With the expected output being:
+
+    ``` bash
+    lobby cap_net_admin,cap_net_raw=ep
+    ```
+
+From here on, it is possible to run Lobby as an unprivileged user.
+
+Keep in mind that the Linux capabilities have to be set every time a new binary is built/downloaded - ie after every upgrade
+
+### Running Lobby
+Running Lobby without any flags will start the load balancer with the local config file named `lobby.conf`. In case `lobby.conf` is not found or is inaccessible, then the `/etc/lobby/lobby.conf` path will be attempted next. In case either of the files fails to open, Lobby will quit with error code 1.
+
+!!! note
+    On [this](#download-lobby) step, [this](https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/demo.conf) demo config file has been setup locally. In case you have followed a different method to set up the Lobby binaries, make sure that there is a Lobby configuration file at either the local directory of the Lobby binary or at `/etc/lobby/lobby.conf`
+
+Lobby can be started simply with:
+
+``` bash title="Start Lobby"
+./lobby
+```
+
+#### Test Lobby
+As Lobby doesn't load balances localhost traffic, the tests have to be performed from another machine targeting the Lobby host.
+
+If you haven't changed anything on the demo config file, you should be able to successfully target your Lobby host on port `8082` **from another machine** to test if Lobby is working correctly. 
+
+This can be achieved in many ways. One of them is with:
+
+``` bash title="Test Lobby from another machine"
+for i in {1..6}; do curl <IP of Lobby host>:8082; done
+```
+
+!!! success "Result"
+
+    In case of success, this test will call the load balancer 6 times on port `8082` and Lobby will load balance the traffic in round-robin mode across 3 different Lobby test upstreams.
+
+    The expected output is:
+
+    ```
+    8081
+    8082
+    8083
+    8081
+    8082
+    8083
+    ```
+
+!!! warning "In case of failure"
+
+    Make sure this test is performed from another machine as the traffic from the test machine is to be proxied through the Lobby host to the configured upstream. `curl localhost:8082` won't work and is expected to fail.
+
+    If your only option is to test locally, consider using this [docker setup](#docker).
+
+### Update Config
+Lobby supports hot reloading of the configuration, which means that it is possible to update the configuration without having to stop and start the load balancer with the benefit of no traffic being temporarily lost in the process.
+
+This is achieved by updating the configuration file in use by Lobby and sending a SIGHUP signal to the running process.
+
+As an example, while Lobby is running, let's add another upstream to `target2` by appending the following config, which will add a new upstream to `target2`.
+
+``` bash
+echo "            - name: lobby-test-server4" >> lobby.conf
+echo "              host: lobby-test.ipbuff.com" >> lobby.conf
+echo "              port: 8084" >> lobby.conf
+```
+
+Now that the config file has been updated, we just need to send a `SIGHUP` signal to the running process of Lobby. This can be achieved with:
+
+``` bash
+pkill -SIGHUP lobby
+```
+
+Now that Lobby has reconfigured we can run the same test:
+
+``` bash title="Test Lobby from another machine"
+for i in {1..6}; do curl <IP of Lobby host>:8082; done
+```
+
+!!! success "Result"
+
+    And now given we have one extra test upstream, the expected output is:
+
+    ```
+    8081
+    8082
+    8083
+    8084
+    8081
+    8082
+    ```
+
+### Stopping Lobby
+Lobby can be stopped with `Ctrl+c` on the terminal where it is running in the foreground or with a SIGINT signal to the running process with: 
+
+``` bash
+pkill -SIGINT lobby
+```
+
+### Specifying a Config File
+Lobby supports specifying a path to a specific config file. This can be achieved with the `-c` flag. For example: 
+
+``` bash
+./lobby -c <path to config file>
+```
+
+### Verbosity Level
+The default logging verbosity for Lobby is `Info`. It is possible to start Lobby with different levels of logging verbosity. This is achieved with the `-l` flag.
+
+The possible logging levels are:
+
+| Log Level       | Description                      | Flag string    | Displays |
+|---------------- | -------------------------        | -------------- | -------- |
+| Critical        | Fatal errors and similar         | `critical`     | `critical` |
+| Warning         | Potentially problematic events   | `warning`      | `critical`/`warning` |
+| Info            | Potentially relevant information | `info`         | `critical`/`warning`/`info` |
+| Debug           | User debugging level             | `debug`        | `critical`/`warning`/`info`/`debug` |
+| DebugVerbose    | Developer debugging level        | `debugverbose` | `critical`/`warning`/`info`/`debug`/`debugverbose` |
+
+So, for instance to set the logging level to Debug level, start Lobby with:
+
+``` bash 
+./lobby -l debug
+```
+
+## Lobby systemd Service
+Other than for testing purposes, it is recommended to run Lobby as a systemd service.
+
+### Install Lobby (systemd)
+[This](https://github.com/ipbuff/lobby/releases/latest/download/installLobby.sh) script provides a way to setup Lobby as a systemd service. It does the following:
+
+  - Downloads the latest Lobby binary for the appropriate system
+  - Places the binary in `/usr/local/bin/lobby` with conservative permissions
+  - Sets a demo config file in `/etc/lobby/lobby.conf`
+  - Creates a systemd service until file for Lobby 
+    - at `/etc/systemd/system/lobby.service` for `root` user
+    - otherwise at `~/.config/systemd/user/lobby.service` for other users
+
+The script accepts a username as an argument in order to install Lobby with the appopriate permissions for the given user. In case no argument is provided, it is assumed that the installation is to be done for the `root` user.
+
+The installation script has to be run as `root` user given it requires privileged permissions to set everything thing up.
+
+#### As root user systemd service
+In order to use the script to install Lobby for the `root` user:
+
+``` bash title="Run as root user"
+wget -q -O - https://ipbuff.com/installLobby | sh
+```
+
+Following the succesful completion of the installation script it is necessary to reload the systemd deamon in order to make the Lobby systemd service available. This can be achieved by running the following command as `root` user:
+
+``` 
+systemctl daemon-reload
+```
+
+Now you can start Lobby with:
+
+``` 
+systemctl start lobby
+```
+
+And in case you want Lobby to start automatically at system boot:
+
+``` 
+systemctl enable lobby
+```
+
+To stop the Lobby service:
+
+``` 
+systemctl stop lobby
+```
+
+And to refresh the Lobby configuration following config file changes:
+
+``` 
+systemctl reload lobby
+```
+
+##### Security Improvement
+While leaving the systemd service managed by root, so it can be started automatically at every system boot, consider executing the Lobby binary with an unprivileged user.
+
+For that purpose, create a specific user, give `rwx` permissions to it or its group to the `/etc/lobby/` directory and at least `x` to the binary `/usr/local/bin/lobby`.
+
+Then to ensure that the systemd service runs Lobby with the desired user add the `User=changeMe` argument somewhere in the `[Service]` section of the Lobby systemd service unit file at `/etc/systemd/system/lobby.service`. From the previous example change `changeMe` to the user that was created and to be used.
+
+Once the Lobby systemd service unit file has been updated with the `User` argument under the `[Service]` section, refresh systemd with:
+
+``` 
+systemctl daemon-reload
+```
+
+And for good measure stop, disable and enable and start again the Lobby systemd service:
+
+``` 
+systemctl stop lobby
+systemctl disable lobby
+systemctl enable lobby
+systemctl start lobby
+```
+
+#### As non-root user systemd service
+In order to use the script to install Lobby for the `john` user:
+
+``` title="Run as root user and replace 'john' with your username"
+wget -q -O - https://ipbuff.com/installLobby | sh -s john
+```
+
+Following the succesful completion of the installation script it is necessary to reload the systemd deamon in order to make the Lobby systemd service available. In case you've proceeded with the installation as a `non-root` user, this can be achieved by running the following command with the desired user: 
+
+``` 
+systemctl --user daemon-reload
+```
+
+Now you can start Lobby with:
+
+```
+systemctl --user start lobby
+```
+
+And in case you want Lobby to start automatically at **first user login**:
+
+``` 
+systemctl --user enable lobby
+```
+
+To stop the Lobby service:
+
+``` 
+systemctl --user stop lobby
+```
+
+And to refresh the Lobby configuration following config file changes:
+
+``` 
+systemctl --user reload lobby
+```
+
+### Uninstall Lobby (systemd)
+It is recommended to stop and disable the Lobby systemd service before uninstalling Lobby.
+
+In order to uninstall Lobby in case the [`installLobby.sh`](https://github.com/ipbuff/lobby/releases/latest/download/installLobby.sh) script was used, all that is necessary is to remove:
+
+- the binary located in `/usr/local/bin/lobby`
+- the configuration directory at `/etc/lobby/`
+- eventually the systemd service unit files for the root user at `/etc/systemd/system/lobby.service`
+- eventually the systemd service unit files for non-root users
+
+A [script](https://github.com/ipbuff/lobby/releases/latest/download/uninstallLobby.sh) has been prepared for that. Before using it, backup your config file as it is removed as part of the uninstall process.
+
+You can run it as a root user with:
+
+!!! note
+    Do not forget to stop and disable the Lobby systemd service beforehand
+
+``` title="Run as root"
+wget -q -O - https://ipbuff.com/uninstallLobby | sh
+```
+
+## Docker
+This tutorial will be assuming your default docker network is a bridge network (as it is most likely the case and) as it happens by default after docker install. In case this is not the case, adjust the steps and commands accordingly.
+
+Change directory to where you will be storing your Lobby config file before proceeding with this docker tutorial.
+
+### Check Version
+To start with, let's check the Lobby version from the container images hosted at [:simple-docker: docker hub](https://hub.docker.com/r/ipbuff/lobby).
+
+``` 
+docker run --rm \
+  --name lobby \
+  --cap-add=NET_ADMIN --cap-add=NET_RAW \
+  ipbuff/lobby:latest \
+  ./lobby -v
+```
+
+### Running Lobby on Docker
+Running Lobby without any flags will start the load balancer with the local config file named `lobby.conf`.
+
+Generate your own Lobby config file or download a demo config file like so:
+
+``` bash
+wget \
+  -O lobby.conf \
+  -q https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/demo.conf
+```
+
+Then Lobby can be started simply with:
+
+``` 
+docker run --rm -d \
+  --name lobby \
+  --cap-add=NET_ADMIN --cap-add=NET_RAW \
+  -v $(pwd)/lobby.conf:/lobby/lobby.conf \
+  -p 8082:8082 \
+  ipbuff/lobby:latest
+```
+
+#### Test Lobby on Docker
+If you haven't changed anything on the demo config file, you should be able to successfully target your port `8082` to test if Lobby is working correctly. 
+
+This can be achieved in many ways. One of them is with:
+
+``` bash title="Test Lobby from another machine"
+for i in {1..6}; do curl localhost:8082; done
+```
+
+!!! success "Result"
+
+    In case of success, this test will call the load balancer 6 times on port `8082` and Lobby will load balance the traffic in round-robin mode across 3 different Lobby test upstreams.
+
+    The expected output is:
+
+    ```
+    8081
+    8082
+    8083
+    8081
+    8082
+    8083
+    ```
+
+### Update Config on Docker
+As in [here](#update-config), while Lobby is running, let's add another upstream to `target2` by appending the following config, which will add a new upstream to `target2`.
+
+``` bash
+echo "            - name: lobby-test-server4" >> lobby.conf
+echo "              host: lobby-test.ipbuff.com" >> lobby.conf
+echo "              port: 8084" >> lobby.conf
+```
+
+Now that the config file has been updated, we just need to send a `SIGHUP` signal to the running process of Lobby in the container. This can be achieved with:
+
+``` 
+docker kill -s SIGHUP lobby
+```
+
+Now that Lobby has reconfigured we can run the same test:
+
+``` bash title="Test Lobby from another machine"
+for i in {1..6}; do curl ${LOBBY_IP}:8082; done
+```
+
+!!! success "Result"
+
+    And now given we have one extra test upstream, the expected output is:
+
+    ```
+    8081
+    8082
+    8083
+    8084
+    8081
+    8082
+    ```
+
+### Stopping Lobby on Docker
+Lobby can be stopped with `Ctrl+c` on the terminal where it is running in the foreground or with a SIGINT signal to the running process with: 
+
+``` 
+docker kill -s SIGINT lobby
+```
+
+### Verbosity level on Docker
+As explained [here](#verbosity-level), for instance to set the logging level to Debug level, start Lobby with:
+
+``` 
+docker run --rm -d \
+  --name lobby \
+  --cap-add=NET_ADMIN --cap-add=NET_RAW \
+  -v $(pwd)/lobby.conf:/lobby/lobby.conf \
+  -p 8082:8082
+  ipbuff/lobby:latest \
+  ./lobby -l debug
+```
+
+### Things to Note
+#### Container Ports
+For [this](#running-lobby-on-docker) type of docker deployment, consider specifying a range of ports to be exposed for the Lobby docker container, instead of individual ones. This is in case future load balancing configuration requires load balancing on new/other ports. For instance, to expose from port 8000 to 9000 one could use the `-p 8000-9000:8000-9000` flag instead.
+
+#### Production on Docker
+For production deployments, consider creating a specific docker network to be used by exclusively by the Lobby containers and not subject to NAT'ing.
+
+## Considerations for Production Deployments
+The examples above are mostly useful for local testing or for home/small load applications. 
+
+However, to host Lobby for production it is important to have in consideration the wider context of the deployment, such as:
+
+- The traffic routing to the Lobby server host
+- The traffic routing from the Lobby server host
+- Lobby traffic isolation
+- The Lobby server host resources
+- Lobby redundancy
+- etc
+
+Nevertheless, for a high performance, high throughput and high bandwidth environment, consider the [systemd service](#lobby-systemd-service) or similar deployment type for Lobby in a host that is protected by a firewall and where the Lobby internet address is available at the Lobby host without NAT rules in between. The Lobby (or other load balancers) redundancy implementation depends on the use case and therefore cannot be subject to a generic recommendation in this tutorial.
+
+In case of need for support on production deployments or operation, consider reaching out to the [project creator](https://igor.borisoglebski.com) for consultancy and professional services.
+
+## Traffic Stats
+This part of Lobby is still in its infancy and unfortunately in extremelly low capacity. Feel free to reach out to the [project creator](https://igor.borisoglebski.com) in case you're willing to support the acceleration of the development or feel free contribute with the capability through the [:simple-github:Github project](https://github.com/ipbuff/lobby).
+
+However, the most basic measure has been implemented and can be checked through `nftables`. All targets are assigned a [nftables counter](https://wiki.nftables.org/wiki-nftables/index.php/Counters) which keeps track of the traffic incoming to each target. This can be checked for instance with:
+
+``` bash
+nft list counters
+```
+
+It outputs the packets and bytes incoming to each target.
+
+
+This method will be further enhanced to keep track of more things, accessible through other methods and integratable with external systems such as prometheus.
+
+## Generating Config
+Generating the Lobby config should be relatively intuitive for anyone who has worked with [YAML](https://yaml.org/) structures before.
+
+### One Target to Two Upstreams
+Let's create a config file with Lobby listening TCP traffic on port 8082 and load balancing to two upstreams in round-robin distribution mode where one of the upstreams is expecting traffic on IP 1.1.1.1 and port 80, while the other one on IP 1.1.1.2 and also port 80. 
+
+Every config file starts with:
+
+``` yaml
+lb:
+  - engine: nftables
+    targets:
+```
+
+We start by adding the target definition which is where Lobby is listening for that type of traffic with:
+
+``` yaml
+lb:
+  - engine: nftables
+    targets:
+      - name: toCloudflare
+        protocol: tcp
+        port: 8082
+```
+
+Now that we have defined where Lobby is listening, we need to specify how the traffic is distributed:
+
+``` yaml
+lb:
+  - engine: nftables
+    targets:
+      - name: toCloudflare
+        protocol: tcp
+        port: 8082
+        upstream_group:
+          name: cloudflareServers
+          distribution: round-robin
+          upstreams:
+```
+
+At this stage, this config file is not valid yet, because we haven't specified the upstream servers to where the traffic will be load balanced. So, we need to add them:
+
+``` yaml
+lb:
+  - engine: nftables
+    targets:
+      - name: toCloudflare
+        protocol: tcp
+        port: 8082
+        upstream_group:
+          name: cloudflareServers
+          distribution: round-robin
+          upstreams:
+            - name: cloudflareServer1
+              host: 1.1.1.1
+              port: 80
+            - name: cloudflareServer2
+              host: 1.1.1.2
+              port: 80
+```
+
+And that's it! The most basic load balancing config file was created. For further references check [here](configuration.md).
diff --git a/docs/src/mkdocs.yml b/docs/src/mkdocs.yml
new file mode 100644
index 0000000..666a955
--- /dev/null
+++ b/docs/src/mkdocs.yml
@@ -0,0 +1,66 @@
+site_name: Lobby
+copyright: Copyright &copy; 2023 - Igor Borisoglebski
+repo_url: https://github.com/ipbuff/lobby
+theme:
+  name: material
+  language: en
+  favicon: assets/logo.png
+  logo: assets/logo.png
+  palette:
+    - media: "(prefers-color-scheme: light)"
+      scheme: default
+      primary: black
+      accent: blue
+      toggle:
+        icon: material/toggle-switch
+        name: Switch to dark mode
+    - media: "(prefers-color-scheme: dark)"
+      scheme: slate
+      primary: black
+      accent: blue
+      toggle:
+        icon: material/toggle-switch-off-outline
+        name: Switch to light mode
+  font: false
+  features:
+    - navigation.footer
+    - navigation.instant
+    - navigation.sections
+    - navigation.expand
+    - navigation.top
+    - toc.follow
+    - search.highlight
+    - content.code.copy
+nav:
+  - index.md
+  - features.md
+  - installation.md
+  - configuration.md
+  - tutorials.md
+  - support.md
+  - contacts.md
+  - about.md
+extra:
+  social:
+    - icon: fontawesome/brands/github 
+      link: https://github.com/ipbuff/lobby/
+      name: Lobby on Github
+extra_css:
+  - stylesheets/extra.css
+markdown_extensions:
+  - admonition
+  - pymdownx.details
+  - pymdownx.superfences
+  - pymdownx.highlight:
+      anchor_linenums: true
+      line_spans: __span
+      pygments_lang_class: true
+  - pymdownx.inlinehilite
+  - pymdownx.snippets
+  - attr_list
+  - md_in_html
+  - pymdownx.emoji:
+      emoji_index: !!python/name:material.extensions.emoji.twemoji
+      emoji_generator: !!python/name:material.extensions.emoji.to_svg
+plugins:
+  - awesome-pages
diff --git a/go.mod b/go.mod
new file mode 100644
index 0000000..54e38e9
--- /dev/null
+++ b/go.mod
@@ -0,0 +1,26 @@
+module git.borisoglebski.com/lobby
+
+go 1.20
+
+require (
+	github.com/google/nftables v0.1.0
+	github.com/mdlayher/netlink v1.7.2 // indirect
+	gopkg.in/yaml.v3 v3.0.1
+)
+
+require (
+	github.com/miekg/dns v1.1.57
+	golang.org/x/sys v0.15.0
+	kernel.org/pub/linux/libs/security/libcap/cap v1.2.69
+)
+
+require (
+	github.com/google/go-cmp v0.6.0 // indirect
+	github.com/josharian/native v1.1.0 // indirect
+	github.com/mdlayher/socket v0.5.0 // indirect
+	golang.org/x/mod v0.14.0 // indirect
+	golang.org/x/net v0.19.0 // indirect
+	golang.org/x/sync v0.5.0 // indirect
+	golang.org/x/tools v0.16.0 // indirect
+	kernel.org/pub/linux/libs/security/libcap/psx v1.2.69 // indirect
+)
diff --git a/go.sum b/go.sum
new file mode 100644
index 0000000..5b12ec9
--- /dev/null
+++ b/go.sum
@@ -0,0 +1,46 @@
+github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/nftables v0.1.0 h1:T6lS4qudrMufcNIZ8wSRrL+iuwhsKxpN+zFLxhUWOqk=
+github.com/google/nftables v0.1.0/go.mod h1:b97ulCCFipUC+kSin+zygkvUVpx0vyIAwxXFdY3PlNc=
+github.com/josharian/native v1.1.0 h1:uuaP0hAbW7Y4l0ZRQ6C9zfb7Mg1mbFKry/xzDAfmtLA=
+github.com/josharian/native v1.1.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
+github.com/mdlayher/netlink v1.7.2 h1:/UtM3ofJap7Vl4QWCPDGXY8d3GIY2UGSDbK+QWmY8/g=
+github.com/mdlayher/netlink v1.7.2/go.mod h1:xraEF7uJbxLhc5fpHL4cPe221LI2bdttWlU+ZGLfQSw=
+github.com/mdlayher/socket v0.5.0 h1:ilICZmJcQz70vrWVes1MFera4jGiWNocSkykwwoy3XI=
+github.com/mdlayher/socket v0.5.0/go.mod h1:WkcBFfvyG8QENs5+hfQPl1X6Jpd2yeLIYgrGFmJiJxI=
+github.com/miekg/dns v1.1.56 h1:5imZaSeoRNvpM9SzWNhEcP9QliKiz20/dA2QabIGVnE=
+github.com/miekg/dns v1.1.56/go.mod h1:cRm6Oo2C8TY9ZS/TqsSrseAcncm74lfK5G+ikN2SWWY=
+github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM=
+github.com/miekg/dns v1.1.57/go.mod h1:uqRjCRUuEAA6qsOiJvDd+CFo/vW+y5WR6SNmHE55hZk=
+github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc h1:R83G5ikgLMxrBvLh22JhdfI8K6YXEPHx5P03Uu3DRs4=
+golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY=
+golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
+golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c=
+golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U=
+golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ=
+golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
+golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE=
+golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
+golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc=
+golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg=
+golang.org/x/tools v0.16.0 h1:GO788SKMRunPIBCXiQyo2AaexLstOrVhuAL5YwsckQM=
+golang.org/x/tools v0.16.0/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+honnef.co/go/tools v0.2.2/go.mod h1:lPVVZ2BS5TfnjLyizF7o7hv7j9/L+8cZY2hLyjP9cGY=
+kernel.org/pub/linux/libs/security/libcap/cap v1.2.69 h1:N0m3tKYbkRMmDobh/47ngz+AWeV7PcfXMDi8xu3Vrag=
+kernel.org/pub/linux/libs/security/libcap/cap v1.2.69/go.mod h1:Tk5Ip2TuxaWGpccL7//rAsLRH6RQ/jfqTGxuN/+i/FQ=
+kernel.org/pub/linux/libs/security/libcap/psx v1.2.69 h1:IdrOs1ZgwGw5CI+BH6GgVVlOt+LAXoPyh7enr8lfaXs=
+kernel.org/pub/linux/libs/security/libcap/psx v1.2.69/go.mod h1:+l6Ee2F59XiJ2I6WR5ObpC1utCQJZ/VLsEbQCD8RG24=
diff --git a/lb.go b/lb.go
new file mode 100644
index 0000000..5bdfb11
--- /dev/null
+++ b/lb.go
@@ -0,0 +1,1207 @@
+package main
+
+import (
+	"errors"
+	"fmt"
+	"math/rand"
+	"net"
+	"os"
+	"strconv"
+	"strings"
+	"sync"
+	"time"
+
+	"gopkg.in/yaml.v3"
+)
+
+// Hardcoded settings
+var (
+	// Currently supported healtcheck protocol
+	supHcProto = map[hcProto]bool{
+		hcProtoTcp: true, // TCP
+	}
+)
+
+// Lobby doesn't implements the traffic load balancing. It orchestrates load balancer engines (lbe) for traffic load balancing
+// An lbe is the runtime load balancer which performs the traffic load balancing
+// More than one lbe can be operating simultaneously
+// Each lbe has to implement the functions defined by the 'lbEngine' interface
+// Which are required by Lobby for load balancing orchestration
+type lbEngine interface {
+	checkDependencies() error                       // checks if the lb engine dependencies are satisfied
+	checkPermissions() error                        // checks if the lb runtime permissions are sufficient for the load balancer engine to function successfully
+	getCapabilities() map[lbProto]map[distMode]bool // returns lb capabilities. key protocols, value distribution mode
+	start(*lb) error                                // starts lb
+	stop() error                                    // stops lb
+	reconfig(*lb) error                             // reconfigures lb
+	updateTarget(*target) error                     // updates given target
+	updateUpstream(*upstream, *[]net.IP) error      // updates given upstream
+}
+
+// Load balancer state
+type lbState struct {
+	m  sync.Mutex      // load balancer changes mutex
+	wg *sync.WaitGroup // wait group to keep track of load balancer go routines
+	t  bool            // request to terminate
+}
+
+// Load balancer
+type lb struct {
+	targets     []*target    // list of all load balancer targets
+	e           lbEngine     // load balancer engine
+	et          lbEngineType // load balancer engine type
+	upstreamIps *[]net.IP    // list of all upstream IP addresses
+	state       lbState      // load balancer state
+}
+
+// iota constants
+type (
+	distMode     byte  // distribution mode
+	lbEngineType uint8 // load balancer engine type
+	lbProto      uint8 // load balancer protocol
+)
+
+// distribution mode
+const (
+	distModeUnknown  distMode = iota // undefined
+	distModeRR                       // round robin
+	distModeWeighted                 // weighted
+)
+
+const (
+	lbEngineUnknown lbEngineType = iota // undefined
+	lbEngineTest                        // test engine
+	lbEngineNft                         // nftables
+)
+
+// Loadbalancer protocols
+const (
+	lbProtoUnknown lbProto = iota // undefined
+	lbProtoTcp                    // tcp
+	lbProtoUdp                    // udp
+	lbProtoSctp                   // sctp
+	lbProtoHttp                   // http
+)
+
+// Load Balancer errors
+var (
+	errCheckDep = errors.New(
+		"Dependencies check failed",
+	)
+	errCheckPerm = errors.New(
+		"Permissions check failed",
+	)
+	errConfFileOpen = errors.New(
+		"Failed to open config file. Check if the file exists or read permissions",
+	)
+	errConfFileUnmarshal = errors.New(
+		"Error when unmarshaling yaml config file",
+	)
+	errConfRepEngine = errors.New(
+		"Error in configuration. Found repeated engine type. All config of a given engine type must be included in a single mapping",
+	)
+	errConfRepTargetName = errors.New(
+		"Error in configuration. Found repeated target name. Every target name must be unique",
+	)
+	errConfRepUGName = errors.New(
+		"Error in configuration. Found repeated upstream group name. Every upstream group name must be unique",
+	)
+	errConfRepPortProto = errors.New(
+		"Error in configuration. Found repeated port/protocol. Each target must have a unique port/protocol pair",
+	)
+	errConfRepUName = errors.New(
+		"Error in configuration. Found repeated upstream name. Every upstream name must be unique",
+	)
+	errConfUHost = errors.New(
+		"Error in configuration. Found invalid host",
+	)
+	errConfDnsAddr = errors.New(
+		"Error in configuration. Found invalid DNS address. All configured DNS addresses must be valid",
+	)
+	errConfDistMode = errors.New(
+		"Error in configuration. Found unsupported distribution mode",
+	)
+	errConfTargetProto = errors.New(
+		"Error in configuration. Found unsupported target protocol",
+	)
+	errConfHcProtocol = errors.New(
+		"Error in configuration. Found unsupported upstream healthcheck protocol",
+	)
+	errConfProbePort = errors.New(
+		"Error in configuration. Found problematic health check probe port",
+	)
+	errConfProbeCI = errors.New(
+		"Error in configuration. Found problematic health check probe check interval",
+	)
+	errConfProbeSC = errors.New(
+		"Error in configuration. Found problematic health check success count definition",
+	)
+	errConfProbeTimeout = errors.New(
+		"Error in configuration. Found problematic health check timeout value",
+	)
+	errDistMode = errors.New(
+		"distribution mode not found",
+	)
+	errLbEngineType = errors.New(
+		"Error requesting unknown engine type",
+	)
+	errLbInit = errors.New(
+		"Error during Load Balancer setup",
+	)
+	errLbEngineStart = errors.New(
+		"Error during Load Balancer startup",
+	)
+	errLbEngineStop = errors.New(
+		"Error during Load Balancer shutdown",
+	)
+	errLbReconfig = errors.New(
+		"Error during Load Balancer reconfiguration",
+	)
+	errLbEngineReconfig = errors.New(
+		"Error during Load Balancer engine reconfiguration",
+	)
+	errLbCheckConf = errors.New(
+		"Error when checking Load Balancer configuration",
+	)
+	errLbConf = errors.New(
+		"Error when loading Load Balancer configuration",
+	)
+	errLbProto = errors.New(
+		"LB protocol not found",
+	)
+	errLbEngineUpstreamUpdate = errors.New(
+		"Error during upstream update",
+	)
+	errReplUpstreamIp = errors.New(
+		"Error occurred when replacing upstream IP's",
+	)
+)
+
+// getDistMode returns the distMode (distribution mode) from a string
+func getDistMode(dm string) (distMode, error) {
+	switch dm {
+	case "round-robin":
+		return distModeRR, nil
+	case "weighted":
+		return distModeWeighted, nil
+	}
+	return distModeUnknown, fmt.Errorf("'%s' '%w'", dm, errDistMode)
+}
+
+// returns the string value of the distMode (distribution mode)
+func (dm distMode) String() string {
+	switch dm {
+	case distModeRR:
+		return "round-robin"
+	case distModeWeighted:
+		return "weighted"
+	}
+	return "unknown"
+}
+
+// getLbEngineType returns the lbEngineType (load balancer engine type) from a string
+func getLbEngineType(lbet string) (lbEngineType, error) {
+	switch lbet {
+	case "testEngine":
+		return lbEngineTest, nil
+	case "nftables":
+		return lbEngineNft, nil
+	}
+	return lbEngineUnknown, errLbEngineType
+}
+
+// newLbEngine returns an initialized lb engine for the requested lbEngineType
+func newLbEngine(lbet lbEngineType) (lbEngine, error) {
+	switch lbet {
+	case lbEngineTest: // test LB
+		return &testLb{}, nil
+	case lbEngineNft: // nftables
+		return &nft{}, nil
+	}
+	return nil, errLbEngineType
+}
+
+// returns the string value of the lbEngineType (load balancer engine type)
+func (lbet lbEngineType) String() string {
+	switch lbet {
+	case lbEngineTest:
+		return "testEngine"
+	case lbEngineNft:
+		return "nftables"
+	}
+
+	return "unknown"
+}
+
+// getLbProtocol returns the getLbProtocol (load balancer protocol) from a string
+func getLbProtocol(lbp string) (lbProto, error) {
+	switch lbp {
+	case "tcp":
+		return lbProtoTcp, nil
+	case "udp":
+		return lbProtoUdp, nil
+	case "sctp":
+		return lbProtoSctp, nil
+	case "http":
+		return lbProtoHttp, nil
+	}
+
+	return lbProtoUnknown, fmt.Errorf("'%s' '%w'", lbp, errLbProto)
+}
+
+// returns the string value of the lbProto (load balancer protocol)
+func (lbp lbProto) String() string {
+	switch lbp {
+	case lbProtoTcp:
+		return "tcp"
+	case lbProtoUdp:
+		return "udp"
+	case lbProtoSctp:
+		return "sctp"
+	}
+	return "unknown"
+}
+
+// addUpstreamIps adds the provided IP address to the lb.upstreamIps slice
+// holding all load blancer upstream IP addresses
+func (l *lb) addUpstreamIps(nip net.IP) {
+	if nip == nil {
+		return
+	}
+
+	*l.upstreamIps = append(*l.upstreamIps, nip)
+
+	return
+}
+
+// replaceUpstreamIps replaces an IP in the lb.upstreamIps slice
+// 'oip' is the IP to be removed and 'nip' is the new IP to take its place
+// As this slice should have all IP's from all upstreams for the load balancer,
+// the IP to be removed is expected to exist
+// In case the 'oip' is not found the error errReplUpstreamIp is returned
+func (l *lb) replaceUpstreamIps(oip *net.IP, nip *net.IP) error {
+	uip := *l.upstreamIps
+	for i, ip := range uip {
+		if ip.Equal(*oip) {
+			uip[i] = *nip
+			return nil
+		}
+	}
+
+	return fmt.Errorf(
+		"%w: Failed to replace '%s' with '%s' in upstream IP's list. '%s' not found",
+		errReplUpstreamIp,
+		oip.String(),
+		nip.String(),
+		oip.String(),
+	)
+}
+
+// checkConfig checks the configuration file
+// It verifies that:
+//   - only supported engine types are configured
+//   - all engine types, target, upstream group and upstream names are unique
+//   - targets do not have conflicting port/protocol configuration
+//   - target protocols are supported by the engine
+//   - the configured distribution mode is supported as defined in global var supDM
+//   - the host format is valid
+//   - upstream healtcheck protocols are supported
+//   - DNS addresses are valid
+//
+// It returns a errLbCheckConf error if check fails
+func checkConfig(configYaml *ConfigYaml) error {
+	LogDVf("LB: configuration check")
+	var (
+		eNames  []string
+		tNames  []string
+		uNames  []string
+		ugNames []string
+	)
+
+	for i, lbc := range configYaml.LbConfig {
+		// Check load balancer engine
+		lbE, err := getLbEngineType(lbc.Engine)
+		if err != nil {
+			return fmt.Errorf("%w: %w", errLbCheckConf, err)
+		}
+		lben := lbE.String()
+
+		LogDVf("LB: checking '%s' load balancer engine uniqueness", lben)
+		if i == 0 {
+			// Initialize temporary var
+			eNames = append(eNames, lben)
+		} else {
+			for _, en := range eNames {
+				if en == lben {
+					LogDf("LB: found a repeated engine type: %s", lbc.Engine)
+					return fmt.Errorf("%w: %w: problematic engine in config: %s", errLbCheckConf, errConfRepEngine, lbc.Engine)
+				}
+			}
+		}
+
+		e, _ := newLbEngine(lbE)
+		ec := e.getCapabilities()
+
+		// Create a map with the port number as the key and slice of strings for the protocol value
+		portMap := make(map[uint16][]string)
+
+		for i, t := range lbc.TargetsConfig {
+			LogDVf("LB: target '%s' check", t.Name)
+			if i == 0 {
+				// Initialize temporary vars
+				tNames = append(tNames, t.Name)
+				portMap[t.Port] = append(portMap[t.Port], t.Protocol)
+				ugNames = append(ugNames, t.UpstreamGroup.Name)
+			} else {
+				// Check if target names are unique
+				for _, tn := range tNames {
+					if tn == t.Name {
+						LogDf("LB: found a repeated target name: %s", tn)
+						return fmt.Errorf("%w: %w: problematic target name in config: %s", errLbCheckConf, errConfRepTargetName, tn)
+					}
+				}
+				tNames = append(tNames, t.Name)
+
+				// Check if target protocol and port are unique
+				if protos, ok := portMap[t.Port]; ok {
+					LogDVf("Value: %v", protos)
+					for _, proto := range protos {
+						if proto == t.Protocol {
+							LogDf("Found a repeated target port/protocol configuration: %d/%s", t.Port, t.Protocol)
+							return fmt.Errorf("%w: %w: Problematic port/protocol: %d/%s", errLbCheckConf, errConfRepPortProto, t.Port, t.Protocol)
+						}
+					}
+				} else {
+					portMap[t.Port] = append(portMap[t.Port], t.Protocol)
+				}
+
+				// Check if upstreamGroup names are unique
+				for _, ugn := range ugNames {
+					if ugn == t.UpstreamGroup.Name {
+						LogDf("LB: found a repeated upstream group name in config: %s", ugn)
+						return fmt.Errorf("%w: %w: Problematic upstream group name: %s", errLbCheckConf, errConfRepUGName, ugn)
+					}
+				}
+				ugNames = append(ugNames, t.UpstreamGroup.Name)
+
+			}
+
+			// Check target protocol
+			tP, err := getLbProtocol(t.Protocol)
+			if err != nil {
+				return fmt.Errorf("%w: %w", errLbCheckConf, err)
+			}
+			if _, ok := ec[tP]; !ok {
+				var supP []string
+				for p := range ec {
+					supP = append(supP, fmt.Sprintf("'%s'", p.String()))
+				}
+				return fmt.Errorf(
+					"%w: %w: unsupported protocol '%s' for target '%s'. Chose one of the supported protocols: %s",
+					errLbCheckConf,
+					errConfTargetProto,
+					t.Protocol,
+					t.Name,
+					strings.Join(supP, ", "),
+				)
+			}
+
+			// Check if upstreamGroup distribution mode is supported
+			dMode, _ := getDistMode(t.UpstreamGroup.Distribution)
+			if _, ok := ec[tP][dMode]; !ok {
+				var supDms []string
+				for dm := range ec[tP] {
+					supDms = append(supDms, fmt.Sprintf("'%s'", dm.String()))
+				}
+				return fmt.Errorf(
+					"%w: %w: unsupported distribution mode: %s. Chose one of the supported modes: %s",
+					errLbCheckConf,
+					errConfDistMode,
+					t.UpstreamGroup.Distribution,
+					strings.Join(supDms, ", "),
+				)
+			}
+
+			// Check upstreams
+			for _, u := range t.UpstreamGroup.Upstreams {
+				LogDVf("LB: upstream '%s' check", u.Name)
+
+				// Check if upstream names are unique
+				if len(uNames) == 0 {
+					uNames = append(uNames, u.Name)
+				} else {
+					for _, un := range uNames {
+						if un == u.Name {
+							LogDf("Found a repeated upstream name: %s", un)
+							return fmt.Errorf("%w: %w: Problematic upstream name: %s", errLbCheckConf, errConfRepUName, un)
+						}
+					}
+					uNames = append(uNames, u.Name)
+				}
+
+				// Check upstream host
+				uh, _ := getHostType(u.Host)
+				if uh == hostTypeUnknown {
+					return fmt.Errorf(
+						"%w: %w: host '%s' for upstream '%s' is invalid. Set a valid host in the FQDN, IPv4 or IPv6 format",
+						errLbCheckConf,
+						errConfUHost,
+						u.Host,
+						u.Name,
+					)
+				}
+
+				// Check upstream healthcheck:
+				// - protocol
+				// - port
+				// - check_interval
+				// - success_count
+				// - timeout
+				if u.HealthCheck != (HealthCheckConfig{}) {
+					hcP, _ := getHcProto(u.HealthCheck.Protocol)
+					if _, ok := supHcProto[hcP]; !ok {
+						var supHcP []string
+						for p := range supHcProto {
+							supHcP = append(supHcP, fmt.Sprintf("'%s'", p.String()))
+						}
+						return fmt.Errorf(
+							"%w: %w: unsupported upstream healthcheck protocol '%s' for upstream '%s'. Chose one of the supported protocols: %s",
+							errLbCheckConf,
+							errConfHcProtocol,
+							u.HealthCheck.Protocol,
+							u.Name,
+							strings.Join(supHcP, ", "),
+						)
+					}
+
+					if u.HealthCheck.Port == 0 {
+						return fmt.Errorf("%w: %w: health check probe 'port' for upstream '%s' must be correctly defined",
+							errLbCheckConf,
+							errConfProbePort,
+							u.Name)
+					}
+
+					if u.HealthCheck.Probe.CheckInterval == 0 {
+						return fmt.Errorf("%w: %w: health check probe 'check_interval' for upstream '%s' must be defined",
+							errLbCheckConf,
+							errConfProbeCI,
+							u.Name)
+					}
+
+					if u.HealthCheck.Probe.Count == 0 {
+						return fmt.Errorf("%w: %w: health check probe 'success_count' for upstream '%s' must be defined",
+							errLbCheckConf,
+							errConfProbeSC,
+							u.Name)
+					}
+
+					if u.HealthCheck.Probe.Timeout == 0 {
+						return fmt.Errorf("%w: %w: health check probe 'timeout' for upstream '%s' must be defined",
+							errLbCheckConf,
+							errConfProbeTimeout,
+							u.Name)
+					}
+				}
+
+				// Check DNS addresses
+				for _, a := range u.Dns.Servers {
+					if net.ParseIP(a) == nil {
+						LogDf("Invalid DNS address: %s", a)
+						return fmt.Errorf(
+							"%w: %w: Problematic DNS address: %s",
+							errLbCheckConf,
+							errConfDnsAddr,
+							a,
+						)
+					}
+				}
+			}
+
+		}
+	}
+
+	return nil
+}
+
+// getConfig parses the load balancer engine configuration
+// It assumes that the config has been already checked for errors or mistakes
+// Returns an error in case of failure
+func (l *lb) getConfig(lbc *LbConfig) error {
+	if et, err := getLbEngineType(lbc.Engine); err != nil {
+		return fmt.Errorf("%w: %w", errLbConf, err)
+	} else {
+		l.et = et
+	}
+
+	// For each target
+	for _, t := range lbc.TargetsConfig {
+		// Distribution mode config
+		dMode, err := getDistMode(t.UpstreamGroup.Distribution)
+		if err != nil {
+			return fmt.Errorf("%w: %w", errLbConf, err)
+		}
+
+		// Initalize Upstream Group
+		ug := upstreamGroup{
+			name:         t.UpstreamGroup.Name,
+			distMode:     dMode,
+			failoverMode: ugFoModeInactive,
+		}
+
+		// Target protocol config
+		lbp, _ := getLbProtocol(t.Protocol)
+
+		// For each upstream
+		for _, u := range t.UpstreamGroup.Upstreams {
+			var (
+				hcActive        bool
+				hcProto         hcProto
+				uStartAvailable bool
+			)
+
+			// Upstream health check
+			if u.HealthCheck != (HealthCheckConfig{}) {
+				hcActive = true
+				uStartAvailable = u.HealthCheck.StartAvailable
+				hcProto, _ = getHcProto(u.HealthCheck.Protocol)
+			} else {
+				// Health check inactive for this upstream
+				hcActive = false
+				uStartAvailable = true
+			}
+
+			// Upstream IP Address
+			var ipa net.IP
+			var lttl uint32
+			ht, _ := getHostType(u.Host)
+			switch ht {
+			case hostTypeFqdn:
+				var err error
+
+				// If host is a name, set it as a FQDN with trailing dot
+				if !strings.HasSuffix(u.Host, ".") {
+					u.Host = u.Host + "."
+				}
+
+				// Get A Record IP address for FQDN
+				// If it fails to resolve, set IP Address to nil and do not start available
+				// In case of failure, a new DNS query will be performed in the configured
+				// ttl or in the default ttl
+				ipa, lttl, err = resolveFqdn(u.Host, u.Dns.Servers, nil)
+				if err != nil {
+					LogWf(
+						"LB: failed to resolve IP for host '%s' for upstream '%s'",
+						u.Host,
+						u.Name,
+					)
+					if u.Dns.Ttl != 0 {
+						lttl = u.Dns.Ttl
+					} else {
+						lttl = lobbySettings.defaultDnsTtl
+					}
+					LogWf(
+						"LB: setting upstream '%s' as unavailable. New DNS query query will be performed in '%d' seconds",
+						u.Name,
+						lttl,
+					)
+					ipa = nil
+					uStartAvailable = false
+				}
+				LogDVf("LB: Initial FQDN upstream address '%s' and DNS TTL %ds", ipa.String(), lttl)
+			case hostTypeIPv4, hostTypeIPv6:
+				ipa = net.ParseIP(u.Host)
+			default:
+				LogWf("LB: failed to process host '%s' for upstream '%s'", u.Host, u.Name)
+				LogWf("LB: setting upstream '%s' as unavailable", u.Name)
+				ipa = nil
+				uStartAvailable = false
+			}
+			LogDf("LB: upstream '%s' address: '%s'", u.Name, ipa)
+
+			// Add upstream IP Address to load balancer list of IP addresses
+			l.addUpstreamIps(ipa)
+
+			// Upstream initialization
+			newUpstream := upstream{
+				name:     u.Name,
+				protocol: lbp,
+				host:     u.Host,
+				port:     u.Port,
+				dns: upstreamDns{
+					addresses: u.Dns.Servers,
+					confTtl:   u.Dns.Ttl,
+					ttl:       lttl,
+					chDcStop:  make(chan struct{}),
+				},
+				address:   ipa,
+				available: uStartAvailable,
+				healthCheck: healthCheck{
+					active:        hcActive,
+					protocol:      hcProto,
+					port:          u.HealthCheck.Port,
+					checkInterval: u.HealthCheck.Probe.CheckInterval,
+					timeout:       u.HealthCheck.Probe.Timeout,
+					countConfig:   u.HealthCheck.Probe.Count,
+					count:         0,
+					chHcStop:      make(chan struct{}),
+				},
+			}
+
+			// Add upstream to upstream group
+			ug.upstreams = append(ug.upstreams, &newUpstream)
+		}
+
+		// Target initialization
+		newTarget := target{
+			name:          t.Name,
+			protocol:      lbp,
+			ip:            t.Ip,
+			port:          t.Port,
+			upstreamGroup: &ug,
+		}
+
+		l.targets = append(l.targets, &newTarget)
+	}
+
+	return nil
+}
+
+// stopHcs stops the load balancer engine healthchecks
+// The stop is triggered when the healthcheck channel is closed
+func (l *lb) stopHcs() {
+	for _, t := range l.targets {
+		for _, u := range t.upstreamGroup.upstreams {
+			close(u.healthCheck.chHcStop)
+		}
+	}
+}
+
+// stopDcs stops the load balancer engine DNS checks
+// The stop is triggered when the DNS check channel is closed
+func (l *lb) stopDcs() {
+	for _, t := range l.targets {
+		for _, u := range t.upstreamGroup.upstreams {
+			close(u.dns.chDcStop)
+		}
+	}
+}
+
+// stopChecks requests the healthcheck and DNS checks to stop
+// It uses waitgroups to wait until all are stopped and only then it returns
+func (l *lb) stopChecks() {
+	LogIf("LB: stopping health checks for '%s'", l.et.String())
+	l.stopHcs()
+	LogIf("LB: stopping dns checks")
+	l.stopDcs()
+	l.state.wg.Wait()
+	LogDf("LB: health checks and dns checks stopped")
+}
+
+// startChecks initializes the DNS checks and health checks for all upstreams
+func (l *lb) startChecks() {
+	LogIf("LB: starting checks for '%s'", l.et.String())
+
+	// For each target
+	for _, t := range l.targets {
+		// For each upstream: initalize dns and health checks
+		for _, u := range t.upstreamGroup.upstreams {
+			LogDVf("LB: initializing DNS checks for target '%s'", t.name)
+			ht, _ := getHostType(u.host)
+			if ht == hostTypeFqdn {
+				u.dns.chDcStop = make(chan struct{})
+				l.initDnsCheck(u)
+			}
+			LogDVf("LB: initializing health checks for target '%s'", t.name)
+			if u.healthCheck.active {
+				l.initHealthCheck(u, t)
+			}
+		}
+	}
+}
+
+// stop is used to stop the load balancer engine
+// It stops all load balancers checks and then
+// requests the load balancer engine to stop
+func (l *lb) stop() error {
+	LogIf("LB: stop Load Balancer requested")
+	l.stopChecks()
+	if err := l.e.stop(); err != nil {
+		return fmt.Errorf("%w: %w", errLbEngineStop, err)
+	}
+	LogIf("LB: load balancer successfully stopped")
+	return nil
+}
+
+// start function starts the load balancer engine
+// It initializes the engine, requests the engine to confirm permissions and dependencies
+// Then it starts load balancing and finally the DNS and health checks are initiated
+// All errors are treated as non recoverable functional impediment
+func (l *lb) start() error {
+	LogIf("LB: start Load Balancer requested")
+
+	// initialize load balancer engine
+	LogDf("LB: initializing load balancer engine '%s'", l.et.String())
+	if err := l.e.checkPermissions(); err != nil {
+		return fmt.Errorf("%w: %w: %w", errLbEngineStart, errCheckPerm, err)
+	}
+
+	if err := l.e.checkDependencies(); err != nil {
+		return fmt.Errorf("%w: %w: %w", errLbEngineStart, errCheckDep, err)
+	}
+
+	if err := l.e.start(l); err != nil {
+		return fmt.Errorf("%w: %w", errLbEngineStart, err)
+	}
+
+	l.startChecks()
+
+	LogIf("LB: the load balancer was successfully started")
+
+	return nil
+}
+
+// initHealthCheck initiates the healthcheck routines for the upstream
+func (l *lb) initHealthCheck(u *upstream, t *target) {
+	e := l.e
+	ln := l.et.String()
+
+	// Initialize the random number generator with a seed based on the current time
+	r := rand.New(rand.NewSource(time.Now().UnixNano()))
+
+	// Generate a random number between 1 and maxHcTimerInit (inclusive)
+	// Intn generates 0 which we don't want, hence 1 + r.Intn
+	initTicker := 1 + r.Intn(lobbySettings.maxHcTimerInit)
+
+	// Initialize ticker with a random duration to avoid all healthchecks starting at the same millisecond
+	LogDVf("LB HC (%s): upstream healthcheck timer initialized to %dms", u.name, initTicker)
+	u.healthCheck.ticker = time.NewTicker(time.Duration(initTicker) * time.Millisecond)
+
+	l.state.wg.Add(1)
+	go func() {
+		defer l.state.wg.Done()
+
+		for {
+			select {
+			case <-u.healthCheck.chHcStop:
+				LogIf("LB HC (%s): healthcheck stop requested", u.name)
+
+				// complete go routine
+				return
+			case <-u.healthCheck.ticker.C:
+				LogDVf("LB HC (%s): healthcheck timer trigger", u.name)
+
+				l.state.m.Lock() // This has been included to be able to pause the healthcheck for instance in case of reconfiguration
+				LogDVf("LB: '%s' load balancer engine changes are locked", ln)
+				// Check if the load balancer is in 'terminate' state
+				// if it is skip the healthcheck
+				if l.state.t {
+					l.state.m.Unlock()
+					LogDVf("LB: '%s' load balancer engine changes are unlocked", ln)
+					continue
+				}
+				LogDVf("LB: '%s' load balancer engine changes are unlocked", ln)
+				l.state.m.Unlock()
+
+				var addr string
+				if u.address != nil {
+					addr = u.address.String() + ":" + strconv.Itoa(int(u.healthCheck.port))
+				} else {
+					LogDVf("LB HC (%s): Host '%s' with unresolved address. Health check paused while host address is not available", u.name, u.host)
+				}
+
+				LogDVf(
+					"LB HC (%s): healthchecking upstream IP: '%s'; Port: '%d'; Protocol: '%s'; Timeout: '%d' seconds",
+					u.name,
+					u.address.String(),
+					u.healthCheck.port,
+					u.healthCheck.protocol.String(),
+					u.healthCheck.timeout,
+				)
+				c, err := net.DialTimeout(
+					u.healthCheck.protocol.String(),
+					addr,
+					time.Duration(u.healthCheck.timeout)*time.Second,
+				)
+				if err != nil {
+					LogIf(
+						"LB HC (%s): healthcheck for upstream failed. Retrying in %ds. Error: %v",
+						u.name,
+						u.healthCheck.checkInterval,
+						err,
+					)
+
+					// Reset health_check count to 0
+					u.healthCheck.count = 0
+
+					if u.available {
+						// If upstream was marked as available
+						u.available = false
+						LogIf(
+							"LB HC (%s): upstream became unavailable due to health_check failure",
+							u.name,
+						)
+						// update nftables
+						e.updateTarget(t)
+					}
+				} else {
+					// If health_check succeeds, close net.Conn
+					c.Close()
+
+					if !u.available {
+						// If upstream in not available state
+						// Increment health_check count
+						u.healthCheck.count++
+						LogIf("LB HC (%s): upstream is unavailable at '%s', but health_check succeeded. %d/%d tests succeeded", u.name, addr, u.healthCheck.count, u.healthCheck.countConfig)
+						if u.healthCheck.count >= u.healthCheck.countConfig {
+							u.available = true
+							LogIf("LB HC (%s): upstream became available at '%s'", u.name, addr)
+							// update nftables
+							e.updateTarget(t)
+						}
+					} else {
+						LogDVf("LB HC (%s): upstream continues available at %s", u.name, addr)
+					}
+				}
+				// Reset healthcheck timer
+				LogDVf(
+					"LB HC (%s): healthcheck recheck in %ds",
+					u.name,
+					u.healthCheck.checkInterval,
+				)
+				u.healthCheck.ticker.Reset(time.Duration(u.healthCheck.checkInterval) * time.Second)
+			}
+		}
+	}()
+}
+
+// initDnsCheck initiates the DNS check routines for the upstream
+func (l *lb) initDnsCheck(u *upstream) {
+	ln := l.et.String()
+
+	if u.dns.confTtl != 0 {
+		LogDVf("LB DNS (%s): using upstream config DNS ttl %ds", u.name, u.dns.confTtl)
+		u.dns.ttl = u.dns.confTtl
+		u.dns.ticker = time.NewTicker(time.Duration(u.dns.ttl) * time.Second)
+	} else {
+		if u.dns.ttl == 0 {
+			u.dns.ttl = lobbySettings.defaultDnsTtl
+		}
+		LogDVf("LB DNS (%s): using DNS ttl %ds", u.name, u.dns.ttl)
+		u.dns.ticker = time.NewTicker(time.Duration(u.dns.ttl) * time.Second)
+	}
+
+	l.state.wg.Add(1)
+	go func() {
+		defer l.state.wg.Done()
+
+		for {
+			select {
+			case <-u.dns.chDcStop:
+				LogIf("LB DNS (%s): DNS check stop requested", u.name)
+				return
+			case <-u.dns.ticker.C:
+
+				// This has been included to be able to pause the healthcheck for instance in case of reconfiguration
+				l.state.m.Lock()
+				LogDVf("LB: '%s' load balancer engine changes are locked", ln)
+				// Check if the load balancer is in 'terminate' state
+				// if it is skip the healthcheck
+				if l.state.t {
+					l.state.m.Unlock()
+					LogDVf("LB: '%s' load balancer engine changes are unlocked", ln)
+					continue
+				}
+				LogDVf("LB: '%s' load balancer engine changes are unlocked", ln)
+				l.state.m.Unlock()
+
+				ua := u.address
+				rua, ttl, err := resolveFqdn(u.host, u.dns.addresses, nil)
+				if err != nil {
+					LogWf("LB DNS (%s): failed to resolve '%s'", u.name, u.host)
+					LogWf(
+						"LB DNS (%s): upstream address will be kept on the last known A Record: '%s'",
+						u.name,
+						ua.String(),
+					)
+					if u.dns.ttl == 0 {
+						u.dns.ttl = lobbySettings.defaultDnsTtl
+					}
+					LogWf("LB DNS (%s): new DNS query in '%d's", u.name, u.dns.ttl)
+					u.dns.ticker.Reset(time.Duration(u.dns.ttl) * time.Second)
+					continue
+				}
+				if !ua.Equal(rua) {
+					LogIf(
+						"LB DNS (%s): upstream IP address changed based on DNS query from '%s' to '%s'",
+						u.name,
+						ua,
+						rua,
+					)
+
+					// In case health check is not active for upstream,
+					// set the upstream as available. Upstreams without health checks
+					// are always considered to be available unless there were DNS
+					// issues during setup or reconfiguration
+					if !u.healthCheck.active {
+						u.available = true
+					}
+
+					// update load balancer upstream
+					if err = l.updateUpstream(u, &rua); err != nil {
+						LogWf(
+							"LB DNS (%s): upstream update request failed. This is not expected and the load balancer might be misconfigured as a result. Manual troubleshooting is likely required. Consider increasing load balancer verbosity to troubleshoot further",
+							u.name,
+						)
+						LogIf("LB DNS (%s): %v", u.name, err)
+					}
+				}
+				if u.dns.confTtl == 0 {
+					LogDVf(
+						"LB DNS (%s): DNS TTL was not configured to be overriden. Using DNS resolved TTL",
+						u.name,
+					)
+					if ttl != 0 {
+						u.dns.ttl = ttl
+					} else {
+						LogDVf(
+							"LB DNS (%s): Resolved DNS TTL was '0'. Using %d this time",
+							u.name,
+							lobbySettings.defaultDnsTtl,
+						)
+						u.dns.ttl = lobbySettings.defaultDnsTtl
+					}
+					u.dns.ticker.Reset(time.Duration(u.dns.ttl) * time.Second)
+					LogDf("LB DNS (%s): next DNS check to be performed in %d seconds", u.name, u.dns.ttl)
+				}
+			}
+		}
+	}()
+}
+
+// reconfig implements the load balancer reconfiguration procedure
+// After locking any other load balancer changes,
+// it initiates a new load balancer engine and
+// requests the previous load balancer engine reconfiguration
+// Then it starts the new load balancer DNS and health checks
+// Sets the previous load balancer state to 'terminate' and unlocks load balancer changes
+// Finally, it requests the previous load balancer DNS and health checks to be stopped
+// If the new load balancer engine initialization or
+// the reconfiguration returns an error, then the reconfig method doesn't proceeds and
+// it unlocks the previous load balancer changes and returns the errLbEngineReconfig error
+func (l *lb) reconfig(nl *lb) error {
+	ln := l.et.String()
+	LogIf("LB: '%s' load balancer engine reconfiguration", ln)
+
+	l.state.m.Lock()
+	LogDVf("LB: '%s' load balancer engine changes are locked", ln)
+
+	var err error
+
+	if nl.e, err = newLbEngine(nl.et); err != nil {
+		l.state.m.Unlock()
+		LogDVf("LB: '%s' load balancer engine changes are unlocked", ln)
+		return fmt.Errorf("%w: %w", errLbEngineReconfig, err)
+	}
+
+	if err = l.e.reconfig(nl); err != nil {
+		l.state.m.Unlock()
+		LogDVf("LB: '%s' load balancer engine changes are unlocked", ln)
+		return fmt.Errorf("%w: %w", errLbEngineReconfig, err)
+	}
+
+	nl.startChecks()
+
+	l.state.t = true
+	l.state.m.Unlock()
+	LogDVf("LB: '%s' load balancer engine state set to 'terminate' and changes are unlocked", ln)
+	l.stopChecks()
+
+	return nil
+}
+
+// updateUpstream performs the necessary tasks to refresh an upstream
+// given a new upstream IP address
+//   - replaces the upstream address with the new IP address
+//   - updates the load balancer list of all upstream IP addresses is updated
+//   - calls the LB engine upstream update with a list of unique upstream IP addresses for the load balancer
+func (l *lb) updateUpstream(u *upstream, nua *net.IP) error {
+	LogIf("LB: update upstream for '%s'", u.name)
+
+	ln := l.et.String()
+
+	// Lock load balancer mutex
+	l.state.m.Lock()
+	defer l.state.m.Unlock()
+	LogDVf("LB: '%s' load balancer engine changes are locked", ln)
+
+	oua := u.address
+	LogDf("LB: replacing upstream address from '%s' to '%s'", oua.String(), nua.String())
+	u.address = *nua
+
+	LogDf("LB: updating load balancer slice of all upstream IPs")
+	if oua != nil {
+		LogDVf("LB: replacing upstream IP '%s' with '%s'", oua.String(), nua.String())
+		if err := l.replaceUpstreamIps(&oua, nua); err != nil {
+			LogWf(
+				"Upstream DNS: replace upstream IP failed. This is odd and it could be a bug with impact on the Load Balancer functionality. Please report with full logs of load balancer running with VerboseDebug verbosity. %v",
+				err,
+			)
+			l.addUpstreamIps(*nua)
+		}
+	} else {
+		l.addUpstreamIps(*nua)
+	}
+
+	LogDf("LB: refreshing load balancer engine for upstream '%s'", u.name)
+	unipl := findUniqueNetIp(l.upstreamIps)
+	if err := l.e.updateUpstream(u, &unipl); err != nil {
+		LogDVf("LB: '%s' load balancer engine changes are unlocked", ln)
+		return fmt.Errorf("%w: %w", errLbEngineUpstreamUpdate, err)
+	}
+
+	LogDVf("LB: '%s' load balancer engine changes are unlocked", ln)
+	return nil
+}
+
+// lbInit creates and returns a set of load balancer engines
+// It reads the config file, checks for config errors
+// and loads the config for each load balancer engine
+// It returns a pointer to the new LB instances or an errLbNew error
+func lbInit() ([]*lb, error) {
+	ls := []*lb{}
+	LogIf("LB: config file path: %s", lobbySettings.configFilePath)
+
+	// Initialize Routing Config
+	configYaml := ConfigYaml{}
+
+	// Get Routing Config file to byte slice
+	configFile, err := os.ReadFile(lobbySettings.configFilePath)
+	if err != nil {
+		LogIf("LB: Failed to open local config file at '%s'. Will try at system location at '%s' next", lobbySettings.configFilePath, lobbySettings.systemConfigFilePath)
+		configFile, err = os.ReadFile(lobbySettings.systemConfigFilePath)
+		if err != nil {
+			return ls, fmt.Errorf("%w: %w: failed to open config file in '%s' and '%s'", errLbInit, errConfFileOpen, lobbySettings.configFilePath, lobbySettings.systemConfigFilePath)
+		}
+	}
+
+	// Unmarshal Routing Config YAML file
+	if err = yaml.Unmarshal(configFile, &configYaml); err != nil {
+		return ls, fmt.Errorf("%w: %w: %w", errLbInit, errConfFileUnmarshal, err)
+	}
+
+	// Check configuration
+	if err = checkConfig(&configYaml); err != nil {
+		return ls, fmt.Errorf("%w: %w", errLbInit, err)
+	}
+
+	for _, lbc := range configYaml.LbConfig {
+		l := &lb{}
+		l.upstreamIps = &[]net.IP{}
+		l.state.wg = &sync.WaitGroup{}
+
+		// Parse and load the configuration
+		if err := l.getConfig(&lbc); err != nil {
+			return ls, fmt.Errorf("%w: %w", errLbInit, err)
+		}
+
+		if l.e, err = newLbEngine(l.et); err != nil {
+			return ls, fmt.Errorf("%w: %w", errLbInit, err)
+		}
+
+		ls = append(ls, l)
+	}
+
+	return ls, nil
+}
+
+// lbsCompare compares two slices of load balancers based on their lbEngineType and returns:
+//   - a map with the load balancers that are on both slices (kept)
+//   - a slice with the load balancers that are on nlbs, but not on olbs (added)
+//   - a slice with the load balancers that are on olbs, but not on nlbs (removed)
+//
+// The map has the lbEngineType as key where the value is a slice of two load balancers [0] olbs and [1] nlbs
+func lbsCompare(olbs, nlbs []*lb) (*map[lbEngineType][]*lb, []*lb, []*lb) {
+	var added []*lb   // holds the lb with the respective lbEngineType found on nlbs, but not on olbs
+	var removed []*lb // holds the lb with the respective lbEngineType found on olbs, but not on nlbs
+
+	// map holding the lb with engine type found on nlbs and olbs
+	// the key is the lbEngineType and the value is a slice of lb
+	// [0] holds the respective olbs lb
+	// [1] holds the respective nlbs lb
+	kept := make(map[lbEngineType][]*lb)
+
+olbsLoop:
+	for _, o := range olbs { // loop through all olbs elements
+		for _, n := range nlbs { // for each olbs element, loop through all nlbs elements
+			if o.et == n.et { // if olbs element and nlbs element have the same lbEngineType
+				var k []*lb         // create a slice of load balancers to hold each lb
+				k = append(k, o, n) // add the olbs element and then add the nlbs element
+				kept[o.et] = k      // register the new lb slice to the 'kept' map
+				LogDVf("LB: load balancer '%s' added to the 'kept' map", o.et.String())
+				continue olbsLoop // as a match was found, continue to the next olbs and interrupt nlbs loop
+			}
+		}
+		// as this olbs element lbEngineType wasn't found on any nlbs element:
+		removed = append(removed, o)
+		LogDVf("LB: load balancer '%s' added to the 'removed' slice", o.et.String())
+	}
+
+	// now that we have completed the kept and removed ones, we need to check the ones that are on nlbs and not on olbs (added)
+	for _, n := range nlbs { // loop through all nlbs elements
+		if _, ok := kept[n.et]; !ok { // if the nlbs element lbEngineType is not present in kept, it means it is not found in olbs
+			added = append(added, n)
+			LogDVf("LB: load balancer '%s' added to the 'added' slice", n.et.String())
+		}
+	}
+
+	return &kept, added, removed
+}
+
+// lbReconfig is used to manage the reconfiguration of the load balancer engines
+// A new slice of load balancers will be initialized, where the config is checked and loaded
+// The previous and the new load balancer engine slices are compared to identify which
+// load balancer engines have been removed, added or kept
+// For the ones that have been kept, it is requested to the load balancer engine to reconfigure them
+// The added ones are started and the removed ones are stopped
+func lbReconfig(lbs *[]*lb) error {
+	LogIf("LB: reconfiguration of all load balancers has been requested")
+	LogDf("LB: requesting the initialization of the new load balancers engine set")
+	nlbs, err := lbInit()
+	if err != nil {
+		return fmt.Errorf("%w: %w", errLbReconfig, err)
+	}
+
+	// Identifying the load balancers that are on the old and new config,
+	// that are on the new config, but are not on the old and
+	// that are not on the new config, but are on the old
+	toKeep, toAdd, toRem := lbsCompare(*lbs, nlbs)
+
+	for _, l := range *toKeep { // for each lb engine that is on both old and new config
+		LogIf("LB: load balancer '%s' configuration will be refreshed", l[0].et.String())
+		if err := l[0].reconfig(l[1]); err != nil {
+			return fmt.Errorf("%w: %w", errLbReconfig, err)
+		}
+	}
+
+	if len(toAdd) > 0 {
+		for _, l := range toAdd { // for each lb engine that is on the new config, but not on the old
+			LogIf("LB: load balancer '%s' has been added to configuration and will be started", l.et.String())
+			if err := l.start(); err != nil {
+				return fmt.Errorf("%w: %w", errLbReconfig, err)
+			}
+		}
+	}
+
+	if len(toRem) > 0 {
+		for _, l := range toRem { // for each lb engine that is on the old config, but not on the new
+			LogIf("LB: load balancer '%s' no longer configured will be stopped", l.et.String())
+			if err := l.stop(); err != nil {
+				return fmt.Errorf("%w: %w", errLbReconfig, err)
+			}
+		}
+	}
+
+	*lbs = nlbs // update var holding load balancers replacing the old with the new one
+
+	return nil
+}
diff --git a/lb_norace_test.go b/lb_norace_test.go
new file mode 100644
index 0000000..57fd2c9
--- /dev/null
+++ b/lb_norace_test.go
@@ -0,0 +1,167 @@
+//go:build !race
+// +build !race
+
+package main
+
+import (
+	"fmt"
+	"net"
+	"os"
+	"testing"
+	"time"
+)
+
+// can't test with -race flag due to defaultDnsResolver change
+
+func TestLbChanges(t *testing.T) {
+	config := `lb: 
+  - engine: testEngine                          # load balancer engine. only 'nftables' supported for now
+    targets: 
+      - name: TestInitDnsCheck                  # target name
+        protocol: tcp                           # transport protocol. only tcp supported for now
+        port: 8082                              # target port
+        upstream_group:                         # upstream_group to be used for target
+          name: ug                              # upstream_group name
+          distribution: round-robin             # ug traffic distribution mode. only round-robin supported for now
+          upstreams:
+            - name: lt8082                      # upstream name
+              host: lobby-test.ipbuff.com       # upstream host. IP Address or domain name
+              port: 8082                        # upstream port
+              dns:                              # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                        # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1                     # cloudflare IPv4 DNS
+                  - 2606:4700::1111             # cloudflare IPv6 DNS
+                ttl: 1                          # custom ttl can be specified to overwrite the DNS response TTL
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 8082                      # health_check port
+                start_available: true           # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 1             # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+`
+
+	testConfigPath := "/tmp/lobby_test_conf.yaml"
+	lobbySettings.configFilePath = testConfigPath
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+
+	// mock dns resolvers
+	var mockResolverSucceed resolver = func(f string, dnsa []string) (net.IP, uint32, error) {
+		return net.ParseIP("1.1.1.1"), 600, nil
+	}
+	var mockResolverFail resolver = func(f string, dnsa []string) (net.IP, uint32, error) {
+		return net.ParseIP("1.1.1.1"), 600, fmt.Errorf("Some DNS error")
+	}
+
+	wt := 6
+
+	// start by testing dns check fail on boot
+	defaultDnsResolver = mockResolverFail
+
+	lbs, err := lbInit()
+	if err != nil {
+		t.Errorf("lbInit returned an unexpected error: '%v'", err)
+	}
+	for _, l := range lbs {
+		if err := l.start(); err != nil {
+			t.Errorf("lb start returned an unexpected error: '%v'", err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	t.Logf("waiting %ds for LB to boot", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	// test success
+	defaultDnsResolver = mockResolverSucceed
+	t.Logf("waiting %ds for DNS check and upstream update to complete", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+	defaultDnsResolver = miekgResolver
+	t.Logf("waiting %ds for DNS check and upstream update to complete", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+	// test failure
+	defaultDnsResolver = mockResolverFail
+	t.Logf("waiting %ds for DNS check and upstream update to complete", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	defaultDnsResolver = miekgResolver
+	lbs[0].stop()
+}
+
+func Test0TTL(t *testing.T) {
+	config := `lb:
+  - engine: testEngine                          # load balancer engine. only 'nftables' supported for now
+    targets:
+      - name: TestInitDnsCheck                  # target name
+        protocol: tcp                           # transport protocol. only tcp supported for now
+        port: 8082                              # target port
+        upstream_group:                         # upstream_group to be used for target
+          name: ug                              # upstream_group name
+          distribution: round-robin             # ug traffic distribution mode. only round-robin supported for now
+          upstreams:
+            - name: lt8082                      # upstream name
+              host: lobby-test.ipbuff.com       # upstream host. IP Address or domain name
+              port: 8082                        # upstream port
+              dns:                              # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                        # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1                     # cloudflare IPv4 DNS
+                  - 2606:4700::1111             # cloudflare IPv6 DNS
+`
+
+	testConfigPath := "/tmp/lobby_test_conf.yaml"
+	lobbySettings.configFilePath = testConfigPath
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+
+	// mock dns resolvers
+	var mockResolverSucceed resolver = func(f string, dnsa []string) (net.IP, uint32, error) {
+		return net.ParseIP("1.1.1.1"), 1, nil
+	}
+	var mockResolver0TTL resolver = func(f string, dnsa []string) (net.IP, uint32, error) {
+		return net.ParseIP("1.1.1.1"), 0, nil
+	}
+
+	wt := 3
+
+	defaultDnsResolver = mockResolverSucceed
+
+	lbs, err := lbInit()
+	if err != nil {
+		t.Errorf("lbInit returned an unexpected error: '%v'", err)
+	}
+	for _, l := range lbs {
+		if err := l.start(); err != nil {
+			t.Errorf("lb start returned an unexpected error: '%v'", err)
+		}
+	}
+
+	t.Logf("waiting %ds for LB to boot", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	// test returned 0 TTL
+	defaultDnsResolver = mockResolver0TTL
+	t.Logf("waiting %ds for DNS check and upstream update to complete", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	lbs[0].stop()
+
+	// Now test with 0 TTL at start
+	defaultDnsResolver = mockResolver0TTL
+
+	lbs, err = lbInit()
+	if err != nil {
+		t.Errorf("lbInit returned an unexpected error: '%v'", err)
+	}
+	for _, l := range lbs {
+		if err := l.start(); err != nil {
+			t.Errorf("lb start returned an unexpected error: '%v'", err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	t.Logf("waiting %ds for LB to boot", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	lbs[0].stop()
+	defaultDnsResolver = miekgResolver
+}
diff --git a/lb_test.go b/lb_test.go
new file mode 100644
index 0000000..bef34cf
--- /dev/null
+++ b/lb_test.go
@@ -0,0 +1,1117 @@
+package main
+
+import (
+	"errors"
+	"net"
+	"os"
+	"reflect"
+	"strings"
+	"sync"
+	"testing"
+	"time"
+
+	"gopkg.in/yaml.v3"
+)
+
+var testConfigYaml = `lb: 
+  - engine: nftables                            # load balancer engine. only 'nftables' supported for now
+    targets: 
+      - name: target1                           # target name
+        protocol: tcp                           # transport protocol. only tcp supported for now
+        port: 8080                              # target port
+        upstream_group: 
+          name: ug0                             # upstream_group name
+          distribution: round-robin             # ug traffic distribution mode. only round-robin supported for now
+          upstreams:
+            - name: t1ug0u1                     # upstream name
+              host: 8.8.8.8                     # upstream host. IP Address or domain name
+              port: 8080                        # upstream port
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+            - name: t1ug0u2                     # upstream name
+              host: 8.8.8.8                     # upstream host. IP Address or domain name
+              port: 6443                        # upstream port
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 6443                      # health_check port
+                start_available: true           # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10            # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+            - name: t1ug0u3                     # upstream name
+              host: 8.8.8.8                     # upstream host. IP Address or domain name
+              port: 8081                        # upstream port
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 8081                      # health_check port
+                start_available: false          # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10            # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+      - name: target2                           # target name
+        protocol: tcp                           # transport protocol. only tcp supported for now
+        port: 8081                              # target port
+        upstream_group:                         # upstream_group to be used for target
+          name: ug1                             # upstream_group name
+          distribution: round-robin             # ug traffic distribution mode. only round-robin supported for now
+          upstreams:
+            - name: t2ug1u1                     # upstream name
+              host: 8.8.8.8                     # upstream host. IP Address or domain name
+              port: 8082                        # upstream port
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 8082                      # health_check port
+                start_available: true           # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10            # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+            - name: t2ug1u2                     # upstream name
+              host: lobby-test.ipbuff.com.fail  # upstream host. IP Address or domain name
+              port: 8081                        # upstream port
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 8081                      # health_check port
+                start_available: false          # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10            # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+      - name: target3                           # target name
+        protocol: tcp                           # transport protocol. only tcp supported for now
+        port: 8082                              # target port
+        upstream_group:                         # upstream_group to be used for target
+          name: ug2                             # upstream_group name
+          distribution: round-robin             # ug traffic distribution mode. only round-robin supported for now
+          upstreams:
+            - name: t3ug2u1                     # upstream name
+              host: lobby-test.ipbuff.com       # upstream host. IP Address or domain name
+              port: 8082                        # upstream port
+              dns:                              # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                        # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1                     # cloudflare IPv4 DNS
+                  - 2606:4700::1111             # cloudflare IPv6 DNS
+                ttl: 5                          # custom ttl can be specified to overwrite the DNS response TTL
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 8082                      # health_check port
+                start_available: true           # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10            # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+            - name: t3ug2u2                     # upstream name
+              host: lobby-test.ipbuff.com       # upstream host. IP Address or domain name
+              port: 8083                        # upstream port
+              dns:                              # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                        # dns address list. Queries will be done sequentially in case of failure
+                  - 8.8.8.8                     # google IPv4 DNS
+                  - 1.1.1.1                     # cloudflare IPv4 DNS
+                  - 2606:4700::1111             # cloudflare IPv6 DNS
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 8083                      # health_check port
+                start_available: false          # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 10            # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+`
+
+func TestGetDistMode(t *testing.T) {
+	testCases := []struct {
+		input  string
+		err    error
+		result distMode
+	}{
+		{input: "round-robin", err: nil, result: distModeRR},
+		{input: "weighted", err: nil, result: distModeWeighted},
+		{input: "blah", err: errDistMode, result: distModeUnknown},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.input, func(t *testing.T) {
+			dm, err := getDistMode(tc.input)
+			if !errors.Is(err, tc.err) {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.input, tc.err, err)
+			}
+			if dm != tc.result {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.input, tc.result, dm)
+			}
+		})
+	}
+}
+
+func TestDistModeString(t *testing.T) {
+	testCases := []struct {
+		input  distMode
+		result string
+	}{
+		{input: distModeRR, result: "round-robin"},
+		{input: distModeWeighted, result: "weighted"},
+		{input: distModeUnknown, result: "unknown"},
+		{input: 9, result: "unknown"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.result, func(t *testing.T) {
+			r := tc.input.String()
+			if r != tc.result {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.result, tc.result, r)
+			}
+		})
+	}
+}
+
+func TestGetLbEngineType(t *testing.T) {
+	testCases := []struct {
+		input  string
+		err    error
+		result lbEngineType
+	}{
+		{input: "testEngine", err: nil, result: lbEngineTest},
+		{input: "nftables", err: nil, result: lbEngineNft},
+		{input: "blah", err: errLbEngineType, result: lbEngineUnknown},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.input, func(t *testing.T) {
+			r, err := getLbEngineType(tc.input)
+			if !errors.Is(err, tc.err) {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.input, tc.err, err)
+			}
+			if r != tc.result {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.input, tc.result, r)
+			}
+		})
+	}
+}
+
+func TestNewLbEngine(t *testing.T) {
+	testCases := []struct {
+		input  lbEngineType
+		err    error
+		result lbEngine
+	}{
+		{input: lbEngineNft, err: nil, result: &nft{}},
+		{input: lbEngineUnknown, err: errLbEngineType, result: nil},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.input.String(), func(t *testing.T) {
+			r, err := newLbEngine(tc.input)
+			if !errors.Is(err, tc.err) {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.input.String(), tc.err, err)
+			}
+			if reflect.TypeOf(r) != reflect.TypeOf(tc.result) {
+				t.Errorf(
+					"%s: expected '%v', but got '%v'",
+					tc.input.String(),
+					reflect.TypeOf(tc.result),
+					reflect.TypeOf(r),
+				)
+			}
+		})
+	}
+}
+
+func TestLbEngineTypeString(t *testing.T) {
+	testCases := []struct {
+		input  lbEngineType
+		result string
+	}{
+		{input: lbEngineNft, result: "nftables"},
+		{input: lbEngineUnknown, result: "unknown"},
+		{input: 9, result: "unknown"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.result, func(t *testing.T) {
+			r := tc.input.String()
+			if r != tc.result {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.result, tc.result, r)
+			}
+		})
+	}
+}
+
+func TestGetLbProtocol(t *testing.T) {
+	testCases := []struct {
+		input  string
+		err    error
+		result lbProto
+	}{
+		{input: "tcp", err: nil, result: lbProtoTcp},
+		{input: "udp", err: nil, result: lbProtoUdp},
+		{input: "sctp", err: nil, result: lbProtoSctp},
+		{input: "http", err: nil, result: lbProtoHttp},
+		{input: "blah", err: errLbProto, result: lbProtoUnknown},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.input, func(t *testing.T) {
+			r, err := getLbProtocol(tc.input)
+			if !errors.Is(err, tc.err) {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.input, tc.err, err)
+			}
+			if r != tc.result {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.input, tc.result, r)
+			}
+		})
+	}
+}
+
+func TestLbProtoString(t *testing.T) {
+	testCases := []struct {
+		input  lbProto
+		result string
+	}{
+		{input: lbProtoTcp, result: "tcp"},
+		{input: lbProtoUdp, result: "udp"},
+		{input: lbProtoSctp, result: "sctp"},
+		{input: 9, result: "unknown"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.result, func(t *testing.T) {
+			r := tc.input.String()
+			if r != tc.result {
+				t.Errorf("%s: expected '%v', but got '%v'", tc.result, tc.result, r)
+			}
+		})
+	}
+}
+
+func TestAddAndReplaceUpstreamIps(t *testing.T) {
+	ips := []string{"1.1.1.1", "2.2.2.2"}
+	netIps := &[]net.IP{}
+	l := &lb{}
+	l.upstreamIps = &[]net.IP{}
+
+	for _, i := range ips {
+		ip := net.ParseIP(i)
+		l.addUpstreamIps(ip)
+		*netIps = append(*netIps, ip)
+	}
+
+	if !reflect.DeepEqual(netIps, l.upstreamIps) {
+		t.Errorf("expected '%v', but got '%v'", netIps, l.upstreamIps)
+	}
+
+	l.addUpstreamIps(nil)
+
+	rip := net.ParseIP("3.3.3.3")
+	l.replaceUpstreamIps(&(*netIps)[0], &rip)
+	(*netIps)[0] = rip
+
+	if !reflect.DeepEqual(netIps, l.upstreamIps) {
+		t.Errorf("expected '%v', but got '%v'", netIps, l.upstreamIps)
+	}
+
+	uip := net.ParseIP("4.4.4.4")
+	err := l.replaceUpstreamIps(&uip, &rip)
+	if err == nil {
+		t.Errorf("expected error, but didn't get it")
+	} else {
+		if !errors.Is(err, errReplUpstreamIp) {
+			t.Errorf("expected '%v', but got '%v'", errReplUpstreamIp, err)
+		}
+	}
+}
+
+func TestCheckConfig(t *testing.T) {
+	config := testConfigYaml
+	configYaml := ConfigYaml{}
+
+	if err := yaml.Unmarshal([]byte(config), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+
+	// confirm checkConfig succeeds
+	if err := checkConfig(&configYaml); err != nil {
+		t.Error("checkConfig errored unexpectedly", err)
+	}
+
+	// confirm checkConfig fails on wrong engine configuration
+	expectedErr := errLbEngineType
+	configYaml.LbConfig[0].Engine = "blah"
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on repeated engine configuration
+	wrongConfigSlice := strings.Split(config, "\n")
+	wrongConfig := config + strings.Join(wrongConfigSlice[1:], "\n")
+	expectedErr = errConfRepEngine
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on repeated target name
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(wrongConfig, "target2", "target1")
+	expectedErr = errConfRepTargetName
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on repeated target protocol and port
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"port: 8081                              # target port",
+		"port: 8080                              # target port",
+	)
+	expectedErr = errConfRepPortProto
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on repeated upstreamGroup name
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"ug1",
+		"ug0",
+	)
+	expectedErr = errConfRepUGName
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on invalid target protocol
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"        protocol: tcp",
+		"        protocol: blah",
+	)
+	expectedErr = errLbProto
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on unsupported target protocol
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"        protocol: tcp",
+		"        protocol: http",
+	)
+	expectedErr = errConfTargetProto
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on invalid healtcheck protocol
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"                protocol: tcp                   # health-heck protocol. only tcp supported for now",
+		"                protocol: blah",
+	)
+	expectedErr = errConfHcProtocol
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on wrong distribution mode
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"          distribution: round-robin",
+		"          distribution: bleh",
+	)
+	expectedErr = errConfDistMode
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on repeated upstream name
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"t1ug0u2",
+		"t1ug0u1",
+	)
+	expectedErr = errConfRepUName
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on invalid upstream host
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"8.8.8.8",
+		"8.8.8.8.8",
+	)
+	expectedErr = errConfUHost
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+
+	// confirm checkConfig fails on invalid upstream dns address
+	wrongConfig = config
+	wrongConfig = strings.ReplaceAll(
+		wrongConfig,
+		"1.1.1.1",
+		"1.1.1.1.1",
+	)
+	expectedErr = errConfDnsAddr
+	if err := yaml.Unmarshal([]byte(wrongConfig), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+	if err := checkConfig(&configYaml); !(errors.Is(err, errLbCheckConf) &&
+		errors.Is(err, expectedErr)) {
+		t.Errorf(
+			"checkConfig should have errored with '%v: %v', but errored with '%v'",
+			errLbCheckConf,
+			expectedErr,
+			err,
+		)
+	}
+}
+
+func TestGetConfig(t *testing.T) {
+	config := testConfigYaml
+	configYaml := ConfigYaml{}
+
+	if err := yaml.Unmarshal([]byte(config), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+
+	// confirm checkConfig succeeds
+	if err := checkConfig(&configYaml); err != nil {
+		t.Error("checkConfig errored unexpectedly", err)
+	}
+
+	lbc := configYaml.LbConfig[0]
+
+	// confirm getConfig succeeds with resolved fqdn
+	l := &lb{}
+	l.upstreamIps = &[]net.IP{}
+	if err := l.getConfig(&lbc); err != nil {
+		t.Errorf("getConfig errored unexpectedly: '%v'", err)
+	}
+
+	// confirm getConfig succeeds with unresolved fqdn and dns ttl configured
+	bkpHost := lbc.TargetsConfig[2].UpstreamGroup.Upstreams[0].Host
+	lbc.TargetsConfig[2].UpstreamGroup.Upstreams[0].Host = "unresolved.dns"
+	l = &lb{}
+	l.upstreamIps = &[]net.IP{}
+	if err := l.getConfig(&lbc); err != nil {
+		t.Errorf("getConfig errored unexpectedly: '%v'", err)
+	}
+	lbc.TargetsConfig[2].UpstreamGroup.Upstreams[0].Host = bkpHost
+
+	// confirm getConfig succeeds with unresolved fqdn and dns ttl configured
+	bkpHost = lbc.TargetsConfig[2].UpstreamGroup.Upstreams[1].Host
+	lbc.TargetsConfig[2].UpstreamGroup.Upstreams[1].Host = "unresolved.dns"
+	l = &lb{}
+	l.upstreamIps = &[]net.IP{}
+	if err := l.getConfig(&lbc); err != nil {
+		t.Errorf("getConfig errored unexpectedly: '%v'", err)
+	}
+	lbc.TargetsConfig[2].UpstreamGroup.Upstreams[1].Host = bkpHost
+
+	// confirm getConfig succeeds with invalid host
+	lbc.TargetsConfig[2].UpstreamGroup.Upstreams[0].Host = "1.1.1.1.1"
+	l = &lb{}
+	l.upstreamIps = &[]net.IP{}
+	if err := l.getConfig(&lbc); err != nil {
+		t.Errorf("getConfig errored unexpectedly: '%v'", err)
+	}
+	lbc.TargetsConfig[2].UpstreamGroup.Upstreams[0].Host = "1.1.1.1.1"
+	lbc.TargetsConfig[2].UpstreamGroup.Upstreams[0].Host = bkpHost
+
+	// fail on engine type
+	bkpEngine := lbc.Engine
+	lbc.Engine = "blah"
+	l = &lb{}
+	l.upstreamIps = &[]net.IP{}
+	if err := l.getConfig(&lbc); err == nil {
+		t.Errorf("expected an error to occur, but got no error")
+	} else {
+		if !errors.Is(err, errLbEngineType) {
+			t.Errorf("expected error '%v', but got '%v'", errLbEngineType, err)
+		}
+	}
+	lbc.Engine = bkpEngine
+
+	// fail on distribution mode
+	bkpDM := lbc.TargetsConfig[0].UpstreamGroup.Distribution
+	lbc.TargetsConfig[0].UpstreamGroup.Distribution = "blah"
+	l = &lb{}
+	l.upstreamIps = &[]net.IP{}
+	if err := l.getConfig(&lbc); err == nil {
+		t.Errorf("expected an error to occur, but got no error")
+	} else {
+		if !errors.Is(err, errDistMode) {
+			t.Errorf("expected error '%v', but got '%v'", errDistMode, err)
+		}
+	}
+	lbc.TargetsConfig[0].UpstreamGroup.Distribution = bkpDM
+}
+
+func TestLbSCompare(t *testing.T) {
+	olb := &lb{
+		et: lbEngineNft,
+	}
+	nlb := &lb{
+		et: lbEngineUnknown,
+	}
+	olbs := []*lb{
+		olb,
+	}
+	nlbs := []*lb{
+		olb,
+		nlb,
+	}
+
+	expected := struct {
+		kept  *map[lbEngineType]*lb
+		niuew []*lb
+		old   []*lb
+	}{}
+
+	kept := make(map[lbEngineType]*lb)
+	kept[lbEngineNft] = olb
+	expected.kept = &kept
+
+	k, a, _ := lbsCompare(olbs, nlbs)
+
+	// check kept
+	kr := (*k)[lbEngineNft]
+	if kr[0].et != (*expected.kept)[lbEngineNft].et {
+		t.Errorf(
+			"outcome didn't match for the kept lbs. expected: '%v'\nbut got '%v'",
+			kr[0],
+			(*expected.kept)[lbEngineNft],
+		)
+	}
+
+	// check added
+	if a[0].et != nlb.et {
+		t.Errorf(
+			"outcome didn't match for the added lbs. expected: '%v'\nbut got '%v'",
+			nlb,
+			a[0],
+		)
+	}
+
+	_, _, r := lbsCompare(nlbs, olbs)
+
+	// check removed
+	if r[0].et != nlb.et {
+		t.Errorf(
+			"outcome didn't match for the removed lbs. expected: '%v'\nbut got '%v'",
+			nlb,
+			r[0],
+		)
+	}
+}
+
+func TestChecks(t *testing.T) {
+	config := testConfigYaml
+	configYaml := ConfigYaml{}
+
+	if err := yaml.Unmarshal([]byte(config), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+
+	// confirm checkConfig succeeds
+	if err := checkConfig(&configYaml); err != nil {
+		t.Error("checkConfig errored unexpectedly", err)
+	}
+
+	lbc := configYaml.LbConfig[0]
+
+	l := &lb{}
+	l.upstreamIps = &[]net.IP{}
+	l.state.wg = &sync.WaitGroup{}
+	if err := l.getConfig(&lbc); err != nil {
+		t.Errorf("getConfig errored unexpectedly: '%v'", err)
+	}
+
+	l.startChecks()
+	l.stopChecks()
+}
+
+func TestCheckStop(t *testing.T) {
+	config := testConfigYaml
+	configYaml := ConfigYaml{}
+
+	if err := yaml.Unmarshal([]byte(config), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+
+	// confirm checkConfig succeeds
+	if err := checkConfig(&configYaml); err != nil {
+		t.Error("checkConfig errored unexpectedly", err)
+	}
+
+	lbc := configYaml.LbConfig[0]
+
+	l := &lb{}
+	l.upstreamIps = &[]net.IP{}
+	l.state.wg = &sync.WaitGroup{}
+	if err := l.getConfig(&lbc); err != nil {
+		t.Errorf("getConfig errored unexpectedly: '%v'", err)
+	}
+
+	l.startChecks()
+	l.stopDcs()
+	l.stopHcs()
+	l.state.wg.Wait()
+}
+
+func TestInitDnsCheck(t *testing.T) {
+	t.Log("Testing Init DNS Check")
+	config := `lb: 
+  - engine: testEngine                          # load balancer engine. only 'nftables' supported for now
+    targets: 
+      - name: TestInitDnsCheck                  # target name
+        protocol: tcp                           # transport protocol. only tcp supported for now
+        port: 8082                              # target port
+        upstream_group:                         # upstream_group to be used for target
+          name: ug                              # upstream_group name
+          distribution: round-robin             # ug traffic distribution mode. only round-robin supported for now
+          upstreams:
+            - name: lt8082                      # upstream name
+              host: lobby-test.ipbuff.com       # upstream host. IP Address or domain name
+              port: 8082                        # upstream port
+              dns:                              # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                        # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1                     # cloudflare IPv4 DNS
+                  - 2606:4700::1111             # cloudflare IPv6 DNS
+                ttl: 1                          # custom ttl can be specified to overwrite the DNS response TTL
+`
+
+	configYaml := ConfigYaml{}
+
+	if err := yaml.Unmarshal([]byte(config), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+
+	// confirm checkConfig succeeds
+	if err := checkConfig(&configYaml); err != nil {
+		t.Error("checkConfig errored unexpectedly", err)
+	}
+
+	lbc := configYaml.LbConfig[0]
+
+	l := &lb{}
+	l.upstreamIps = &[]net.IP{}
+	l.state.wg = &sync.WaitGroup{}
+	if err := l.getConfig(&lbc); err != nil {
+		t.Errorf("getConfig errored unexpectedly: '%v'", err)
+	}
+
+	var err error
+	if l.e, err = newLbEngine(l.et); err != nil {
+		t.Error("%w: %w", errLbInit, err)
+	}
+
+	l.initDnsCheck(l.targets[0].upstreamGroup.upstreams[0])
+
+	wt := 2
+	t.Logf("waiting %ds for DNS check to complete", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	// test terminate state
+	l.state.m.Lock()
+	l.state.t = true
+	l.state.m.Unlock()
+	time.Sleep(time.Duration(wt) * time.Second)
+	l.stopChecks()
+}
+
+func TestInitHCheck(t *testing.T) {
+	t.Log("Testing Init Health Check")
+	config := `lb: 
+  - engine: testEngine                          # load balancer engine. only 'nftables' supported for now
+    targets: 
+      - name: TestInitHealthCheck               # target name
+        protocol: tcp                           # transport protocol. only tcp supported for now
+        port: 8082                              # target port
+        upstream_group:                         # upstream_group to be used for target
+          name: ug                              # upstream_group name
+          distribution: round-robin             # ug traffic distribution mode. only round-robin supported for now
+          upstreams:
+            - name: lt8082                      # upstream name
+              host: lobby-test.ipbuff.com       # upstream host. IP Address or domain name
+              port: 8082                        # upstream port
+              dns:                              # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                        # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1                     # cloudflare IPv4 DNS
+                  - 2606:4700::1111             # cloudflare IPv6 DNS
+                ttl: 1                          # custom ttl can be specified to overwrite the DNS response TTL
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 8082                      # health_check port
+                start_available: true           # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 1             # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+`
+
+	configYaml := ConfigYaml{}
+
+	if err := yaml.Unmarshal([]byte(config), &configYaml); err != nil {
+		t.Error("errored on config yaml parsing", err)
+	}
+
+	// confirm checkConfig succeeds
+	if err := checkConfig(&configYaml); err != nil {
+		t.Error("checkConfig errored unexpectedly", err)
+	}
+
+	lbc := configYaml.LbConfig[0]
+
+	l := &lb{}
+	l.upstreamIps = &[]net.IP{}
+	l.state.wg = &sync.WaitGroup{}
+	if err := l.getConfig(&lbc); err != nil {
+		t.Errorf("getConfig errored unexpectedly: '%v'", err)
+	}
+
+	var err error
+	if l.e, err = newLbEngine(l.et); err != nil {
+		t.Error("%w: %w", errLbInit, err)
+	}
+
+	l.initHealthCheck(l.targets[0].upstreamGroup.upstreams[0], l.targets[0])
+
+	wt := 3
+	t.Logf("waiting %ds for Healthcheck to complete", wt)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	// test terminate state
+	l.state.m.Lock()
+	l.state.t = true
+	l.state.m.Unlock()
+	time.Sleep(time.Duration(wt) * time.Second)
+	l.stopChecks()
+}
+
+func TestLb(t *testing.T) {
+	config := `lb: 
+  - engine: testEngine                          # load balancer engine. only 'nftables' supported for now
+    targets: 
+      - name: TestInitDnsCheck                  # target name
+        protocol: tcp                           # transport protocol. only tcp supported for now
+        port: 8082                              # target port
+        upstream_group:                         # upstream_group to be used for target
+          name: ug                              # upstream_group name
+          distribution: round-robin             # ug traffic distribution mode. only round-robin supported for now
+          upstreams:
+            - name: lt8082                      # upstream name
+              host: lobby-test.ipbuff.com       # upstream host. IP Address or domain name
+              port: 8082                        # upstream port
+              dns:                              # include in case you want to use specific DNS to resolve the fqdn host address. If host is IPv4 or IPv6 this setting will not have any effect. In case this mapping is not present the OS resolvers will be used
+                servers:                        # dns address list. Queries will be done sequentially in case of failure
+                  - 1.1.1.1                     # cloudflare IPv4 DNS
+                  - 2606:4700::1111             # cloudflare IPv6 DNS
+                ttl: 1                          # custom ttl can be specified to overwrite the DNS response TTL
+              health_check:                     # don't include the health_check mapping or leave it empty to disable health_check. upstreams will be considered always as active when health_checks are not enabled
+                protocol: tcp                   # health-heck protocol. only tcp supported for now
+                port: 8082                      # health_check port
+                start_available: true           # set 'true' if upstream should be considered as available at start. set 'false' otherwise
+                probe:
+                  check_interval: 1             # seconds. Max value: 65536
+                  timeout: 2                    # seconds. Max value: 256
+                  success_count: 3              # amount of successful health checks to become active
+`
+
+	// test LB init fail due to config file not found
+	failedTestConfigPath := "/tmp/lobby_test_nil"
+	testConfigPath := "/tmp/lobby_test_conf.yaml"
+
+	lobbySettings.configFilePath = failedTestConfigPath
+
+	_, err := lbInit()
+	if err == nil {
+		t.Errorf("lbInit should have errored due to wrong config file path")
+	} else {
+		if !errors.Is(err, errConfFileOpen) {
+			t.Errorf("expected error '%v', but got '%v'", errConfFileOpen, err)
+		}
+	}
+
+	lobbySettings.configFilePath = testConfigPath
+
+	// test LB init fail due to invalid yaml format
+	failedConfig := config
+	failedConfig = strings.Replace(failedConfig, "lb:", "lb", 1)
+	os.Remove(testConfigPath)
+	os.WriteFile(testConfigPath, []byte(failedConfig), 0400)
+
+	_, err = lbInit()
+	if err == nil {
+		confFile, _ := os.ReadFile(testConfigPath)
+		t.Log("failedConfigFile:\n", string(confFile))
+		t.Errorf("lbInit should have errored due to invalid yaml")
+	} else {
+		if !errors.Is(err, errConfFileUnmarshal) {
+			t.Errorf("expected error '%v', but got '%v'", errConfFileUnmarshal, err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test LB init fail due to unsupported engine
+	failedConfig = config
+	failedConfig = strings.Replace(failedConfig, "engine: testEngine", "engine: blah", 1)
+	os.WriteFile(testConfigPath, []byte(failedConfig), 0400)
+
+	_, err = lbInit()
+	if err == nil {
+		t.Errorf("lbInit should have errored due to wrong configuration")
+	} else {
+		if !errors.Is(err, errLbInit) {
+			t.Errorf("expected error '%v', but got '%v'", errLbInit, err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test LB init fail due to misconfigured probe: timeout
+	failedConfig = config
+	failedConfig = strings.Replace(failedConfig, "timeout: 2", "timeout: 0", 1)
+	os.WriteFile(testConfigPath, []byte(failedConfig), 0400)
+
+	_, err = lbInit()
+	if err == nil {
+		t.Errorf("lbInit should have errored due to wrong configuration")
+	} else {
+		if !errors.Is(err, errLbInit) {
+			t.Errorf("expected error '%v', but got '%v'", errLbInit, err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test LB init fail due to misconfigured probe: check_interval
+	failedConfig = config
+	failedConfig = strings.Replace(failedConfig, "check_interval: 1", "check_interval: 0", 1)
+	os.WriteFile(testConfigPath, []byte(failedConfig), 0400)
+
+	_, err = lbInit()
+	if err == nil {
+		t.Log("Config: \n", failedConfig)
+		t.Errorf("lbInit should have errored due to wrong configuration")
+	} else {
+		if !errors.Is(err, errLbInit) {
+			t.Errorf("expected error '%v', but got '%v'", errLbInit, err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test LB init fail due to misconfigured probe: success_count
+	failedConfig = config
+	failedConfig = strings.Replace(failedConfig, "success_count: 3", "success_count: 0", 1)
+	os.WriteFile(testConfigPath, []byte(failedConfig), 0400)
+
+	_, err = lbInit()
+	if err == nil {
+		t.Errorf("lbInit should have errored due to wrong configuration")
+	} else {
+		if !errors.Is(err, errLbInit) {
+			t.Errorf("expected error '%v', but got '%v'", errLbInit, err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test LB start fail scenarios
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+	lbs, err := lbInit()
+	if err != nil {
+		t.Errorf("lbInit returned an unexpected error: '%v'", err)
+	}
+	for _, l := range lbs {
+		e := l.e.(*testLb)
+
+		e.setResults(false, true, false)
+		if err := l.start(); err == nil {
+			t.Errorf("lb start should have errored due to failed permissions")
+		} else {
+			if !errors.Is(err, errCheckPerm) {
+				t.Errorf("expected error '%v', but got '%v'", errCheckPerm, err)
+			}
+		}
+
+		e.setResults(true, false, false)
+		if err := l.start(); err == nil {
+			t.Errorf("lb start should have errored due to failed dependencies")
+		} else {
+			if !errors.Is(err, errCheckDep) {
+				t.Errorf("expected error '%v', but got '%v'", errCheckDep, err)
+			}
+		}
+
+		e.setResults(false, false, true)
+		if err := l.start(); err == nil {
+			t.Errorf("lb start should have errored due to failed start")
+		} else {
+			if !errors.Is(err, errLbEngineStart) {
+				t.Errorf("expected error '%v', but got '%v'", errLbEngineStart, err)
+			}
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test successful LB start
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+	lbs, err = lbInit()
+	if err != nil {
+		t.Errorf("lbInit returned an unexpected error: '%v'", err)
+	}
+
+	for _, l := range lbs {
+		if err := l.start(); err != nil {
+			t.Errorf("lb start returned an unexpected error: '%v'", err)
+		}
+		if err := lbReconfig(&lbs); err != nil {
+			t.Errorf("lbReconfig returned an unexpected error: '%v'", err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test failed lb update due to invalid yaml
+	updatedConfig := strings.Replace(config, "host: lobby-test.ipbuff.com", "host lobby-test.ipbuff.comb", 1)
+	os.WriteFile(testConfigPath, []byte(updatedConfig), 0400)
+	if err := lbReconfig(&lbs); err == nil {
+		t.Errorf("lb start should have errored due to failed start")
+	} else {
+		if !errors.Is(err, errLbInit) {
+			t.Errorf("expected error '%v', but got '%v'", errLbInit, err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test failed lb update due to invalid engine
+	updatedConfig = strings.Replace(config, "engine: testEngine", "engine: blah", 1)
+	os.WriteFile(testConfigPath, []byte(updatedConfig), 0400)
+	if err := lbReconfig(&lbs); err == nil {
+		t.Errorf("lb start should have errored due to failed start")
+	} else {
+		if !errors.Is(err, errLbEngineType) {
+			t.Errorf("expected error '%v', but got '%v'", errLbEngineType, err)
+		}
+	}
+	os.Remove(testConfigPath)
+
+	// test update config by removing an lb engine
+	updatedConfig = `lb: 
+`
+	os.WriteFile(testConfigPath, []byte(updatedConfig), 0400)
+	if err := lbReconfig(&lbs); err != nil {
+		t.Errorf("lbInit returned an unexpected error: '%v'", err)
+	}
+	os.Remove(testConfigPath)
+
+	// test update config by adding an lb engine
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+	if err := lbReconfig(&lbs); err != nil {
+		t.Errorf("lbInit returned an unexpected error: '%v'", err)
+	}
+	os.Remove(testConfigPath)
+
+	lbs[0].stop()
+}
diff --git a/logging.go b/logging.go
new file mode 100644
index 0000000..bdabfe5
--- /dev/null
+++ b/logging.go
@@ -0,0 +1,88 @@
+package main
+
+import (
+	"log"
+	"strings"
+)
+
+type LogLevel byte
+
+const (
+	logUnknown LogLevel = iota
+	logVerboseDebug
+	logDebug
+	logInfo
+	logWarning
+	logCritical
+)
+
+// returns the string value of the LogLevel
+func (ll LogLevel) String() string {
+	switch ll {
+	case logVerboseDebug:
+		return "VerboseDebug"
+	case logDebug:
+		return "Debug"
+	case logInfo:
+		return "Info"
+	case logWarning:
+		return "Warning"
+	case logCritical:
+		return "Critical"
+	}
+	return "Unknown"
+}
+
+// return the LogLevel from string input
+func getLogLevel(s string) LogLevel {
+	switch strings.ToLower(s) {
+	case "verbosedebug":
+		return logVerboseDebug
+	case "debug":
+		return logDebug
+	case "info":
+		return logInfo
+	case "warning":
+		return logWarning
+	case "critical":
+		return logCritical
+	}
+	return logUnknown
+}
+
+type LogFunction func(string, ...interface{})
+
+// LogDVf prints Verbose Debug logs
+func LogDVf(format string, args ...interface{}) {
+	if lobbySettings.logLevel <= logVerboseDebug {
+		log.Printf("[DEBUG VERBOSE] "+format, args...)
+	}
+}
+
+// LogDf prints Debug logs
+func LogDf(format string, args ...interface{}) {
+	if lobbySettings.logLevel <= logDebug {
+		log.Printf("[DEBUG] "+format, args...)
+	}
+}
+
+// LogIf prints Info logs
+func LogIf(format string, args ...interface{}) {
+	if lobbySettings.logLevel <= logInfo {
+		log.Printf("[INFO] "+format, args...)
+	}
+}
+
+// LogWf prints Warning logs
+func LogWf(format string, args ...interface{}) {
+	if lobbySettings.logLevel <= logWarning {
+		log.Printf("[WARNING] "+format, args...)
+	}
+}
+
+// LogCf prints Critical logs
+func LogCf(format string, args ...interface{}) {
+	if lobbySettings.logLevel <= logCritical {
+		log.Printf("[CRITICAL] "+format, args...)
+	}
+}
diff --git a/logging_test.go b/logging_test.go
new file mode 100644
index 0000000..6f20b61
--- /dev/null
+++ b/logging_test.go
@@ -0,0 +1,194 @@
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"log"
+	"os"
+	"strings"
+	"testing"
+)
+
+var logLevels []LogLevel = []LogLevel{
+	logUnknown,
+	logVerboseDebug,
+	logDebug,
+	logInfo,
+	logWarning,
+	logCritical,
+}
+
+func TestLogDVf(t *testing.T) {
+	expectedPrint := map[LogLevel]bool{
+		logUnknown:      true,
+		logVerboseDebug: true,
+		logDebug:        false,
+		logInfo:         false,
+		logWarning:      false,
+		logCritical:     false,
+	}
+
+	expectedString := "[DEBUG VERBOSE] "
+
+	assertLogFuncs(t, expectedPrint, expectedString, LogDVf)
+
+	if err := assertLogString(logVerboseDebug); err != nil {
+		t.Errorf("%v", err)
+	}
+}
+
+func TestLogDf(t *testing.T) {
+	expectedPrint := map[LogLevel]bool{
+		logUnknown:      true,
+		logVerboseDebug: true,
+		logDebug:        true,
+		logInfo:         false,
+		logWarning:      false,
+		logCritical:     false,
+	}
+
+	expectedString := "[DEBUG] "
+
+	assertLogFuncs(t, expectedPrint, expectedString, LogDf)
+
+	if err := assertLogString(logDebug); err != nil {
+		t.Errorf("%v", err)
+	}
+}
+
+func TestLogIf(t *testing.T) {
+	expectedPrint := map[LogLevel]bool{
+		logUnknown:      true,
+		logVerboseDebug: true,
+		logDebug:        true,
+		logInfo:         true,
+		logWarning:      false,
+		logCritical:     false,
+	}
+
+	expectedString := "[INFO] "
+
+	assertLogFuncs(t, expectedPrint, expectedString, LogIf)
+
+	if err := assertLogString(logInfo); err != nil {
+		t.Errorf("%v", err)
+	}
+}
+
+func TestLogWf(t *testing.T) {
+	expectedPrint := map[LogLevel]bool{
+		logUnknown:      true,
+		logVerboseDebug: true,
+		logDebug:        true,
+		logInfo:         true,
+		logWarning:      true,
+		logCritical:     false,
+	}
+
+	expectedString := "[WARNING] "
+
+	assertLogFuncs(t, expectedPrint, expectedString, LogWf)
+
+	if err := assertLogString(logWarning); err != nil {
+		t.Errorf("%v", err)
+	}
+}
+
+func TestLogCf(t *testing.T) {
+	expectedPrint := map[LogLevel]bool{
+		logUnknown:      true,
+		logVerboseDebug: true,
+		logDebug:        true,
+		logInfo:         true,
+		logWarning:      true,
+		logCritical:     true,
+	}
+
+	expectedString := "[CRITICAL] "
+
+	assertLogFuncs(t, expectedPrint, expectedString, LogCf)
+
+	if err := assertLogString(logCritical); err != nil {
+		t.Errorf("%v", err)
+	}
+}
+
+func TestLogUnknown(t *testing.T) {
+	expectedPrint := map[LogLevel]bool{
+		logUnknown:      true,
+		logVerboseDebug: true,
+		logDebug:        false,
+		logInfo:         false,
+		logWarning:      false,
+		logCritical:     false,
+	}
+
+	expectedString := "[DEBUG VERBOSE] "
+
+	assertLogFuncs(t, expectedPrint, expectedString, LogDVf)
+
+	if err := assertLogString(logUnknown); err != nil {
+		t.Errorf("%v", err)
+	}
+}
+
+func assertLogFuncs(
+	t *testing.T,
+	expectedPrint map[LogLevel]bool,
+	expectedString string,
+	logFunc LogFunction,
+) {
+	testMsg := "Perfectly balanced"
+	memLog := bytes.Buffer{}
+	log.SetOutput(&memLog)
+
+	prevLogLevel := lobbySettings.logLevel
+	defer func() { lobbySettings.logLevel = prevLogLevel }()
+	defer log.SetOutput(os.Stderr) // os.Stderr is the default output
+
+	for _, l := range logLevels {
+		lobbySettings.logLevel = l
+		logFunc(testMsg)
+		printed := false
+		mll := memLog.Len()
+		if mll != 0 {
+			printed = true
+		}
+		shouldPrint, _ := expectedPrint[l]
+		if shouldPrint != printed {
+			t.Error("printed when it shouldn't")
+		} else if mll > 0 {
+			if !strings.HasSuffix(memLog.String(), testMsg+"\n") {
+				t.Log("log message:", memLog.String())
+				t.Error("log message wasn't found")
+			}
+			if !strings.Contains(memLog.String(), expectedString) {
+				t.Log("log message:", memLog.String())
+				t.Error("log level header not found")
+			}
+		}
+		memLog.Reset()
+	}
+}
+
+func assertLogString(l LogLevel) error {
+	logLevelString := map[LogLevel]string{
+		logVerboseDebug: "VerboseDebug",
+		logDebug:        "Debug",
+		logInfo:         "Info",
+		logWarning:      "Warning",
+		logCritical:     "Critical",
+		logUnknown:      "Unknown",
+	}
+
+	if logLevelString[l] != l.String() {
+		return fmt.Errorf("Log Level String didn't match. Expected: '%s', but got '%s'", logLevelString[l], l.String())
+	}
+
+	ll := getLogLevel(logLevelString[l])
+	if ll != l {
+		return fmt.Errorf("Log Level derivation from String didn't match. Expected: '%s', but got '%s'", logLevelString[l], ll.String())
+	}
+
+	return nil
+}
diff --git a/main.go b/main.go
new file mode 100644
index 0000000..b125b94
--- /dev/null
+++ b/main.go
@@ -0,0 +1,183 @@
+package main
+
+import (
+	"errors"
+	"flag"
+	"fmt"
+	"os"
+	"os/signal"
+	"syscall"
+)
+
+var version string
+var versionCheck bool
+
+// Hardcoded settings
+var lobbySettings = app{
+	// Application name
+	appName: "Lobby",
+	// Local config file path
+	configFilePath: "./lobby.conf",
+	// System config file path
+	systemConfigFilePath: "/etc/lobby/lobby.conf",
+	// Max healthcheck timer initial wait in milliseconds
+	maxHcTimerInit: 500,
+	// Seconds to wait for DNS recheck
+	defaultDnsTtl: 25,
+	// Number of signal interrupts after which the app just exits without waiting for the graceful shutdown to complete
+	sigIntCounterExit: 3,
+	// Default log level. Set to one of: Critical / Warning / Info / Debug / VerboseDebug
+	logLevel: logInfo,
+	// Support message
+	supportMsg: "In case you're in need of support make sure to check",
+	// Support channel to be printed on errors
+	supportChannel: "https://github.com/ipbuff/lobby",
+	// Exit message
+	outro: "Stopped load balancing traffic",
+}
+
+type app struct {
+	appName              string
+	configFilePath       string
+	systemConfigFilePath string
+	maxHcTimerInit       int
+	defaultDnsTtl        uint32
+	sigIntCounterExit    uint8
+	logLevel             LogLevel
+	supportMsg           string
+	supportChannel       string
+	outro                string
+}
+
+// Global var initializations
+var (
+	sigIntCounter uint8  = 0                   // Holds count of number of Interrupt signals received
+	sSig                 = make(chan struct{}) // Holds the system signal channel
+	dl            string                       // Holds the debug level string
+)
+
+// errUserPrint logs the received errors and provides any relevant additional information to the user
+// It can also be used to sanitize or normalize the error messages if required
+func errUserPrint(err error) {
+	LogCf("%v", err)
+
+	LogIf("%s %s", lobbySettings.supportMsg, lobbySettings.supportChannel)
+}
+
+// signalHandler deals with the received system signals
+// SIGHUP
+//   - load balancer reconfiguration
+//
+// SIGINT
+//   - load balancer exits gracefully
+//   - it has a signal counter to abort the graceful exit and forcefully quit
+//   - sigIntCounterExit defines the number of SIGINTs to abort graceful exit and forcefully quit
+//
+// SIGTERM
+//   - load balancer exits gracefully
+//   - has no signal counter
+func signalHandler(s os.Signal, sCh chan struct{}, lbs *[]*lb) {
+	LogCf("Received signal '%s'", fmt.Sprint(s))
+	switch s {
+	case syscall.SIGHUP:
+		LogCf("Reconfiguring")
+		if err := lbReconfig(lbs); err != nil {
+			LogWf("Reconfiguration failed")
+			if errors.Is(err, errLbInit) || errors.Is(err, errLbEngineReconfig) {
+				LogIf("Previous configuration was retained")
+			} else if errors.Is(err, errLbEngineStart) || errors.Is(err, errLbEngineStop) {
+				LogWf("Something went wrong with the reconfiguration. This could mean that the current load balancer runtime might be running with unexpected configuration")
+				LogIf("Consider rolling back to the previously well-known healthy config. If the issue persists, increase the logging verbosity for further troubleshooting")
+			}
+			LogIf("%v", err)
+		} else {
+			LogIf("Reconfigured successfully")
+		}
+	case syscall.SIGINT:
+		sigIntCounter++
+		if sigIntCounter > 1 && sigIntCounter < lobbySettings.sigIntCounterExit {
+			LogIf("SIGINT signal counter %d/%d", sigIntCounter, lobbySettings.sigIntCounterExit)
+		} else if sigIntCounter == lobbySettings.sigIntCounterExit {
+			LogCf("Graceful shutdown interrupted. SIGINT signal counter limit reached. Exiting")
+			os.Exit(130)
+		} else {
+			LogCf("Graceful shutdown initiated. To abort and forcefully quit, send more %d SIGINT's", lobbySettings.sigIntCounterExit)
+			sCh <- struct{}{}
+		}
+	case syscall.SIGTERM:
+		LogCf("Graceful shutdown initiated")
+		sCh <- struct{}{}
+	}
+}
+
+// Graceful shutdown procedure
+func shutdown(lbs []*lb) {
+	for _, l := range lbs {
+		// Stop load balancer
+		LogCf("Stopping load balancer engine '%s'", l.et.String())
+		l.stop()
+	}
+
+	LogIf("%s", lobbySettings.outro)
+}
+
+func init() {
+	flag.StringVar(&lobbySettings.configFilePath, "c", lobbySettings.configFilePath, "define the config file path with: '-c /path/to/config/file.yaml'\n")
+	flag.StringVar(&dl, "l", lobbySettings.logLevel.String(), "define the verbosity level with: '-l critical/warning/info/debug/verboseDebug'\n")
+	flag.BoolVar(&versionCheck, "v", false, "prints version and exits\n")
+}
+
+func main() {
+	flag.Parse()
+
+	if *&versionCheck {
+		fmt.Printf("%s %s\n", lobbySettings.appName, version)
+		os.Exit(0)
+	}
+
+	var lbs []*lb // Holds the load balancer engines
+
+	// Welcome message
+	LogIf("%s %s", lobbySettings.appName, version)
+
+	lobbySettings.logLevel = getLogLevel(dl)
+
+	LogDf("Initializing load balancer")
+	lbs, err := lbInit()
+	if err != nil {
+		errUserPrint(err)
+		LogCf("Load Balancer initialization failed. Exiting")
+		os.Exit(1)
+	}
+
+	LogDf("Initialization succeeded. Starting load balancer engines")
+	for _, l := range lbs {
+		if err = l.start(); err != nil {
+			errUserPrint(err)
+			LogCf("Load Balancer start-up failed. Exiting")
+			os.Exit(1)
+		}
+	}
+
+	LogIf("Traffic being load balanced")
+
+	// Create a channel which waits for a SIGHUP, SIGINT or SIGTERM system signals
+	osSigCh := make(chan os.Signal, 1)
+	signal.Notify(osSigCh, syscall.SIGHUP, syscall.SIGINT, syscall.SIGTERM)
+
+	// The system signal channel is dealt through a go routine
+	go func() {
+		for {
+			select {
+			case s := <-osSigCh:
+				signalHandler(s, sSig, &lbs)
+			}
+		}
+	}()
+
+	// Code continues from here when the shutdown procedure is initiated
+	<-sSig
+
+	// Initiate shutdown procedure
+	shutdown(lbs)
+}
diff --git a/main_norace_test.go b/main_norace_test.go
new file mode 100644
index 0000000..404edf4
--- /dev/null
+++ b/main_norace_test.go
@@ -0,0 +1,82 @@
+//go:build !race
+// +build !race
+
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"log"
+	"os"
+	"strings"
+	"syscall"
+	"testing"
+	"time"
+)
+
+func assertSignal(s os.Signal) error {
+	memLog := bytes.Buffer{}
+	log.SetOutput(&memLog)
+	defer log.SetOutput(os.Stderr) // os.Stderr is the default output
+
+	expectedPrint := lobbySettings.outro
+	wt := 2
+
+	var lbs []*lb
+	signalHandler(s, sSig, &lbs)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	if !strings.Contains(memLog.String(), expectedPrint) {
+		return fmt.Errorf("%s log level assertion failed", expectedPrint)
+	}
+
+	return nil
+}
+
+func TestSIGINT(t *testing.T) {
+	config := `lb:
+`
+	testConfigPath := "/tmp/lobby_test_conf.yaml"
+	lobbySettings.configFilePath = testConfigPath
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+
+	go main()
+
+	wt := 2
+	time.Sleep(time.Duration(wt) * time.Second)
+	os.Remove(testConfigPath)
+
+	if err := assertSignal(syscall.SIGINT); err != nil {
+		t.Errorf("Signal result assertion failed: %v", err)
+	}
+}
+
+func TestSIGTERM(t *testing.T) {
+	config := `lb:
+  - engine: testEngine
+    targets:
+      - name: testReconfig
+        protocol: tcp
+        port: 8082
+        upstream_group:
+          name: ug
+          distribution: round-robin
+          upstreams:
+            - name: testUpstream
+              host: 1.1.1.1
+              port: 80
+`
+	testConfigPath := "/tmp/lobby_test_conf.yaml"
+	lobbySettings.configFilePath = testConfigPath
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+
+	go main()
+
+	wt := 2
+	time.Sleep(time.Duration(wt) * time.Second)
+	os.Remove(testConfigPath)
+
+	if err := assertSignal(syscall.SIGTERM); err != nil {
+		t.Errorf("Signal result assertion failed: %v", err)
+	}
+}
diff --git a/main_test.go b/main_test.go
new file mode 100644
index 0000000..adb01b0
--- /dev/null
+++ b/main_test.go
@@ -0,0 +1,107 @@
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"log"
+	"os"
+	"strings"
+	"syscall"
+	"testing"
+	"time"
+)
+
+func assertErrUserPrint(expectedPrint map[LogLevel]string) error {
+	memLog := bytes.Buffer{}
+	log.SetOutput(&memLog)
+	defer log.SetOutput(os.Stderr) // os.Stderr is the default output
+
+	for l, p := range expectedPrint {
+		errUserPrint(fmt.Errorf(p))
+		if !strings.Contains(memLog.String(), p) {
+			return fmt.Errorf("%s log level assertion failed", l)
+		}
+	}
+
+	return nil
+}
+
+func TestErrUserPrint(t *testing.T) {
+	expectedPrint := map[LogLevel]string{
+		logCritical: "Testing err user print",
+		logInfo:     lobbySettings.supportMsg,
+	}
+
+	if err := assertErrUserPrint(expectedPrint); err != nil {
+		t.Errorf("errUserPrint test failed with failed assertion: %v", err)
+	}
+}
+
+func TestSIGHUP(t *testing.T) {
+	config := `lb:
+`
+	testConfigPath := "/tmp/lobby_test_conf.yaml"
+	lobbySettings.configFilePath = testConfigPath
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+
+	var err error
+	lbs, err := lbInit()
+	if err != nil {
+		t.Errorf("lbInit returned an unexpected error: '%v'", err)
+	}
+
+	wt := 2
+	time.Sleep(time.Duration(wt) * time.Second)
+	os.Remove(testConfigPath)
+
+	config = `lb:
+  - engine: testEngine
+    targets:
+      - name: testReconfig
+        protocol: tcp
+        port: 8082
+        upstream_group:
+          name: ug
+          distribution: round-robin
+          upstreams:
+            - name: testUpstream
+              host: 1.1.1.1
+              port: 80
+`
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+
+	signalHandler(syscall.SIGHUP, sSig, &lbs)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	if len(lbs) == 0 {
+		t.Errorf("SIGHUP reconfig failed")
+	}
+	os.Remove(testConfigPath)
+
+	config = `lb:
+  - engine: turbo
+    targets:
+      - name: testReconfig
+        protocol: tcp
+        port: 8082
+        upstream_group:
+          name: ug
+          distribution: round-robin
+          upstreams:
+            - name: testUpstream
+              host: 1.1.1.1
+              port: 80
+`
+	os.WriteFile(testConfigPath, []byte(config), 0400)
+
+	signalHandler(syscall.SIGHUP, sSig, &lbs)
+	time.Sleep(time.Duration(wt) * time.Second)
+
+	if lbs[0].et.String() != "testEngine" {
+		t.Errorf("Expected engine type was 'testEngine', but got %v", lbs[0].et.String())
+	}
+
+	os.Remove(testConfigPath)
+
+	lbs[0].stop()
+}
diff --git a/nftables.go b/nftables.go
new file mode 100644
index 0000000..70f8dc7
--- /dev/null
+++ b/nftables.go
@@ -0,0 +1,1049 @@
+package main
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"regexp"
+	"sync"
+	"time"
+
+	"github.com/google/nftables"
+	"github.com/google/nftables/binaryutil"
+	"github.com/google/nftables/expr"
+	"golang.org/x/sys/unix"
+	"kernel.org/pub/linux/libs/security/libcap/cap"
+)
+
+// Some hardcoded settings
+const (
+	antnSuffixTimeFormat     = "03040502012006"         // time format suffix to be used in the nft table name
+	lobbyNftTableNamePattern = `^%s-\d{%d}$`            // nft table name pattern
+	nftFamily                = nftables.TableFamilyINet // nft table family. INet means both IPv4 and IPv6
+	ugFoModeNftNameSuffix    = "-"                      // Suffix to be used on nftables for upstream groups chain name
+)
+
+var (
+	// nft table name to be used by nftables for the application
+	appNftTableName = lobbySettings.appName
+	// default 'postrouting' nftables chain priority
+	defaultPostrChainPrio = *nftables.ChainPriorityFilter
+	// default 'prerouting' nftables chain priority
+	defaultPrerChainPrio = *nftables.ChainPriorityNATDest
+	// regex string to match nft table name
+	lobbyNftTableNameRegex = fmt.Sprintf(
+		lobbyNftTableNamePattern,
+		regexp.QuoteMeta(lobbySettings.appName),
+		len(antnSuffixTimeFormat),
+	)
+	// supported lb engine protocols and distribution modes
+	nftSuppCapabilities = map[lbProto]map[distMode]bool{
+		lbProtoTcp: {
+			distModeRR: true,
+		},
+	}
+)
+
+// nftables struct
+type nft struct {
+	table          *nftables.Table        // nftables table
+	postrChain     *nftables.Chain        // nftables 'postrouting' chain
+	postrChainPrio nftables.ChainPriority // nftables 'postrouting' chain priority
+	prerChain      *nftables.Chain        // nftables 'prerouting' chain
+	prerChainPrio  nftables.ChainPriority // nftables 'prerouting' chain priority
+	m              sync.Mutex             // nftables changes mutex
+}
+
+// NFT errors
+var (
+	errNftPrep = errors.New(
+		"Error while preparing nftables",
+	)
+	errNftInit = errors.New(
+		"Error while initializing nftables",
+	)
+	errNftReconfig = errors.New(
+		"Error while reconfiguring nftables",
+	)
+	errNftAssert = errors.New(
+		"Error when asserting lb engine of type nft",
+	)
+	errNftNetlinkConn = errors.New(
+		"Failed to create a netlink connection. This error is not expected. Check that your system has the nf_tables Linux kernel subsystem available and troubleshoot further",
+	)
+	errNftFlush = errors.New(
+		"Error when requesting a nftables flush",
+	)
+	errNftListTables = errors.New(
+		"Error when listing nft tables",
+	)
+	errNftAddLbTable = errors.New(
+		"Error when creating load balancer nft table",
+	)
+	errNftAddMasquerade = errors.New(
+		"Error when adding masquerade in nftables",
+	)
+	errNftCleanMasquerade = errors.New(
+		"Error when cleaning masquerade rules in nftables",
+	)
+	errNftUpdateUpstreamChain = errors.New(
+		"Error when updating upstream chain",
+	)
+	errNftUpdateUpstream = errors.New(
+		"Error during nftables upstream update",
+	)
+	errNftStop = errors.New(
+		"Error during nftables stop process",
+	)
+	errNftPerm = errors.New(
+		"Error during nft lb engine permissions check",
+	)
+	errNftPermCap = errors.New(
+		"When running as unprivileged user, then the app process capability must have 'e' (Effective) and 'p' (Permitted) flags set for NET_ADMIN and NET_RAW capabilities. On most linux systems this can be set with `setcap 'cap_net_admin,cap_net_raw+ep' /path/to/lobby`.\nRestart the load balancer nft engine after fixing the permissions or re-run the load balancer as a privileged/root user",
+	)
+	errNftUpdateTarget = errors.New(
+		"Error updating target",
+	)
+)
+
+type nftFunc func(c *nftables.Conn) error // nft management functions declaration used for the pushNft wrapper function
+
+// pushNft is a wrapper function to manage system nftables
+// It locks the nft mutex to manage concurrency
+// Creates a netlink connection
+// Executes the passed nft management functions
+// And then nftables.Conn.Flush sends all buffered commands in a single batch
+func (n *nft) pushNft(fns ...nftFunc) error {
+	// Lock nft mutex
+	n.m.Lock()
+	defer n.m.Unlock()
+
+	// Netlink connection for querying and modifying nftables
+	c, err := nftables.New(nftables.AsLasting())
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftNetlinkConn, err)
+	}
+	defer c.CloseLasting()
+
+	// Call the provided functions with the nftables connection
+	for _, fn := range fns {
+		fn(c)
+	}
+
+	// Push changes to nftables
+	if err := c.Flush(); err != nil {
+		return fmt.Errorf("%w: %w", errNftFlush, err)
+	}
+
+	return nil
+}
+
+// prepareNftables prepares the nftables for the load balancer
+// It checks if there are nft tables which match the application nft tables name pattern
+// If it finds a match it means this could be some leftover from a previous instance
+// The leftovers can happen for instance upon some kind of crash or uncontrolled failure
+// The function clears any nft tables which match the application nft talbes name pattern
+// An errNftPrep error is returned in case of issues when connecting to the netlink,
+// listing nft tables or flushing the nft changes
+func (n *nft) prepareNftables() error {
+	// Get all nftables tables
+	prepNftFunc := func(c *nftables.Conn) error {
+		tables, err := c.ListTables()
+		if err != nil {
+			return fmt.Errorf("%w: %w: %w", errNftPrep, errNftListTables, err)
+		}
+
+		regex := regexp.MustCompile(lobbyNftTableNameRegex)
+
+		for _, t := range tables {
+			if regex.MatchString(t.Name) && t.Family == nftFamily {
+				LogDf(
+					"NFT: Found nft table '%s' with the table name matching the pattern (%s) lobby uses as nft table name. Deleting the existing table to not interfere",
+					t.Name,
+					lobbyNftTableNameRegex,
+				)
+				c.DelTable(t)
+			}
+		}
+		return nil
+	}
+	n.pushNft(prepNftFunc)
+
+	LogDf("NFT: nftables preparation completed")
+
+	return nil
+}
+
+// addLbTable adds a nftables table where the nftables load balancing will be setup
+func (n *nft) addLbTable() error {
+	// nft table used for load balancing
+	addLbTableFunc := func(c *nftables.Conn) error {
+		n.table = c.AddTable(&nftables.Table{
+			Family: nftFamily,
+			Name:   appNftTableName + "-" + time.Now().Format(antnSuffixTimeFormat),
+		})
+
+		return nil
+	}
+
+	err := n.pushNft(addLbTableFunc)
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftAddLbTable, err)
+	}
+
+	return nil
+}
+
+// start calls startOrReconfig as the same function can be used for either start or reconfig
+func (n *nft) start(l *lb) error {
+	return n.startOrReconfig(l, false)
+}
+
+// startOrReconfig is used to start or reconfig the nftables based on the load balancer current definition
+func (n *nft) startOrReconfig(l *lb, refresh bool) error {
+	if !refresh {
+		LogDf("NFT: nft initialization requested")
+		err := n.prepareNftables()
+		if err != nil {
+			return fmt.Errorf("%w: %w", errNftInit, err)
+		}
+		n.postrChainPrio = defaultPostrChainPrio
+		n.prerChainPrio = defaultPrerChainPrio
+	} else {
+		LogDf("NFT: nft reconfig requested")
+	}
+
+	err := n.addLbTable()
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftInit, err)
+	}
+	LogDf("NFT: added Load Balancer nftable '%s'", n.table.Name)
+
+	// If refresh is true it means we're reconfiguring
+	// The priority of the postrouting and prerouting chains will be changed
+	// This is done so that during the reconfiguration transition there is no overlap
+	// as two tables coexist momentarily
+	if refresh {
+		// When reconfiguring, we want to insert the new config in parallel with a different priority
+		// before clearing the previous config. This is so that at no point in time during the transition
+		// the nft is left without either the old or the new config
+		if n.postrChainPrio == defaultPostrChainPrio {
+			LogDVf(
+				"NFT: 'postrouting' chain prio was %d",
+				n.postrChainPrio,
+			)
+			// increment priority by one
+			n.postrChainPrio++
+			LogDVf(
+				"NFT: 'postrouting' chain prio now set to %d",
+				n.postrChainPrio,
+			)
+		} else {
+			LogDVf(
+				"NFT: 'postrouting'chain prio was %d",
+				n.postrChainPrio,
+			)
+			// reset priority
+			n.postrChainPrio = defaultPostrChainPrio
+			LogDVf(
+				"NFT: 'postrouting' chain prio now set to %d",
+				n.postrChainPrio,
+			)
+		}
+
+		if n.prerChainPrio == defaultPrerChainPrio {
+			LogDVf(
+				"NFT: 'prerouting' chain prio was %d",
+				n.prerChainPrio,
+			)
+			// increment priority by one
+			n.prerChainPrio++
+			LogDVf(
+				"NFT: 'prerouting' chain prio now set to %d",
+				n.prerChainPrio,
+			)
+		} else {
+			LogDVf(
+				"NFT: 'prerouting' chain prio was %d",
+				n.prerChainPrio,
+			)
+			n.prerChainPrio = defaultPrerChainPrio
+			LogDVf(
+				"NFT: 'prerouting' chain prio now set to %d",
+				n.prerChainPrio,
+			)
+		}
+	} else {
+		LogDf("NFT: nftables startup process")
+	}
+
+	setMasqueradeFunc := func(c *nftables.Conn) error {
+		// NAT postrouting is required to set masquerade (SNAT) toward targets
+		n.postrChain = c.AddChain(&nftables.Chain{
+			Name:     "postrouting",
+			Table:    n.table,
+			Type:     nftables.ChainTypeNAT,
+			Hooknum:  nftables.ChainHookPostrouting,
+			Priority: &n.postrChainPrio,
+		})
+
+		// Create masquerade nft rule for unique upstream IP addresses
+		uniqueUpstreamIps := findUniqueNetIp(l.upstreamIps)
+		for _, ip := range uniqueUpstreamIps {
+			c.AddRule(&nftables.Rule{
+				Table: n.table,
+				Chain: n.postrChain,
+				Exprs: []expr.Any{
+					&expr.Meta{
+						Key:      expr.MetaKeyNFPROTO,
+						Register: 1,
+					},
+					&expr.Cmp{
+						Op:       expr.CmpOpEq,
+						Register: 1,
+						Data:     []byte{unix.NFPROTO_IPV4},
+					},
+					&expr.Payload{
+						DestRegister: 1,
+						Base:         expr.PayloadBaseNetworkHeader,
+						Offset:       16,
+						Len:          4,
+					},
+					&expr.Cmp{
+						Op:       expr.CmpOpEq,
+						Register: 1,
+						Data:     ip.To4(),
+					},
+					&expr.Masq{},
+				},
+			})
+		}
+		return nil
+	}
+
+	// NAT prerouting chain is required to set load balancing rules
+	addPrerChainFunc := func(c *nftables.Conn) error {
+		n.prerChain = c.AddChain(&nftables.Chain{
+			Name:     "prerouting",
+			Table:    n.table,
+			Type:     nftables.ChainTypeNAT,
+			Hooknum:  nftables.ChainHookPrerouting,
+			Priority: &n.prerChainPrio,
+		})
+		return nil
+	}
+	if err = n.pushNft(setMasqueradeFunc, addPrerChainFunc); err != nil {
+		if err != nil {
+			return fmt.Errorf("%w: %w", errNftInit, err)
+		}
+	}
+
+	for _, t := range l.targets {
+		// Initialize blank nftUgSet, nftUgChain, nftUgChainRule, nftPrerRule
+		for i := 0; i < numUgFoModes; i++ {
+			t.upstreamGroup.nftUgSet = append(t.upstreamGroup.nftUgSet, &nftables.Set{})
+			t.upstreamGroup.nftUgChain = append(t.upstreamGroup.nftUgChain, &nftables.Chain{})
+			t.upstreamGroup.nftUgChainRule = append(
+				t.upstreamGroup.nftUgChainRule,
+				&nftables.Rule{},
+			)
+			t.nftPrerRule = append(t.nftPrerRule, &nftables.Rule{})
+		}
+
+		// Initialize upstreamGroup counter
+		t.upstreamGroup.nftCounter = &nftables.CounterObj{
+			Table:   n.table,
+			Name:    t.name,
+			Bytes:   0,
+			Packets: 0,
+		}
+
+		// Set nftables for target
+		if err = n.updateTarget(t); err != nil {
+			return fmt.Errorf("%w: %w", errNftInit, err)
+		}
+	}
+
+	return nil
+}
+
+// nftables load balancing is simply stopped by deleting the load balancer nftables table
+// where all the load balancing is setup
+func (n *nft) stop() error {
+	LogIf("NFT: a stop was requested. Initiating nftables cleanup")
+
+	LogDf("NFT: deleting nft table '%s' created for traffic load balancing", n.table.Name)
+	err := n.pushNft(func(c *nftables.Conn) error {
+		c.DelTable(n.table)
+		return nil
+	})
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftStop, err)
+	}
+
+	return nil
+}
+
+// getVmapElements returns a list of nftables.SetElement for a given target
+// a nftables.SetElement in this context is a nftables veredict to jump to a upstream chain
+func getVmapElements(t *target) *[]nftables.SetElement {
+	var vmapElements []nftables.SetElement
+	activeCount := 0
+
+	for _, u := range t.upstreamGroup.upstreams {
+		if u.available {
+			vmape := nftables.SetElement{
+				Key: binaryutil.NativeEndian.PutUint16(uint16(activeCount)),
+				VerdictData: &expr.Verdict{
+					Kind:  unix.NFT_JUMP,
+					Chain: u.name,
+				},
+			}
+
+			vmapElements = append(vmapElements, vmape)
+			activeCount++
+		}
+	}
+
+	return &vmapElements
+}
+
+// numActiveUpstreams returns the number of active upstreams
+func numActiveUpstreams(t *target) uint16 {
+	nActiveUpstreams := uint16(0)
+	for _, u := range t.upstreamGroup.upstreams {
+		if u.available {
+			nActiveUpstreams++
+		}
+	}
+
+	return nActiveUpstreams
+}
+
+// updateTarget updates the nftables for a given lb target
+func (n *nft) updateTarget(t *target) error {
+	LogIf(
+		"NFT: Setting nftables for target '%s' (protocol %s on port %d)",
+		t.name,
+		t.protocol.String(),
+		t.port,
+	)
+
+	// Lock nft mutex
+	n.m.Lock()
+	defer n.m.Unlock()
+
+	// Netlink connection for querying and modifying nftables
+	c, err := nftables.New(nftables.AsLasting())
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftUpdateTarget, errNftNetlinkConn)
+	}
+	defer c.CloseLasting()
+
+	// Get number of active upstreams
+	nActiveUpstreams := numActiveUpstreams(t)
+	// Number of configured upstreams
+	numUpstreams := uint16(len(t.upstreamGroup.upstreams))
+	if nActiveUpstreams == 0 {
+		LogIf("NFT: No upstreams available for target '%s'\n", t.name)
+		// Given there are no available upstreams, record previous failoverMode and
+		// set the failover mode to ugFoModeDown
+		t.upstreamGroup.previousFailoverMode = t.upstreamGroup.failoverMode
+		t.upstreamGroup.failoverMode = ugFoModeDown
+	} else if nActiveUpstreams == numUpstreams {
+		LogIf("NFT: All %d upstreams available for target '%s'\n", numUpstreams, t.name)
+		// Given all upstreams are up, record the revious failoverMode and
+		// set the failover mode to ugFoModeInactive
+		t.upstreamGroup.previousFailoverMode = t.upstreamGroup.failoverMode
+		t.upstreamGroup.failoverMode = ugFoModeInactive
+
+	} else {
+		LogIf("NFT: %d/%d upstreams available for target '%s'\n", nActiveUpstreams, numUpstreams, t.name)
+		// Given not all upstreams are available and there are no available upstreams,
+		// record previous failoverMode and set the failverMode to the next failoverMode
+		t.upstreamGroup.previousFailoverMode = t.upstreamGroup.failoverMode
+		t.upstreamGroup.failoverMode, _ = t.upstreamGroup.failoverMode.nextMode()
+	}
+
+	ugFM := t.upstreamGroup.failoverMode
+	ugName := t.upstreamGroup.name + ugFoModeNftNameSuffix + ugFM.getId()
+
+	// New failover chain
+	t.upstreamGroup.nftUgChain[ugFM] = c.AddChain(&nftables.Chain{
+		Name:  ugName,
+		Table: n.table,
+	})
+
+	// Ensure upstream chains exist
+	// Needed at nftables initalization
+	chains, _ := c.ListChains()
+	for _, u := range t.upstreamGroup.upstreams {
+		chainFound := false
+		for _, chain := range chains {
+			if chain.Name == u.name && chain.Table.Name == n.table.Name {
+				LogDVf("NFT: Found chain %s in table %s", chain.Name, chain.Table.Name)
+				chainFound = true
+				break
+			} else {
+				LogDVf("NFT: no match")
+				LogDVf("NFT: nft table name %s chain name %s", chain.Table.Name, chain.Name)
+				LogDVf("NFT: config table name %s chain name %s", n.table.Name, u.name)
+			}
+		}
+		if !chainFound {
+			LogDf("NFT: Setting up chain for upstream %s in table %s", u.name, n.table.Name)
+			LogDf("NFT: Upstream address is %s:%d", u.address.String(), u.port)
+			if u.address != nil {
+				c.AddRule(&nftables.Rule{
+					Table: n.table,
+					Chain: c.AddChain(&nftables.Chain{
+						Name:  u.name,
+						Table: n.table,
+					}),
+					Exprs: []expr.Any{
+						&expr.Immediate{
+							Register: 1,
+							Data:     u.address.To4(),
+						},
+						&expr.Immediate{
+							Register: 2,
+							Data:     binaryutil.BigEndian.PutUint16(u.port),
+						},
+						&expr.NAT{
+							Type:        expr.NATTypeDestNAT,
+							Family:      unix.NFPROTO_IPV4,
+							RegAddrMin:  1,
+							RegAddrMax:  0,
+							RegProtoMin: 2,
+							RegProtoMax: 0,
+						},
+					},
+				})
+			}
+		}
+	}
+
+	// New set with active upstreams
+	t.upstreamGroup.nftUgSet[ugFM] = &nftables.Set{
+		Name:     ugName,
+		Table:    n.table,
+		KeyType:  nftables.TypeInetService,
+		DataType: nftables.TypeVerdict,
+		IsMap:    true,
+	}
+	vmapElements := getVmapElements(t)
+	c.AddSet(t.upstreamGroup.nftUgSet[ugFM], *vmapElements)
+
+	// New failover chain rule
+	if nActiveUpstreams == 0 {
+		t.upstreamGroup.nftUgChainRule[ugFM] = c.AddRule(&nftables.Rule{
+			Table: n.table,
+			Chain: t.upstreamGroup.nftUgChain[ugFM],
+			Exprs: []expr.Any{
+				&expr.Reject{},
+			},
+		})
+	} else {
+		t.upstreamGroup.nftUgChainRule[ugFM] = c.AddRule(&nftables.Rule{
+			Table: n.table,
+			Chain: t.upstreamGroup.nftUgChain[ugFM],
+			Exprs: []expr.Any{
+				&expr.Numgen{
+					Register: 1,
+					Type:     unix.NFT_NG_INCREMENTAL,
+					Modulus:  uint32(len(*vmapElements)),
+					Offset:   0,
+				},
+				&expr.Lookup{
+					SourceRegister: 1,
+					DestRegister:   0,
+					SetName:        t.upstreamGroup.nftUgSet[ugFM].Name,
+					SetID:          t.upstreamGroup.nftUgSet[ugFM].ID,
+					IsDestRegSet:   true,
+				},
+			},
+		})
+	}
+
+	// Check if counter objects already exist
+	_, err = c.GetObject(t.upstreamGroup.nftCounter)
+	if err != nil {
+		c.AddObj(t.upstreamGroup.nftCounter)
+	}
+
+	// Check if prerouting chain is empty
+	// Check is needed at nftables initalization
+	if !t.nftRuleInit {
+		LogDf(
+			"NFT: prerouting chain needs to be initialized for target %s. Redirected to upstream group %s",
+			t.name,
+			ugName,
+		)
+		t.nftPrerRule[ugFM] = c.AddRule(&nftables.Rule{
+			Table: n.table,
+			Chain: n.prerChain,
+			Exprs: []expr.Any{
+				&expr.Meta{
+					Key:      expr.MetaKeyL4PROTO,
+					Register: 1,
+				},
+				&expr.Cmp{
+					Op:       expr.CmpOpEq,
+					Register: 1,
+					Data:     []byte{unix.IPPROTO_TCP},
+				},
+				&expr.Payload{
+					DestRegister: 1,
+					Base:         expr.PayloadBaseTransportHeader,
+					Offset:       2,
+					Len:          2,
+				},
+				&expr.Cmp{
+					Op:       expr.CmpOpEq,
+					Register: 1,
+					Data:     binaryutil.BigEndian.PutUint16(t.port),
+				},
+				&expr.Objref{
+					Type: 1,
+					Name: t.upstreamGroup.nftCounter.Name,
+				},
+				&expr.Verdict{
+					Kind:  expr.VerdictKind(unix.NFT_JUMP),
+					Chain: ugName,
+				},
+			},
+		})
+
+		t.nftRuleInit = true
+	} else {
+		// prerouting rule update to new chain
+		rules, _ := c.GetRules(n.table, n.prerChain)
+
+		for _, r := range rules {
+			if t.nftPrerRule[t.upstreamGroup.previousFailoverMode].Exprs[5].(*expr.Verdict).Chain == r.Exprs[5].(*expr.Verdict).Chain {
+				t.nftPrerRule[ugFM] = c.ReplaceRule(&nftables.Rule{
+					Table:  n.table,
+					Chain:  n.prerChain,
+					Handle: r.Handle,
+					Exprs: []expr.Any{
+						// [ meta load l4proto => reg 1 ]
+						&expr.Meta{
+							Key:      expr.MetaKeyL4PROTO,
+							Register: 1,
+						},
+						// [ cmp eq reg 1 0x00000006 ]
+						&expr.Cmp{
+							Op:       expr.CmpOpEq,
+							Register: 1,
+							Data:     []byte{unix.IPPROTO_TCP},
+						},
+						// [ payload load 2b @ transport header + 2 => reg 1 ]
+						&expr.Payload{
+							DestRegister: 1,
+							Base:         expr.PayloadBaseTransportHeader,
+							Offset:       2,
+							Len:          2,
+						},
+						// [ cmp eq reg 1 0x0000901f ]
+						&expr.Cmp{
+							Op:       expr.CmpOpEq,
+							Register: 1,
+							Data:     binaryutil.BigEndian.PutUint16(t.port),
+						},
+						// [ objref type 1 name counterName ]
+						&expr.Objref{
+							Type: 1,
+							Name: t.upstreamGroup.nftCounter.Name,
+						},
+						// [ immediate reg 0 jump -> chain ]
+						&expr.Verdict{
+							Kind:  expr.VerdictKind(unix.NFT_JUMP),
+							Chain: t.upstreamGroup.nftUgChain[ugFM].Name,
+						},
+					},
+				})
+			}
+		}
+	}
+
+	// Cleanup previous failover mode chain
+	// Loop through all chains is needed to prevent null pointers at nftables initialization
+	for _, chain := range chains {
+		if chain.Name == t.upstreamGroup.nftUgChain[t.upstreamGroup.previousFailoverMode].Name &&
+			chain.Table.Name == n.table.Name {
+			c.DelChain(t.upstreamGroup.nftUgChain[t.upstreamGroup.previousFailoverMode])
+		}
+	}
+
+	// Cleanup previous failover mode set
+	// Loop through all sets is needed to prevent null pointers at nftables initialization
+	sets, _ := c.GetSets(n.table)
+	for _, s := range sets {
+		if s.Name == t.upstreamGroup.nftUgSet[t.upstreamGroup.previousFailoverMode].Name &&
+			s.Table.Name == n.table.Name {
+			c.DelSet(t.upstreamGroup.nftUgSet[t.upstreamGroup.previousFailoverMode])
+		}
+	}
+
+	if err := c.Flush(); err != nil {
+		return fmt.Errorf("%w: %w", errNftUpdateTarget, errNftFlush)
+	}
+
+	return nil
+}
+
+// addMasquerade adds a masquerade rule on the nftables for a given IP address
+// it checks if a masquerade rule already exists for that IP and adds if not
+func (n *nft) addMasquerade(ip *net.IP) error {
+	LogDf("NFT: Add masquerade for '%s' requested", ip.String())
+
+	addMasqueradeFunc := func(c *nftables.Conn) error {
+		pr, err := c.GetRules(
+			n.table,
+			n.postrChain,
+		)
+		if err != nil {
+			LogWf(
+				"NFT: get rules nftables operation failed. This is not expected and the load balancer might be misconfigured as a result. Manual troubleshooting is likely required. Consider increasing load balancer verbosity to troubleshoot further",
+			)
+		}
+
+		// Check if it is necessary to add masquerade
+		needsAdding := true
+		for _, rule := range pr {
+			rip := net.IP(rule.Exprs[3].(*expr.Cmp).Data)
+			if rip.Equal(*ip) {
+				needsAdding = false
+				break
+			}
+		}
+
+		if needsAdding {
+			LogDVf("NFT: It is necessary to add masquerade")
+			// Add masquerade in 'postrouting' chain for upstream IP
+			c.AddRule(&nftables.Rule{
+				Table: n.table,
+				Chain: n.postrChain,
+				Exprs: []expr.Any{
+					&expr.Meta{
+						Key:      expr.MetaKeyNFPROTO,
+						Register: 1,
+					},
+					&expr.Cmp{
+						Op:       expr.CmpOpEq,
+						Register: 1,
+						Data:     []byte{unix.NFPROTO_IPV4},
+					},
+					&expr.Payload{
+						DestRegister: 1,
+						Base:         expr.PayloadBaseNetworkHeader,
+						Offset:       16,
+						Len:          4,
+					},
+					&expr.Cmp{
+						Op:       expr.CmpOpEq,
+						Register: 1,
+						Data:     ip.To4(),
+					},
+					&expr.Masq{},
+				},
+			})
+		} else {
+			LogDVf("NFT: It is not necessary to add masquerade as it already exists")
+		}
+		return nil
+	}
+
+	err := n.pushNft(addMasqueradeFunc)
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftAddMasquerade, err)
+	}
+
+	return nil
+}
+
+// cleanMasquerade deletes nftables masquerade rules
+// that are not found or that are duplicate for the given slice of net.IP
+func (n *nft) cleanMasquerade(lip *[]net.IP) error {
+	LogDf("NFT: masquerade rule clean up was requested")
+
+	cleanMasqueradeFunc := func(c *nftables.Conn) error {
+		// Get 'postrouting' chain rules
+		pr, err := c.GetRules(
+			n.table,
+			n.postrChain,
+		)
+		if err != nil {
+			LogWf(
+				"NFT: get rules nftables operation failed. This is not expected and the load balancer might be misconfigured as a result. Manual troubleshooting is likely required. Consider increasing load balancer verbosity to troubleshoot further",
+			)
+		}
+
+		// Delete unnecessary masquerade rules
+	rulesLoop:
+		for _, rule := range pr {
+			rip := net.IP(rule.Exprs[3].(*expr.Cmp).Data)
+			for _, ip := range *lip {
+				if rip.Equal(ip) {
+					continue rulesLoop
+				}
+			}
+			LogDVf("NFT: masquerade rule for '%s' is no longer necessary. Deleting", rip.String())
+			c.DelRule(rule)
+		}
+
+		// Delete duplicate masquerade rules
+		dnipl := findDuplicateNetIp(lip)
+		for _, dip := range dnipl {
+			for _, rule := range pr {
+				rip := net.IP(rule.Exprs[3].(*expr.Cmp).Data)
+				if dip.Equal(rip) {
+					LogDVf("NFT: removing duplicate masquerade entry for '%s'", rip.String())
+					c.DelRule(rule)
+				}
+			}
+		}
+		return nil
+	}
+
+	err := n.pushNft(cleanMasqueradeFunc)
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftCleanMasquerade, err)
+	}
+
+	return nil
+}
+
+// updateUpstreamChain updates the nftables upstream chain
+// It checks if the upstream chain rule already exists and adds if not
+// Otherwise, it replaces the existing rule
+// Upstream chains always have a single rule which is why
+// it is ok to [0] the chain rules
+func (n *nft) updateUpstreamChain(u *upstream) error {
+	LogDf("NFT: update for upstream '%s' chain requested", u.name)
+
+	updateUpstreamChainFunc := func(c *nftables.Conn) error {
+		// Get upstream chain rules
+		ucr, err := c.GetRules(
+			n.table,
+			&nftables.Chain{
+				Name: u.name,
+			},
+		)
+		if err != nil {
+			LogWf(
+				"NFT: get rules nftables operation failed. This is not expected and the load balancer might be misconfigured as a result. Manual troubleshooting is likely required. Consider increasing load balancer verbosity to troubleshoot further",
+			)
+		}
+
+		if len(ucr) != 0 {
+			LogDVf("NFT: upstream chain rule already exists. Replacing existing chain")
+			c.ReplaceRule(&nftables.Rule{
+				Table:  n.table,
+				Chain:  ucr[0].Chain,
+				Handle: ucr[0].Handle,
+				Exprs: []expr.Any{
+					&expr.Immediate{
+						Register: 1,
+						Data:     u.address.To4(),
+					},
+					&expr.Immediate{
+						Register: 2,
+						Data:     binaryutil.BigEndian.PutUint16(u.port),
+					},
+					&expr.NAT{
+						Type:        expr.NATTypeDestNAT,
+						Family:      unix.NFPROTO_IPV4,
+						RegAddrMin:  1,
+						RegAddrMax:  0,
+						RegProtoMin: 2,
+						RegProtoMax: 0,
+					},
+				},
+			})
+		} else {
+			LogDVf("NFT: upstream chain rule does not exists yet. Adding chain")
+			c.AddRule(&nftables.Rule{
+				Table: n.table,
+				Chain: c.AddChain(&nftables.Chain{
+					Name:  u.name,
+					Table: n.table,
+				}),
+				Exprs: []expr.Any{
+					&expr.Immediate{
+						Register: 1,
+						Data:     u.address.To4(),
+					},
+					&expr.Immediate{
+						Register: 2,
+						Data:     binaryutil.BigEndian.PutUint16(u.port),
+					},
+					&expr.NAT{
+						Type:        expr.NATTypeDestNAT,
+						Family:      unix.NFPROTO_IPV4,
+						RegAddrMin:  1,
+						RegAddrMax:  0,
+						RegProtoMin: 2,
+						RegProtoMax: 0,
+					},
+				},
+			})
+		}
+		return nil
+	}
+
+	err := n.pushNft(updateUpstreamChainFunc)
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftUpdateUpstreamChain, err)
+	}
+
+	return nil
+}
+
+// updateUpstream refreshes the upstream nftables rules
+// It first adds the masquerade rule for the upstream IP address
+// Then it updates the upstream nftables chain
+// Lastly, it performs a masquerade rules cleanup
+// The cleanup is required to be done only after the upstream chain update
+// to ensure that traffic is not disrupted by removing the masquerade before the new
+// upstream rules are configured
+func (n *nft) updateUpstream(u *upstream, auip *[]net.IP) error {
+	LogDf("NFT: update for upstream '%s' requested", u.name)
+
+	// All upstream IPs must have a masquerade rule in 'postrouting' chain
+	err := n.addMasquerade(&u.address)
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftUpdateUpstream, err)
+	}
+
+	// Update upstream chain rules
+	err = n.updateUpstreamChain(u)
+
+	// Clean up the masquerade rules
+	err = n.cleanMasquerade(auip)
+	if err != nil {
+		return fmt.Errorf("%w: %w", errNftUpdateUpstream, err)
+	}
+
+	return nil
+}
+
+// reconfig receives the new load balancer and deals with the nftables transition
+// from the previous configuration to the new one
+func (n *nft) reconfig(nl *lb) error {
+	LogDVf("NFT: nft reconfig was requested")
+	nn, ok := nl.e.(*nft) // assert if it is a nftables lb engine
+	if !ok {
+		return fmt.Errorf("%w: %w", errNftReconfig, errNftAssert)
+	}
+
+	// the new postrouting and prerouting nftables priorities are set to the value
+	// of the previous load balancer nftables priorities so these can be assessed
+	// as part of the reconfig method. This causes the previous config and the
+	// new config to run simultaneously, but on different priorities to ensure that there
+	// is no interruption to the traffic during the transition between the old and new config
+	nn.postrChainPrio = n.postrChainPrio
+	nn.prerChainPrio = n.prerChainPrio
+
+	// request a reconfig for the new lb
+	if err := nn.startOrReconfig(nl, true); err != nil {
+		return fmt.Errorf("%w: %w", errNftReconfig, err)
+	}
+
+	// stop the old lb now that the new has been successfully configured
+	if err := n.stop(); err != nil {
+		return fmt.Errorf("%w: %w", errNftReconfig, err)
+	}
+
+	LogDVf("NFT: nft reconfig was successfully completed")
+	return nil
+}
+
+// getCapabilities provides the nftables supported lb capabilities
+func (n *nft) getCapabilities() map[lbProto]map[distMode]bool {
+	return nftSuppCapabilities
+}
+
+// checkPermissions checks if the minimum required permissions have been granted
+// so the load balancer can run successfully. Otherwise, it returns a errCheckPerm error
+// CAP_NET_ADMIN and CAP_NET_RAW capabilities are required
+// To run as unprivileged user give the required capabilities by
+// running the following command as privileged user:
+// `setcap 'cap_net_admin,cap_net_raw+ep' <binary_path>`
+// Where <binary_path> is this application binary path
+// It is possible to check the capabilities of the binary with:
+// `getcap <binary_path>`
+func (n *nft) checkPermissions() error {
+	// Get running process
+	cs := cap.GetProc()
+
+	// Capabilities to be checked
+	caps := []cap.Value{cap.NET_ADMIN, cap.NET_RAW}
+	// Capability set to be checked
+	flags := []cap.Flag{cap.Effective, cap.Permitted}
+
+	// For each capability to be checked, check if the capability set is set
+	for _, c := range caps {
+		LogDVf("NFT: permission check checking '%s' capability", c)
+		for _, f := range flags {
+			LogDVf("NFT: permission check: checking capability '%s' capability set '%s' ", c, f)
+			err := checkCapabilities(cs, f, c)
+			if err != nil {
+				return fmt.Errorf("%w: %w: \n\n%w\n\n", errNftPerm, err, errNftPermCap)
+			}
+		}
+	}
+
+	LogDf("NFT: permissions check succeeded")
+	return nil
+}
+
+// This function checks if all the dependencies are satisfied for the nft load balancer to be able to operate successfully
+// A check is performed on the IPv4 and IPv6 IP forwarding as this is required for the nftables to be able to process
+// traffic to other IP addresses that do not belong to the server which is hosting the Load Balancer
+// However, in case it is not confirmed that IPv4 and IPv6 are enabled the Load Balancer an error will not be returned
+// It will just log a warning message, because there are scenarios in which the Load Balancer can be used without
+// requiring IP packets to be forward to another server
+func (n *nft) checkDependencies() error {
+	LogDf("Dependencies check: checking if IP forwarding is system enabled")
+	ipF, err := checkIpFwd()
+	if err != nil {
+		return err
+	}
+
+	switch ipF {
+	case ipFwdUnknown:
+		LogWf("Dependencies check: skipped IP forwarding settings check")
+	case ipFwdNone:
+		LogWf(
+			"Dependencies check: IPv4 Forwarding Check Result: FAILED. IPv4 forwarding seems to be generally disabled at system level. This is not a critical error, but the Load Balancer may not function as expected for IPv4 traffic use cases. Make sure the IPv4 forwarding is correctly configured to prevent any issues",
+		)
+		LogWf(
+			"Dependencies check: IPv6 Forwarding Check Result: FAILED. IPv6 forwarding seems to be generally disabled at system level. This is not a critical error, but the Load Balancer may not function as expected for IPv6 traffic use cases. Make sure the IPv6 forwarding is correctly configured to prevent any issues",
+		)
+	case ipFwdAll:
+		LogDf(
+			"Dependencies check: IPv4 Forwarding Check Result: SUCCEEDED. IPv4 forwarding seems to be generally enabled",
+		)
+		LogDf(
+			"Dependencies check: IPv6 Forwarding Check Result: SUCCEEDED. IPv6 forwarding seems to be generally enabled",
+		)
+	case ipFwdV4Only:
+		LogDf(
+			"Dependencies check: IPv4 Forwarding Check Result: SUCCEEDED. IPv4 forwarding seems to be generally enabled",
+		)
+		LogWf(
+			"Dependencies check: IPv6 Forwarding Check Result: FAILED. IPv6 forwarding seems to be generally disabled at system level. This is not a critical error, but the Load Balancer may not function as expected for IPv6 traffic use cases. Make sure the IPv6 forwarding is correctly configured to prevent any issues",
+		)
+	case ipFwdV6Only:
+		LogWf(
+			"Dependencies check: IPv4 Forwarding Check Result: FAILED. IPv4 forwarding seems to be generally disabled at system level. This is not a critical error, but the Load Balancer may not function as expected for IPv4 traffic use cases. Make sure the IPv4 forwarding is correctly configured to prevent any issues",
+		)
+		LogDf(
+			"Dependencies check: IPv6 Forwarding Check Result: SUCCEEDED. IPv6 forwarding seems to be generally enabled",
+		)
+	}
+
+	LogDf("Dependencies check completed")
+	return nil
+}
diff --git a/scripts/getLobby.sh b/scripts/getLobby.sh
new file mode 100644
index 0000000..dbdd931
--- /dev/null
+++ b/scripts/getLobby.sh
@@ -0,0 +1,160 @@
+#!/bin/sh
+SCRIPT_NAME='getLobby'
+
+LOBBY_BIN_URL='https://github.com/ipbuff/lobby/releases/latest/download'
+LOBBY_AMD64_BIN_URL="${LOBBY_BIN_URL}/lobby-linux-amd64"
+LOBBY_ARM64_BIN_URL="${LOBBY_BIN_URL}/lobby-linux-arm64"
+LOBBY_DEMO_CONFIG_URL='https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/demo.conf'
+
+CONF_PATH_LOCAL='./lobby.conf'
+CONF_PATH_ETC='/etc/lobby/lobby.conf'
+
+USE_WGET=1 # 0 is false, anything else is true
+GREEN='\033[0;32m'
+MAGENTA='\033[0;35m'
+RED='\033[0;31m'
+NC='\033[0m' # No color
+
+print_introl() {
+    printf '+-------------------------------------------------------+\n'
+    printf '|       Lobby - A Load Balancer based on nftables       |\n'
+    printf '|                                                       |\n'
+    printf '| The Lobby binary will be downloaded to this directory |\n'
+    printf '+-------------------------------------------------------+\n'
+    printf '\n'
+}
+
+print_intros() {
+    printf 'Lobby - A Load Balancer based on nftables\n'
+    printf '\n'
+    printf 'The Lobby binary will be downloaded to this directory\n'
+    printf '\n'
+}
+
+intro() {
+    if tput cols > /dev/null 2>&1; then
+        cols=$(tput cols)
+        if [ "${cols}" -ge 60 ]; then
+            print_introl
+        else
+            print_intros
+        fi
+    else
+        print_intros
+    fi
+}
+
+failPrint() {
+    printf '\n%s cancelled\n' "$SCRIPT_NAME"
+}
+
+checkDep() {
+    # echo 'Checking script dependencies'
+    if ! wget --version > /dev/null 2>&1; then
+        printf ''\''wget'\'' not available. Will try '\''curl'\'' instead\n'
+        USE_WGET=0
+        if ! curl --version > /dev/null 2>&1; then
+            printf ''\''curl'\'' also not available\n'
+            printf '\n'
+            printf '%b'\''curl'\'' or '\''wget'\'' are dependencies for this script%b\n' "$RED" "$NC"
+            failPrint
+            exit 1
+        fi
+    fi
+    # echo '  Dependencies successfully checked'
+}
+
+checkArch() {
+    # echo 'Checking system architecture compatibility'
+    ARCH=$(uname -a | awk '{ print $(NF-1) }')
+    if [ "$ARCH" = "aarch64" ]; then
+        DOWNLOAD_URL="${LOBBY_ARM64_BIN_URL}"
+    elif [ "$ARCH" = "x86_64" ]; then
+        DOWNLOAD_URL="${LOBBY_AMD64_BIN_URL}"
+    else
+        printf '\n'
+        printf '%bLobby is incompatible with %s%b\n' "$RED" "$ARCH" "$NC"
+        failPrint
+        exit 1
+    fi
+    # echo "  Check successful. System is '$ARCH'"
+}
+
+checkLobbyDep() {
+    IPV4_FWD=$(sysctl net.ipv4.ip_forward | awk '{ print $3 }')
+}
+
+download() {
+    if [ "$USE_WGET" -ne 0 ]; then
+        if ! wget -q -O "$1" "$2"; then
+            return 1
+        fi
+    else
+        if ! curl -L -s -o "$1" "$2"; then
+            return 1
+        fi
+    fi
+
+    return 0
+}
+downloadLobbyBin() {
+    printf 'Downloading Lobby binary for %s system\n' "$ARCH"
+    if ! download lobby ${DOWNLOAD_URL}; then
+        printf '\n'
+        printf 'Failed to download the Lobby binary from %s\n' "$DOWNLOAD_URL"
+        rm -rf lobby
+        failPrint
+        exit 1
+    fi
+
+    chmod 770 ./lobby
+}
+
+prepConf() {
+    if ! [ -f ${CONF_PATH_LOCAL} ]; then
+        if ! [ -f ${CONF_PATH_ETC} ]; then
+            # echo "Config file not found. Checked in '${CONF_PATH_LOCAL}' and '${CONF_PATH_ETC}'"
+            # echo "  Creating config file in local path '${CONF_PATH_LOCAL}'"
+            if ! download lobby.conf ${LOBBY_DEMO_CONFIG_URL}; then
+                printf '\n'
+                printf 'Failed to download the Lobby demo config file from %s\n' "$LOBBY_DEMO_CONFIG_URL"
+                rm -rf lobby
+                failPrint
+                exit 1
+            fi
+        fi
+    fi
+}
+
+outro() {
+    printf '\n'
+    printf 'Lobby was successfully prepared at this folder (%s)\n' "$(pwd)"
+    printf '\n'
+    printf 'A demo Lobby configuration for testing purposes has been prepared at '%s/lobby.conf'\n' "$(pwd)"
+    printf 'Feel free to run Lobby with that demo configuration or by adjusting the config file\n'
+    printf '\n'
+    printf '%bConsider running Lobby as '\''root'\''.%b As an alternative, it is possible to run Lobby as an unprivileged user as long as the binary is given the '\''NET_ADMIN'\'' and '\''NET_RAW'\'' Linux capabilities. This can be achieved by running the following command as '\''root'\'':\n' "$MAGENTA" "$NC"
+    printf '  # setcap '\''cap_net_admin,cap_net_raw+ep'\'' %s/lobby\n' "$(pwd)"
+    printf '\n'
+    if [ "$IPV4_FWD" -ne 1 ]; then
+        printf '%bYour system seems not to have IP forwarding enabled.%b\nLobby will not be able to load balance traffic if the host doesn'\''t has IP forwarding enabled.\n' "$RED" "$NC"
+        printf '\n'
+    fi
+    printf '%bLobby can be started with the following command:%b\n' "$GREEN" "$NC"
+    printf '  './lobby'\n'
+    printf '\n'
+}
+
+intro
+
+checkDep
+
+checkArch
+
+checkLobbyDep
+
+downloadLobbyBin
+
+prepConf
+
+outro
diff --git a/scripts/installLobby.sh b/scripts/installLobby.sh
new file mode 100644
index 0000000..4fe1e74
--- /dev/null
+++ b/scripts/installLobby.sh
@@ -0,0 +1,257 @@
+#!/bin/sh
+SCRIPT_NAME='installLobby'
+
+LOBBY_BIN_URL='https://github.com/ipbuff/lobby/releases/latest/download'
+LOBBY_AMD64_BIN_URL="${LOBBY_BIN_URL}/lobby-linux-amd64"
+LOBBY_ARM64_BIN_URL="${LOBBY_BIN_URL}/lobby-linux-arm64"
+LOBBY_DEMO_CONFIG_URL='https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/demo.conf'
+LOBBY_SERVICE_URL='https://raw.githubusercontent.com/ipbuff/lobby/main/docs/examples/lobby.service'
+
+LOBBY_BIN_DIR='/usr/local/bin'
+LOBBY_BIN_NAME='lobby'
+LOBBY_BIN_PATH=${LOBBY_BIN_DIR}/${LOBBY_BIN_NAME}
+LOBBY_CONF_DIR='/etc/lobby'
+LOBBY_CONF_NAME='lobby.conf'
+LOBBY_CONF_PATH=${LOBBY_CONF_DIR}/${LOBBY_CONF_NAME}
+LOBBY_ROOT_SERVICE_PATH='/etc/systemd/system/lobby.service'
+
+INIT=$(cat /proc/1/comm) # init system. systemd/other
+USE_WGET=1               # 0 is false, anything else is true
+
+GREEN='\033[0;32m'
+RED='\033[0;31m'
+NC='\033[0m' # No color
+
+print_introl() {
+    printf '+-----------------------------------------------+\n'
+    printf '|   Lobby - A Load Balancer based on nftables   |\n'
+    printf '|                                               |\n'
+    printf '|        Lobby systemd service installer        |\n'
+    printf '+-----------------------------------------------+\n'
+    printf '\n'
+}
+
+print_intros() {
+    printf 'Lobby - A Load Balancer based on nftables\n'
+    printf '\n'
+    printf 'Lobby systemd service installer\n'
+    printf '\n'
+}
+
+intro() {
+    if tput cols > /dev/null 2>&1; then
+        cols=$(tput cols)
+        if [ "${cols}" -ge 50 ]; then
+            print_introl
+        else
+            print_intros
+        fi
+    else
+        print_intros
+    fi
+}
+
+failPrint() {
+    printf '\n%s cancelled\n' ${SCRIPT_NAME}
+}
+
+parseArgs() {
+    if [ "$1" = "" ]; then
+        OWNER=root
+    else
+        if id "$1" > /dev/null 2>&1; then
+            OWNER=$1
+        else
+            printf '%bThe provided username '\''%s'\'' was not found. Provide an existing username%b\n' "$RED" "$1" "$NC"
+            failPrint
+            exit 1
+        fi
+    fi
+    printf 'Lobby will be installed for '\''%s'\'' user\n' "$OWNER"
+}
+
+checkDeps() {
+    if [ ! "$INIT" = "systemd" ]; then
+        printf '%bNot a '\''systemd'\'' init type system. This install script can'\''t be used%b\n' "$RED" "$NC"
+        failPrint
+        exit 1
+    fi
+
+    if [ "$(id -u)" -ne 0 ]; then
+        printf '%bThis installer must be run as '\''root'\'' user%b\n' "$RED" "$NC"
+        failPrint
+        exit 1
+    fi
+
+    if ! wget --version > /dev/null 2>&1; then
+        printf ''\''wget'\'' not available. Will try '\''curl'\'' instead\n'
+        USE_WGET=0
+        if ! curl --version > /dev/null 2>&1; then
+            printf ''\''curl'\'' also not available\n'
+            printf '\n'
+            printf '%b'\''curl'\'' or '\''wget'\'' are dependencies for this script%b\n' "$RED" "$NC"
+            failPrint
+            exit 1
+        fi
+    fi
+
+}
+
+checkArch() {
+    # echo 'Checking system architecture compatibility'
+    ARCH=$(uname -a | awk '{ print $(NF-1) }')
+    if [ "$ARCH" = "aarch64" ]; then
+        DOWNLOAD_URL="$LOBBY_ARM64_BIN_URL"
+    elif [ "$ARCH" = "x86_64" ]; then
+        DOWNLOAD_URL="$LOBBY_AMD64_BIN_URL"
+    else
+        printf '\n'
+        printf '%bLobby %s is incompatible with %s%b\n' "$RED" "$LOBBY_VERSION" "$ARCH" "$NC"
+        failPrint
+        exit 1
+    fi
+    # echo "  Check successful. System is '$ARCH'"
+}
+
+download() {
+    if [ "$USE_WGET" -ne 0 ]; then
+        if ! wget -q -O "$1" "$2"; then
+            return 1
+        fi
+    else
+        if ! curl -L -s -o "$1" "$2"; then
+            return 1
+        fi
+    fi
+
+    return 0
+}
+
+downloadLobbyBin() {
+    printf 'Downloading Lobby binary for %s system to %s\n' "$ARCH" "$LOBBY_BIN_PATH"
+    if ! download ${LOBBY_BIN_PATH} ${DOWNLOAD_URL}; then
+        printf '\n'
+        printf 'Failed to download the Lobby binary from %s\n' "$DOWNLOAD_URL"
+        failPrint
+        exit 1
+    fi
+
+    chown "${OWNER}:${OWNER}" "$LOBBY_BIN_PATH"
+    chmod 770 ${LOBBY_BIN_PATH}
+    setcap 'cap_net_admin,cap_net_raw+ep' ${LOBBY_BIN_PATH}
+}
+
+prepConfig() {
+    printf 'Downloading Lobby demo config file to %s\n' "$LOBBY_CONF_PATH"
+
+    mkdir $LOBBY_CONF_DIR > /dev/null 2>&1
+    chown "${OWNER}:${OWNER}" "$LOBBY_CONF_DIR"
+    chmod 770 ${LOBBY_CONF_DIR}
+
+    if [ ! -f ${LOBBY_CONF_PATH} ]; then
+        if ! download ${LOBBY_CONF_PATH} ${LOBBY_DEMO_CONFIG_URL}; then
+            printf '\n'
+            printf 'Failed to download the Lobby demo config file from %s\n' "$LOBBY_DEMO_CONFIG_URL"
+            failPrint
+            exit 1
+        fi
+    fi
+
+    chown "${OWNER}:${OWNER}" ${LOBBY_CONF_PATH}
+    chmod 770 ${LOBBY_CONF_PATH}
+}
+
+prepSystemd() {
+    if [ "$OWNER" = 'root' ]; then
+        printf 'Downloading Lobby systemd service unit file to %s\n' "$LOBBY_ROOT_SERVICE_PATH"
+        if [ ! -f $LOBBY_ROOT_SERVICE_PATH ]; then
+            if ! download $LOBBY_ROOT_SERVICE_PATH $LOBBY_SERVICE_URL; then
+                printf '\n'
+                printf 'Failed to download the Lobby systemd service unit file from %s\n' "$LOBBY_SERVICE_URL"
+                failPrint
+                exit 1
+            fi
+
+            sed -i "s/{{ username }}/${OWNER}/" $LOBBY_ROOT_SERVICE_PATH
+        fi
+    else
+        LOBBY_USER_SERVICE_DIR="/home/${OWNER}/.config/systemd/user"
+        LOBBY_USER_SERVICE_PATH="${LOBBY_USER_SERVICE_DIR}/lobby.service"
+        mkdir -p "$LOBBY_USER_SERVICE_DIR" > /dev/null 2>&1
+        chown "${ONWER}:${OWNER}" "$LOBBY_USER_SERVICE_DIR"
+        chmod 770 "$LOBBY_USER_SERVICE_DIR"
+
+        printf 'Downloading Lobby systemd service unit file to %s\n' "${LOBBY_USER_SERVICE_PATH}"
+        if [ ! -f "$LOBBY_USER_SERVICE_PATH" ]; then
+            if ! download "$LOBBY_USER_SERVICE_PATH" "$LOBBY_SERVICE_URL"; then
+                printf '\n'
+                printf 'Failed to download the Lobby systemd service unit file from %s\n' "$LOBBY_SERVICE_URL"
+                failPrint
+                exit 1
+            fi
+
+            sed -i '/{{ username }}/d' "$LOBBY_USER_SERVICE_PATH"
+        fi
+    fi
+}
+
+outro() {
+    printf '\n'
+    printf '%bLobby was successfully installed%b\n' "$GREEN" "$NC"
+    printf '\n'
+
+    if [ "$OWNER" = 'root' ]; then
+        printf 'So that the Lobby systemd service becomes available, you need to reload the systemd daemon with:\n'
+        printf '  systemctl daemon-reload\n'
+        printf '\n'
+        printf 'The Lobby service can be started with:\n'
+        printf '  systemctl start lobby\n'
+        printf '\n'
+        printf 'To start Lobby service always at system boot:\n'
+        printf '  systemctl enable lobby\n'
+        printf '\n'
+        printf 'The Lobby service can be stopped with:\n'
+        printf '  systemctl stop lobby\n'
+        printf '\n'
+        printf 'The Lobby config can be updated while Lobby is running with:\n'
+        printf '  systemctl reload lobby\n'
+        printf '\n'
+        printf 'The Lobby service status can be checked with:\n'
+        printf '  systemctl status lobby\n'
+    else
+        printf 'So that the Lobby systemd service becomes available, you need to reload the systemd daemon with:\n'
+        printf '  systemctl --user daemon-reload\n'
+        printf '\n'
+        printf 'The Lobby service can be started with:\n'
+        printf '  systemctl --user start lobby\n'
+        printf '\n'
+        printf 'To start Lobby service always at system boot:\n'
+        printf '  systemctl --user enable lobby\n'
+        printf '\n'
+        printf 'The Lobby service can be stopped with:\n'
+        printf '  systemctl --user stop lobby\n'
+        printf '\n'
+        printf 'The Lobby config can be updated while Lobby is running with:\n'
+        printf '  systemctl --user reload lobby\n'
+        printf '\n'
+        printf 'The Lobby service status can be checked with:\n'
+        printf '  systemctl --user status lobby\n'
+    fi
+    printf '\n'
+}
+
+intro
+
+parseArgs "$1"
+
+checkDeps
+
+checkArch
+
+downloadLobbyBin
+
+prepConfig
+
+prepSystemd
+
+outro
diff --git a/scripts/uninstallLobby.sh b/scripts/uninstallLobby.sh
new file mode 100644
index 0000000..2273f9c
--- /dev/null
+++ b/scripts/uninstallLobby.sh
@@ -0,0 +1,50 @@
+#!/bin/sh
+LOBBY_BIN_DIR='/usr/local/bin'
+LOBBY_BIN_NAME='lobby'
+LOBBY_BIN_PATH=${LOBBY_BIN_DIR}/${LOBBY_BIN_NAME}
+LOBBY_CONF_DIR='/etc/lobby'
+LOBBY_ROOT_SERVICE_PATH='/etc/systemd/system/lobby.service'
+
+intro() {
+    echo Uninstalling Lobby
+}
+
+deleteBin() {
+    if [ -f "$LOBBY_BIN_PATH" ]; then
+        rm -rf "$LOBBY_BIN_PATH"
+    fi
+}
+
+deleteConf() {
+    if [ -d "$LOBBY_CONF_DIR" ]; then
+        rm -rf "$LOBBY_CONF_DIR"
+    fi
+}
+
+deleteRootSysdSvs() {
+    if [ -f "$LOBBY_ROOT_SERVICE_PATH" ]; then
+        rm -rf "$LOBBY_ROOT_SERVICE_PATH"
+    fi
+}
+
+deleteUserSysdSvs() {
+    find /home/*/ -type f -path '*/.config/systemd/user/lobby.service' -exec rm {} \;
+}
+
+outro() {
+    echo
+    echo Uninstall completed
+    echo
+}
+
+intro
+
+deleteBin
+
+deleteConf
+
+deleteRootSysdSvs
+
+deleteUserSysdSvs
+
+outro
diff --git a/target.go b/target.go
new file mode 100644
index 0000000..c8a0235
--- /dev/null
+++ b/target.go
@@ -0,0 +1,16 @@
+package main
+
+import (
+	"github.com/google/nftables"
+)
+
+// A target declares the packet destination as it arrives to the load balancer
+type target struct {
+	name          string
+	protocol      lbProto
+	ip            string
+	port          uint16
+	upstreamGroup *upstreamGroup
+	nftRuleInit   bool
+	nftPrerRule   []*nftables.Rule
+}
diff --git a/testEngine.go b/testEngine.go
new file mode 100644
index 0000000..29eddaa
--- /dev/null
+++ b/testEngine.go
@@ -0,0 +1,65 @@
+package main
+
+import (
+	"net"
+)
+
+// supported lb engine protocols and distribution modes
+var tlbSuppCapabilities = map[lbProto]map[distMode]bool{
+	lbProtoTcp: {
+		distModeRR: true,
+	},
+}
+
+type testLb struct {
+	failDependenciesCheck bool
+	failPermissionsCheck  bool
+	failStart             bool
+}
+
+func (tlb *testLb) setResults(failDependenciesCheck, failPermissionsCheck, failStart bool) {
+	tlb.failDependenciesCheck = failDependenciesCheck
+	tlb.failPermissionsCheck = failPermissionsCheck
+	tlb.failStart = failStart
+}
+
+func (tlb *testLb) checkDependencies() error {
+	if tlb.failDependenciesCheck {
+		return errCheckDep
+	}
+	return nil
+}
+
+func (tlb *testLb) checkPermissions() error {
+	if tlb.failPermissionsCheck {
+		return errCheckPerm
+	}
+	return nil
+}
+
+func (tlb *testLb) getCapabilities() map[lbProto]map[distMode]bool {
+	return tlbSuppCapabilities
+}
+
+func (tlb *testLb) start(l *lb) error {
+	if tlb.failStart {
+		return errLbEngineStart
+	}
+	return nil
+}
+
+func (tlb *testLb) stop() error {
+	return nil
+}
+
+func (tlb *testLb) reconfig(l *lb) error {
+	return nil
+}
+
+func (tlb *testLb) updateTarget(t *target) error {
+	return nil
+}
+
+func (tlb *testLb) updateUpstream(u *upstream, auip *[]net.IP) error {
+	return nil
+}
diff --git a/upstream.go b/upstream.go
new file mode 100644
index 0000000..8604273
--- /dev/null
+++ b/upstream.go
@@ -0,0 +1,156 @@
+package main
+
+import (
+	"errors"
+	"fmt"
+	"net"
+	"time"
+
+	"github.com/google/nftables"
+)
+
+type (
+	hcProto  byte // healtcheck protocol
+	ugFoMode byte // upstream group failover mode
+)
+
+const (
+	hcProtoUnknown hcProto = iota // undefined
+	hcProtoTcp                    // tcp
+	hcProtoUdp                    // udp
+	hcProtoSctp                   // sctp
+	hcProtoHttp                   // http
+	hcProtoGrpc                   // grpc
+)
+
+const numUgFoModes = 5 // amount of ugFoMode's
+
+const (
+	ugFoModeUnknown ugFoMode = iota
+	ugFoModeInactive
+	ugFoModeActive1
+	ugFoModeActive2
+	ugFoModeDown
+)
+
+// upstream errors
+var (
+	errHcp = errors.New(
+		"healtcheck protocol not found",
+	)
+	errUgFM = errors.New(
+		"error providing next upstream failover mode",
+	)
+)
+
+func getHcProto(hcp string) (hcProto, error) {
+	switch hcp {
+	case "tcp":
+		return hcProtoTcp, nil
+	case "udp":
+		return hcProtoUdp, nil
+	case "sctp":
+		return hcProtoSctp, nil
+	case "http":
+		return hcProtoHttp, nil
+	case "grpc":
+		return hcProtoGrpc, nil
+	}
+
+	return hcProtoUnknown, fmt.Errorf("'%s' '%w'", hcp, errHcp)
+}
+
+func (hcp hcProto) String() string {
+	switch hcp {
+	case hcProtoTcp:
+		return "tcp"
+	case hcProtoUdp:
+		return "udp"
+	case hcProtoSctp:
+		return "sctp"
+	case hcProtoHttp:
+		return "http"
+	case hcProtoGrpc:
+		return "grpc"
+	}
+	return "unknown"
+}
+
+type upstreamDns struct {
+	addresses []string      // DNS addresses to be used to resolve the upstream host domain name
+	confTtl   uint32        // user configured DNS TTL to overwrite DNS resolved TTL
+	ttl       uint32        // DNS TTL to be used. confTtl will be used if set. Otherwise, the DNS resolved TTL
+	chDcStop  chan struct{} // channel to listen to upstream dns stop requests
+	ticker    *time.Ticker  // DNS check timer. Always set to upstreamDns.ttl
+}
+
+type healthCheck struct {
+	active        bool          // healthcheck active or inactive
+	protocol      hcProto       // healthcheck protocol
+	port          uint16        // healtcheck port
+	checkInterval uint16        // healtcheck check interval in seconds
+	timeout       uint8         // healthcheck check timeout
+	countConfig   uint8         // healthcheck configured consecutive successful checks required to become available
+	count         uint8         // healthcheck variable used to count progress of consecutive successful checks
+	chHcStop      chan struct{} // channel to listen to healthcheck stop requests
+	ticker        *time.Ticker  // healtcheck timer
+}
+
+// An upstream is a host where the traffic can be distributed to
+type upstream struct {
+	name        string      // upstream name
+	protocol    lbProto     // upstream layer 4 protocol
+	host        string      // upstream host. It can be an IP address or a domain name
+	port        uint16      // upstream port
+	dns         upstreamDns // upstream DNS. used to resolve upstream host if a domain name
+	address     net.IP      // upstream IP address. It is either the IP address from upstream host or the resolved upstream host domain name
+	available   bool        // upstream state. available or unavailable
+	healthCheck healthCheck // upstream healtcheck configuration
+}
+
+// returns the ugFoMode ID
+func (ugFM ugFoMode) getId() string {
+	switch ugFM {
+	case ugFoModeUnknown:
+		return "0"
+	case ugFoModeInactive:
+		return "1"
+	case ugFoModeActive1:
+		return "2"
+	case ugFoModeActive2:
+		return "3"
+	case ugFoModeDown:
+		return "4"
+	}
+
+	return "0"
+}
+
+// returns the next ugFoMode
+func (ugFM ugFoMode) nextMode() (ugFoMode, error) {
+	switch ugFM {
+	case ugFoModeInactive:
+		return ugFoModeActive1, nil
+	case ugFoModeActive1:
+		return ugFoModeActive2, nil
+	case ugFoModeActive2:
+		return ugFoModeActive1, nil
+	case ugFoModeDown:
+		return ugFoModeActive1, nil
+	}
+
+	return ugFoModeUnknown, fmt.Errorf("%w", errUgFM)
+}
+
+// An upstream group is a group of upstreams serving the same target
+type upstreamGroup struct {
+	name                 string
+	distMode             distMode
+	upstreams            []*upstream
+	failoverMode         ugFoMode
+	previousFailoverMode ugFoMode
+	nftUgChain           []*nftables.Chain
+	nftUgSet             []*nftables.Set
+	nftUgChainRule       []*nftables.Rule
+	nftCounter           *nftables.CounterObj
+}
diff --git a/upstream_test.go b/upstream_test.go
new file mode 100644
index 0000000..f54f44f
--- /dev/null
+++ b/upstream_test.go
@@ -0,0 +1,110 @@
+package main
+
+import (
+	"errors"
+	"testing"
+)
+
+func TestGetHcProto(t *testing.T) {
+	testCases := []struct {
+		input  string
+		err    error
+		result hcProto
+	}{
+		{input: "tcp", err: nil, result: hcProtoTcp},
+		{input: "udp", err: nil, result: hcProtoUdp},
+		{input: "sctp", err: nil, result: hcProtoSctp},
+		{input: "http", err: nil, result: hcProtoHttp},
+		{input: "grpc", err: nil, result: hcProtoGrpc},
+		{input: "misteak", err: errHcp, result: hcProtoUnknown},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.input, func(t *testing.T) {
+			hcp, err := getHcProto(tc.input)
+			if !errors.Is(err, tc.err) {
+				t.Errorf("%s: expected %v, but got %v", tc.input, tc.err, err)
+			}
+			if hcp != tc.result {
+				t.Errorf("%s: expected %v, but got %v", tc.input, tc.result, hcp)
+			}
+		})
+	}
+}
+
+func TestHcPString(t *testing.T) {
+	testCases := []struct {
+		input  hcProto
+		result string
+	}{
+		{input: hcProtoTcp, result: "tcp"},
+		{input: hcProtoUdp, result: "udp"},
+		{input: hcProtoSctp, result: "sctp"},
+		{input: hcProtoHttp, result: "http"},
+		{input: hcProtoGrpc, result: "grpc"},
+		{input: hcProtoUnknown, result: "unknown"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.result, func(t *testing.T) {
+			r := tc.input.String()
+			if r != tc.result {
+				t.Errorf("%s: expected %v, but got %v", tc.result, tc.result, r)
+			}
+		})
+	}
+}
+func TestGetId(t *testing.T) {
+	testCases := []struct {
+		input  ugFoMode
+		result string
+	}{
+		{input: ugFoModeUnknown, result: "0"},
+		{input: ugFoModeInactive, result: "1"},
+		{input: ugFoModeActive1, result: "2"},
+		{input: ugFoModeActive2, result: "3"},
+		{input: ugFoModeDown, result: "4"},
+		{input: 9, result: "0"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.result, func(t *testing.T) {
+			ugFM := tc.input.getId()
+			if ugFM != tc.result {
+				t.Errorf("%v: expected %v, but got %v", tc.result, tc.input, ugFM)
+			}
+		})
+	}
+}
+
+func TestNextMode(t *testing.T) {
+	testCases := []struct {
+		input  ugFoMode
+		err    error
+		result ugFoMode
+	}{
+		{input: ugFoModeUnknown, err: errUgFM, result: ugFoModeUnknown},
+		{input: ugFoModeInactive, err: nil, result: ugFoModeActive1},
+		{input: ugFoModeActive1, err: nil, result: ugFoModeActive2},
+		{input: ugFoModeActive2, err: nil, result: ugFoModeActive1},
+		{input: ugFoModeDown, err: nil, result: ugFoModeActive1},
+		{input: 9, err: errUgFM, result: ugFoModeUnknown},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.input.getId(), func(t *testing.T) {
+			ugFM, err := tc.input.nextMode()
+			if ugFM != tc.result {
+				t.Errorf(
+					"%v: expected %v, but got %v",
+					tc.input.getId(),
+					tc.input.getId(),
+					ugFM.getId(),
+				)
+			}
+			if !errors.Is(err, tc.err) {
+				t.Errorf("%v: expected %v, but got %v", tc.input.getId(), tc.err, err)
+			}
+		})
+	}
+}